AWS Architecture Blog
10 Things Serverless Architects Should Know
Building on the first three parts of the AWS Lambda scaling and best practices series where you learned how to design serverless apps for massive scale, AWS Lambda’s different invocation models, and best practices for developing with AWS Lambda, we now invite you to take your serverless knowledge to the next level by reviewing the following 10 topics to deepen your serverless skills.
1: API and Microservices Design
With the move to microservices-based architectures, decomposing monothlic applications and de-coupling dependencies is more important than ever. Learn more about how to design and deploy your microservices with Amazon API Gateway:
- An overview of designing microservices
- Building API-drive Microservices with API Gateway
- Best practices for building enterprise grade APIs with API Gateway
- Whitepaper: Microservices on AWS
Get hands-on experience building out a serverless API with API Gateway, AWS Lambda, and Amazon DynamoDB powering a serverless web application by completing the self-paced Wild Rydes web application workshop.
Figure 1: WildRydes serverless web application workshop
2: Event-driven Architectures and Asynchronous Messaging Patterns
When building event-driven architectures, whether you’re looking for simple queueing and message buffering or a more intricate event-based choreography pattern, it’s valuable to learn about the mechanisms to enable asynchronous messaging and integration. These are enabled primarily through the use of queues or streams as a message buffer and topics for pub/sub messaging. Understand when to use each and the unique advantages and features of all three:
- Serverless Streams, Topics, and Queues: How to Pick the Right Serverless Application pattern
- Best Practices for Serverless Queue Processing
Gets hands-on experience building a real-time data processing application using Amazon Kinesis Data Streams and AWS Lambda by completing the self-paced Wild Rydes data processing workshop.
3: Workflow Orchestration in a Distributed, Microservices Environment
In distributed microservices architectures, you must design coordinated transactions in different ways than traditional database-based ACID transactions, which are typically implemented using a monolithic relational database. Instead, you must implement coordinated sequenced invocations across services along with rollback and retry mechanisms. For workloads where there a significant orchestration logic is required and you want to use more of an orchestrator pattern than the event choreography pattern mentioned above, AWS Step Functions enables the building complex workflows and distributed transactions through integration with a variety of AWS services, including AWS Lambda. Learn about the options you have to build your business workflows and keep orchestration logic out of your AWS Lambda code:
- Building Business Workflows with AWS Step Functions
- Serverless State Management and Orchestration for Modern Apps
Get hands-on experience building an image processing workflow using computer vision AI services with AWS Rekognition and AWS Step Functions to orchestrate all logic and steps with the self-paced Serverless image processing workflow workshop.
Figure 2: Several AWS Lambda functions managed by an AWS Step Functions state machine
4: Lambda Computing Environment and Programming Model
Though AWS Lambda is a service that is quick to get started, there is value in learning more about the AWS Lambda computing environment and how to take advantage of deeper performance and cost optimization strategies with the AWS Lambda runtime. Take your understanding and skills of AWS Lambda to the next level:
- Lambda Under the Hood
- Lambda Layers, the Runtime API, and Nested Applications
- Optimizing Serverless Applications
5: Serverless Deployment Automation and CI/CD Patterns
When dealing with a large number of microservices or smaller components—such as AWS Lambda functions all working together as part of a broader application—it’s critical to integrate automation and code management into your application early on to efficiently create, deploy, and version your serverless architectures. AWS offers several first-party deployment tools and frameworks for Serverless architectures, including the AWS Serverless Application Model (SAM), the AWS Cloud Development Kit (CDK), AWS Amplify, and AWS Chalice. Additionally, there are several third party deployment tools and frameworks available, such as the Serverless Framework, Claudia.js, Sparta, or Zappa. You can also build your own custom-built homegrown framework. The important thing is to ensure your automation strategy works for your use case and team, and supports your planned data source integrations and development workflow. Learn more about the available options:
- Accelerate Serverless Development using AWS SAM and the Serverless Application Repository
- Deep Dive into AWS SAM
- Infrastructure is Code with the AWS Cloud Development Kit
- Deploying and Consuming Serverless Functions with AWS Amplify
Learn how to build a full CI/CD pipeline and other DevOps deployment automation with the following workshops:
6: Serverless Identity Management, Authentication, and Authorization
Modern application developers need to plan for and integrate identity management into their applications while implementing robust authentication and authorization functionality. With Amazon Cognito, you can deploy serverless identity management and secure sign-up and sign-in directly into your applications. Beyond authentication, Amazon API Gateway also allows developers to granularly manage authorization logic at the gateway layer and authorize requests directly, without exposing their using several types of native authorization.
