All Posts

🚀 Project Update:

Lambda API: v0.10.2 Released

Lambda API v0.10.2 has been released to add additional TypeScript support (@maxmellen), fix an issue with multiValueHeaders containing a null value (@stawecki), and support for overriding console.log for logging output (@Sleavely). Read More...
🚀 Project Update:

Serverless MySQL: v1.5.0 released

Serverless MySQL v1.5.0 is a maintenance/security update that also adds a new feature to transaction handling allowing you to return null queries to simplify conditional transaction workflows. Read More...
Featured

How to switch from RDBMS to DynamoDB in 20 easy steps…

I posted a thread on Twitter with some thoughts on how to how to switch from RDBMS to DynamoDB. Some people have asked me to turn it into a blog post to make it easier to follow. So here it is… with some bonus steps at the end. Enjoy! 😁

Continue Reading…

🚀 Project Update:

Serverless MySQL: v1.4.0 Released

Thanks to contributions from the community, Serverless MySQL v1.4.0 adds the ability to bring your own MySQL and Promise libraries, an enhancement that lets you use multiple instances, and some more TypeScript updates. Read More...
Featured

Developing Serverless Applications Locally with the “serverless-cloudside-plugin”

Developing and testing serverless applications locally can be a challenge. Even with tools like SAM and the Serverless Framework, you often end up mocking your cloud resources, or resorting to tricks (like using pseudo-variables) to build ARNs and service endpoint URLs manually. While these workarounds may have the desired result, they also complicate our configuration files with (potentially brittle) user-constructed strings, which duplicates information already available to CloudFormation.

This is a common problem for me and other serverless developers I know. So I decided to come up with a solution.

Continue Reading…

🚀 Project Update:

Lambda API: v0.10.1 Released

Lambda API v0.10.1 has been released to fix an issue with the "statusCode" reporting incorrectly in error logs. The arity requirement for handler functions has also been relaxed since it's possible that they may not be needed within a route definition. Read More...
Featured

Throttling Third-Party API calls with AWS Lambda

In the serverless world, we often get the impression that our applications can scale without limits. With the right design (and enough money), this is theoretically possible. But in reality, many components of our serverless applications DO have limits. Whether these are physical limits, like network throughput or CPU capacity, or soft limits, like AWS Account Limits or third-party API quotas, our serverless applications still need to be able to handle periods of high load. And more importantly, our end users should experience minimal, if any, negative effects when we reach these thresholds.

There are many ways to add resiliency to our serverless applications, but this post is going to focus on dealing specifically with quotas in third-party APIs. We’ll look at how we can use a combination of SQS, CloudWatch Events, and Lambda functions to implement a precisely controlled throttling system. We’ll also discuss how you can implement (almost) guaranteed ordering, state management (for multi-tiered quotas), and how to plan for failure. Let’s get started!

Continue Reading…

Featured

How To: Use SNS and SQS to Distribute and Throttle Events

An extremely useful AWS serverless microservice pattern is to distribute an event to one or more SQS queues using SNS. This gives us the ability to use multiple SQS queues to “buffer” events so that we can throttle queue processing to alleviate pressure on downstream resources. For example, if we have an event that needs to write information to a relational database AND trigger another process that needs to call a third-party API, this pattern would be a great fit.

This is a variation of the Distributed Trigger Pattern, but in this example, the SNS topic AND the SQS queues are contained within a single microservice. It is certainly possible to subscribe other microservices to this SNS topic as well, but we’ll stick with intra-service subscriptions for now. The diagram below represents a high-level view of how we might trigger an SNS topic (API Gateway → Lambda → SNS), with SNS then distributing the message to the SQS queues. Let’s call it the Distributed Queue Pattern.

Distributed Queue Pattern

This post assumes you know the basics of setting up a serverless application, and will focus on just the SNS topic subscriptions, permissions, and implementation best practices. Let’s get started!

Continue Reading…

🚀 Project Update:

Lambda API: v0.10 Released

Lambda API v0.10 adds the ability for you to seamlessly switch your Lambdas between API Gateway and Application Load Balancers. New execution stacks enables method-based middleware and more wildcard functionality. Plus full support for multi-value headers and multi-value query string parameters. Read More...
Featured

Stop Calling Everything Serverless!

I’ve been building serverless applications since AWS Lambda went GA in early 2015. I’m not saying that makes me an expert on the subject, but as I’ve watched the ecosystem mature and the community expand, I have formed some opinions around what it means exactly to be “serverless.” I often see tweets or articles that talk about serverless in a way that’s, let’s say, incompatible with my interpretation. This sometimes makes my blood boil, because I believe that “serverless” isn’t a buzzword, and that it actually stands for something important.

I’m sure that many people believe that this is just a semantic argument, but I disagree. When we refer to something as being “serverless”, there should be an agreed upon understanding of not only what that means, but also what it empowers you to do. If we continue to let marketers hijack the term, then it will become a buzzword with absolutely no discernible meaning whatsoever. In this post, we’ll look at how some leaders in the serverless space have defined it, I’ll add some of my thoughts, and then offer my own definition at the end.

Continue Reading…

Featured

Serverless Tip: Don’t overpay when waiting on remote API calls

Our serverless applications become a lot more interesting when they interact with third-party APIs like Twilio, SendGrid, Twitter, MailChimp, Stripe, IBM Watson and others. Most of these APIs respond relatively quickly (within a few hundred milliseconds or so), allowing us to include them in the execution of synchronous workflows (like our own API calls).  Sometimes we run these calls asynchronously as background tasks completely disconnected from any type of front end user experience.

Regardless how they’re executed, the Lambda functions calling them need to stay running while they wait for a response. Unfortunately, Step Functions don’t have a way to create HTTP requests and wait for a response. And even if they did, you’d at least have to pay for the cost of the transition, which can get a bit expensive at scale. This may not seem like a big deal on the surface, but depending on your memory configuration, the cost can really start to add up.

In this post we’ll look at the impact of memory configuration on the performance of remote API calls, run a cost analysis, and explore ways to optimize our Lambda functions to minimize cost and execution time when dealing with third-party APIs.

Continue Reading…

Featured

re:Capping re:Invent: AWS goes all-in on Serverless

Last week I spent six incredibly exhausting days in Las Vegas at the AWS re:Invent conference. More than 50,000 developers, partners, customers, and cloud enthusiasts came together to experience this annual event that continues to grow year after year. This was my first time attending, and while I wasn’t quite sure what to expect, I left with not just the feeling that I got my money’s worth, but that AWS is doing everything in their power to help customers like me succeed.

There have already been some really good wrap-up posts about the event. Take a look at James Beswick’s What I learned from AWS re:Invent 2018, Paul Swail’s What new use cases do the re:Invent 2018 serverless announcements open up?, and All the Serverless announcements at re:Invent 2018 from the Serverless, Inc. blog. There’s a lot of good analysis in these posts, so rather than simply rehash everything, I figured I touch on a few of the announcements that I think really matter. We’ll get to that in a minute, but first I want to point out a few things about Amazon Web Services that I learned this past week.

Continue Reading…

Featured

Aurora Serverless Data API: An (updated) First Look

Update June 5, 2019: The Data API team has released another update that adds improvements to the JSON serialization of the responses. Any unused type fields will be removed, which makes the response size 80+% smaller.

Update June 4, 2019: After playing around with the updated Data API, I found myself writing a few wrappers to handle parameter formation, transaction management, and response formatting. I ended up writing a full-blown client library for it. I call it the “Data API Client“, and it’s available now on GitHub and NPM.

Update May 31, 2019: AWS has released an updated version of the Data API (see here). There have been a number of improvements (especially to the speed, security, and transaction handling). I’ve updated this post to reflect the new changes/improvements.

On Tuesday, November 20, 2018, AWS announced the release of the new Aurora Serverless Data API. This has been a long awaited feature and has been at the top of many a person’s #awswishlist. As you can imagine, there was quite a bit of fanfare over this on Twitter.

Obviously, I too was excited. The prospect of not needing to use VPCs with Lambda functions to access an RDS database is pretty compelling. Think about all those cold start savings. Plus, connection management with serverless and RDBMS has been quite tricky. I even wrote an NPM package to help deal with the max_connections issue and the inevitable zombies 🧟‍♂️ roaming around your RDS cluster. So AWS’s RDS via HTTP seems like the perfect solution, right? Well, not so fast. 😞 (Update May 31, 2019: There have been a ton of improvements, so read the full post.)

Continue Reading…

🚀 Project Update:

Lambda API: v0.9.2 Released

Lambda API v0.9.2 has been released and contains additional updates and fixes for the index.d.ts TypeScript declarations file. Thanks again to @hassankhan and @Wintereise for submitting the changes. The release is immediately available via NPM. Read More...
🚀 Project Update:

Lambda API: v0.9.1 Released

Lambda API v0.9.1 has been released to include the index.d.ts TypeScript declarations file in the NPM package (thanks again, @hassankhan). The release is immediately available via NPM. Read More...
🚀 Project Update:

Lambda API: v0.9 Released

v0.9 adds new features to give developers better control over error handling and serialization. A TypeScript declaration file has also been added along with some additional API Gateway inputs that are now available in the REQUEST object. Read More...
Featured

Takeaways from ServerlessNYC 2018

I had the opportunity to attend ServerlessNYC this week (a ServerlessDays community conference) and had an absolutely amazing time. The conference was really well-organized (thanks Iguazio), the speakers were great, and I was able to have some very interesting (and enlightening) conversations with many attendees and presenters. In this post I’ve summarized some of the key takeaways from the event as well as provided some of my own thoughts.

Note: There were several talks that were focused on a specific product or service. While I found these talks to be very interesting, I didn’t include them in this post. I tried to cover the topics and lessons that can be applied to serverless in general.

Update November 16, 2018: Some videos have been posted, so I’ve provided the links to them.

Audio Version:

Continue Reading…

Featured

What 15 Minute Lambda Functions Tells Us About the Future of Serverless

Amazon Web Services recently announced that they increased the maximum execution time of Lambda functions from 5 to 15 minutes. In addition to this, they also introduced the new “Applications” menu in the Lambda Console, a tool that aggregates functions, resources, event sources and metrics based on services defined by SAM or CloudFormation templates. With AWS re:Invent just around the corner, I’m sure these announcements are just the tip of the iceberg with regards to AWS’s plans for Lambda and its suite of complementary managed services.

While these may seem like incremental improvements to the casual observer, they actually give us an interesting glimpse into the future of serverless computing. Cloud providers, especially AWS, continue to push the limits of what serverless can and should be. In this post, we’ll discuss why these two announcements represent significant progress into serverless becoming the dominant force in cloud computing.

