SlideShare a Scribd company logo

Cloud Security Automation and Advanced Serverless Application Architecture

Download as PPTX, PDF
Tensult
Tensult

We have built a news website with more than a billion views per month and we are sharing the learnings from that experience covering Serverless architectures, Design considerations, and Gotchas.

Technology
1 of 21
Cloud Security Automation| | Advanced ServerlessApplicationArchitectureand Design Considerations DILIPKUMARKOLA,Co-founderandCTO, Tensult | 24th April2019
What is Serverless? • Serverless is, running the workloads on the Cloud without thinking about servers. • Examples: • Hosting an angular frontend website on AWS S3 bucket. • Implementing a backend API using AWS API Gateway, AWS Lambda and AWS DynamoDB. • Processing files when they get uploaded to AWS S3 bucket. • Send notifications to users using AWS SES when you sign up on the website. • And these are just a very few examples.
Why Serverless? Scalability AutomationFaster DeploymentsReduces Cost Low Maintenance
Large Scale multi-lingual news website 100% Serverless on AWS <12 months from concept to production CaseStudy News Website
1 DevOps Engg >1 Bn Page Views per month 60 Mn Monthly Active Users 7 languages
CMS Architecture Authorization of backend users Cognito User Pool CMS Application API Gateway CMS API CloudFront Cognito Identity Pool S3 DynamoDB Lambda Elastic Search Populating to ES to enable search Lambda S3 Sitemaps and RSS feeders CMS User For storing photos and videos
News Website Architecture API Gateway Website API CloudFront DynamoDB Elastic Search S3 Web User Sitemaps and RSS feeders News Data Retrieval
NewsletterArchitecture CloudWatch Rule Fetch Newsletter Template S3 Cache Elastic Search Fetch List of Users Send Newsletter SES SNS Send Token to fetch next User List Newsletters Function Lambda
How Does AWSLambdaWork? • Function as a Service from AWS. • Upload function code written in • NodeJS, Java, Python, Go, Ruby, .Net etc. • Lambda creates a docker image and executes them • Automatically scales based on the requests. • Supports Pull and Push models. • In Pull model, the Lambda trigger reads the events from streams and processes them. • In Push model, we need to call Lambda function directly using API (API Gateway) • Billing is based on the memory allocated and duration of execution.
Key Aspects in Design
Lambda DesignConsiderations • Avoid loops in Data flows • Remember about Cold Starts • Avoid duplication of code • Add caching where possible • Tune the function configuration • Use versions and aliases • Treat global variables as constants • Know what you are logging
AWS Lambda scales very fast so if there is any loop in the data flow then it will keep on creating new containers to handle the new requests leading the bill to shoot up very fast so before deploying any serverless solution first fully understand the data flow and make sure there are no loops. • To detect loops keep monitoring • Invocation count • Billing Avoidloops inthe Data flows S3 Lambda Store thumbnails images Generate thumbnails
• AWS Lambda takes some time to start the first container and also the container will be removed when it idle some time. • Solution: • We can keep calling the AWS Lambda function every one minute using AWS CloudWatch event rules. • Refactor the function code to start faster by lazily loading the components. RememberaboutCold Starts CloudWatch Rule Lambda Pinger
Avoidduplication of code • It is a common danger in FaaS or microservice implementations as there are many decoupled components so developers tend to duplicate the same code at multiple places and this can become really unmanageable. • Define common code as libraries and reuse them in various functions and microservices. • Incase of NodeJS environment, we can refer common libraries as dependencies using local directory paths. • AWS Lambda service provides a feature called Layers in order to share the common code and libraries across multiple Lambda functions.
Addcaching where possible • AWS Lambda scales but there are limits and our limit is 2500 concurrent executions and we were hitting this limit and afterwards we added caching on top of the APIs. • When we send a push notification to our mobile users, we get more than 50K requests per second to our backend Lambda functions and AWS Lambda used to throttle us. • Then we restricted access to our API end points via CDN for mobile users as the requests are getting cached at CDN and only cache misses reaches to backend so considerably load is reduced on the backend Lambda functions. • So keep monitoring for throttles and errors.
Tune the function configuration • Memory determines both CPU and RAM allocated to function • Low memory doesn’t always means cost effective as it leads to low CPU, so requests might take more time leading to you paying even more. • Try different memory settings and analyze the request execution times then choose appropriate memory setting. • Don’t forget to tune this setting after every major update to the function.
Use versions andaliases • When updating the function make sure to create a new version. • This allows us to easily roll back the functions incase of failures. • We can also use aliases for A/B testing by pointing our APIs to a different alias. • Be aware of limits on storage and then decide the number of versions needed. Source
Treatglobal variablesas constants • AWS Lambda cache all the global variables and context across the requests so we can't change the global variables while requests are processing. If we do that then the data might get corrupted. • Solution: • Code review before deploying the functions to Lambda. • Do thorough testing in dev/staging environments before pushing functions to prod environment.
Know what you arelogging • Lambda integrates with CloudWatch for logs and CloudWatch provides good searching features but ingestion cost is high, so in the production only log warnings and errors. • Set retention for logs appropriately, by default logs in CloudWatch service are retained forever but that may not be necessary for business case. • In case you need to keep logs for a very long time for compliance reasons then move them to S3/Glacier services.
AboutUs • Founded in 2017, Tensult is a Technology Consulting Company for the cloud • Started by passionate, ex-AWS people who brings in-depth cloud knowledge and expertise • Automation First approach • 20+ Happy Customers
Thank You Sample our work Questions? Drop us a note at sales@tensult.com https://github.com/tensult https://blogs.tensult.com Follow us https://linkedin.com/company/tensult https://twitter.com/tensultdotcom

