Serverless Flashcards
What are the main serverless services in AWS
AWS Lambda, DynamoDB, AWS Cognito, AWS API Gateway, S3, SNS and SQS, Kinesis Data Firehose, Aurora, Step Functions, Fargate
What is lambda?
AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers. You can trigger Lambda from over 200 AWS services and software-as-a-service (SaaS) applications and only pay for what you use.
One function can get up to 10GB of Ram
Lambda supports many programming languages like JS, python, Java, C Sharp, Ruby, and Custom Runtime API.
Lambda can run in a container, and it must implement the Lambda Runtime API. It should run on ECS/Fargate.
What is Lambda’s limitation?
Execution:
The memory can be allocated from 128 MB to 10 GB at the increment of 1 MB. The maximum execution time for a lambda function is 15 minutes. Environment variables can be of four KB. This capacity in the function container means that means in the temp folder is from 512MB to 10GB.
Deployment:
Lambda function deployment size cannot be more than 50 MB, for a stop size of uncompressed deployments (code and dependency) would be up to 250 MB. The size of an environment variable is 4KB.
what are CloudFront functions?
With CloudFront Functions in Amazon CloudFront, you can write lightweight functions in JavaScript for high-scale, latency-sensitive CDN customizations. Your functions can manipulate the requests and responses that flow through CloudFront, perform basic authentication and authorization, generate HTTP responses at the edge, and more.
Scout front functions are used to change viewer requests and responses. It can change the viewer’s request after it receives a request from a viewer it can change the response before it’s sent to the viewer.
What is lambda@Edge?
Lambda@Edge is a feature of Amazon CloudFront that lets you run code closer to your application’s users, improving performance and reducing latency. With Lambda@Edge, you don’t have to provision or manage infrastructure in multiple locations around the world.
Lambda@Edge can help in changing not only the viewers request and response, but it can also change the request-response of the origin. NodeJS and python can be used for Lambda@Edge.
If Lambda functions directly accesses your database They may open too many connections under high load. Lambda should use RDS proxy for accessing RDS database instances. It improves scalability by pulling and sharing DB connections, improves availability and in case of failure failures and it improves security by enforcing IAM authentication and storing credentials in secret manager.
For Lambda function to use RDS proxy, it must be deployed in your
VPC because RDC proxy is never publicly accessible.
What is the difference between Cloud Edge Function and Lambda@Edge?
AWS Lambda@Edge, introduced in July 2017, is an extension of AWS Lambda with capabilities similar to CloudFront Functions, as it allows you to leverage Amazon CloudFront to deliver function results globally. While Lambda@Edge is quite robust, it’s not the best choice in many cases, especially those that require a small amount of computation before requests are served up by the CloudFront infrastructure or right before the responses to such requests are dispatched to end users, primarily because Lambda@Edge functions are executed in a regional edge cache (usually in the AWS region closest to the CloudFront edge location reached by the client) instead of the edge location itself.
https://www.honeybadger.io/blog/aws-cloudfront-functions/#:~:text=CloudFront%20Functions%20allow%20you%20to,Mar%207%2C%202022
What is API Gateway?
Amazon API Gateway is an AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale. API developers can create APIs that access AWS or other web services, as well as data stored in the AWS Cloud. As an API Gateway API developer, you can create APIs for use in your own client applications. Or you can make your APIs available to third-party app developers. For more information, see Who uses API Gateway?.
It can cache API responses.
What are API Gateway endpoints?
Edge Optimized (default): for global clients. the requests are routed through the cloud front edge locations, it helps in improving latency. The API gateway still lives in only one region, but it is accessible to all clients via the CloudFront.
Regional: For the clients within the same region. It would be combined with CloudFront for caching and distribution.
Private: Can only by accessed from your VPC using an interface VPC Endpoint (ENI)
What are API Gateway endpoints?
Edge Optimized (default): for global clients. the requests are routed through the cloud front edge locations, it helps in improving latency. The API gateway still lives in only one region, but it is accessible to all clients via the CloudFront.
Regional: For the clients within the same region. It would be combined with CloudFront for caching and distribution.
Private: Can only be accessed from your VPC using an interface VPC Endpoint (ENI)
What is API Gateway Security?
User Authentication through IAM Roles, Cognito, and Custom Authorizer.
Custom Domain name HTTPS security through integration with AWS Certificate Manager (ACM).
What is AWS Step function?
AWS Step Functions is a visual workflow service that helps developers use AWS services to build distributed applications, automate processes, orchestrate microservices, and create data and machine learning (ML) pipelines.
What Step Functions can do?
- Lambda tasks
- Activity tasks: activity worker, EC2 instances, mobile device, no prem DC.
- Service Tasks: connect to a supported AWS service,
- Wati tasks
Diference between Step functions - Standard vs Express?
Standard Workflows are ideal for long-running (up to one year), durable, and auditable workflows. You can retrieve the full execution history using the Step Functions API for up to 90 days after your execution completes.
Express Workflows are ideal for high-volume, event-processing workloads such as IoT data ingestion, streaming data processing and transformation, and mobile application backends. They can run for up to five minutes.