Continue Reading…

🚀 Project Update:

Lambda API: v0.8.1 Released

Lambda API v0.8.1 has been released to patch an issue with middleware responses and a path prefixing options bug. The release is immediately available via NPM. Read More...
Featured

An Introduction to Serverless Microservices

Thinking about microservices, especially their communication patterns, can be a bit of a mind-bending experience for developers. The idea of splitting an application into several (if not hundreds of) independent services, can leave even the most experienced developer scratching their head and questioning their choices. Add serverless event-driven architecture into the mix, eliminating the idea of state between invocations, and introducing a new per function concurrency model that supports near limitless scaling, it’s not surprising that many developers find this confusing. 😕 But it doesn’t have to be. 😀

In this post, we’ll outline a few principles of microservices and then discuss how we might implement them using serverless. If you are familiar with microservices and how they communicate, this post should highlight how these patterns are adapted to fit a serverless model. If you’re new to microservices, hopefully you’ll get enough of the basics to start you on your serverless microservices journey. We’ll also touch on the idea of orchestration versus choreography and when one might be a better choice than the other with serverless architectures. I hope you’ll walk away from this realizing both the power of the serverless microservices approach and that the basic fundamentals are actually quite simple.  👊

Audio Version:

Continue Reading…

🚀 Project Update:

Serverless MySQL: v1.1.0 Released

Serverless MySQL v1.1.0 adds additional transaction support capabilities to allow users to retrieve interim query results for use with future queries. This is useful for getting the insertId from previous queries when performing transactions. Read More...
Featured

Serverless Security: Locking Down Your Apps with FunctionShield

I’ve written quite extensively about serverless security, and while you don’t need to be an expert on the matter, there are a number of common sense principles that every developer should know. Serverless infrastructures (specifically FaaS and managed services) certainly benefit from an increased security posture given that the cloud provider is handling things like software patching, network security, and to some extent, even DDoS mitigation. But at the end of the day, your application is only as secure as its weakest link, and with serverless, that pretty much always comes down to application layer security.

In this post we’re going to look at ways to mitigate some of these application layer security issues by using some simple strategies as well as a free tool called FunctionShield.

Audio Version:

Continue Reading…

Featured

Managing MySQL at Serverless Scale

“What? You can’t use MySQL with serverless functions, you’ll just exhaust all the connections as soon as it starts to scale! And what about zombie connections? Lambda doesn’t clean those up for you, meaning you’ll potentially have hundreds of sleeping threads blocking new connections and throwing errors. It can’t be done!”  ~ Naysayer

I really like DynamoDB and BigTable (even Cosmos DB is pretty cool), and for most of my serverless applications, they would be my first choice as a datastore. But I still have a love for relational databases, especially MySQL. It had always been my goto choice, perfect for building normalized data structures, enforcing declarative constants, providing referential integrity, and enabling ACID-compliant transactions. Plus the elegance of SQL (structured query language) makes organizing, retrieving and updating your data drop dead simple.

But now we have SERVERLESS. And Serverless functions (like AWS Lambda, Google Cloud Functions, and Azure Functions) scale almost infinitely by creating separate instances for each concurrent user. This is a MAJOR PROBLEM for RDBS solutions like MySQL, because available connections can be quickly maxed out by concurrent functions competing for access. Reusing database connections doesn’t help, and even the release of Aurora Serverless doesn’t solve the max_connections problem. Sure there are some tricks we can use to mitigate the problem, but ultimately, using MySQL with serverless is a massive headache.

Well, maybe not anymore. 😀 I’ve been dealing with MySQL scaling issues and serverless functions for years now, and I’ve finally incorporated all of my learning into a simple, easy to use NPM module that (I hope) will solve your Serverless MySQL problems.

Continue Reading…

Featured

Jeremy goes to AWS re:Invent 2018

It’s official! I’m going to AWS re:Invent 2018. 🙌

My goal from this trip is to learn, learn, learn… and then share, share, share.   There are over 30 sessions that talk about serverless, plus 40,000 other people there to meet and learn from! I’m so excited. 🙃

I know that many of you will be there, but for those of you who can’t be, I’ll do my best to share insights, tips, how-tos, best practices and more. I’ll even have a drink for you if you’d like 🍺 (no arm twisting necessary)!

Continue Reading…

Featured

Serverless Microservice Patterns for AWS

I’m a huge fan of building microservices with serverless systems. Serverless gives us the power to focus on just the code and our data without worrying about the maintenance and configuration of the underlying compute resources. Cloud providers (like AWS), also give us a huge number of managed services that we can stitch together to create incredibly powerful, and massively scalable serverless microservices.

I’ve read a lot of posts that mention serverless microservices, but they often don’t go into much detail. I feel like that can leave people confused and make it harder for them to implement their own solutions. Since I work with serverless microservices all the time, I figured I’d compile a list of design patterns and how to implement them in AWS. I came up with 19 of them, though I’m sure there are plenty more.

In this post we’ll look at all 19 in detail so that you can use them as templates to start designing your own serverless microservices.

Audio Version:

Continue Reading…

🚀 Project Update:

Lambda API: v0.8 Released

Lambda v0.8 is finally here and was well worth the wait! New features include allowing middleware to accept multiple handlers, new convenience methods for cache control and signing S3 URLs, and async/await support for the main function handler. And best of all, new LOGGING and SAMPLING support for you to add more observability into your APIs and web applications. Read More...
Featured

Aurora Serverless: The Good, the Bad and the Scalable

Amazon announced the General Availability of Aurora Serverless on August 9, 2018. I have been playing around with the preview of Aurora Serverless for a few months, and I must say that overall, I’m very impressed. There are A LOT of limitations with this first release, but I believe that Amazon will do what Amazon does best, and keep iterating until this thing is rock solid.

The announcement gives a great overview and the official User Guide is chock full of interesting and useful information, so I definitely suggest giving those a read. In this post, I want to dive a little bit deeper and discuss the pros and cons of Aurora Serverless. I also want to dig into some of the technical details, pricing comparisons, and look more closely at the limitations.

Audio Version

Continue Reading…

Featured

A Tale of Two Teams

Audio Version:

It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness… ~ A Tale of Two Cities by Charles Dickens

There is a revolution happening in the tech world. An emerging paradigm that’s letting development teams focus on business value instead of technical orchestration. It is helping teams create and iterate faster, without worrying about the limits or configurations of an underlying infrastructure. It is enabling the emergence of new tools and services that foster greater developer freedom. Freedom to experiment. Freedom to do more with less. Freedom to immediately create value by publishing their work without the traditional barriers created by operational limits.

Continue Reading…

Featured

How To: Add Test Coverage to your Serverless Applications

Writing serverless functions brings developers closer and closer to the stack that runs their code. While this gives them a tremendous amount of freedom, it also adds additional responsibility. Serverless applications require developers to think more about security and optimizations, as well as perform other tasks that were traditionally assigned to operations teams. And of course, code quality and proper testing continue to be at the top of the list for production-level applications. In this post, we’ll look at how to add test coverage to our Node.js applications and how we can apply it to our Serverless framework projects. ⚡️

Continue Reading…

Featured

Serverless Peeps You Need To Follow

In my never ending quest to consume all things serverless, I often find myself scouring the Interwebs for new and interesting serverless articles, blog posts, videos, and podcasts. There are more and more people doing fascinating things with serverless every day, so finding content is becoming easier and easier. However, this increase in content comes with an increase in noise as well. Cutting through that noise isn’t always easy. 🙉

Great content with valuable insights

I personally love reading articles that introduce new use cases or optimizations for serverless. Stories about companies using serverless in production and how their architectures are set up are also extremely interesting. I’ve been working in the serverless space for several years now, and have come across a number of people who produce and/or share really great content. I’ve put together a list of people that I follow and enjoy their content regularly. Hopefully these people will help you learn to love serverless as much as I do. ❤️⚡️

Continue Reading…

Featured

How To: Tag Your Lambda Functions for Smarter Serverless Applications

As our serverless applications start to grow in complexity and scope, we often find ourselves publishing dozens if not hundreds of functions to handle our expanding workloads. It’s no secret that serverless development workflows have been a challenge for a lot of organizations. Some best practices are starting to emerge, but many development teams are simply mixing their existing workflows with frameworks like Serverless and AWS SAM to build, test and deploy their serverless applications.

Beyond workflows, another challenge serverless developers encounter as their applications expand, is simply trying to keep all of their functions organized. You may have several functions and resources as part of a microservice contained in their own git repo. Or you might simply put all your functions in a single repository for better common library sharing. Regardless of how code is organized locally, much of that is lost when all your functions end up in a big long list in the AWS Lambda console. In this post we’ll look at how we can use AWS’s resource tagging as a way to apply structure to our deployed functions. This not only give us more insight into our applications, but can be used to apply Cost-Allocation Tags to our billing reports as well. 👍

Continue Reading…

Featured

Thinking Serverless (Big and Small)

I’ve been reading and writing a lot of about serverless lately, and one of the things I realized, is that most articles talk about how SCALABLE serverless architectures are. This, of course, is one of the major benefits of using serverless to build your applications. The ability to scale to thousands of concurrent requests per second without needing to manage your own servers, is simply amazing. 🙌

However, not needing to manage any servers has other benefits beyond the capabilities to achieve web scale. Having on-demand compute space also make serverless the perfect candidate for smaller workloads. In this post, let’s discuss how we can utilize serverless to handle our “less than unicorn 🦄” services and the benefits this can bring.

Continue Reading…

Featured

Lambda Warmer: Optimize AWS Lambda Function Cold Starts

At a recent AWS Startup Day event in Boston, MA, Chris Munns, the Senior Developer Advocate for Serverless at AWS, discussed Lambda cold starts and how to mitigate them. According to Chris (although he acknowledge that it is a “hack”) using the CloudWatch Events “ping” method is really the only way to do it right now. He gave a number of really good tips to pre-warm your functions “correctly”:

  • Don’t ping more often than every 5 minutes
  • Invoke the function directly (i.e. don’t use API Gateway to invoke it)
  • Pass in a test payload that can be identified as such
  • Create handler logic that replies accordingly without running the whole function

Continue Reading…

Featured

15 Key Takeaways from the Serverless Talk at AWS Startup Day

I love learning about the capabilities of AWS Lambda functions, and typically consume any article or piece of documentation I come across on the subject. When I heard that Chris Munns, Senior Developer Advocate for Serverless at AWS, was going to be speaking at AWS Startup Day in Boston, I was excited. I was able to attend his talk, The Best Practices and Hard Lessons Learned of Serverless Applications, and it was well worth it.

