AWS Summits, profile picture
Uploaded byAWS Summits
56 views

Getting Started with Serverless Architectures

The document outlines the benefits and functionalities of serverless architectures in AWS, highlighting services like AWS Lambda, Amazon API Gateway, and Amazon DynamoDB. It discusses various architecture patterns such as web applications, automation, and data processing, along with real-world applications and examples. The presentation emphasizes the ease of management, scalability, and integration capabilities of serverless solutions, as well as security measures and compliance with standards.

Embed presentation

P U B L I C S E C T O R S U M M I T B o go tá DC
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T GettingStarted withServerless Architectures inAWS Eduardo Patiño Public Sector Solutions Architect Amazon Web Services
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Agenda Serverless Basics Serverless Architecture Patterns • Web Applications • Automation • Processing of Data Streams • Batch Processing
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Possibilities in AWS AWS Lambda Amazon Kinesis Amazon S3 Amazon API Gateway Amazon SQS Amazon DynamoDB AWS IoT Amazon EMR Amazon ElastiCache Amazon RDS Amazon Redshift Amazon ES Managed Serverless Amazon EC2 Microsoft SQL Server "In EC2" Amazon Cognito AWS Step Functions
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T There are no servers to provision or manage Scale with use Never pay for idle capacity Availability and built-in fault tolerance Serverless means ...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T SERVICES (SOMETHING) Changes in data state Requests to endpoints Changes in resource state ORIGINATED BY EVENTS FUNCTIONS Node.js Python Java C# Go Serverless Applications
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T OUR CLIENTS LOVE SERVERLESS
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Using AWS Lambda Bring your own code • Node.js, Java, Python, C#, Go • Bring your own libraries (even the native ones) Simple resource model • Select ram memory between 128 MB up to 3 GB • CPU and network proportionally provisioned Authoring functions • WYSIWYG editor or upload your .zip packages • Third-party plugins (Eclipse, Visual Studio)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Using AWS Lambda Stateless • Persistent data using external storage • Without access to the infrastructure below Flexible use • Synchronous or Asynchronous • Integrated with other AWS services Programming model • Use processes, threads, /tmp, normally sockets • AWS SDK built (Python and Node.js)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon S3 Amazon DynamoDB Amazon Kinesis AWS CloudFormation AWS CloudTrail Amazon CloudWatch Amazon Cognito Amazon SNSAmazon SES Cron events DATA STORES ENDPOINTS DEVELOPMENT AND MANAGEMENT TOOLS EVENT/MESSAGE SERVICES Origin of events that activate AWS Lambda ... and more! AWS CodeCommit Amazon Gateway API Amazon Alexa AWS IoT AWS Step Functions
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AWS Lambda permit model Granular security controls for invocation and execution Function policies: What can invoke the Lambda function? Execution role: What the Lambda function can access
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Basic Function 'use strict' exports.handler = function (event, context, callback) { console.log(“Event:”, JSON.stringify(event)) callback(null, "Hello World!") } { “Records”:[ “s3”: { “object”:” { … } } ] } JSON Context
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon API Gateway Internet Mobile Apps Websites Services AWS Lambda functions AWS All publicly accessible endpoints Amazon CloudWatch Monitoring Amazon CloudFront Any other AWS service Endpoints on Amazon EC2 AWS Step Functions Amazon API Gateway
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Create a unified user interface for multiple microservices Authenticate and authorize the requests towards your backend DDoS and Throttling protection for your backend Accelerate, measure and monetize the use of API by external developers Amazon API Gateway
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Security and indentities • User pools for security, directory of managed users • Identity pools for federation and role-based control access Amazon Cognito • Granular access control to AWS services AWS Identity and Access Management
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Build serverless applications that comply with PCI and HIPAA Serverless platform services that can be used in both: AWS Lambda Amazon S3 Amazon CloudFront Amazon DynamoDB Amazon Kinesis Streams Amazon Cognito Amazon API Gateway Amazon SNS
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Architecture Patterns
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T "No server is easier to manage than any other server"
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common uses of Serverless Web Applications • Static websites • Complex web applications Data processing • Real-time • MapReduce • Batch Chatbots • Provide logic to chatbots Backends • Apps and Services • Mobile Apps • IoT Amazon Alexa • Enable voice applications • Alexa Skills Kit IT automation • Policy engines • Extend AWS services • Infrastructure automation </ ></ >
