Serverless Overview Flashcards
What AWS services are serverless?
- AWS Lambda & Step Functions
- DynamoDB
- AWS Cognito
- AWS API Gateway
- Amazon S3
- AWS SNS & SQS
- AWS Kinesis
- Aurora Serverless
Pricing on AWS Lambda?
- Pay per request and compute time
• $0.20 per 1 million requests thereafter ($0.0000002 per request)
- 400,000 GB-seconds of compute time per month if FREE • == 400,000 seconds if function is 1GB RAM
- == 3,200,000 seconds if function is 128 MB RAM
- After that $1.00 for 600,000 GB-seconds
• Free tier of 1,000,000 AWS Lambda requests and 400,000 GBs of compute time
Lambda Timeout
Default 3 seconds, max 300s (5minutes) (new limit 15 minutes) Exam expects 5 minutes
Lambda - Security - This must be attached to the Lambda function
IAM execution role
Lambda - Disk capacity?
512 MB
Lambda - Concurrency limits
1000
Lambda - Deployment - Max Lambda function deployment size
50MB
Lambda - Size of uncompressed deployment (code + dependencies)
150MB
Lambda - Can use __ directory to load other files at startup
/tmp
Lambda - Size of environment variables
4KB
DynamoDB - Is what kind of DB?
NoSQL database - not a relational database
DynamoDB is made of __?
tables
Each DynamoDB has a ___?
Primary key
Each DynamoDB item has ___?
Attributes (can be added over time – can be null)
max size of a DDB item?
400KB
What data types are supported in DDB?
- Scalar Types: String, Number, Binary, Boolean, Null
- DocumentTypes:List,Map
- Set Types: String Set, Number Set, Binary Set
DDB If burst credit are empty, you’ll get a __?
“ProvisionedThroughputException”.
Explain DDB Dax
- DAX = DynamoDB Accelerator
* Seamless cache for DynamoDB, no application re- write
What does DDB DAX solve?
- Solves the Hot Key problem (too many reads)
* 5 minutes TTL for cache by default
Explain DDB Streams
- Changes in DynamoDB (Create, Update, Delete) can end up in a DynamoDB Stream
- This stream can be read by AWS Lambda, and we can then do:
- React to changes in real time (welcome email to new users)
- Analytics
List some features of API Gateway
- Handle API versioning (v1, v2…)
- Handle different environments (dev, test, prod…)
- Handle security (Authentication and Authorization)
- Create API keys, handle request throttling
- Swagger / Open API import to quickly define APIs • Transform and validate requests and responses
- Generate SDK and API specifications
- Cache API responses
API Gateway – Security - IAM Permissions
- Create an IAM policy authorization and attach to User / Role
- API Gateway verifies IAM permissions passed by the calling application
- Good to provide access within your own infrastructure
- Leverages “Sig v4” capability where IAM credential are in headers IAM
Explain API Gateway – Security Lambda Authorizer (formerly Custom Authorizers)
- Uses AWS Lambda to validate the token in header being passed • Option to cache result of authentication
- Helps to use OAuth / SAML / 3rd party type of authentication
- Lambda must return an IAM policy for the user
Explain API Gateway – Security Cognito User Pools
- Cognito fully manages user lifecycle
- API gateway verifies identity automatically from AWS Cognito • No custom implementation required
- Cognito only helps with authentication, not authorization
