[AWS] Serverless

Serverless” is an architecture where an entire infrastructure is managed by a cloud provider, and the resources are dynamically allocated on demand. A cloud provider handles the infrastructure management tasks (such as capacity provision, patching, auto-scaling, and high availability) so that you can focus on writing code.

Serverless Features

  • No servers (host machines) to manage
  • Inherent scaling and high availability (HA)
  • Pay-as-you-go model
    • No charge in idle time
  • Quick deployment
  • For event-driven architecture or/and microservice-based architecture

Backend as a Service (BaaS)

BaaS is a cloud service model where cloud providers host the server-side logic. A client application running via a web browser or mobile interface connects to the cloud server through APIs.

  • BaaS is popularized by the explosion of mobile applications.
  • BaaS provides common functionalities such as authentication, database management, and data storage.
  • You do not need to code. You just use functionalities through APIs.

Function as a Service (FaaS)

A function is a cloud service where business logic is processed by event-triggered containers that are ephemeral in nature.

  • Unlike BaaS, you provide your own code that is executed in a cloud.
  • Event-triggered: The code is executed by triggers that you define.
  • Containers: Once an event is triggered, a code in a container runs your code.
  • Dynamic Scaling: You do not need to create instances of your application. The cloud provider takes care of creating and destroying containers.
  • Ephemeral: Your application only runs when it is needed.


  • API Proxy: An HTTP server that allows decoupling from backend services by routing calls to specific endpoints
  • API Gateway: An API proxy, which provides additional features such as authentication, input validation, monitoring, and advanced routing.

Serverless Architecture

  • You do not even need to configure and manage infrastructures such as VPC, routing, or servers.
  • You do not need to create or destroy instances of your application manually.
  • BaaS and FaaS can be a part of the serverless architecture.
  • Serverless does not fit all types of applications. It is not a magic sword.
    • Best for short-running tasks that can be charged for the running time


  • Speed to Market: By eliminating the infrastructure management overhead, you can release your applications quickly.
  • Scalable: You can scale your application based on demands automatically.
  • Lower Cost: Serverless applications are event-driven, and you are charged only when your code is executed.


  • Easy to become vendor (cloud-provider) locked
  • Data security concern
  • No ability for infrastructure optimization
  • Testing and debugging are not easy
  • Usually not built for long-running tasks
  • Cold start can cause latency

Use cases

  • Sporadically or irregularly used applications
  • Lightweight applications that perform straightforward tasks

AWS Serverless Offerings

  • Compute
    • Lambda: (FaaS)
  • Orchestration
    • Step Functions
  • API Integration
    • API Gateway
    • AppSync
  • Storage and Data Stores
    • S3: object storage and static website hosting
    • DynamoDB: fully managed NoSQL DB
    • Aurora Serverless: when you need to handle structured data
  • Messaging
    • SQS (Simple Queue Service): a message queuing service
    • SNS (Simple Notification Service): a service for sending text messages and mobile notifications
  • Event Routers
    • EventBridge
  • Tools and Deployment
    • Amplify: (BaaS)
    • AWS CDK (Cloud Development Kit)
    • AWS SAM (Serverless Application Model)
    • AWS X-Ray: debugging your code in depth


AWS SAM (Serverless Application Model) is an open-source framework to define serverless applications using YAML.

  1. You can provide the simplified instruction to define your application – Lambda functions, APIS, and databases.
  2. AWS SAM transforms the instructions into the fully detailed CloudFormation template.
  3. AWS CloudFormation uses the transformed template to build the stack.
AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2021-07-11
Description: A hello world application.
    Type: AWS::Serverless::Function
      Handler: main.handler
      Runtime: python3.9
      CodeUri: ./src


You can use the AWS SAM CLI utility to test and deploy your application.

  • SAM CLI launches a DOcker container.
  • You can use Cloud9 Environment – Linux 2 instance – to use the pre-installed SAM CLI.
cat /etc/os-release

sam --version

sam validate

AWS Serverless Application Repository

The AWS SAR enables builders to package serverless applications and reuse these within their own AWS accounts (private – default), or share them publicly.

  • Upload your application code and a manifest file known as AWS SAM (Serverless Application Model) template.
  • Publish apps with AWS SAM template
  • Find and deloy published applications

Security in Serverless Architecture

  • Apply the principle of least privilege
    • Implement strong identity and access controls
  • Apply security at all layers
    • Understand AWS shared responsibility model
    • Secure data both in transit and at rest
    • Protect your endpoints from DDOS attack
  • Protect your data and credentials
  • Monitor and Audit
    • Automated security monitoring
    • Enable auditing and traceability

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s