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CharacteristicsofWebApplications 1. Static and dynamic content 2. Microservices 3. Scalable 4. Authenticate and authorize 5. Globally available
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T WebApplication Browser Amazon CloudFront Amazon S3 Microservices Amazon DynamoDB AWS LambdaAmazon API Gateway Amazon Cognito
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Multi-Region withAPIGateway us-west-2 us-east-1 Client Amazon Route 53 Regional API Endpoint Regional API Endpoint Custom Domain Name Custom Domain Name Gateway API Gateway API Lambda Lambda
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AutomationCharacteristics • Recurring jobs • Event-activated workflows • Enforcing security policies • Audits and notifications • Responding to alarms • Extending AWS functionality
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Strengthening securitypolicies RDP from 0.0.0.0/0 RDP from 0.0.0.0/0 CloudWatch Event Bus in Another AWS account New Security Group rule that allows access Amazon CloudWatch Events: Rule AWS Lambda: Remediate and alert AWS SNS: alert for E-mail Entry rule DELETED
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Image recognition and processing Web App Amazon Cognito: User authentication Amazon S3: Loading images Start state machine execution Extract image meta-data Amazon Rekognition: Object detection Invoke Amazon Rekognition Generate image thumbnail Amazon DynamoDB: Meta-data & image tags Store meta-data and tags https://github.com/awslabs/lambda-refarch-imagerecognition AWS Step Functions: Workflow orchestration Recognition and processing of Images
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Streamdataprocessing characteristics • High rate of information intake • Processing almost in real-time (low latency from ingestion to processing) • Traffic peaks (many devices with intermittent network connections) • Message durability • Order of messages
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon Kinesis AWS Lambda 1 Amazon CloudWatch Amazon DynamoDB AWS Lambda 2 Amazon S3 Real-time data processing: 1. Event date is sent in real-time to Amazon Kinesis, which allows multiple functions of AWS Lambda to process the same events 2. In AWS Lambda, Function 1 processes and aggregates incoming event data, then stores resulting data in Amazon DynamoDB 3. Lambda Function 1 also sends data to Amazon CloudWatch for simple monitoring. 4. The Lambda 2 function performs data manipulation of incoming events and stores the results in Amazon S3 https://s3.amazonaws.com/awslambda-reference-architectures/stream-processing/lambda-refarch-streamprocessing.pdf AWS Lambda + Amazon Kinesis
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Gathering of sensordata IoT rules IoT actions MQTT Amazon S3: Raw records Amazon Kinesis Firehose: Delivery stream Amazon S3: Batched records Amazon Kinesis Streams: Real-time stream AWS IoT: Data collection IoT Sensors Real-time analytics applications
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T On-premises data Web app data Amazon RDS Other databases Streaming data Your Data Serverless data lake & analytics with AWS
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T https://aws.amazon.com/serverless
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Demo
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T ServerlessTechnologies SAT (Guatemala) Mauricio Romero Tax Information Systems Advisor Superintendency of Tax Administration
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Online Electronic Invoice on its own, would require as many resources as all the current systems of the SAT, including the receipt of statements. Two main strategies: 1. New architecture based on microservices. 2. Use of cloud services. Real-time processing Large volumes of information New types of databases Available and elastic Placement services CTI Operations continuity and disaster recovery Leading cloud services The biggest challenge and the technological strategy
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Innovation process that took us to the cloud Started with POC proposed with three partners and a locally- made version  Microservices based on known technologies  Design based on opensource  Technology for data flows  NoSQL databases  Databases in memory  Leveraging expertise  Experienced consultants Overview of architecture originally designed
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Reception architecture. Serverless application. Kinesis for data flows DynamoDB for noSQL Gateway API in process Lambda functions S3 for objects From design to development and operation of the system. Infra serverless: VPC Elastic balancing Route53 for DNS ACM for SSL certificates AWS Cloudwatch AWS Shield
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Lessons learned and next steps Conservative decisions go for a change: - In tests replace EC2 with containers with Fargate (serverless) - Incorporation of the Gateway API for new services - In testing use DynamoDB on-demand (released in ReInvent 2018) Pilot evaluations: - AWS Glue evaluation - Aurora Serverless - Platform for BPMS/ECM • Evaluation of cloud services compatible with defined standards. • Estimation of compared costs according to transactionality.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Thank you! Eduardo Patiño balague@amazon.com Mauricio Romero SAT (Guatemala)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T