Recommended

Serverless Computing
Serverless Computing Serverless Computing
Serverless Computing Rushi Namani
 
Serverless data processing with Data Pipeline
Serverless data processing with Data PipelineServerless data processing with Data Pipeline
Serverless data processing with Data PipelineRadek Miazio
 
Serverless Architectures on AWS Lambda
Serverless Architectures on AWS LambdaServerless Architectures on AWS Lambda
Serverless Architectures on AWS LambdaSerhat Can
 
What's New with AWS Lambda
What's New with AWS LambdaWhat's New with AWS Lambda
What's New with AWS LambdaAmazon Web Services
 
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)Amazon Web Services
 
Meetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesMeetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesAWS Vietnam Community
 
Build a Serverless Web Application in One Day - DevDay Austin 2017
Build a Serverless Web Application in One Day - DevDay Austin 2017Build a Serverless Web Application in One Day - DevDay Austin 2017
Build a Serverless Web Application in One Day - DevDay Austin 2017Amazon Web Services
 
What is AWS lambda?
What is AWS lambda?What is AWS lambda?
What is AWS lambda?Whizlabs
 

Recommended

Serverless Computing
Serverless Computing Serverless Computing
Serverless Computing Rushi Namani
 
Serverless data processing with Data Pipeline
Serverless data processing with Data PipelineServerless data processing with Data Pipeline
Serverless data processing with Data PipelineRadek Miazio
 
Serverless Architectures on AWS Lambda
Serverless Architectures on AWS LambdaServerless Architectures on AWS Lambda
Serverless Architectures on AWS LambdaSerhat Can
 
What's New with AWS Lambda
What's New with AWS LambdaWhat's New with AWS Lambda
What's New with AWS LambdaAmazon Web Services
 
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)
AWS re:Invent 2016: Real-time Data Processing Using AWS Lambda (SVR301)Amazon Web Services
 
Meetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesMeetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesAWS Vietnam Community
 
Build a Serverless Web Application in One Day - DevDay Austin 2017
Build a Serverless Web Application in One Day - DevDay Austin 2017Build a Serverless Web Application in One Day - DevDay Austin 2017
Build a Serverless Web Application in One Day - DevDay Austin 2017Amazon Web Services
 
What is AWS lambda?
What is AWS lambda?What is AWS lambda?
What is AWS lambda?Whizlabs
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017Amazon Web Services
 
Cloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureCloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureAWS Vietnam Community
 
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...Amazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Bridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and KafkaBridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and KafkaPengfei (Jason) Li
 
Serverless Architecture on AWS
Serverless Architecture on AWSServerless Architecture on AWS
Serverless Architecture on AWSRajind Ruparathna
 
AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...Luciano Mammino
 
The Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel AvivThe Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel AvivAmazon Web Services
 
Introduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-ITIntroduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-ITChitpong Wuttanan
 
Introduction to Serverless
Introduction to ServerlessIntroduction to Serverless
Introduction to ServerlessNikolaus Graf
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSAmazon Web Services
 
Continuous Deployment in AWS Lambda
Continuous Deployment in AWS LambdaContinuous Deployment in AWS Lambda
Continuous Deployment in AWS LambdaShu Ting Tseng
 
AWS - Lambda Fundamentals
AWS - Lambda FundamentalsAWS - Lambda Fundamentals
AWS - Lambda FundamentalsPiyush Agrawal
 
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...Amazon Web Services
 
High Performance Serverless Functions in Scala
High Performance Serverless Functions in ScalaHigh Performance Serverless Functions in Scala
High Performance Serverless Functions in ScalaJason Swartz
 
Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern Thanh Nguyen
 
aws lambda & api gateway
aws lambda & api gatewayaws lambda & api gateway
aws lambda & api gatewayfumihiko hata
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloudЕкатерина Задорожная
 
Let's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS LambdaLet's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS LambdaOkis Chuang
 
Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2kartraj
 
Serverless at Lifestage
Serverless at LifestageServerless at Lifestage
Serverless at LifestageBATbern
 

More Related Content

What's hot

Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017Amazon Web Services
 
Cloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureCloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureAWS Vietnam Community
 
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...Amazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Bridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and KafkaBridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and KafkaPengfei (Jason) Li
 
Serverless Architecture on AWS
Serverless Architecture on AWSServerless Architecture on AWS
Serverless Architecture on AWSRajind Ruparathna
 
AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...Luciano Mammino
 
The Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel AvivThe Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel AvivAmazon Web Services
 
Introduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-ITIntroduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-ITChitpong Wuttanan
 
Introduction to Serverless
Introduction to ServerlessIntroduction to Serverless
Introduction to ServerlessNikolaus Graf
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSAmazon Web Services
 
Continuous Deployment in AWS Lambda
Continuous Deployment in AWS LambdaContinuous Deployment in AWS Lambda
Continuous Deployment in AWS LambdaShu Ting Tseng
 
AWS - Lambda Fundamentals
AWS - Lambda FundamentalsAWS - Lambda Fundamentals
AWS - Lambda FundamentalsPiyush Agrawal
 
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...Amazon Web Services
 
High Performance Serverless Functions in Scala
High Performance Serverless Functions in ScalaHigh Performance Serverless Functions in Scala
High Performance Serverless Functions in ScalaJason Swartz
 
Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern Thanh Nguyen
 
aws lambda & api gateway
aws lambda & api gatewayaws lambda & api gateway
aws lambda & api gatewayfumihiko hata
 
Let's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS LambdaLet's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS LambdaOkis Chuang
 

What's hot (20)

Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
 
Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017Building Serverless Web Applications - DevDay Austin 2017
Building Serverless Web Applications - DevDay Austin 2017
 
Cloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureCloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless Architecture
 
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
AWS re:Invent 2016: Get Technically Inspired by Container-Powered Migrations ...
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
 
Bridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and KafkaBridging the Gap: Connecting AWS and Kafka
Bridging the Gap: Connecting AWS and Kafka
 
Serverless Architecture on AWS
Serverless Architecture on AWSServerless Architecture on AWS
Serverless Architecture on AWS
 
AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...AWS Lambda and Serverless framework: lessons learned while building a serverl...
AWS Lambda and Serverless framework: lessons learned while building a serverl...
 
The Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel AvivThe Pace of Innovation - Pop-up Loft Tel Aviv
The Pace of Innovation - Pop-up Loft Tel Aviv
 
Introduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-ITIntroduce AWS Lambda for newbie and Non-IT
Introduce AWS Lambda for newbie and Non-IT
 
Introduction to Serverless
Introduction to ServerlessIntroduction to Serverless
Introduction to Serverless
 
Running Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWSRunning Containerised Applications at Scale on AWS
Running Containerised Applications at Scale on AWS
 
Continuous Deployment in AWS Lambda
Continuous Deployment in AWS LambdaContinuous Deployment in AWS Lambda
Continuous Deployment in AWS Lambda
 
AWS - Lambda Fundamentals
AWS - Lambda FundamentalsAWS - Lambda Fundamentals
AWS - Lambda Fundamentals
 
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
AWS re:Invent 2016: Technical Tips for Helping SAP Customers Succeed on AWS (...
 
High Performance Serverless Functions in Scala
High Performance Serverless Functions in ScalaHigh Performance Serverless Functions in Scala
High Performance Serverless Functions in Scala
 
Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern Migrating Monolithic Applications with the Strangler Pattern
Migrating Monolithic Applications with the Strangler Pattern
 
aws lambda & api gateway
aws lambda & api gatewayaws lambda & api gateway
aws lambda & api gateway
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloud
 
Let's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS LambdaLet's Talk About Serverless - Focusing on AWS Lambda
Let's Talk About Serverless - Focusing on AWS Lambda
 

Similar to Cloud Security Automation and Advanced Serverless Application Architecture

Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2kartraj
 
Serverless at Lifestage
Serverless at LifestageServerless at Lifestage
Serverless at LifestageBATbern
 
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...Amazon Web Services
 
Serverless Architecture Patterns
Serverless Architecture PatternsServerless Architecture Patterns
Serverless Architecture PatternsAmazon Web Services
 
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewayStephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewaySteve Androulakis
 
Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017ARDC
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)Amazon Web Services
 
AWS Cloud Kata | Manila - Getting to Scale on AWS
AWS Cloud Kata | Manila - Getting to Scale on AWSAWS Cloud Kata | Manila - Getting to Scale on AWS
AWS Cloud Kata | Manila - Getting to Scale on AWSAmazon Web Services
 
AWS Lambda Functions A Comprehensive Guide
AWS Lambda Functions A Comprehensive GuideAWS Lambda Functions A Comprehensive Guide
AWS Lambda Functions A Comprehensive GuideInexture Solutions
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T... Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...Amazon Web Services
 
Getting Started with AWS Lambda & Serverless Cloud
Getting Started with AWS Lambda & Serverless CloudGetting Started with AWS Lambda & Serverless Cloud
Getting Started with AWS Lambda & Serverless CloudIan Massingham
 
AWS re:Invent 2016: AWS Database State of the Union (DAT320)
AWS re:Invent 2016: AWS Database State of the Union (DAT320)AWS re:Invent 2016: AWS Database State of the Union (DAT320)
AWS re:Invent 2016: AWS Database State of the Union (DAT320)Amazon Web Services
 
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksDeep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksAmazon Web Services
 
Developing serverless applications with .NET on AWS
Developing serverless applications with .NET on AWSDeveloping serverless applications with .NET on AWS
Developing serverless applications with .NET on AWSWoody Pewitt
 
Infinite Scaling using Lambda and Aws - Atlogys Tech Talk
Infinite Scaling using Lambda and Aws - Atlogys Tech TalkInfinite Scaling using Lambda and Aws - Atlogys Tech Talk
Infinite Scaling using Lambda and Aws - Atlogys Tech TalkAtlogys Technical Consulting
 
Skillenza Build with Serverless Challenge - Advanced Serverless Concepts
Skillenza Build with Serverless Challenge - Advanced Serverless ConceptsSkillenza Build with Serverless Challenge - Advanced Serverless Concepts
Skillenza Build with Serverless Challenge - Advanced Serverless ConceptsDhaval Nagar
 

Similar to Cloud Security Automation and Advanced Serverless Application Architecture (20)

Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2Serverlessusecase workshop feb3_v2
Serverlessusecase workshop feb3_v2
 
Serverless at Lifestage
Serverless at LifestageServerless at Lifestage
Serverless at Lifestage
 
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...
 