Chris said during his talk that all of the information he presented is on the AWS Serverless site. However, there is A LOT of information out there, so it was nice to have him consolidate it down for us into a 45 minute talk. There was some really insightful information shared and lots of great questions. I was aware of many of the topics discussed, but there were several clarifications and explanations (especially around the inner workings of Lambda) that were really helpful. 👍

Continue Reading…

Featured

Mixing VPC and Non-VPC Lambda Functions for Higher Performing Microservices

I came across a post the in the Serverless forums that asked how to disable the VPC for a single function within a Serverless project. This got me thinking about how other people structure their serverless microservices, so I wanted to throw out some ideas. I often mix my Lambda functions between VPC and non-VPC depending on their use and data requirements. In this post, I’ll outline some ways you can structure your Lambda microservices to isolate services, make execution faster, and maybe even save you some money. ⚡️💰

Continue Reading…

Featured

5 Reasons Why Your Serverless Application Might Be A Security Risk

There has been a lot of buzz lately about serverless security. People are certainly talking about it more and sharing great articles on the topic, but many serverless developers (especially new ones) are still making the same critical mistakes. Every time a serverless function is deployed, its unique security challenges need to be addressed. Every time. I’ve researched and written extensively about serverless security (see Securing Serverless: A Newbie’s Guide). I’ve read countless articles on the subject. And while there is no shortage of information available, let’s be honest: developers are busy building applications, not pouring through hundreds of articles.

I know, it sounds boring, but I would encourage you to do your research on serverless security. Serverless applications are different than traditional, server-hosted applications. Much of the security responsibility falls on the developer, and not following best practices opens you (or your company) up to an attack. But I know you’re busy. I totally get it. So rather than forcing you to read a bunch of long articles 😴 or watch a plethora of videos 🙈, I’ve whittled it all down to the five biggest serverless security risks for you. Sure, there are a lot of other things to consider, but IMO, these are the most important ones. Nothing here hasn’t been said before. But If you do nothing more than follow these principles, your serverless applications will be much more secure. 🔒

Continue Reading…

Featured

Serverless Consumers with Lambda and SQS Triggers

On Wednesday, June 27, 2018, Amazon Web Services released SQS triggers for Lambda functions. Those of you who have been building serverless applications with AWS Lambda probably know how big of a deal this is. Until now, the AWS Simple Queue Service (SQS) was generally a pain to deal with for serverless applications. Communicating with SQS is simple and straightforward, but there was no way to automatically consume messages without implementing a series of hacks. In general, these hacks “worked” and were fairly manageable. However, as your services became more complex, dealing with concurrency and managing fan out made your applications brittle and error prone. SQS triggers solve all of these problems. 👊

Update December 6, 2018: At some point over the last few months AWS fixed the issue with the concurrency limits and the redrive policy. See Additional experiments with concurrency and redrive polices below.

Audio Version (please note that this audio version is out of date given the new updates)

Continue Reading…

Featured

Event Injection: Protecting your Serverless Applications

Updated January 25, 2019: This post was updated based on feedback from the community.

The shared security model of cloud providers extends much further with serverless offerings, but application security is still the developer’s responsibility. Many traditional web applications are front-ended with WAFs (web application firewalls), RASPs (runtime application self-protection), EPPs (endpoint protection platforms) and WSGs (web security gateways) that inspect incoming and outgoing traffic. These extra layers of protection can save developers from themselves when making common programming mistakes that would otherwise leave their applications vulnerable. If you’re invoking serverless functions from sources other than API Gateway, you no longer have the ability to use the protection of a WAF. 

Continue Reading…

Featured

10 Things You Need To Know When Building Serverless Applications

I am a HUGE fan of serverless architectures. This new type of compute not only opens up more possibilities for developers, but can support highly-scalable, complex applications for a fraction of the cost compared to provisioning virtual servers. My first question when planning a new application is always, “Can I build this with serverless?” Spoiler alert, the answer is almost always YES!

I’ve been building serverless applications since the release of AWS Lambda in 2015, so answering the question above is pretty easy for me. However, a lot of people I talk to who are new to serverless often have many questions (and misconceptions). I want you to be successful, so below I’ve create a list of 10 things you need to know when building a serverless application. These are things I wish I knew when I started, so hopefully they’ll help you get up to speed a faster and start building some amazing applications.

Continue Reading…

🚀 Project Update:

Lambda API: v0.7 Released

v0.7 adds new features to control middleware execution based on path, plus additional parsing of the AWS Lambda context object. ESLint and coverage reports using Istanbul and Coveralls were also added to ensure code quality and adequate test coverage. Read More...
Featured

How To: Optimize the Serverless Optimizer Plugin

I’m sure you’re already well aware of how awesome the ⚡ Serverless Framework is for managing and deploying your serverless applications. And you’re probably aware that there are several great plugins available that make Serverless even better. But did you know that there was a plugin to optimize your functions and reduce the size of your deployment packages? Or are you already using this plugin to optimize your functions, but hate how it takes too long to optimize locally run functions? In this post I’ll share some quick tips to help you optimize your Serverless Optimizer experience.

Continue Reading…

Featured

Transducers: Supercharge your functional JavaScript

This is the first in a series of posts on functional programming in JavaScript. My goal is to make these ideas more accessible to all levels of programmers. Feedback about style, content, etc., would all be greatly appreciated.

One thing that perplexed me early on in my functional programming days was the concept of transducers. I spent a lot of time Googling and found some great articles that went deep into the theory and the underlying mechanics. However, the practical use of them still seemed a bit out of reach. In this post I’ll attempt to explain transducers in a more understandable way and hopefully give you the confidence to use them in your functional JavaScript. While this article attempts to make transducers more accessible, you will need to have some basic knowledge of functional programming in JavaScript. Specifically, you should know about function composition and iterator functions like .map(), .filter(), and most importantly, .reduce(). If you are unfamiliar with these concepts, go get a grasp on them first.

Continue Reading…

🚀 Project Update:

Lambda API: v0.6 Released

v0.6 is all about making the serverless developer's life easier! New support for both callback-style and async-await in route functions and middleware, new HTTP method routing features, and route debugging tools. Plus Etag support and automatic authorization parsing. Read More...
Featured

Solving the Cold Start Problem

Dear AWS Lambda Team,

I have a serious problem: I love AWS Lambda! In fact, I love it so much that I’ve pretty much gone all in on this whole #serverless thing. I use Lambda for almost everything now. I use it to build backend data processing pipelines, distribute long running tasks, and respond to API requests. Heck, I even built an Alexa app just for fun. I found myself building so many RESTful APIs using Lambda and API Gateway that I went ahead and created the open source Lambda API web framework to allow users to more efficiently route and respond to API Gateway requests.

Serverless technologies, like Lambda, have revolutionized how developers think about building applications. Abstracting away the underlying compute layer and replacing it with on-demand, near-infinitely scalable function containers is brilliant. As we would say out here in Boston, “you guys are wicked smaht.” But I think you missed something very important. In your efforts to conform to the “pay only for the compute time you consume” promise of serverless, you inadvertently handicapped the service. My biggest complaint, and the number one objection that I hear from most of the “serverless-is-not-ready-for-primetime” naysayers, are Cold Starts.

Continue Reading…

Featured

How To: Manage Serverless Environment Variables Per Stage

I often find myself creating four separate stages for each ⚡ Serverless Framework project I work on: dev, staging, prod, and local. Obviously the first three are meant to be deployed to the cloud, but the last one, local, is meant to run and test interactions with local resources. It’s also great to have an offline version (like when you’re on a plane ✈ or have terrible wifi somewhere). Plus, development is much faster because you’re not waiting for round trips to the server. 😉

A really great feature of Serverless is the ability to configure ENVIRONMENT variables in the serverless.yml file. This lets us store important global information like database names, service endpoints and more. We can even reference passwords securely using AWS’s Service Manager Parameter Store and decode encrypted secrets on deployment, keeping them safe from developers and source repositories alike. 😬 Just reference the variable with ${ssm:/myapp/my-secure-value~true} in your configuration file.

Continue Reading…

🚀 Project Update:

Lambda API: v0.5 Released

v0.5 takes advantage of AWS Lambda's recently released support for Node v8.10 and has removed its Bluebird promise dependency in favor of async/await. Lambda API is now faster and adds built-in CORS support, additional wildcard features, new HTTP header management methods and more. Read More...
Featured

How To: Stub “.promise()” in AWS-SDK Node.js

Since AWS released support for Node v8.10 in Lambda, I was able to refactor Lambda API to use async/await instead of Bluebird promises. The code is not only much cleaner now, but I was able to remove a lot of unnecessary overhead as well. As part of the refactoring, I decided to use AWS-SDK’s native promise implementation by appending .promise() to the end of an S3 getObject call. This works perfectly in production and the code is super compact and simple:

The issue came with stubbing the call using Sinon.js. With the old promise method, I was using promisifyAll() to wrap new AWS.S3() and then stubbing the getObjectAsync method. If you’re not familiar with stubbing AWS services, read my post: How To: Stub AWS Services in Lambda Functions using Serverless, Sinon.JS and Promises.

Continue Reading…

Featured

How To: Manage RDS Connections from AWS Lambda Serverless Functions

Someone asked a great question on my How To: Reuse Database Connections in AWS Lambda post about how to end the unused connections left over by expired Lambda functions:

I’m playing around with AWS lambda and connections to an RDS database and am finding that for the containers that are not reused the connection remains. I found before that sometimes the connections would just die eventually. I was wondering, is there some way to manage and/or end the connections without needing to wait for them to end on their own? The main issue I’m worried about is that these unused connections would remain for an excessive amount of time and prevent new connections that will actually be used from being made due to the limit on the number of connections.

🧟‍♂️ Zombie RDS connections leftover on container expiration can become a problem when you start to reach a high number of concurrent Lambda executions. My guess is that this is why AWS is launching Aurora Serverless, to deal with relational databases at scale. At the time of this writing it is still in preview mode.

Update September 2, 2018: I wrote an NPM module that manages MySQL connections for you in serverless environments. Check it out here.

Update August 9, 2018: Aurora Serverless is now Generally Available!

Overall, I’ve found that Lambda is pretty good about closing database connections when the container expires, but even if it does it reliably, it still doesn’t solve the MAX CONNECTIONS problem. Here are several strategies that I’ve used to deal with this issue.

Continue Reading…

Featured

Is Code Really Self-Documenting?