More Related Content

PDF
Serverless workshop with Amazon Web Services
byTheFamily
 
PPTX
The family - presentation on AWS Serverless
byAlexandre Pinhel
 
PDF
Building a fully serverless application on AWS | AWS Summit Tel Aviv 2019
byAWS Summits
 
PDF
Modern Application Development for Startups
byDonnie Prakoso
 
PDF
Getting Started with Serverless Architectures
byRohini Gaonkar
 
PDF
Introduzione a GraphQL
byCommit University
 
PDF
Serverless is dead.
byChris Munns
 
PDF
Practical Guidance for Increasing your Serverless Application's Security
byChris Munns
 
Serverless workshop with Amazon Web Services
byTheFamily
 
The family - presentation on AWS Serverless
byAlexandre Pinhel
 
Building a fully serverless application on AWS | AWS Summit Tel Aviv 2019
byAWS Summits
 
Modern Application Development for Startups
byDonnie Prakoso
 
Getting Started with Serverless Architectures
byRohini Gaonkar
 
Introduzione a GraphQL
byCommit University
 
Serverless is dead.
byChris Munns
 
Practical Guidance for Increasing your Serverless Application's Security
byChris Munns
 

Similar to Getting Started with Serverless Architectures

PDF
Serverless applications with AWS
byjavier ramirez
 
PDF
Getting started building your first serverless web application on AWS
byIoannis Polyzos
 
PDF
Serverless use cases with AWS Lambda - More Serverless Event
byBoaz Ziniman
 
PDF
20200803 - Serverless with AWS @ HELTECH
byMarcia Villalba
 
PDF
Serverless on AWS: Architectural Patterns and Best Practices
byVladimir Simek
 
PDF
Let Your Business Logic go Serverless | AWS Summit Tel Aviv 2019
byAWS Summits
 
PDF
Modern Applications Development on AWS
byBoaz Ziniman
 
PDF
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
byAWS Germany
 
PPTX
Getting started with Serverless on AWS
byAdrian Hornsby
 
PPTX
Serverless Architectural Patterns I AWS Dev Day 2018
byAWS Germany
 
PDF
Aws lambda webinar -buraku
byburakunuvar
 
PDF
Serverless Architectural Patterns 
and Best Practices - Madhu Shekar - AWS
byCodeOps Technologies LLP
 
PDF
What's new in Serverless at AWS?
byDaniel Zivkovic
 
PPTX
Serverless Architectural Patterns
byAdrian Hornsby
 
PDF
Serverless use cases with AWS Lambda
byBoaz Ziniman
 
PDF
Introduction to Serverless
bySteven Bryen
 
PDF
AWSomeDay Zurich 2018 - How to go serverless
byRoman Plessl
 
PPTX
Going Serverless at AWS Startup Day Bangalore
byMadhusudan Shekar
 
PPTX
Primeros pasos en desarrollo serverless
byjavier ramirez
 
PDF
How serverless helps startups innovate and scale
byGabe Hollombe
 
Serverless applications with AWS
byjavier ramirez
 
Getting started building your first serverless web application on AWS
byIoannis Polyzos
 