Serverless Architecture Patterns
Serverless Architecture PatternsServerless Architecture Patterns
Serverless Architecture Patterns
 
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewayStephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
 
Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017
 
Managing Your Cloud Assets
Managing Your Cloud AssetsManaging Your Cloud Assets
Managing Your Cloud Assets
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
 
AWS Cloud Kata | Manila - Getting to Scale on AWS
AWS Cloud Kata | Manila - Getting to Scale on AWSAWS Cloud Kata | Manila - Getting to Scale on AWS
AWS Cloud Kata | Manila - Getting to Scale on AWS
 
AWS Lambda and Serverless Cloud
AWS Lambda and Serverless CloudAWS Lambda and Serverless Cloud
AWS Lambda and Serverless Cloud
 
AWS Lambda Functions A Comprehensive Guide
AWS Lambda Functions A Comprehensive GuideAWS Lambda Functions A Comprehensive Guide
AWS Lambda Functions A Comprehensive Guide
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless Cloud
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless Computing
 
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T... Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
 
Getting Started with AWS Lambda & Serverless Cloud
Getting Started with AWS Lambda & Serverless CloudGetting Started with AWS Lambda & Serverless Cloud
Getting Started with AWS Lambda & Serverless Cloud
 
AWS re:Invent 2016: AWS Database State of the Union (DAT320)
AWS re:Invent 2016: AWS Database State of the Union (DAT320)AWS re:Invent 2016: AWS Database State of the Union (DAT320)
AWS re:Invent 2016: AWS Database State of the Union (DAT320)
 
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksDeep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
 
Developing serverless applications with .NET on AWS
Developing serverless applications with .NET on AWSDeveloping serverless applications with .NET on AWS
Developing serverless applications with .NET on AWS
 
Infinite Scaling using Lambda and Aws - Atlogys Tech Talk
Infinite Scaling using Lambda and Aws - Atlogys Tech TalkInfinite Scaling using Lambda and Aws - Atlogys Tech Talk
Infinite Scaling using Lambda and Aws - Atlogys Tech Talk
 
Skillenza Build with Serverless Challenge - Advanced Serverless Concepts
Skillenza Build with Serverless Challenge - Advanced Serverless ConceptsSkillenza Build with Serverless Challenge - Advanced Serverless Concepts
Skillenza Build with Serverless Challenge - Advanced Serverless Concepts
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Cloud Security Automation and Advanced Serverless Application Architecture

