Lambda Flashcards
This deck aims to help retain concepts related to the AWS Lambda service.
Which AWS service provides event-driven, serverless computing capabilities, enabling developers to execute code in response to events without managing or provisioning servers, while automatically handling the required computing resources?
AWS Lambda
What is the primary element of a Lambda function that must be specified upon creation, where the function’s code is loaded and executed?
Runtime Environment (e.g. Python 3.8), which includes allocated memory, the amount of memory determines the vCPU allocation (e.g. 1769MB of memory equals 1 vCPU)
What feature allows for the creation of custom runtime environments in AWS Lambda?
Layers can be used to create custom runtime (e.g. Rust)
How is AWS Lambda billed?
Billed for the duration that the function runs
Can a Lambda function maintain a persistent state?
No, Lambda functions are stateless
What is the maximum allowed size for an AWS Lambda deployment package?
Hint: code deployed to the function.
- Up to 50MB zipped
- 250MB unzipped
- 10GB for an uncompressed container image including all layers
What are the minimum and maximum memory allocations for a Lambda function?
Memory can be defined from 128MB to 10,240MB in 1MB increments, the amount of memory directly affects the vCPU allocation (e.g. 1769MB equals 1 vCPU)
Does AWS Lambda provide temporary storage for data?
Yes, Lambda provides 512MB of default storage at /tmp, which can be increased up to 10,240MB
Is there a limit on the execution time for AWS Lambda functions?
Yes, Lambda functions can run for a maximum of 900 seconds (15 minutes) before timing out, making it unsuitable for tasks exceeding 15 minutes in execution time
Can AWS Lambda execute functions within Docker containers?
Technically, yes, Lambda can run Docker images specifically built for its environment, however, during exams, Docker is generally considered an anti-pattern for Lambda
How does AWS Lambda address security concerns, and how can a function access other AWS services?
- Execution Role with an IAM policy is used to grants necessary permissions to access other AWS services during execution
- Trust Policy is used to allows Lambda to assume Execution Role
- Resource-based policy is used controls which services or AWS accounts can or invoke the function
What are some ideal use cases for AWS Lambda?
- Core component of serverless architectures (along with S3 and API Gateway)
- File processing (with S3 and S3 Events)
- Database triggers (with DynamoDB and DynamoDB Streams)
- Serverless CRON jobs (with EventBridge/CloudWatch Events)
- Real-time stream data processing (with Kinesis)
What are the two networking modes available for AWS Lambda?
- Public Networking (the default)
- VPC Networking
Which AWS Lambda networking mode provides access to public AWS services (e.g., SQS, DynamoDB) and the public internet?
Public Networking mode
Which AWS Lambda networking mode offers the best performance?
Public Networking mode, as it does not require customer-specific VPC networking
Which AWS Lambda networking mode does not provide access to services within a VPC, unless those services have public IP addresses and security controls permit external access?
Public Networking mode
Which AWS Lambda networking mode is typically the default choice?
Public Networking mode.
What configuration is needed for an AWS Lambda function in VPC Networking mode to access the public internet?
Configure it similarly to other private services, using a VPC Gateway Endpoint for services like DynamoDB or a NAT Gateway in a public subnet for outbound internet access
Which AWS Lambda networking mode operates in a private subnet within a VPC?
VPC Networking mode
Which AWS Lambda networking mode adheres to the same rules as other services within a VPC?
VPC Networking mode
Which AWS Lambda networking mode can freely access other VPC-based resources?
VPC Networking mode
Which AWS Lambda networking mode has no access outside the VPC unless configured otherwise?
VPC Networking mode
What tracing and monitoring options are available for AWS Lambda functions?
- CloudWatch for tracking invocation success/failure, retries, and latency
- CloudWatch Logs for Lambda execution logs
- AWS X-Ray for distributed tracing
Which AWS Lambda networking mode may experience an initial invocation delay of up to 90 seconds?
VPC Networking mode, due to the setup of Security Groups and Subnets, and the allocation of an Elastic Network Interface (ENI) in the customer’s VPC
Does AWS Lambda require additional permissions to use CloudWatch Logs?
Yes, these permissions are provided via the Execution Role
Which AWS Lambda component represents the combination of function configuration and code?
Version, once a version is published, it becomes immutable and has its own ARN, while $Latest points to the most recent version
Which AWS Lambda feature allows you to point to a specific function version?
Alias, has unique ARN, and can be updated to point to a specific function version (e.g. Prod, Stage)
What invocation modes are supported by AWS Lambda?
- Synchronous Invocation
- Asynchronous Invocation
- Polling Invocation (event sourcing)
Which AWS Lambda invocation mode is used to invoke the function directly via API/CLI or indirectly through API Gateway?
Synchronous Invocation mode
Which AWS Lambda invocation mode is used when providing the function with data during the call?
Synchronous Invocation mode
Which AWS Lambda invocation mode is used when services invoke the Lambda function on your behalf, such as S3 event triggers invoking the function when an object is uploaded to the bucket?
Asynchronous Invocation mode
Which AWS Lambda invocation mode is used when the client is waiting for the response?
Synchronous Invocation mode
Which AWS Lambda invocation mode is used when responses are immediately returned?
Synchronous Invocation mode
Which AWS Lambda invocation mode is used when errors or retries are handled by the client?
Synchronous Invocation mode
Which AWS Lambda invocation mode is used when the service does not wait for the response?