Serverless use cases with AWS Lambda - More Serverless Event
byBoaz Ziniman
 
20200803 - Serverless with AWS @ HELTECH
byMarcia Villalba
 
Serverless on AWS: Architectural Patterns and Best Practices
byVladimir Simek
 
Let Your Business Logic go Serverless | AWS Summit Tel Aviv 2019
byAWS Summits
 
Modern Applications Development on AWS
byBoaz Ziniman
 
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
byAWS Germany
 
Getting started with Serverless on AWS
byAdrian Hornsby
 
Serverless Architectural Patterns I AWS Dev Day 2018
byAWS Germany
 
Aws lambda webinar -buraku
byburakunuvar
 
Serverless Architectural Patterns 
and Best Practices - Madhu Shekar - AWS
byCodeOps Technologies LLP
 
What's new in Serverless at AWS?
byDaniel Zivkovic
 
Serverless Architectural Patterns
byAdrian Hornsby
 
Serverless use cases with AWS Lambda
byBoaz Ziniman
 
Introduction to Serverless
bySteven Bryen
 
AWSomeDay Zurich 2018 - How to go serverless
byRoman Plessl
 
Going Serverless at AWS Startup Day Bangalore
byMadhusudan Shekar
 
Primeros pasos en desarrollo serverless
byjavier ramirez
 
How serverless helps startups innovate and scale
byGabe Hollombe
 

More from AWS Summits

PDF
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | A Founder's Journey to Exit
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Snowflake: Your Data. No Limits
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Hiring a Global Rock Star Team: Tips and Tricks
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | The Serverless Lifecycle: Development and Operati...
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Microsoft DevOps on AWS
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Operating Microservices at Hyperscale
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Transformation Towards a Digital Native Enterprise
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Big Data Analytics Architectural Patterns and Bes...
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Amazon Digital User Engagement Solutions
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Realising Business Value
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Driving Business Outcomes with Data Lake on AWS
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Pragmatic Container Security
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Accelerating Enterprise Cloud Transformation by M...
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Five Common Technical Challenges for Startups
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | The Smart Way to Build an AI & ML Strategy for Yo...
byAWS Summits
 
PDF
AWS Summit Singapore 2019 | Bridging Start-ups and Enterprises
byAWS Summits
 
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
byAWS Summits
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
byAWS Summits
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
byAWS Summits
 
AWS Summit Singapore 2019 | A Founder's Journey to Exit
byAWS Summits
 
AWS Summit Singapore 2019 | Snowflake: Your Data. No Limits
byAWS Summits
 
AWS Summit Singapore 2019 | Hiring a Global Rock Star Team: Tips and Tricks
byAWS Summits
 
AWS Summit Singapore 2019 | The Serverless Lifecycle: Development and Operati...
byAWS Summits
 
AWS Summit Singapore 2019 | Microsoft DevOps on AWS
byAWS Summits
 
AWS Summit Singapore 2019 | Operating Microservices at Hyperscale
byAWS Summits
 
AWS Summit Singapore 2019 | Transformation Towards a Digital Native Enterprise
byAWS Summits
 
AWS Summit Singapore 2019 | Big Data Analytics Architectural Patterns and Bes...
byAWS Summits
 
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
byAWS Summits
 
AWS Summit Singapore 2019 | Amazon Digital User Engagement Solutions
byAWS Summits
 
AWS Summit Singapore 2019 | Realising Business Value
byAWS Summits
 
AWS Summit Singapore 2019 | Driving Business Outcomes with Data Lake on AWS
byAWS Summits
 
AWS Summit Singapore 2019 | Pragmatic Container Security
byAWS Summits
 
AWS Summit Singapore 2019 | Accelerating Enterprise Cloud Transformation by M...
byAWS Summits
 
AWS Summit Singapore 2019 | Five Common Technical Challenges for Startups
byAWS Summits
 
AWS Summit Singapore 2019 | The Smart Way to Build an AI & ML Strategy for Yo...
byAWS Summits
 