In my 20+ years of programming, I’ve encountered a near endless amount of opinions on everything from coding styles to programming paradigms to the great whitespace debate. Obviously, I have strong opinions on a number of these. But for me, the one that bothers me the most is this notion that “code is self-documenting.” 😾

I know what you’re probably thinking: “of course not all code is self-documenting, only well-written code is.” I don’t entirely disagree. I can generally look at someone else’s code and understand exactly WHAT it is doing. However, often it’s not obvious WHY they did it that way, or even why they did it in the first place. In my opinion, the programmer’s intent (the WHY) is just as important as the HOW when it comes to properly documenting software.

So whether you agree with me or not, let’s explore how to better document our software by writing cleaner code, following some general commenting etiquette, and commenting more effectively to make you and your team more productive. 👍

Continue Reading…

Featured

Securing Serverless: A Newbie’s Guide

So you’ve decided to build a serverless application. That’s awesome! May I be the first to welcome you to the future. 🤖 I bet you’ve done a lot of research. You’ve probably even deployed a few test functions to AWS Lambda or Google Cloud Functions and you’re ready to actually build something useful. You probably still have a bunch of unanswered questions, and that’s cool. We can still build some really great applications even if we only know the basics. However, when we start working with new things we typically make a bunch of dumb mistakes. While some are relatively innocuous, security mistakes can cause some serious damage.

I’ve been working with serverless applications since AWS launched Lambda in early 2015. Over the last few years I’ve developed many serverless applications covering a wide range of use cases. The most important thing I’ve learned: SECURE YOUR FUNCTIONS! I can tell you from personal experience, getting burned by an attack is no bueno. I’d hate to see it happen to you. 😢

To make sure it doesn’t happen to you, I’ve put together a list of 🔒Serverless Security Best Practices. This is not a comprehensive list, but it covers the things you ABSOLUTELY must do. I also give you some more things to think about as you continue on your serverless journey. 🚀

Continue Reading…

Featured

How To: Build a Serverless API with Serverless, AWS Lambda and Lambda API

AWS Lambda and AWS API Gateway have made creating serverless APIs extremely easy. Developers can simply create Lambda functions, configure an API Gateway, and start responding to RESTful endpoint calls. While this all seems pretty straightforward on the surface, there are plenty of pitfalls that can make working with these services frustrating.

There are, for example, lots of confusing and conflicting configurations in API Gateway.  Managing deployments and resources can be tricky, especially when publishing to multiple stages (e.g. dev, staging, prod, etc.). Even structuring your application code and dependencies can be difficult to wrap your head around when working with multiple functions.

In this post I’m going to show you how to setup and deploy a serverless API using the Serverless framework and Lambda API, a lightweight web framework for your serverless applications using AWS Lambda and API Gateway. We’ll create some sample routes, handle CORS, and discuss managing authentication. Let’s get started.

Continue Reading…

Off-by-none: Issue #55

A better way to model DynamoDB? 🤓

Welcome to Issue #55 of Off-by-none. Thanks for being here! 👋

Last week, we reviewed some very encouraging news about cold starts in Lambda. This week, we look at a new way to model our DynamoDB data, share lots of exciting serverless news, and of course, we have lots of amazing content from the serverless community.

Lots to get to, so let’s get right to it. 👍

Serverless News & Product Announcements 🚀

Stackery Appoints Tim Zonca as Chief Executive Officer
I really love what Stackery is doing. If their new CEO can help accelerate them into the enterprise marketplace, I think this will make a huge impact on serverless adoption.

Optimizely Announces Performance Edge, Enabling the Industry’s Fastest Web Experiments
This is super interesting. Optimizely (the company that lets you easily run A/B tests) has launched a new service that runs at the edge using CloudFlare workers. Multivariate testing has long been a use case for edge computing, but seeing it productized is a big step forward.

Anthos simplifies application modernization with managed service mesh and serverless for your hybrid cloud
I’m really not sure what Google’s calculation is with Anthos, but they seem to be pushing full steam ahead on giving people alternatives to using their cloud platform. 🤷‍♂️

Zenoss Launches Serverless Monitoring for Google Cloud Environments
Zenoss (remember them) is now offering monitoring for Google Cloud’s suite of serverless compute options.

Monitor and debug all serverless errors
The Serverless Framework continues to get better. This time introducing the context.captureError(error) method to capture errors without needing to fail an entire Lambda function. While failing a function makes sense sometimes, user facing functions often require a custom error to be returned. This is a great way to get the error information you need, without affecting the user experience.

How to use Serverless and Twilio to automate your communication channels
The Serverless Framework is killing it lately. Now you can deploy Twilio functions as well. I’ve said before that SaaS providers providing native code execution environments could open up a lot of use case. Now it’s super easy with the Serverless Framework.

LambdaSharp 0.7 “Geminus” is out!
This release focuses on ease of use, sharing modules, and seamless upgrading. Great tool for building serverless C# Lambda functions on AWS with CloudFormation.

IOpipe Named a Cool Vendor in Performance Analysis by Gartner
Good to see vendors in the serverless space getting recognized for the great work they are doing. Congrats to IOpipe!

Lambda@Edge support now available
This is another awesome update to the Serverless Framework. There are still some quirks with deploying and removing Lambda@Edge functions, but this added support certainly makes it easier.

Announcing the RabbitMQ extension for Azure Functions
I’ve had less-than-fantastic experiences with RabbitMQ, but I know many people that have had better luck. I do think this is an interesting way to migrate existing workloads to serverless by tapping into your app’s RabbitMQ channels. Any time you make it easier to adopt serverless, I’m all for it.

Serverless Stories 📖

Use Serverless AWS step functions to reduce VPC costs
Kevin van Ingen has a great piece that explains how his team was able to cut costs dramatically by removing their NAT Gateway and parallelizing their Lambdas with Step Functions.

Serverless Web Application – Example Architecture
Ahmed Mansour gives us some insight into how he build a recent serverless project.

Serverless Use Cases 🗺

Doing Rollups of AWS S3 Server Access Logs
Here’s a useful use case from Douglas Muth. Use a Lambda function to roll up S3 access log files. He even wrote an app for you.

Generate AWS STS credentials: The portable way
There are some security considerations with this approach, but using Lambda to quickly generate STS credentials for teams is another interesting use case.

When you want to learn some advanced Serverless concepts… 🏗

Serverless Cost Containment
Rowan Udell has a great piece that outlines some of the cost traps that serverless developers can get caught in. Many of these are easily mitigated, but the first step is knowing that they exist.

Distributed Tracing: Manual Vs. Automatic
Nitzan Shapira presents two different approaches to implementing a distributed tracing solution: Manual and Automatic. Automatic has its drawbacks, especially around flexibility. But personally, I’d rather choose a tool that gets me 80% there without needing to do any extra heavy lifting.

Taking Serverless to the Next Level
Danilo Poccia is always taking serverless to the next level. In this presentation he covers everything from IaaC to automating deployments to event-driven microservices. There are a lot of slides here, but definitely worth taking a look to understand these fundamentals.

12 New Features of AWS Amplify
AWS Amplify is on the development bullet train. The project is moving fast and releasing new features constantly. Nader Dabit outlines 12 new features that have been released over the last few months.

Invoking one Lambda function inside another (Sync-Async)
Mahfuzul Alam outlines a way to do function composition by making asynchronous calls to downstream Lambda functions. Under the right circumstances, this can work well, but be careful about synchronous invocations, especially attached to a synchronous request from a client. It might be necessary, but this creates a lot of coupling. There are generally better ways to achieve this.

The best reason to use DynamoDB streams is…
Yan Cui points out the fact that using DynamoDB streams eliminates the need to update the state of two separate systems (DynamoDB and Kinesis), which eliminates the need for distributed transactions. IMO, this model works really well within a microservice, but if you are generating events for use across service boundaries, I think the distributed transactions are worth the added complexity.

Why you should use temporary stacks when you do serverless
Yan also explains two ways that you could use temporary CloudFormation stacks when doing serverless and why you would want to. Feature branches and integration tests are the highlights here, and while there are always pros and cons, it is definitely something you should consider.

If you’re just getting into serverless… 🐣

What’s the friction with Serverless?
This is a great post for teams thinking about going serverless or for teams that have started but are hitting a brick wall. While serverless promises “writing just your business” logic, there is a lot more to it, especially having knowledge of the other managed services available to you. This shouldn’t discourage you, but it’s important to know what you’re up against.

What Front-End Developers Need to Know about Serverless Databases
Dan O’Donnell gives you some of the pros of working with “serverless” databases.

Serverless Computing and the Trend to Asset Lean
While this analogy is not new, I like how Aater Suleman compares Uber to serverless by describing the parallels between each phase in the evolution of car ownership to hailing a driver from a ride-share app.

Serverless Tutorials 🏗

How to include SNS and Kinesis in your e2e tests
SNS and Kinesis are common components in our event-driven serverless applications. However, testing them can be a bit tricky. Yan Cui walks you through some ways to accomplish this.

Building an Event-driven Pipeline in AWS Using Serverless
Kyle Galbraith shows you how to build an event-driven pipeline using S3 and Lambda. It’s also a good intro to event-driven architecture.

Shifting Your Node Express APIs to Serverless
John Papa’s incredibly thorough tutorial on converting your existing Express apps over to Azure Functions.

GO AWS Development with Serverless Application Model-SAM to start functions locally
Yunus Kılıç’s third article on building and deploying serverless functions with SAM and GO.

How to test a serverless API using AWS serverless Gradle test runner
If I’ve said it once, I’ve said it a million times (I think I said this last week too), I’ve never seen two deployment pipelines that look the same. This example focuses more on the API testing side of things, but as you will see, they have their own unique process.

.NET Core serverless CI/CD on AWS using CodePipeline and CloudFormation
Kaveh Azad gives you a complete CI/CD solution for .NET Core apps using AWS CodePipeline. The CloudFormation template is included, so you could adapt this for other runtimes as well.

How to build HTTP REST APIs with AWS + Serverless Framework
Here is a simple tutorial (in Java) for how to build and deploy a serverless API.

Part 2: How Far Out is AWS Fargate?
Go with Lambda when you can, but if you need containers, Fargate is a much simpler alternative to the likes of Kubernetes for container orchestration and management. Michael Lavers shows you how to deploy a simple Flask app to demonstrate how easy it is to get started with Fargate.

How to Create a REST API with Azure Functions and the Serverless Framework – Part 1
The Serverless Framework has made some significant improvements to the serverless-azure-functions plugin, so building on Azure is even simpler. Check out this tutorial to see how you can use the framework to build your first REST API using Azure Functions.