Asynchronous Invocation mode
Which AWS Lambda invocation mode is used when the Lambda service is responsible for retries (configurable between 0 and 2 times)?
Asynchronous Invocation mode
Which AWS Lambda invocation mode is used when the function needs to be idempotent?
Asynchronous Invocation mode
Which AWS Lambda invocation mode allows SQS queues or SNS topics to be used as a dead letter queue (DLQ) to store failed invocation attempts for further analysis?
- Asynchronous Invocation
- Polling Invocation
Which AWS Lambda invocation mode allows an event processed by Lambda functions to be delivered to other destinations (e.g., SNS, SQS, Lambda, EventBridge), with separate destinations for successful or failed processing?
Asynchronous Invocation mode
Which AWS Lambda invocation mode is used for event sources like Kinesis, DynamoDB Streams, or SQS, where the event source doesn’t generate events to invoke Lambda directly?
The Polling Invocation mode
- Lambda polls the event source (e.g., streams or queues), retrieves batches of events, and processes them in a single invocation
- Can handle multiple events in one batch
- Permissions for event source mapping are defined in the Lambda execution role
What steps occur when an AWS Lambda function is executed?
- The execution context is initialized (underlying physical hardware)
- The runtime environment is downloaded and installed
- The deployment package, along with any dependencies, is downloaded and installed
Each of these steps adds to the overall execution time
What is the process called when a Lambda function is invoked and the execution context needs to be initialized from scratch?
Cold Start (this invocation can take several hundred milliseconds or more)
What is the process called when a Lambda function is invoked, and the execution context has already been initialized with the deployment package downloaded and installed?
Warm Start (this invocation typically takes just a few milliseconds)
Which AWS Lambda feature can be used to keep multiple execution contexts pre-warmed and ready to improve invocation speed?
Provisioned Concurrency, useful for reducing cold start latencies for functions but incurs no additional charges
How many Lambda functions can run concurrently within a single execution context?
Only one function can run per execution context, therefore, if 20 functions are triggered simultaneously, 20 separate Cold Starts would be initiated
Can a service that invokes AWS Lambda always guarantee that the function will be executed in a Warm Start?
No, every function invocation should expect to be executed as a Cold Start
How can you optimize AWS Lambda invocation if downloading specific assets within the function is causing delays?
Use the /tmp storage to pre-download necessary assets (the /tmp storage can be configured to range between 512 MB and 10,240 MB)
Which AWS Lambda feature can be used to reserve the maximum number of concurrent instances allocated to your function so no other function can use that concurrency?
Reserved concurrency, useful for ensuring that your most critical functions always have enough concurrency to handle incoming requests but incurs no additional charges
What action is required to create a new version of an AWS Lambda function?
Publish new version
Can a version of an AWS Lambda function be modified?
No, once published, versions are immutable
What data is locked in an AWS Lambda function version once published?
- Function code
- Dependencies
- Runtime
- Settings
- Environment variables
What type of ARN points to the $LATEST AWS Lambda function version?
Unqualified ARNarn:aws:lambda:us-east-1:048475719107:function:function-name
What type of ARN points to a specific AWS Lambda function version?
Qualified ARNarn:aws:lambda:us-east-1:048475719107:function:function-name:1
How can requests be routed to multiple AWS Lambda function versions using an alias?
Create a weighted alias by assigning a portion of traffic to an additional version
How can tracing be enabled for an AWS Lambda function?
- Via the console or CLI command `aws lambda update-function-configuration –function-name my-function –tracing-config Mode=Active
- Use the X-Ray SDK within the function
What permissions should the AWS Lambda Execution role have to report tracing to AWS X-Ray?
managed policy
What is the AWS Lambda feature that provides a container with additional code, such as libraries, dependencies, or custom runtimes, the contents of which are extracted to the /opt
directory in the execution environment?
Lambda Layer
What are the primary use cases for AWS Lambda Layers?
- Reduce the size of deployment packages
- Separate core function logic from dependencies
- Share dependencies across multiple functions
- Use the Lambda console code editor
What AWS Lambda feature is used to test functions packaged as containers locally?
AWS Lambda Runtime Interface Emulator (RIE)
When integrating AWS Lambda with AWS ALB, which feature enables headers with multiple values or query string parameters with multiple values for the same key?
Multi-value headers and parameters, included in:multiValueQueryStringParameters: { "key": ["val1", "val2"]}
When is a resource-based policy required for an AWS Lambda function?
- When a service needs to invoke the function but cannot assume a role
- For cross-account interactions.
Which environment variables does AWS Lambda use to communicate with AWS X-Ray?
Which CLI command can be used to test a new version of an AWS Lambda function by routing 5% of traffic to it?
`aws lambda create-alias \
–name <alias-name> \
--function-name <function-name> \
--routing-config AdditionalVersionWeights={"<version-number>":0.05}</version-number></function-name></alias-name>
How can you avoid latency bottlenecks in AWS Lambda during traffic spikes for an upcoming event?
Configure Application Auto Scaling to manage Lambda’s provisioned concurrency based on a schedule
What is the maximum number of environment variables for AWS Lambda?
There is no specific limit on the number of environment variables, but the combined size of all environment variables must not exceed 4 KB
Can AWS Lambda use layers with container images?
No, layers can only be used with Lambda deployed as a zip file archive.