AWS Summit Singapore 2019 | Bridging Start-ups and Enterprises
byAWS Summits
 

Getting Started with Serverless Architectures

  • 1.
    P U BL I C S E C T O R S U M M I T B o go tá DC
  • 2.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T GettingStarted withServerless Architectures inAWS Eduardo Patiño Public Sector Solutions Architect Amazon Web Services
  • 3.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Agenda Serverless Basics Serverless Architecture Patterns • Web Applications • Automation • Processing of Data Streams • Batch Processing
  • 4.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Possibilities in AWS AWS Lambda Amazon Kinesis Amazon S3 Amazon API Gateway Amazon SQS Amazon DynamoDB AWS IoT Amazon EMR Amazon ElastiCache Amazon RDS Amazon Redshift Amazon ES Managed Serverless Amazon EC2 Microsoft SQL Server "In EC2" Amazon Cognito AWS Step Functions
  • 5.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T There are no servers to provision or manage Scale with use Never pay for idle capacity Availability and built-in fault tolerance Serverless means ...
  • 6.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T SERVICES (SOMETHING) Changes in data state Requests to endpoints Changes in resource state ORIGINATED BY EVENTS FUNCTIONS Node.js Python Java C# Go Serverless Applications
  • 7.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T OUR CLIENTS LOVE SERVERLESS
  • 8.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T
  • 9.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Using AWS Lambda Bring your own code • Node.js, Java, Python, C#, Go • Bring your own libraries (even the native ones) Simple resource model • Select ram memory between 128 MB up to 3 GB • CPU and network proportionally provisioned Authoring functions • WYSIWYG editor or upload your .zip packages • Third-party plugins (Eclipse, Visual Studio)
  • 10.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Using AWS Lambda Stateless • Persistent data using external storage • Without access to the infrastructure below Flexible use • Synchronous or Asynchronous • Integrated with other AWS services Programming model • Use processes, threads, /tmp, normally sockets • AWS SDK built (Python and Node.js)
  • 11.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon S3 Amazon DynamoDB Amazon Kinesis AWS CloudFormation AWS CloudTrail Amazon CloudWatch Amazon Cognito Amazon SNSAmazon SES Cron events DATA STORES ENDPOINTS DEVELOPMENT AND MANAGEMENT TOOLS EVENT/MESSAGE SERVICES Origin of events that activate AWS Lambda ... and more! AWS CodeCommit Amazon Gateway API Amazon Alexa AWS IoT AWS Step Functions
  • 12.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AWS Lambda permit model Granular security controls for invocation and execution Function policies: What can invoke the Lambda function? Execution role: What the Lambda function can access
  • 13.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Basic Function 'use strict' exports.handler = function (event, context, callback) { console.log(“Event:”, JSON.stringify(event)) callback(null, "Hello World!") } { “Records”:[ “s3”: { “object”:” { … } } ] } JSON Context
  • 14.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon API Gateway Internet Mobile Apps Websites Services AWS Lambda functions AWS All publicly accessible endpoints Amazon CloudWatch Monitoring Amazon CloudFront Any other AWS service Endpoints on Amazon EC2 AWS Step Functions Amazon API Gateway
  • 15.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Create a unified user interface for multiple microservices Authenticate and authorize the requests towards your backend DDoS and Throttling protection for your backend Accelerate, measure and monetize the use of API by external developers Amazon API Gateway
  • 16.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Security and indentities • User pools for security, directory of managed users • Identity pools for federation and role-based control access Amazon Cognito • Granular access control to AWS services AWS Identity and Access Management
  • 17.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Build serverless applications that comply with PCI and HIPAA Serverless platform services that can be used in both: AWS Lambda Amazon S3 Amazon CloudFront Amazon DynamoDB Amazon Kinesis Streams Amazon Cognito Amazon API Gateway Amazon SNS
  • 18.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Architecture Patterns
  • 19.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T "No server is easier to manage than any other server"
  • 20.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common uses of Serverless Web Applications • Static websites • Complex web applications Data processing • Real-time • MapReduce • Batch Chatbots • Provide logic to chatbots Backends • Apps and Services • Mobile Apps • IoT Amazon Alexa • Enable voice applications • Alexa Skills Kit IT automation • Policy engines • Extend AWS services • Infrastructure automation </ ></ >
  • 21.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CharacteristicsofWebApplications 1. Static and dynamic content 2. Microservices 3. Scalable 4. Authenticate and authorize 5. Globally available
  • 22.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T WebApplication Browser Amazon CloudFront Amazon S3 Microservices Amazon DynamoDB AWS LambdaAmazon API Gateway Amazon Cognito