Serverless Security 🔒

Automating AWS Guard Duty Enrollment
Dane Fetterman wrote a tool to help you enroll a member account in AWS Guard Duty on a master account. The scripts run as Lambda functions, kicked off by a Step Function that lives behind API Gateway.

Simple Voice-Command SQL Injection Hack into Alexa Application
And here I thought ordering 100 rolls of toilet paper from your friend’s Alexa was a vulnerability. I think this is an interesting attack vector, though it likely requires some pretty bad coding on the backend. Ultimately, voice-enabled devices translate your commands into text to be processed. Taking the same precautions as you normally would should be more than enough to mitigate this kind of vulnerability.

A Purple-Team View of Serverless and GraphQL
Abhay Bhargav has a presentation on serverless security and how you probably want to manage your own serverless GraphQL endpoints (instead of using frameworks). There are other solutions out there for serverless GraphQL (namely AWS AppSync), but this presentation does outline a number of risks to be aware of.

How Are Serverless Applications Attacked?
Serverless is, by default, a lot more secure than traditional infrastructures, or even self-managed cloud architectures. However, it bears repeating that the vast majority of vulnerabilities now fall on the quality of the application code. Having a good system in place to provide AppSec in the serverless world is probably insurance worth having.

Serverless Reads 🤓

Loud Narrative on Cloud Native
I love a good rant. Raman Sharma has some thoughts (and criticisms) on some common definitions of “Cloud Native”.

Applying Code-Splitting to AWS Lambda
Running experiments to find new and interesting ways to optimize serverless is a hobby of mine too. Matt Tyler played around with code-splitting in Lambda, and although I don’t think this would create a worthwhile optimization, the idea was definitely worth pursuing.

Review: Amazon Aurora Serverless – A cloud-native and production-ready relational database?
Andreas Wittig gives his review of Amazon Aurora Serverless. This article outlines some of the benefits and limitations, and for the most part I agree. However, I do think the pricing is justified given the Multi-AZ availability and failover support that comes out of the box with Aurora Serverless. In order to achieve this with provisioned Aurora, you’d need to set up multiple instances which actually costs you more.

A top Microsoft cloud exec says that the company wants more customers to try out serverless computing, the ‘best way to do compute’
It looks like Microsoft is going all in on serverless too! Microsoft Azure CTO, Mark Russinovich, explains why serverless is the future of cloud computing. “We don’t want customers to stay out of the best way to do compute, and serverless is the best way to do compute.” I’d have to agree. 😉

Serverless September Content Collection
#ServerlessSeptember is in full swing, and Jan Schenk has put together a collection of all the great posts the Azure community is providing.

Tips and tools to achieve a serverless DevOps workflow
Kurt Marko outlines some of the basics of CI/CD and what the evolution of serverless means for your DevOps workflows.

Exclusive Research from Sumo Logic Reveals Multi-Cloud on the Rise and Open Source Technologies like Kubernetes is Disrupting the Modern Application Stack
This multi-cloud thing is not surprising to me, especially since I assume enterprises are more likely to hedge their best against the public cloud. Maybe this make sense for enterprises, but if you’re a startup or a mid-size company, I really think you’re handicapping yourself by going this route.

When you’ve got a long commute… 🚗

Serverless Chats – Episode #14: Serverless CI/CD for the Enterprise with Forrest Brazeal
In this episode, I chat with Forrest Brazeal about the CI/CD challenges facing enterprises, how to take a pragmatic approach to building pipelines for your serverless projects, and what tools are available to help you.

The Serverless Smarts Podcast – Ft. Erez Berkner, Visibility and Serverless Security
In the latest edition of the Serverless Smarts Podcast, Hillel Solow is joined by Erez Berkner from Lumigo to discuss visibility as a means to achieve better security, who is responsible for security – cloud provider or cloud customer, and edge computing in serverless.

Aleksandar Simovic AWS Serverless Hero Interview at Serverless Days Belgrade 2019
AWS Serverless Hero Aleksandar Simovic shares his thoughts on serverless during an interview at Serverless Days Belgrade.

Danilo Poccia AWS Principal Evangelist Interview at Serverless Days Belgrade 2019
Danilo Poccia talks about how to get started with serverless, its major benefits, and what some AWS customers are doing with it.

When you’re curious what the AWS devs have been up to… 👷‍♀️

Introducing NoSQL Workbench for Amazon DynamoDB — Now in Preview
This has definitely got some promise. I played around with it a bit and there are definitely some quirks (like I couldn’t figure out how to create a Local Secondary Index through the GUI), but I think this will go a long way to helping people create data models with DynamoDB. Read more about it here.

Announcing AWS PrivateLink support for Amazon Rekognition
Great update for everyone stuck in a VPC, though I still think the pricing for a NAT Gateway works out better if you need to access multiple services like this.

New Quick Start deploys clickstream analytics on the AWS Cloud
I really like these Quick Starts that AWS is putting out. You certainly don’t need to follow them exactly, but having the reference architecture out there is super helpful.

AWS Marketplace Makes It Easier to Deploy Lambda Functions with AMIs
You can now deploy your AMI-based solutions along with Lambda functions that interact with them, all with one CloudFormation template.

Serverless Tools 🛠

SAMWise (Beta)
Erik Peterson from CloudZero decided to build a SAM wrapper that makes deploying serverless applications easier. Inspiration struck while watching Lord of the Rings.

you-dont-need/You-Dont-Need-Lodash-Underscore
Not really a “serverless” tool, but reducing dependencies in your serverless functions is always a good idea to minimize package sizes and third-party vulnerabilities. If you’re building with Node.js, these handy native solutions can save you from leaning too heavily on your favorite utility libraries.

Noiiice Blog
Noiiice is a fully serverless blog platform with server-less side rendering. All services run on Amazon Web Services. The webapp is a Nuxt.js app served from a Lambda function using serverless-http through API Gateway.

dynamo-cassandra-proxy
If you really love managing Cassandra rings and needing an entire team to keep it up and running, as opposed to the fully-managed DynamoDB platform, here is a tool to help you easily take a step backwards. 😬

Thoughts from Twitter 🐦

#StrangeButTrueCloudFacts… (a thread) ~ Forrest Brazeal
Forrest provides us with nine interesting #StrangeButTrueCloudFacts. He ends his thread with an announcement of a book deal. Congrats to him!

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

September 18, 2019 – Our Serverless Journey – Dev Team Retrospective (Webinar)

September 19, 2019 – IOpipe and Mapbox Webinar: Visualizing critical, location-based metrics on serverless

September 20, 2019 – Serverless Transformation: An Online Panel Discussion

September 26, 2019 – Increasing Serverless Development Velocity (Webinar)

October 2, 2019 – Deep Dive on Amazon EventBridge (Webinar)

October 3, 2019 – How to Leverage Serverless to Optimize for Cost and Performance (Webinar)

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

October 30, 2019 – Retail at the Scale of Serverless with AWS – Webinar

February 27, 2020 – Serverless Nashville – The CFP is now open!

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Peter Sbarski (@sbarski). Peter is the VP of Content at A Cloud Guru, an AWS Serverless Hero, and he runs Serverlessconf (which is happening in NYC this October, BTW). Plus, he wrote a book about Serverless architectures on AWS, he’s a frequent speaker himself, and he’s one heck of a teammate for live Twitch coding challenges. 😉 The team over at A Cloud Guru is doing some amazing work helping to teach people about the cloud and serverless, and Peter is one of the driving forces behind it. Thanks for all you do, Peter (and we’ll take down Munns at re:Invent)! 🙌

Final Thoughts 🤔

Lots of really interesting things happening in the serverless ecosystem. It’s encouraging to see serverless shops like Stackery pushing forward with a new CEO and IOpipe getting recognized by Gartner. Plus, the Serverless Framework has been rapidly releasing features as part of their new full-lifecycle approach, as well as making a ton of improvements to their Microsoft Azure plugin. And speaking of Azure, there has been a huge push for serverless from Microsoft lately that is also great for the community. The more exposure it gets, results in faster adoption, faster innovation, and hopefully, more tools to make serverless even easier to use.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Until next time,
Jeremy

Off-by-none: Issue #54

Where have all the Cold Starts gone? ❄️

Welcome to Issue #54 of Off-by-none. Thanks for joining us! 👍

Last week, we celebrated our one year anniversary. This week, we’re investigating some very encouraging news about cold starts in Lambda. Plus, we have lots of amazing serverless content from the community.

There’s plenty to get to, so let’s jump right in. 💥

Serverless News & Product Announcements 🚀

Announcing improved VPC networking for AWS Lambda functions
This is HUGE! AWS is now leveraging Hyperplane to provide NAT capabilities from the Lambda VPC to customer VPCs. The reduction in cold start times is amazing!

Introducing the Newest AWS Heroes – September 2019
Yay! There are four new serverless heroes: Chase Douglas, Ran Ribenzaft, Gojko Adzic, and Prashanth HN. Congrats to all of you!

Manage your Serverless apps through GitHub
You can now manage your Serverless deployments almost entirely from your GitHub repo with Seed.run’s new feature.

Excited to Announce the Serverless Transformation Newsletter
There is a new serverless newsletter in town. Ben Ellerby is launching the “Serverless Transformation Newsletter” to help develop and share best practices in the Serverless development community.

Fast WordPress Sites with Bluehost & Cloudflare Workers
Bluehost is going to add Cloudflare Workers to speed up WordPress sites. I was really hoping that a better, entirely serverless alternative would have come along to make this unnecessary. 🤷‍♂️

Serverless Stories 📖

Neosperience Cloud journey from monolith to serverless microservices with Amazon Web Services
Excellent post by Luca Bianchi that details Neosperience’s evolution to serverless microservices. He also makes a great point about iteration and the flexibility that microservices provide: “evolving your architecture through Time, requires your code being able to support changes every time a new wave of innovation hits the ground.”

I Believe in Serverless First and so Should You
Greg Farrow talks about why his team at ResponseTap decided to go serverless and why you should too.

My learnings from running the Azure Functions Updates Twitterbot for half a year
Marc Duiker explains what he learned by running a serverless Twitterbot over the last 6 months. Lots of interesting information in here that applies to other cloud providers as well.

Go-ing serverless
Eduardo Almeida set out to learn Go, and ended up stumbling into serverless along the way. His first time experience wasn’t great, which seems to be a common occurrence.

Serverless Use Cases 🗺

Serverless Step Functions with Callback
Callbacks in Step Functions are super handy. Chris Shenton outlines his use case and shows how to restart a Step Function once all the fan-out processing is done.

