AWS Lambda is a compute service that runs your code without provisioning or managing servers. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This session will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to Amazon DynamoDB. We will run through a demo of setting up a simple serverless blogging web application that allows user authentication and the ability to create posts and comments.
AWS DevDay San Francisco, June 21, 2016.
Presenters: Vyom Nagrani, Ceci Deng
3. Everybody knows this 3-tier web app diagram
https://d0.awsstatic.com/whitepapers/AWS_Serverless_Multi-Tier_Architectures.pdf
4. Here is what that translates to in real life
http://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_web_01.pdf
5. AWS Compute offerings
VM App Function
Service EC2 ECS Lambda
H/W OS Runtime
Unit of scale
Level of
abstraction
6. AWS Lambda: Run code in response to events
Lambda functions: Stateless, trigger-based code execution
Triggered by events:
• Direct Sync and Async API calls
• AWS Service integrations
• 3rd party triggers
• And many more …
Makes it easy to:
• Perform data-driven auditing, analysis, and notification
• Build back-end services that perform at scale
7. Cost-effective and
efficient
No Infrastructure
to manage
Pay only for what you use
Bring Your
Own Code
Productivity focused compute platform to build powerful, dynamic, modular
applications in the cloud
Run code in standard
languages
Focus on business logic
Benefits of AWS Lambda
1 2 3
8. Multiple Application Types using AWS Lambda
Analytics
• Operational management
• Live Dashboards
Data workflows
• Content management
• ETL workflows
Interactive Backends
• Bots
• Webhooks
Autonomous IT
• Policy engines
• Infrastructure management
9. Applications Components for Serverless apps
EVENT SOURCE FUNCTION SERVICES (ANYTHING)
Changes in
data state
Requests to
endpoints
Changes in
resource state
Node
Python
Java
… more coming soon
11. API Gateway to manage your REST endpoints
Build, Deploy, and Manage APIs
Throttling rules per HTTP method
Cache with customizable keys
Multiple API versions and stages
Generate client SDKs
Dashboard for visual monitoring
Flexible authorization model
API Keys for 3rd party developers
12. Benefits of API Gateway for web/mobile apps
Low cost and efficient
Performance at any
scale
DDoS protection and
throttling
Streamline API
development
Authenticate and
authorize requests
Create RESTful
Endpoints
13. API Gateway + Lambda = Frontend + Backend !
Internet
Mobile Apps
Websites
Services
API
Gateway
AWS
Endpoints on
Amazon EC2
Any other publicly
accessible endpoint
Amazon
CloudWatch
Monitoring
Amazon
CloudFront
AWS Lambda
functions
API Gateway
Cache
16. Demo site: A simple Serverless CRUD backend
http://squirrelbin.com/
17. Attaching Lambda functions to RESTful HTTP Endpoints
• 1:1 Mapping: Every API call triggers a stateless Lambda function
• Add caching to API calls to return a cached response instead for duplicate requests
• API Gateway concepts: An API is defined as a set of resources and methods
• Resource: A logical entity that can be accessed within an API
• Method: The combination of a resource path and an HTTP verb such as GET/POST
• Automatic Scaling: Both API Gateway and Lambda scale automatically with calls
• Safety throttle of 100 concurrent Lambda functions, can be increased by AWS Support Center
• User defined standard-rate limit and a burst-rate limit per second for each API method
18. Best practices for creating Lambda functions
• Memory: CPU proportional to the memory configured
• Increasing memory makes your code execute faster (if CPU bound)
• Timeout: Increasing timeout allows for longer functions, but more wait in case of errors
• Retries: For API Gateway, Lambda doesn’t retry the function execution, but the
Gateway generated SDKs retry throttled requests
• Permission model: API Gateway synchronously triggers Lambda, so assign API
Gateway a resource policy to invoke Lambda.
19. Monitoring and Debugging Lambda functions
• Console Dashboard
• Lists all Lambda functions
• Easy editing of resources,
event sources and other
settings
• At-a-glance metrics
• Metrics in CloudWatch
• Requests
• Errors
• Latency
• Throttles
• Logging in CloudWatch Logs
20. Using API Gateway Input/Output Transforms
Filter output results
• Remove private/unnecessary data
• Filter dataset size to improve API
performance
Translate between client-backend
• Convert GET query string
parameters to body for POST
• Talk XML to API user-interface but
JSON to Lambda
21. Managing different versions of your API stack
• Operate multiple API versions and
multiple stages for each version
simultaneously
• Clone an existing API to start working
on the next major version
• Set up custom domain names to point
directly to a stage
• Version Lambda functions, and
associate API stage with Lambda
function version alias
22. Authorization – AWS Signature Version 4
AWS Lambda lambdaHandlerAmazon API
Gateway
Sigv4
Invoke with
caller credentials
Service calls are
authorized using
the IAM Role
Amazon
DynamoDB
Mobile Apps
23. Authorization – Custom authorizers in Lambda
Client
Lambda Auth
function
API Gateway
OAuth token
OAuth
provider
Policy is
evaluated
Policy is
cached
Endpoints on
Amazon EC2
Any other publicly
accessible endpoint
AWS Lambda
functions
403
24. Three Next Steps
1. Check out http://squirrelbin.com/
2. Try out the “Serverless Web-App Reference Architecture” at
https://github.com/awslabs/lambda-refarch-webapp/
3. Build your own custom web-app using the AWS Lambda
blueprints at https://console.aws.amazon.com/lambda