  • 1. Cloud Security Automation| | Advanced ServerlessApplicationArchitectureand Design Considerations DILIPKUMARKOLA,Co-founderandCTO, Tensult | 24th April2019
  • 2. What is Serverless? • Serverless is, running the workloads on the Cloud without thinking about servers. • Examples: • Hosting an angular frontend website on AWS S3 bucket. • Implementing a backend API using AWS API Gateway, AWS Lambda and AWS DynamoDB. • Processing files when they get uploaded to AWS S3 bucket. • Send notifications to users using AWS SES when you sign up on the website. • And these are just a very few examples.
  • 3. Why Serverless? Scalability AutomationFaster DeploymentsReduces Cost Low Maintenance
  • 4. Large Scale multi-lingual news website 100% Serverless on AWS <12 months from concept to production CaseStudy News Website
  • 5. 1 DevOps Engg >1 Bn Page Views per month 60 Mn Monthly Active Users 7 languages
  • 6. CMS Architecture Authorization of backend users Cognito User Pool CMS Application API Gateway CMS API CloudFront Cognito Identity Pool S3 DynamoDB Lambda Elastic Search Populating to ES to enable search Lambda S3 Sitemaps and RSS feeders CMS User For storing photos and videos
  • 8. NewsletterArchitecture CloudWatch Rule Fetch Newsletter Template S3 Cache Elastic Search Fetch List of Users Send Newsletter SES SNS Send Token to fetch next User List Newsletters Function Lambda
  • 9. How Does AWSLambdaWork? • Function as a Service from AWS. • Upload function code written in • NodeJS, Java, Python, Go, Ruby, .Net etc. • Lambda creates a docker image and executes them • Automatically scales based on the requests. • Supports Pull and Push models. • In Pull model, the Lambda trigger reads the events from streams and processes them. • In Push model, we need to call Lambda function directly using API (API Gateway) • Billing is based on the memory allocated and duration of execution.
  • 10. Key Aspects in Design
  • 11. Lambda DesignConsiderations • Avoid loops in Data flows • Remember about Cold Starts • Avoid duplication of code • Add caching where possible • Tune the function configuration • Use versions and aliases • Treat global variables as constants • Know what you are logging
  • 12. AWS Lambda scales very fast so if there is any loop in the data flow then it will keep on creating new containers to handle the new requests leading the bill to shoot up very fast so before deploying any serverless solution first fully understand the data flow and make sure there are no loops. • To detect loops keep monitoring • Invocation count • Billing Avoidloops inthe Data flows S3 Lambda Store thumbnails images Generate thumbnails
  • 13. • AWS Lambda takes some time to start the first container and also the container will be removed when it idle some time. • Solution: • We can keep calling the AWS Lambda function every one minute using AWS CloudWatch event rules. • Refactor the function code to start faster by lazily loading the components. RememberaboutCold Starts CloudWatch Rule Lambda Pinger
  • 14. Avoidduplication of code • It is a common danger in FaaS or microservice implementations as there are many decoupled components so developers tend to duplicate the same code at multiple places and this can become really unmanageable. • Define common code as libraries and reuse them in various functions and microservices. • Incase of NodeJS environment, we can refer common libraries as dependencies using local directory paths. • AWS Lambda service provides a feature called Layers in order to share the common code and libraries across multiple Lambda functions.
  • 15. Addcaching where possible • AWS Lambda scales but there are limits and our limit is 2500 concurrent executions and we were hitting this limit and afterwards we added caching on top of the APIs. • When we send a push notification to our mobile users, we get more than 50K requests per second to our backend Lambda functions and AWS Lambda used to throttle us. • Then we restricted access to our API end points via CDN for mobile users as the requests are getting cached at CDN and only cache misses reaches to backend so considerably load is reduced on the backend Lambda functions. • So keep monitoring for throttles and errors.
  • 16. Tune the function configuration • Memory determines both CPU and RAM allocated to function • Low memory doesn’t always means cost effective as it leads to low CPU, so requests might take more time leading to you paying even more. • Try different memory settings and analyze the request execution times then choose appropriate memory setting. • Don’t forget to tune this setting after every major update to the function.
  • 17. Use versions andaliases • When updating the function make sure to create a new version. • This allows us to easily roll back the functions incase of failures. • We can also use aliases for A/B testing by pointing our APIs to a different alias. • Be aware of limits on storage and then decide the number of versions needed. Source
  • 18. Treatglobal variablesas constants • AWS Lambda cache all the global variables and context across the requests so we can't change the global variables while requests are processing. If we do that then the data might get corrupted. • Solution: • Code review before deploying the functions to Lambda. • Do thorough testing in dev/staging environments before pushing functions to prod environment.
  • 19. Know what you arelogging • Lambda integrates with CloudWatch for logs and CloudWatch provides good searching features but ingestion cost is high, so in the production only log warnings and errors. • Set retention for logs appropriately, by default logs in CloudWatch service are retained forever but that may not be necessary for business case. • In case you need to keep logs for a very long time for compliance reasons then move them to S3/Glacier services.
  • 20. AboutUs • Founded in 2017, Tensult is a Technology Consulting Company for the cloud • Started by passionate, ex-AWS people who brings in-depth cloud knowledge and expertise • Automation First approach • 20+ Happy Customers
  • 21. Thank You Sample our work Questions? Drop us a note at sales@tensult.com https://github.com/tensult https://blogs.tensult.com Follow us https://linkedin.com/company/tensult https://twitter.com/tensultdotcom