© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Dr. Tim Wagner

General Manager, AWS Lambda and Amazon API Gateway

AWS New York Summit, August 11, 2016

Getting Started with AWS Lambda,

Amazon API Gateway,

and the Serverless Cloud

Democratized Scale

The cloud is a supercomputer.

Serverless lets us program it.

What is serverless computing?

• VMs

• Machine as the unit of scale

• Abstracts the hardware

• Containers

• Application as the unit of scale

• Abstracts the OS

• Serverless

• Functions as the unit of scale

• Abstracts the language runtime

Amazon ECS

Amazon EC2

AWS Lambda

How do I choose?

• VMs

• “I want to configure machines,

storage, networking, and my OS”

• Containers

• “I want to run servers, configure

applications, and control scaling”

• Serverless

• “Run my code when it’s needed”

ECS

EC2

Lambda

Microservices

AWS Lambda + Amazon API Gateway is the

easiest way to create microservices

• Event handlers one function per event type

• Serverless backends one function per API / path

• Data processing one function per data type

Agenda

Overview of AWS Lambda and Amazon API Gateway

New and recent launches

Serverless use cases and best practices

AWS Lambda: Serverless computing

Run code without servers. Pay only for the compute time you consume.

Triggered by events or called from APIs:

• PUT to an Amazon S3 bucket

• Updates to Amazon DynamoDB table

• Call to an Amazon API Gateway endpoint

• Mobile app back-end call

• And many more…

Makes it easy to:

• Perform real-time data processing

• Build scalable back-end services

• Glue and choreograph systems

Continuous

scaling

No servers to

manage

Never pay for idle

– no cold servers

(only happy

accountants)

Benefits of AWS Lambda

AWS Lambda Programming Model

Bring your own code

• Node.js, Java, Python

• Bring your own libraries

(even native ones)

Simple resource model

• Select power rating from

128 MB to 1.5 GB

• CPU and network allocated

proportionately

• Reports actual usage

Programming model

• AWS SDK built in (Python

and Node.js)

• Lambda is the “webserver”

• Use processes, threads,

/tmp, sockets normally

Stateless

• Persist data using Amazon

DynamoDB, S3, or Amazon

ElastiCache

• No affinity to infrastructure

(can’t “log in to the box”)

Using AWS Lambda

Authoring functions

• Author directly using the

console WYSIWYG editor

• Package code as a .zip and

upload to Lambda or S3

• Plugins for Eclipse and

Visual Studio

• Command line tools

Monitoring and logging

• Built-in metrics for requests,

errors, latency, and throttles

• Built-in logs in Amazon

CloudWatch Logs

Flexible authorization

• Securely grant access to

resources, including VPCs

• Fine-grained control over

who can call your functions

Flexible use

• Call or send events

• Integrated with other AWS

services

• Build whole serverless

ecosystems

AWS Lambda Pricing

• Buy compute time in

100 ms increments

• Low request charge

• No hourly, daily, or

monthly minimums

• No per-device fees

Never pay for idle!

Free Tier1 million requests and 400,000 GBs of

compute every month, every customer

Imagine your business with

no cold servers.

No underutilized hardware.

No containers waiting for

work.

…and no one being paid to

worry about problems that

no longer exist.

• Buy compute time in

100 ms increments

• Low request charge

• No hourly, daily, or

monthly minimums

• No per-device fees

Never pay for idle!

Amazon API Gateway: Serverless APIs

Internet

Mobile

apps

Websites

Partner

Services

AWS Lambda

functions

API

Gateway

response

cache

Endpoints on

Amazon EC2

Any publicly

accessible

endpoint

Amazon

CloudWatch

Amazon

CloudFront

API

Gateway

Benefits of Amazon API Gateway

Create a unified API

front end for

multiple

microservices

DDoS protection

and throttling for

back-end systems

Authenticate and

authorize requests

API Authorization: 3 Options

Auth option #1: SigV4 / IAM

Internet

Mobile

apps

Partner

Services

AWS Lambda

functions

Endpoints on

Amazon EC2

Amazon

CloudFront

API

Gateway

Amazon

Cognito

AWS Identity & Access Management

(IAM)IAM user / role

acquisition

SigV4 credentials

Auth option #2: Custom Lambda authorizer

Internet

Mobile

apps

Websites

Partner

Services

AWS Lambda

functions

Policy

cache

Endpoints on

Amazon EC2

Any publicly

accessible

endpoint

Amazon

CloudFront

API

Gateway

Lambda custom

Auth functionOAuth

provider

403

Auth option #3: Amazon Cognito User Pools

Internet

Mobile

apps

Partner

Services

AWS Lambda

functions

Endpoints on

Amazon EC2

Amazon

CloudFront

API

Gateway

Amazon

Cognito

Websites

User login

Built-in auth

check

OIDC token

OIDC token

Any publicly

accessible

endpoint

More new and recent launches

Recent region launches: Singapore, Sydney

Available regions (7)

Launch: Amazon API Gateway usage plans

New API Management features:

• Define groups of consumers (partners, apps)

• Set throttles and quotas for each group

• Track each group’s usage

Helps you:

• Manage and monetize your APIs

• Apply business policies across your consumers

Throttle

Usage plans: Throttle specific consumers

Internet

Mobile

apps

Websites

Partner

Services

AWS Lambda

functions

API

Gateway

response

cache

Endpoints on

Amazon EC2

Any publicly

accessible

endpoint

Amazon

CloudWatch

Amazon

CloudFront

API

Gateway

Usage Plans: Throttling

• Prevents one customer from consuming all your

backend system’s capacity

• Let’s you decide how to allocate capacity among your

API consumers. Sample plan:

• Professional plan users: 10 TPS

• Premium plan users: 100 TPS

• Enterprise plan users: 500 TPS

Set daily

quota

Usage plans: Enforce per-consumer quotas

Internet

Mobile

apps

Websites

Partner

Services

AWS Lambda

functions

API

Gateway

response

cache

Endpoints on

Amazon EC2

Any publicly

accessible

endpoint

Amazon

CloudWatch

Amazon

CloudFront

API

Gateway

Usage Plans: Quotas

• Allows you to define and enforce usage limits by API

consumer (or groups of consumers)

• Sample plan:

• Professional plan: up to 100 calls / day

• Premium plan: up to 1000 calls / day

• Enterprise plan: no limit on calls

Track usage

Usage plans: Track API usage

Internet

Mobile

apps

Websites

Partner

Services

AWS Lambda

functions

API

Gateway

response

cache

Endpoints on

Amazon EC2

Any publicly

accessible

endpoint

Amazon

CloudWatch

Amazon

CloudFront

API

Gateway

Usage Plans: Usage reporting

• Allows you to export usage reports by consumer (per

API key)

• Facilitates billing, analytics, and monitoring

API Management Demo(and a bonus demo)

Use cases

Use cases

Serverless app

ecosystems

Data processing Back ends

Use case: Serverless data processing

Example: Amazon S3 bucket triggers

Amazon S3 bucket events

Original objectCompressed object

1

2

3

AWS Lambda

Use case: Serverless web apps

1. Amazon S3 for serving static content

2. AWS Lambda for dynamic content

3. Amazon API Gateway for https access

4. Amazon DynamoDB for NoSQL data storage

Dynamic content

in AWS Lambda

Data stored in

Amazon

DynamoDB

API GatewayStatic content in

Amazon S3Browser

Serverless Python Web Framework

Easy way to create serverless web apps in Python

Flask-like, easy command routing

CLI deployment and setup for both APIs and functions

Intelligent policy generator

Use case: Serverless mobile and IoT apps

1. Pick one:a. Mobile apps: AWS Mobile SDK + Amazon Cognito (authorization)

b. IoT devices: AWS IoT

2. AWS Lambda’s “Mobile Backend” blueprint

3. Amazon DynamoDB for data storage

AWS LambdaAmazon

DynamoDB

Use case: Serverless app ecosystems

Alexa, tell Slack to

send, “I’m giving the

demo now.”

Message retrieval through scheduled

polling

Kevin says,

“Break a leg!”

Message upload

(via Slack API)

Team

(channel users)

Slack

Growing Serverless Ecosystem

Logging and Monitoring Applications and Deployment

Build and CI/CD

Tips and best practices

AWS Lambda VPC: Best practices

VPC is optional – don’t turn in on unless you need it.

Functions configured for VPC access lose internet access…

• Unless you have managed NAT or a NAT instance in the VPC

The ENIs used by Lambda’s VPC feature count against your quota.

Ensure you have enough to match your peak concurrency levels

(we’ll consolidate where we can).

DO NOT delete or rename these ENIs!

Ensure your subnets have enough IPs for those ENIs.

Specify at least one subnet in each Availability Zone

Otherwise, Lambda will obey, but can’t be as fault-tolerant.

Function Scheduling: Tips

How can I keep a function warm (no cold starts)?

Schedule [multiple copies of] it.

How can I poll a queue (like Amazon SQS)?

Schedule a function to read the queue.

How can I get more timers?

Have one scheduled function async invoke other functions.

How can I get granularity finer than 1 minute?

Run a background timer in your scheduled function.

Stage Variables in API Gateway: Basics

• Stage variables act like environment variables

• Use stage variables to store configuration values

• Stage variables are available in the $context object

• Values are accessible from most fields in API Gateway

• Lambda function ARN

• HTTP endpoint

• Custom authorizer function name

• Parameter mappings

Stage variables: Best practices

Using Stage Variables in API Gateway together with

Lambda function aliases:

MyLambdaFunction

1

2

3 = prod

4

5

6 = beta

7

8 = dev

MyAPI

Stage variable = lambdaAlias

Prod

lambdaAlias = prod

Beta

lambdaAlias = beta

Dev

lambdaAlias = dev

Managing Microservices

Serverless app model

A single function is easy to

deploy and manage:

Serverless app model

But what happens when you

have an entire app made up of

many functions?

Serverless app model

And then many different apps?

Serverless app model

Project Flourish provides an

application model for

serverless apps.

• Organize related functions

• Retain ability to deploy and

manage them individually

Project Flourish Demo

AWS Serverless Chatbot Competition

• Create a bot for Slack that runs on AWS

Lambda and Amazon API Gateway

• Sponsored by AWS and Slack

• Win tickets to AWS re:Invent and more

• Winners receive mentions in the

Serverless Keynote during re:Invent

• Submissions due by September 29

• Get started: awschatbot.devpost.com

Join the serverless

revolution today!

Go to the AWS Lambda console,

create a function, and run it.(The first million invokes are on us!)

Go to the Amazon API Gateway

console and create a PetStore

API.

Hook up your API to your

Lambda function and set some

usage plans on it.

Remember to complete

your evaluations in the

Guidebook mobile app.

AWS Lambda and

Amazon API Gateway links:

aws.amazon.com/blogs/compute

aws.amazon.com/lambda

AWS Lambda forum

me: @timallenwagner