[AWS] Serverless

Serverless” is an architecture where an entire infrastructure is managed by a cloud provider, and the resources are dynamically allocated on demand. A cloud provider handles the infrastructure management tasks (such as capacity provision, patching, auto-scaling, and high availability) so that you can focus on writing code.

Serverless Features

  • No servers (host machines) to manage
  • Inherent scaling and high availability (HA)
  • Pay-as-you-go model
    • No charge in idle time
  • Quick deployment
  • For event-driven architecture or/and microservice-based architecture

Backend as a Service (BaaS)

BaaS is a cloud service model where cloud providers host the server-side logic. A client application running via a web browser or mobile interface connects to the cloud server through APIs.

  • BaaS is popularized by the explosion of mobile applications.
  • BaaS provides common functionalities such as authentication, database management, and data storage.
  • You do not need to code. You just use functionalities through APIs.

Function as a Service (FaaS)

A function is a cloud service where business logic is processed by event-triggered containers that are ephemeral in nature.

  • Unlike BaaS, you provide your own code that is executed in a cloud.
  • Event-triggered: The code is executed by triggers that you define.
  • Containers: Once an event is triggered, a code in a container runs your code.
  • Dynamic Scaling: You do not need to create instances of your application. The cloud provider takes care of creating and destroying containers.
  • Ephemeral: Your application only runs when it is needed.

APIs

  • API Proxy: An HTTP server that allows decoupling from backend services by routing calls to specific endpoints
  • API Gateway: An API proxy, which provides additional features such as authentication, input validation, monitoring, and advanced routing.

Serverless Architecture

  • You do not even need to configure and manage infrastructures such as VPC, routing, or servers.
  • You do not need to create or destroy instances of your application manually.
  • BaaS and FaaS can be a part of the serverless architecture.
  • Serverless does not fit all types of applications. It is not a magic sword.
    • Best for short-running tasks that can be charged for the running time

Advantages

  • Speed to Market: By eliminating the infrastructure management overhead, you can release your applications quickly.
  • Scalable: You can scale your application based on demands automatically.
  • Lower Cost: Serverless applications are event-driven, and you are charged only when your code is executed.

Drawbacks

  • Easy to become vendor (cloud-provider) locked
  • Data security concern
  • No ability for infrastructure optimization
  • Testing and debugging are not easy
  • Usually not built for long-running tasks
  • Cold start can cause latency

Use cases

  • Sporadically or irregularly used applications
  • Lightweight applications that perform straightforward tasks

AWS Serverless Offerings

  • Compute
    • Lambda: (FaaS)
  • Orchestration
    • Step Functions
  • API Integration
    • API Gateway
    • AppSync
  • Storage and Data Stores
    • S3: object storage and static website hosting
    • DynamoDB: fully managed NoSQL DB
    • Aurora Serverless: when you need to handle structured data
  • Messaging
    • SQS (Simple Queue Service): a message queuing service
    • SNS (Simple Notification Service): a service for sending text messages and mobile notifications
  • Event Routers
    • EventBridge
  • Tools and Deployment
    • Amplify: (BaaS)
    • AWS CDK (Cloud Development Kit)
    • AWS SAM (Serverless Application Model)
    • AWS X-Ray: debugging your code in depth

AWS SAM

Click Here

AWS Serverless Application Repository

The AWS SAR enables builders to package serverless applications and reuse these within their own AWS accounts (private – default), or share them publicly.

  • Upload your application code and a manifest file known as AWS SAM (Serverless Application Model) template.
  • Publish apps with AWS SAM template
  • Find and deloy published applications

Security in Serverless Architecture

  • Apply the principle of least privilege
    • Implement strong identity and access controls
  • Apply security at all layers
    • Understand AWS shared responsibility model
    • Secure data both in transit and at rest
    • Protect your endpoints from DDOS attack
  • Protect your data and credentials
  • Monitor and Audit
    • Automated security monitoring
    • Enable auditing and traceability
Unknown's avatar

Published by Pyongwon Lee

IT (Cloud, Web) Development, Philosophy, Economics.

Leave a Comment