© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Vyom Nagrani, Manager Product Management, AWS Lambda

Ceci Deng, Software Development Engineer, AWS Lambda

June 21st, 2016

Building Serverless BackendsUsing AWS Lambda and Amazon API Gateway

Everybody knows this 3-tier web app diagram

https://d0.awsstatic.com/whitepapers/AWS_Serverless_Multi-Tier_Architectures.pdf

Here is what that translates to in real life

http://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_web_01.pdf

AWS Compute offerings

VM App Function

Service EC2 ECS Lambda

H/W OS Runtime

Unit of scale

Level of

abstraction

AWS Lambda: Run code in response to events

Lambda functions: Stateless, trigger-based code execution

Triggered by events:

• Direct Sync and Async API calls

• AWS Service integrations

• 3rd party triggers

• And many more …

Makes it easy to:

• Perform data-driven auditing, analysis, and notification

• Build back-end services that perform at scale

Cost-effective and

efficient

No Infrastructure

to manage

Pay only for what you use

Bring Your

Own Code

Productivity focused compute platform to build powerful, dynamic, modular

applications in the cloud

Run code in standard

languages

Focus on business logic

Benefits of AWS Lambda

1 2 3

Multiple Application Types using AWS Lambda

Analytics

• Operational management

• Live Dashboards

Data workflows

• Content management

• ETL workflows

Interactive Backends

• Bots

• Webhooks

Autonomous IT

• Policy engines

• Infrastructure management

Applications Components for Serverless apps

EVENT SOURCE FUNCTION SERVICES (ANYTHING)

Changes in

data state

Requests to

endpoints

Changes in

resource state

Node

Python

Java

… more coming soon

Amazon

S3

Amazon

DynamoDB

Amazon

Kinesis

AWS

CloudFormation

AWS

CloudTrail

Amazon

CloudWatch

Amazon

SNS

Amazon

SES

Amazon

API Gateway

Amazon

Cognito

AWS

IoT

Amazon

Alexa

Cron events

DATA STORES ENDPOINTS

REPOSITORIES EVENT/MESSAGE SERVICES

Event Sources that integrate with AWS Lambda

… and the list will continue to grow!

API Gateway to manage your REST endpoints

Build, Deploy, and Manage APIs

Throttling rules per HTTP method

Cache with customizable keys

Multiple API versions and stages

Generate client SDKs

Dashboard for visual monitoring

Flexible authorization model

API Keys for 3rd party developers

Benefits of API Gateway for web/mobile apps

Low cost and efficient

Performance at any

scale

DDoS protection and

throttling

Streamline API

development

Authenticate and

authorize requests

Create RESTful

Endpoints

API Gateway + Lambda = Frontend + Backend !

Internet

Mobile Apps

Websites

Services

API

Gateway

AWS

Endpoints on

Amazon EC2

Any other publicly

accessible endpointAmazon

CloudWatch

Monitoring

Amazon

CloudFront

AWS Lambda

functions

API Gateway

Cache

Updated real-world “serverless” architecture

https://s3.amazonaws.com/awslambda-reference-architectures/web-app/lambda-refarch-webapp.pdf

Live Demo

Building a Serverless web-app

Demo site: A simple Serverless CRUD backend

http://squirrelbin.com/

Attaching Lambda functions to RESTful HTTP Endpoints

• 1:1 Mapping: Every API call triggers a stateless Lambda function

• Add caching to API calls to return a cached response instead for duplicate requests

• API Gateway concepts: An API is defined as a set of resources and methods

• Resource: A logical entity that can be accessed within an API

• Method: The combination of a resource path and an HTTP verb such as GET/POST

• Automatic Scaling: Both API Gateway and Lambda scale automatically with calls

• Safety throttle of 100 concurrent Lambda functions, can be increased by AWS Support Center

• User defined standard-rate limit and a burst-rate limit per second for each API method

Best practices for creating Lambda functions

• Memory: CPU proportional to the memory configured

• Increasing memory makes your code execute faster (if CPU bound)

• Timeout: Increasing timeout allows for longer functions, but more wait in case of errors

• Retries: For API Gateway, Lambda doesn’t retry the function execution, but the

Gateway generated SDKs retry throttled requests

• Permission model: API Gateway synchronously triggers Lambda, so assign API

Gateway a resource policy to invoke Lambda.

Monitoring and Debugging Lambda functions

• Console Dashboard

• Lists all Lambda functions

• Easy editing of resources,

event sources and other

settings

• At-a-glance metrics

• Metrics in CloudWatch

• Requests

• Errors

• Latency

• Throttles

• Logging in CloudWatch Logs

Using API Gateway Input/Output Transforms

Filter output results

• Remove private/unnecessary data

• Filter dataset size to improve API

performance

Translate between client-backend

• Convert GET query string

parameters to body for POST

• Talk XML to API user-interface but

JSON to Lambda

Managing different versions of your API stack

• Operate multiple API versions and

multiple stages for each version

simultaneously

• Clone an existing API to start working

on the next major version

• Set up custom domain names to point

directly to a stage

• Version Lambda functions, and

associate API stage with Lambda

function version alias

Authorization – AWS Signature Version 4

AWS Lambda lambdaHandlerAmazon API

Gateway

Sigv4

Invoke with

caller credentials

Service calls are

authorized using

the IAM Role

Amazon

DynamoDB

Mobile Apps

Authorization – Custom authorizers in Lambda

Client

Lambda Auth

function

API Gateway

OAuth token

OAuth

provider

Policy is

evaluated

Policy is

cached

Endpoints on

Amazon EC2

Any other publicly

accessible endpoint

AWS Lambda

functions

403

Three Next Steps

1. Check out http://squirrelbin.com/

2. Try out the “Serverless Web-App Reference Architecture” at

https://github.com/awslabs/lambda-refarch-webapp/

3. Build your own custom web-app using the AWS Lambda

blueprints at https://console.aws.amazon.com/lambda

Thank You!

√