  • 23.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Multi-Region withAPIGateway us-west-2 us-east-1 Client Amazon Route 53 Regional API Endpoint Regional API Endpoint Custom Domain Name Custom Domain Name Gateway API Gateway API Lambda Lambda
  • 24.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AutomationCharacteristics • Recurring jobs • Event-activated workflows • Enforcing security policies • Audits and notifications • Responding to alarms • Extending AWS functionality
  • 25.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Strengthening securitypolicies RDP from 0.0.0.0/0 RDP from 0.0.0.0/0 CloudWatch Event Bus in Another AWS account New Security Group rule that allows access Amazon CloudWatch Events: Rule AWS Lambda: Remediate and alert AWS SNS: alert for E-mail Entry rule DELETED
  • 26.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Image recognition and processing Web App Amazon Cognito: User authentication Amazon S3: Loading images Start state machine execution Extract image meta-data Amazon Rekognition: Object detection Invoke Amazon Rekognition Generate image thumbnail Amazon DynamoDB: Meta-data & image tags Store meta-data and tags https://github.com/awslabs/lambda-refarch-imagerecognition AWS Step Functions: Workflow orchestration Recognition and processing of Images
  • 27.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Streamdataprocessing characteristics • High rate of information intake • Processing almost in real-time (low latency from ingestion to processing) • Traffic peaks (many devices with intermittent network connections) • Message durability • Order of messages
  • 28.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Amazon Kinesis AWS Lambda 1 Amazon CloudWatch Amazon DynamoDB AWS Lambda 2 Amazon S3 Real-time data processing: 1. Event date is sent in real-time to Amazon Kinesis, which allows multiple functions of AWS Lambda to process the same events 2. In AWS Lambda, Function 1 processes and aggregates incoming event data, then stores resulting data in Amazon DynamoDB 3. Lambda Function 1 also sends data to Amazon CloudWatch for simple monitoring. 4. The Lambda 2 function performs data manipulation of incoming events and stores the results in Amazon S3 https://s3.amazonaws.com/awslambda-reference-architectures/stream-processing/lambda-refarch-streamprocessing.pdf AWS Lambda + Amazon Kinesis
  • 29.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Gathering of sensordata IoT rules IoT actions MQTT Amazon S3: Raw records Amazon Kinesis Firehose: Delivery stream Amazon S3: Batched records Amazon Kinesis Streams: Real-time stream AWS IoT: Data collection IoT Sensors Real-time analytics applications
  • 30.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T On-premises data Web app data Amazon RDS Other databases Streaming data Your Data Serverless data lake & analytics with AWS
  • 31.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T https://aws.amazon.com/serverless
  • 32.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Demo
  • 33.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T ServerlessTechnologies SAT (Guatemala) Mauricio Romero Tax Information Systems Advisor Superintendency of Tax Administration
  • 34.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Online Electronic Invoice on its own, would require as many resources as all the current systems of the SAT, including the receipt of statements. Two main strategies: 1. New architecture based on microservices. 2. Use of cloud services. Real-time processing Large volumes of information New types of databases Available and elastic Placement services CTI Operations continuity and disaster recovery Leading cloud services The biggest challenge and the technological strategy
  • 35.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Innovation process that took us to the cloud Started with POC proposed with three partners and a locally- made version  Microservices based on known technologies  Design based on opensource  Technology for data flows  NoSQL databases  Databases in memory  Leveraging expertise  Experienced consultants Overview of architecture originally designed
  • 36.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Reception architecture. Serverless application. Kinesis for data flows DynamoDB for noSQL Gateway API in process Lambda functions S3 for objects From design to development and operation of the system. Infra serverless: VPC Elastic balancing Route53 for DNS ACM for SSL certificates AWS Cloudwatch AWS Shield
  • 37.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Lessons learned and next steps Conservative decisions go for a change: - In tests replace EC2 with containers with Fargate (serverless) - Incorporation of the Gateway API for new services - In testing use DynamoDB on-demand (released in ReInvent 2018) Pilot evaluations: - AWS Glue evaluation - Aurora Serverless - Platform for BPMS/ECM • Evaluation of cloud services compatible with defined standards. • Estimation of compared costs according to transactionality.
  • 38.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Thank you! Eduardo Patiño balague@amazon.com Mauricio Romero SAT (Guatemala)
  • 39.
    © 2019, AmazonWeb Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T