Sending a Weather Forecast with an AWS Lambda and Twilio
This is a simple app by Andrew Evans, but herein lies the power of serverless. Think about all the little tasks you could automate away.

Challenges and Opportunities of Amazon Serverless Lambda Services in Bioinformatics
I haven’t read this whole thing. But it looks important. 😉

Deploying Mozilla DeepSpeech models to AWS Lambda using Serverless
Lukas Grasse shows you how to install and run Mozilla DeepSpeech on AWS Lambda. There are some size limitations with the models, but the use case is exciting.

Prediction with TensorFlow and Cloud Run
ML and AI is all the rage, so Guillaume Blaquiere decided to install TensorFlowServing on a container and deploy it using Google Cloud Run.

When you want to learn some advanced Serverless concepts… 🏗

Serverless architecture diagram shows a new side of server-side
Interesting diagram from Fred Churchville on the differences between a traditional “server-side” application and one that is serverless. There is more happening with serverless and SSR, and of course, SPAs can work just fine with APIs running on traditional architecture, but this is a good way to look at it.

AWS Data API for Amazon Aurora Serverless
Goran Opacic has a great piece that explains how easy it is to run a Serverless Lambda SQL powered web site in production and deploy the entire architecture using CDK. There are some good references in this article as well. 😉

Deploying a Web API on AWS Lambda: Difference between API Gateway and Application Load Balancer
This is a short post that compares ALB with API Gateway when being used with Lambda functions. Very useful info here.

Three AWS API Gateway Features to Manage and Control the Invocations of its Targets
Lior Shalom highlights a few features of API Gateway that let you define throttling, manage API keys, and add performance gains by using caching.

AWS Lambda VPC Upgrades with HyperPlane
Austin Huminski from IOpipe explains why the AWS Lambda VPC upgrades are such a big deal, and how you can configure a Lambda function to access RDS in your VPC.

If you’re just getting into serverless… 🐣

15 things I’ve learned doing serverless for a year and a half
Great article by Paul Heintzelman that includes 15 things that every serverless developer (new and old) should definitely learn and understand.

Choosing the right cloud provider
Ben Ellerby helps you choose a cloud provider for your serverless projects. TLDR; He suggests AWS.

Why does serverless matter?
We’ll let the “there are still servers in serverless” comment slide. This is a good article that outlines why serverless is different than PaaS, and more importantly, what value it brings to your business.

An Introduction to Azure Functions
AWS Lambda isn’t the only game in town. Check out John Matthew’s introduction to Azure Functions to see what Microsoft offers for FaaS.

Serverless Tutorials 🏗

Create Serverless API for HTML Scraping
If you do need to scrape an HTML page, using the cheerio package seems like a great option.

AWS CDK TDD, LOL OMG
Richard Boyd is back with a post that describes how to build CDK Constructs using test-driven development and the AWS CDK Asserts Library.

Building a Simple Serverless WebSocket with Stackery and AWS
The team at Stackery shows you how to build a simple serverless WebSocket in Amazon API Gateway that can directly communicate back to the client. This uses the Stackery Canvas, so you don’t even need to write any CloudFormation.

Netlify Dev + Serverless Functions + MailChimp Subscribe Form Tutorial
Matt Gregg shows you the power of Netlify with this simple tutorial.

Moving from Lambda ƛ to Azure Functions <⚡>
I’ve had decision makers ask me “how hard is it to move to a different cloud provider?” way too many times. Whatever the reason maybe, it’s always a good idea to understand what other options are out there. Jeremy Likness has a post with some videos that will show you what a migration from AWS to Azure might look like.

Create a Reddit Bot with Node.js on AWS Lamba
Raz Ali shows you how to create an application in Reddit and use an AWS Lambda function to connect to it. This is just a starting point, but lots of use cases for these types of applications.

How to build a website from scratch under the AWS free tier (Part I : FrontEnd) & (Part II : BackEnd)
Anas El Mhamdi’s two part series will give you a good overview of how to set up your front end static hosting along with a fully dynamic serverless backend.

Testing Serverless Services
Vincent Claes gives you a detailed run through of testing your Python serverless applications. There is some local mocking in there (which lots of people prefer) for unit testing, but I’m a big fan of adding some integration tests using real cloud resources too.

Serverless Security 🔒

How to store your AWS Lambda secrets cheaply without compromising scalability or security
Timothy Jones has an interesting way of encrypting secrets for serverless applications without the need for expensive solutions like Secrets Manager or rate-limited Parameter Store calls.

How To Handle HIPAA Compliance with Serverless Security
Need to make sure you serverless applications are HIPPA compliant? Check out this great post by Trisha Paine from Protego.

Serverless Reads 🤓

Q&A With Gojko Adzic on the Book Running Serverless
Newly crowned AWS Serverless Hero, Gojko Adzic, gives a great overview of his new book, Running Serverless.

Why Does Developing on Kubernetes Suck?
“When I’m writing software… Kubernetes has only made things harder.” Nuff said.

AWS Lambda Cold Start Language Comparisons, 2019 edition ☃️
For those of you that continue to worry about cold starts, perhaps this will be encouraging: “The improvement over the last 16 months is the most astounding and surprising find. There are massive improvements across the board, with cold starts becoming reasonably inexpensive and non consequential. NodeJS is now the most performant language, improving 74.6% or 638ms in just 16 months.”

How to Get Over the Serverless Integration Hump
Srinath Perera opines on the future of serverless and discusses the need for an integration language above and beyond programming languages to ease the transition for enterprises.

The Rise of the Serverless Architect
Nick Gottlieb nails it: “A Serverless Architect is a developer who takes this lifecycle focused view and often personally owns at least part of every stage of the Serverless Application Lifecycle. They don’t simply write functions — they implement business results while thinking through how the code that delivers those results will be developed, deployed, tested, monitored, and secured.”

17 Reasons NOT To Be A Manager
This really has nothing to do with serverless, but it is such an important piece for anyone who is a software developer. If you love coding and the rush you get when solving problems and building solutions for them, think long and hard about becoming a manager.

Many Uses of Serverless Observability – Part I
Emrah Samdan explains why observability is an important (if not necessary) part of serverless application development.

Is Serverless the end of Ops? DevOps vs NoOps… NativeOps.
Ben Ellerby has another great post that discusses how “Ops” changes as we move to serverless. I’m not sure “NativeOps” will catch on, but it’s worth a shot.

AWS AppSync with Serverless Lambda only solution
I have to agree with Barend Bootha that “VTL is a terrible place to put any business logic.” I know there are those that would argue, and for certain things it makes sense, but I’m still trying to wrap my head around what service owns the data when working with AppSync. It seems to add a lot of unnecessary coupling to the mix.

When you’re tired of reading… 🎧

Episode #13: Managing a Serverless Engineering Team with Efi Merdler-Kravitz
In this episode, I chat with Efi Merdler-Kravitz about moving your team to serverless, running and growing your serverless development team, and managing roles and specializations in serverless environments.

How Bustle Leverages AWS Lambda to Help Editorial Teams Scale
Bustle has been way out in front with its adoption of serverless and has been using it at massive scale for quite some time. This short video gives you a quick overview of what they’ve built with it. Michael Hart is not in the video, but it’s still worth a watch.

Go Time #96 : Serverless and Go with special guest Stevenson Jean-Pierre
Special guest Stevenson Jean-Pierre discusses serverless in a Go world. What is serverless, what use cases is serverless good for, what are the trade offs, and how do you program with Go differently in the context of serverless?

When you’re wondering what AWS has been up to… 👷‍♀️

Introducing Analyzing Text with Amazon Elasticsearch Service and Amazon Comprehend
This out of the box solution deploys an end-to-end solution for extracting insights from unstructured data such as customer calls, support tickets, and online customer feedback. Then it adds it to Elasticsearch and lets you visualize it with Kibana. Definitely worth checking out the reference architecture to see how it might fit in with your application.

Amazon QuickSight Announces Favorites, Anomaly Alerts and More
I’ve only played around with QuickSight, and have never used it for a production application. But there is definitely something there, and some of these new features look like there is more value to come.

Announcing General Availability of Amazon Quantum Ledger Database (QLDB)
It’s here! AWS’s fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log ‎owned by a central trusted authority. More from Jeff Barr here.

Serverless Tools 🛠

serverless-to-cgi-bin
I’ve often joked about this as well. Sure there’s a lot more to it, but comparing FaaS to a modern day “cgi-bin” (just one that scales infinitely and has automatic fault tolerance and failover built in) is a fine comparison to me.

Thoughts from Twitter 🐦

I use a serverless platform and never have to think about a load balancer. (Hell, for a while I didn’t even really know what a load balancer was! No joke.) Who am I? Someone who values productivity. ~ Dr. Donna Malayeri
Speaking of modern day cgi-bins, Dr. Donna Malayeri makes a really good point with this tweet. Load balancers are undifferentiated heavy lifting that developers shouldn’t need to care about. Serverless gives you that.

2 weeks ago I turned 30 years old, and 6 years of AWS — Today, with tears of happiness, I’ve officially got promoted to Principal. ~ Heitor Lessa
We love Heitor and everything he does for serverless, AWS, and the community. Congrats to him for this well-deserved promotion.

Serious question: Why is kubernetes so much more popular than the cloud vendor based FaaS services? Given that FaaS saves you *so much effort and maintenance* (I have experienced this) I don’t see the value *except* on prem. Note: no “because it’s better” responses. ~ Paul Johnston
Paul Johnston has no problem poking the proverbial Twitter bear, and this time it sparked a really interesting (and illuminating) debate. Lift and shift is much easier than rearchitecting for serverless. I’m not sure there is a middle ground here, so perhaps K8s will have it’s run for the foreseeable future.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

September 13, 2019 – Serverless Days Belgrade

September 18, 2019 – Our Serverless Journey – Dev Team Retrospective (Webinar)

September 19, 2019 – IOpipe and Mapbox Webinar: Visualizing critical, location-based metrics on serverless

September 20, 2019 – Serverless Transformation: An Online Panel Discussion

September 26, 2019 – Increasing Serverless Development Velocity (Webinar)

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

October 30, 2019 – Retail at the Scale of Serverless with AWS – Webinar

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Ben Ellerby (@EllerbyBen). Ben is a Serverless Architect and Advocate at Theodo UK. He’s also a regular conference speaker, serverless blogger, and editor of the new Serverless Transformation newsletter. As serverless continues to gain adoption, having people like Ben producing well-written content and sharing it with the community, helps to make serverless more accessible for everyone. I’m looking forward to seeing what he does next. Thanks, Ben!  🙌

Final Thoughts 🤔

The news about VPC Lambdas this week was very exciting. Seeing a cold start drop to 933 ms from 14.8 seconds is game changing. I know many people will continue to argue that 933 ms of latency is still too high, and that is true for certain applications. But since cold starts affect such a tiny percentage of your invocations, a few random 1 second round trips will seem like normal network blips for web-facing applications. 15 seconds was noticeable (hard to argue with that), but 1 second? Not so much. Exciting times ahead.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Thanks again,
Jeremy

Off-by-none: Issue #53

Has it already been a year?