Learn more about the options and benefits of each:
- Serverless Authentication and Authorization: Identity management for your Serverless applications
- Authentication for your applications: Getting started with Amazon Cognito
Get hands-on experience working with Amazon Cognito, AWS Identity and Access Management (IAM), and Amazon API Gateway with the Serverless Identity Management, Authentication, and Authorization Workshop.
Figure 3: Serverless Identity Management, Authentication, and Authorization Workshop
7: End-to-End Security Techniques
Beyond identity and authentication/authorization, there are many other areas to secure in a serverless application. These include:
- Input and request validation
- Dependency and vulnerability management
- Secure secrets storage and retrieval
- IAM execution roles and invocation policies
- Data encryption at-rest/in-transit
- Metering and throttling access
- Regulatory compliance concerns
Thankfully, there are AWS offerings and integrations for each of these areas. Learn more about the options and benefits of each:
- Securing Enterprise-grade Serverless Applications
- Securing Serverless and Container Services
- Whitepaper: Security Overview of AWS Lambda
Get hands-on experience adding end-to-end security with the techniques mentioned above into a serverless application with the Serverless Security Workshop.
8: Application Observability with Comprehensive Logging, Metrics, and Tracing
Before taking your application to production, it’s critical that you ensure your application is fully observable, both at a microservice or component level, as well as overall through comprehensive logging, metrics at various granularity, and tracing to understand distributed system performance and end user experiences end-to-end. With many different components making up modern architectures, having centralized visibility into all of your key logs, metrics, and end-to-end traces will make it much easier to monitor and understand your end users’ experiences. Learn more about the options for observability of your AWS serverless application:
9. Ensuring Your Application is Well-Architected
Adding onto the considerations mentioned above, we suggest architecting your applications more holistically to the AWS Well-Architected framework. This framework includes the five key pillars: security, reliability, performance efficiency, cost optimization, and operational excellence. Additionally, there is a serverless-specific lens to the Well-Architected framework, which more specifically looks at key serverless scenarios/use cases such as RESTful microservices, Alexa skills, mobile backends, stream processing, and web applications, and how they can implement best practices to be Well-Architected. More information:
- Whitepaper: AWS Well-Architected Framework
- Whitepaper: Serverless Application Lens to the AWS Well-Architected Framework
10. Continuing your Learning as Serverless Computing Continues to Evolve
As we’ve discussed, there are many opportunities to dive deeper into serverless architectures in a variety of areas. Though the resources shared above should be helpful in familiarizing yourself with key concepts and techniques, there’s nothing better than continued learning from others over time as new advancements come out and patterns evolve.
- Ongoing live Serverless Twitch workshops series: Happy Little APIs and our Build On Serverless
- AWS Online Tech Talks: These free online talks are offered in subjects ranging all of AWS and dive deep into specific topics and domains, along with offering live Q&A. Subscribe here to be notified of the upcoming online talks each month.
- re:Invent, regional summits, and other events: Consider attending in-person AWS events and joining sessions and workshops relevant to your application’s use case. Check out the events catalog of all upcoming events.
- AWS Meetups: Consider joining a local AWS Meetup group in your area. Find a list of Meetup groups for AWS on Meetup.com.
- Learn how other customers are using Serverless: You can read Serverless customers’ stories or hear first-hand from them in the This is My Architecture video series.
Finally, we encourage you to check back often as we’ll be continuing further blog post series on serverless architectures, with the next series focusing on API design patterns and best practices.