Editor's Notes

  • #11 WYSIWYG, "What You See Is What You Get"
  • #23 Web application pattern - this is one of the common use case where customers are leveraging Serverless services. These are some of the key aspects of typical web application. And we want to build a reference architecture using Serverless services with these key characteristics in mind. There is static content, images, java scripts, css, etc being reneeded in your website, your application users might be seeking dynamic content, and you might have created a bunch of microservices! Of course, You want to provide a way for your users to authn and authz. And all of this while being able to scale and globally present!
  • #31 Combining Lambda and Kinesis is a popular architecture model for transmission applications, there are a couple of different components for Kinesis. Today, you can use two Kinesis firehose transmissions, you can use analysis and lambda can interact with all those, but mainly what we see customers do is ingest data and then have to do some sort of calculation almost in real-time against that data, so in this case we have a Kinesis flow coming and that information is being processed by Lambda. One of my Lambda functions will take that information. and put it on S3, the others might process that data and extract some metadata about something that went into Dynamo and maybe enter some data into the observation logs of the cloud. Maybe I'm processing an event flow from one of my own products. Many different things can be done in this space and this is again one of the largest use cases for service applications today. Bustle.com 52 million monthly users, and 100 million daily events. ___________________________ Combing Lambda and Kinesis is a popular architecture model for streaming applications, there's a couple different components to Kinesis today you can use two Kinesis firehose streams can use analytics and actually lambda can interface with all of those but primarily what we're seeing customers do ingesting data and then they need to do some sort of near real-time compute against that data and if in this case we have a kenisha stream coming in that data is then being processed by lambda one of my lambda functions is going to take that data and put it in s3 the other ones gonna maybe that data and pull out some metadata about something put into dynamo and maybe put some data into cloud watch logs maybe i'm processing an event stream from one of my own products and so there's a lot of different things that you can do in this space and this is again one of the biggest use cases for service applications today. Bustle.com 52 million monthly users, and 100 million events daily.
  • #37 Keypoints SAT is Guatemala's entity in charge of internal taxes and customs, created 20 years ago from a technology-based strategy. Income tax returns and import and export declarations at 100%. But FEL has been the greatest technological challenge for the SAT. Complete modernization of the strategy for this process.
  • #38 A team with mixed experience, business, current systems and cloud technologies was appointed. Through concept tests, a new architecture was developed, agnostic to the cloud or premises. Strong use of opensource for this, going through the process of installing servers for technologies such as Kafka.
  • #39 Comment that although it goes unnoticed, infrastructure services used reduce many costs of specialization and management. All the logic for reception and validation of FEL is serverless. Briefly comment each case, in particular commenting on how triggers operate between services, for example, how to trigger from on-premise we send a json to S3 that triggers a Lambda that loads information from taxpayers to redis, or how some of the public query APIs work via API Gateway - Lambda - DynamoDB - S3 (complete serverless)