Welcome to Issue #53 of Off-by-none. I’m so happy you joined us for this special issue! 🙌

Last week, we recapped the AWS Developer Influencer Summit and learned how to simplify publishing Lambda Layers. This week, we’re obviously celebrating our one year anniversary, so we’ve got some surprises for our loyal readers. And, of course, we have plenty of serverless content from the community.

There is so much to get to this week, so let’s get this party started. 🕺💃

It’s our party and we’ll give stuff away if we want to… 🍾🎉🎁

That’s right, we’ve got swag, and we want to give it to YOU! We’ve looked at the stats, and we’ve reviewed the creepy OPEN and CLICK data that Mailchimp collects, and it seems that many of you are very loyal readers. You’ve shared the issues on social media, encouraged others to sign up, submitted articles and suggestions, and helped to make the newsletter better each and every week. Some of you have even been here since the very beginning!

So as a proper thank you for spending (so much of) your time reading and sharing this newsletter, we’ll be sending swag bags to a whole bunch of you! We’ll reach out in the next few days to get your T-shirt size (oops, did I just give that away?) as well as a mailing address for shipping. I wish we could send gifts to everyone, but we’re still just a little community newsletter. Hopefully, with your continued support, we’ll keep growing this amazing community and help give the gift of serverless to everyone! (and maybe T-shirts)

Serverless News & Product Announcements 🚀

SAM v1.14.0 Release: API Key Authorization and API Resource Policies Support
This release includes the first step in supporting ApiGateway API Keys and Usage Plans in SAM as well as the first of two proposed changes to add support for ApiGateway resource policies.

Architect 6.0: Ruby, Python, and CloudFormation
Architect 6.0 now generates CloudFormation instead of using API calls to create AWS infrastructure. There are some other cool features, too, like writing zero-config Gatsby apps with the ability to augment them with dynamic runtime-powered routes.

Open-source serverless framework wants to pave the way towards serverless 2.0
“What we are missing is support for long-lived virtual stateful functions, a way to manage distributed—durable and ephemeral—state in a scalable and available fashion, ways to co-locate processing and data, and options for choosing the right consistency model for the job.” But are we missing those things? Or are we just too comfortable with the old way of doing things?

Lambda Layer Management with the IOpipe CLI
IOpipe’s new CLI lets you manage their no code instrumentation of your Lambda functions through your command line.

Making it easier to manage custom domains
Managing your custom domains in Seed is now a lot more easier and far more reliable.

Serverless Stories 📖

Serving my serverless personal website
Jordan Matelsky migrated his personal website to S3 and found some challenges using some serverless services. It’s an interesting story, and in my experience, indicative of what many first time users of these services face. This needs to be easier.

Let’s create a serverless notification system with Amazon API Gateway
This is sort of a story and tutorial wrapped up into one. In this post, beSharp will explain how they took a serverless approach to refactoring their notification system with realtime communications using API Gateway’s WebSocket support.

Building a truly global e-commerce platform
This is an interesting article that shares how Pim Vernooij and his team built out a e-commerce platform using AWS Lambda and API Gateway.

Building a Gitlab pipeline for serverless aka containerizing the Serverless Framework for the win.
If I said it once, I’ve said it a hundred times, I’ve never seen two serverless CI/CD pipelines that look the same. Similar, sure, but there’s always something different in every one I see. Here’s how Paul Heintzelman and his team does it.

Serverless at scale
Mathias from Freetrade shares how their move to serverless a year ago has benefited them, what they’ve learned, and what challenged them along the way. Still plenty of work to be done, but these stories are always encouraging.

How we made the return process more efficient thanks to an IPA beer notification hack
This is a fascinating look at how Daniel Wellington (the watch company) used Lambda and Amazon Rekognition to speed up their warehouse return process. Interesting to see real world problems being solved by serverless.

Serverless Use Cases 🗺

Serverless Data Extraction with AWS
This is a nice use case that grabs files from an S3 trigger, processes them with Lambda and Textract, then saves the data back to an S3 bucket.

Getting Started with Serverless Angular Universal on AWS Lambda
Here is an interesting way to develop and deploy an Angular application on AWS Lambda using Angular Universal for server-side rendering.

AWS Step Functions Gains Callback Patterns to Resume Paused Workflows
Steffen Opel has a nice overview of the new Step Function Callback Patterns that AWS released earlier this year. There are a lot of useful patterns here, so it is definitely worth understanding how these work.

Building Serverless IoT Systems from Node-RED to AWS Lambda
IoT is another one of those perfect use cases for serverless. In this post, Sarjeel Yusuf gives a quick overview of how you can use AWS IoT to route incoming messages from your Node-RED MQTT broker to an AWS Lambda function.

Handling medium size files with Lambda
Great post by Gratus Devanesan that uses file streaming, Lambda, and SQS to build a serverless MapReduce architecture. As he states, this probably won’t work for really large (like 100GB) files, but would make sense for “medium size” files.

AI Automated dubbing : Building an end-to-end Youtube audio translation platform using AWS serverless architecture
How’s this for an interesting use case? Ramsri Goutham uses AWS Transcribe, Translate, and Polly to automatically translate audio in video files

AWS serverless scraping: randomising your ip.
Hmm, I’m a bit torn by this one. On the one hand, sometimes I need a good script to do some “crawling” of website data. On the other hand, there is a reason why sites block scraping bots. No matter how you feel, Pablo Voorvaart has a quick and dirty solution for you.

When you want to go deep on some serverless concepts… 🏗

How to use the power of CloudFormation custom resources for great good
Yan Cui has a great post that explains how you can include a custom resource’s Lambda function in the same CloudFormation stack that uses it.

Knative
There is (at least in my mind) a clear understanding that Kubernetes is NOT serverless. However, if a provider is managing that for you, and you’re simply running Knative on top of it, well, that’s a different story. This piece by Scott Weiss gives you some more details on Knative.

Kafka, RabbitMQ or Kinesis – Solution Comparison
This is a great post by Nitzan Shapira that scores these three message systems based on a number of factors including ease of setup and maintainability. Spoiler alert: Kinesis comes out on top, but mostly because it is so “hands off” in terms of ongoing maintenance. FYI, I’ve worked with RabbitMQ extensively (including for a current project), and I would definitely rate that lower than the other two as well.

Debugging Distributed Systems Using Logs
We get it! Epsagon is amazing! 😉 But seriously, all these observability tools that do distributed tracing are really very powerful and make debugging serverless applications much easier. If you’re not convinced, Ran Ribenzaft’s post gives you some good insight into why things can get very difficult without one of them.

Awfully Thorough Guide to Choosing the Best Serverless Solution
Ilya Kritsmer looks at serverless orchestration services from Google and IBM. According to this post, the options are really thin and aren’t ready for prime time. He doesn’t mention GCP’s AppEngine or IBM’s AppConnect, but I haven’t done enough with them to have an opinion.

If you’re just getting started with serverless… 🐣

How to configure the AWS CLI to your local environment?
The AWS CLI is a very powerful tool in your serverless development arsenal. This quick post from Suthar Prashant will get you up and running in just a few minutes.

Ask the expert: AWS serverless challenges and how to overcome them
Marko from ServerlessLife.com opines on some of the challenges of serverless and what you can do to work around them. There’s some architecture notes in here as well.

Serverless in AWS: Lambda vs. Fargate
Keilan Jackson gives a good overview of the differences between Lambda and Fargate and when you might use one over the other.

A shared-nothing approach to serverless microservice ecosystems on AWS
This is a good post by Kaveh Azad that might help you wrap your head around building loosely coupled serverless microservices. The shared nothing approach often makes people uncomfortable. One word: “denormalization”. 😉

Serverless Tutorials 🏗

Creating a serverless REST API with Node.js, AWS Lambda, API Gateway, RDS and PostgreSQL.
Giuseppe Picciano gives you a complete walk through for building a serverless API with a PostgreSQL backend. Great example of creating single purpose functions and using a database abstraction layer (though you might eventually want to roll your own). For production, use Parameter Store for your database secrets, and you’re good to go.

Express in AWS Lambda
So, I’m not a huge fan of using Express.js with Lambda, simply because there is way too much overhead involved. However, what I like about Ashiq Sultan’s post, is how he uses his lambda.js file as a port to his Express app. This allows him to run/test his app independently, but also invoke it through API Gateway. There’s some interesting hexagonal architecture thinking there.

Migrate a Simple SAM Application to the Serverless Framework
What if you start with SAM, but then decide to use the Serverless Framework instead? Fernando Corey has got you covered with this complete migration guide.

Scalable image classification with ONNX.js and AWS Lambda
Nico Axtmann gives you a quick tutorial (along with the git repo) on how to use Lambda and ONNX.js. If you want to up your serverless machine learning game, this might be a good start.

Multiple Environments with AWS Amplify
Jan Hesters teaches you how to use Amplify’s env command to implement either sandboxes or shared environments to help teams collaborate on Amplify projects.

Serverless Security 🔒

Going Serverless? Common Serverless Security Issues and Best Practices
As I was reading Aaron Chichioco’s post on serverless security, my first thought, was that it didn’t really make sense in the context of AWS. However, if you are running your own K8s cluster, or using some other provider that is rolling their own serverless stack, some of these threats could be very real.

Serverless Reads 🤓

Modern applications at AWS
Ever wonder how AWS builds their own modern applications? This post from Werner Vogels outlines the approach that AWS takes to build highly scalable services that allow for rapid development and releases.

Beyond The Browser: Getting Started With Serverless WebAssembly
The promise of WebAssembly in the browser fascinates me, but using it to power serverless functions? That’s just crazy talk. Robert Aboukhalilich has a great article that shows just how real this is.

Don’t get locked up into avoiding lock-in
Gregor Hohpe has a brilliant article that analyzes lock-in and how we can make better decisions about it using simple models. Do yourself a favor and just read this.

Serverless computing innovations will drive the next great evolution in storage
Though I find Grant Gumina’s predictions about adoption to be a bit pessimistic, I think he’s right about the technology hurdles with regards to adding state to serverless applications. However, this might just be the point. There are benefits to statelessness, so perhaps rethinking design patterns would eliminate the need to fill the deficiencies he points out? 🤔

Why doesn’t anyone weep for Docker?
So, this isn’t really about serverless, but I found the article interesting. Matt Asay does a great job of pointing out the challenges that all open source technology companies face. How do you monetize your work while still embracing the community? I’d venture a guess that “building your own cloud” is likely not the best approach.

Self-Serverless: Why Run Knative Functions on Your Kubernetes Cluster?
Two Knative articles in one newsletter!?! I know what you’re thinking, but if you’ve been paying attention, you’ve noticed that LOTS of enterprises are adopting Kubernetes. Layers and layers of abstraction seem counterproductive to me. But K8s may be the hybrid cars of cloud technology. Sure it bridges the gap for awhile and makes you feel good about yourself, but ultimately you’ll realize that it was just a ploy by Big Oil to keep us hooked on fossil fuels, and now we have all these dead batteries lying around. I think I got off topic there, but maybe you get my point.

Choosing a cloud DBMS: architectures and tradeoffs
Adrian Colyer recaps “Choosing a cloud DBMS: architectures and tradeoffs Tan et al., VLDB’19” in The Morning Paper. His key takeaways note that the database is less important than the storage format. I’ve been playing around with Athena lately, and I agree that it wins hands down.

How Serverless Computing Is Reshaping the Business World
If you’re trying to convince your boss to let your team go serverless, send them this article from BOSS Magazine.

Migrating legacy apps to serverless platforms doesn’t have to be painful
Not an entirely accurate article as most limits can be raised and there are other ways to share data across functions. But the overall sentiment seems right. Lots of “peripheral” use cases for serverless that can compliment an existing software stack.

When you need something to listen to on your commute… 🎧

Serverless Chats – Episode #12: Reducing MTTR in Serverless Environments with Emrah Şamdan
In this episode, I chat with Emrah Şamdan about discovering problems before they cause issues, what constitutes signals of failure in serverless applications, and how we can be better prepared to respond to incidents.

When you’re curious what the AWS devs have been working on… 👷‍♀️

Now forward traffic between a local and remote port using Session Manager
I really love the work being done with this. You still need to have an EC2 instance running behind the scenes, but using Session Manager to control access, PLUS being able to do port forwarding now, is so much easier than VPNs and previous workarounds. More info here.

AWS X-Ray Now Supports Amazon SQS
This is another great feature that should help you get more observability out of the box from AWS. Tracing headers are sent automatically with the AWS SDK if your functions are X-Ray tracing enabled. Looks like there is still some work required to recover the tracing context when receiving messages, but it seems fairly trivial.

Take the AWS Certified Cloud Practitioner Exam in Your Home or Office 24/7
“You’ll need a reliable internet connection, a webcam, and a quiet, private place to test.” I haven’t had a “quiet, private place” since my first kid was born 13 years ago. But for those of you that can find some peace and quiet, this is probably easier (and less stressful) than the alternative.

Lower Threshold for AWS WAF Rate-based Rules
According to AWS, this lets you protect against low-volume brute force logins, scrapers and more. I also like the use case for rate limiting per-user API calls. Throw this in front of an ALB and now you have automatic quota management without API Gateway.

Serverless Tools 🛠

A SAR app to propagate CloudFormation tags to unsupported resources
CloudFormation tags don’t automatically propagate to some resource types, including CloudWatch log groups. This is especially frustrating if you want to include them in your cost monitoring. Yan Cui and the team at Lumigo have you covered with this new SAR app.

s3redirect – A #Serverless and #Databaseless URL Shortner
Ric Harvey created a full fledge serverless and databaseless application that allows users to create a tiny URL by creating “Web Site Redirects” using Amazon S3, Lambda and Cloudfront.

Thoughts from Twitter 🐦

TIL the first automobiles were described as “horseless”, like the first cellphones were called “wireless phones”. Good reminder that terms describing transformational transitions often describe the absence of something, till the durable description inevitably emerges. #serverless ~Ajay Nair
Interesting way to think about the term “serverless” from Ajay. It may not be the best name, and people love to argue semantics, but what it describes is a way of building software that has completely changed the way I approach solving problems. So, yeah, pretty transformational if you ask me.

Following the news around a certain large tech company’s conference this week and their numerous k8s announcements furthers my view that #serverless is the future of things. (a thread) ~ Chris Munns
“k8s is the last hill for traditional Ops/IT to die on. Above that on the stack is basically all things serverless.” Preach.

I’m amazed what people will put up with to be 100% X (where X might be #serverless or $onlyOneLanguage, merely as examples but widely applicable). And then I remember how easy it is to think everything neatly fits in this one perfect box. ~ Susan Potter
Valid point. Most things don’t fit neatly into a box, and serverless is no exception. There are plenty of use cases that containers are better suited for, but imagine if one day, everything could be serverless?

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

September 4, 2019 – Serverless Done Right (webinar)

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

September 19, 2019 – IOpipe and Mapbox Webinar: Visualizing critical, location-based metrics on serverless

September 20, 2019 – Serverless Transformation: An Online Panel Discussion

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is YOU. I don’t want to get all sappy here, but I cannot express how important you all are to the community. You are the bloggers that write amazing serverless content. You are the open-source creators and contributors that build tools and frameworks to make serverless better every day. You are the companies and developers that are working to bring new products into the serverless ecosystem. You are the people that fuel serverless innovation with your ideas, your curiosity, and your feedback. Without all of you, there would be no serverless community, and no place for me to share my ideas. And for that, I thank all of you. 🙌

Final Thoughts 🤔

So much has happened with serverless since I started this newsletter last September. It’s mind-boggling just how far we’ve come in only a year. And I’m more excited about the future of serverless now than I’ve ever been. This last year has also given me the opportunity to meet so many amazing people from the serverless community. It has been an honor, and a gift, and I am eternally grateful for all the support I’ve gotten from all of you. I’m looking forward to another year of Off-by-none, and I hope you are too.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Thanks again,
Jeremy

Off-by-none: Issue #52

The future of serverless looks amazing… 🔮

Welcome to Issue #52 of Off-by-none. I’m so glad you’re here! 😉

Last week, I was at the AWS Developer Influencer Summit, learning how AWS is planning on taking serverless to the next level, as well as them eagerly listening to our (extensive) feedback. This week, we’ll give a quick recap of the event and then learn how publishing Lambda Layers might be a lot easier than we thought. Plus we have lots and lots of amazing content from the serverless community.

We’ve got plenty of great serverless content, so let’s get right to the good stuff. 👊

When you realize that AWS PMs really want your feedback… 📝

Last week I was honored to be a part of the first AWS Developer Influencer Summit in Seattle. It was a small group of about 70 people that came from all corners of the world. There were AWS community heroes, partners, and other independent voices that came together to learn what AWS was working on, and more importantly, to give our feedback. It was a great mix of serverless peeps, container folk, data wizards, developer tool jockeys, and ML/AI gurus. All sharing ideas and thoughts on how AWS can make their products and services better.

I wasn’t sure what to expect, but it turned out to be an incredibly rewarding experience. I spoke with several PMs from a number of different serverless teams, and I have to say, the future of serverless at AWS looks absolutely amazing! Not only that, but I got to hang out with some of the brightest minds in serverless, beat Chris Munns in the first live Twitch Serverless Challenge 😉, and then have the honor of losing the championship to Alex Casalboni‘s team (which Chris just happened to be on as well 🤨).

When you figure out that publishing Lambda Layers is easier than you thought… 🍰

So another crazy thing that happened at the AWS Developer Influencer Summit, was during one of the open discussions. The topic of Lambda Layers came up, and while many of us were complaining about working with them, Gojko Adzic literally blew our minds. He was then nice enough to blog about his solution…

Publishing Lambda Layers using SAR  🤯
So this is just flat out amazing. Lambda Layers are incredibly useful for sharing dependencies and compiled binaries, but the ability to use semantic versioning, or replicate them to other regions, always seemed like a massive inconvenience. Gojko Adzic brilliantly points out that these problem all go away if they are published as part of a SAR app. This is a must read if you are working with Lambda Layers.

How to include Serverless Repository apps in serverless.yml
And if you are wondering how to include a SAR (Serverless Application Repository) app in your Serverless Framework project, Yan Cui has a great post that will show you how.

Serverless News & Product Announcements 🚀

Zero instrumentation observability for AWS Lambda
The new Invocations Explorer provided by the Serverless Framework is a nice add-on to the observability features they’ve been launching lately. Very cool stuff.

Devs invited to bake ‘Run on Google Cloud’ button into git repos… By Google, of course
This is an interesting idea. “When you click the Cloud Run Button to deploy an application, it packages the application source code as a container image, pushes it to Google Container Registry, and deploys it on Cloud Run.” Hey, AWS! Maybe you should think about something like this.

Complete guide to AWS Step Functions
Yan Cui’s “Complete guide to AWS Step Functions” has been updated with more content and is now available for 50% off. I would suggest you take advantage of this offer while you can.

Introducing a better way to use Lumigo
Lumigo has joined the ranks of other observability companies and made it super simple to auto instrument your Serverless Framework projects with their tools. Simply install the new plugin, add your Lumigo token, and you’re off to the races.

Stay aware about your serverless stack with Thundra reports!
I like these proactive type reports that I get from some other observability tools. Glad that Thundra is now providing them as well.

Startup Rockset Adds SQL to DynamoDB
I have not tried Rockset yet, but this new feature appears to tie into DynamoDB streams to offer near realtime access to a SQL interface. I’ve often done this myself, but I think that since the use case is getting so popular, Rockset is smart to capitalize on it.

Serverless Stories 📖

How we reduced our API calls by 50%
Chad Dalton outlines a pretty slick way to eliminate OPTIONS API calls by using CloudFront to consolidate the host domain and use a custom origin to forward requests to the API. You could also minimize this by using the Access-Control-Max-Age CORS header, but that’ll only get you part of the way there.

Serverless, Cognito, and Custom Resources
Pei Deng has some criticisms of serverless and CloudFormation. I don’t disagree that IAM and CloudFormation can overcomplicate things sometimes, but the tooling is getting better, and there are lots of resources out there to help. With that being said, this type of experience with serverless means we still have quite a bit of work to do.

Serverless Use Cases 🗺

The new way to create, develop and deploy Twilio functions
I’m a big fan of services like Twilio functions. I love the idea of SaaS providers allowing customers to write applications that interact with their services directly within their systems, making things like transformations and triggers more customizable. I worry that there is a risk of disparate business logic across platforms, but being able to build deployments into your pipelines will go a long way to solving these issues.

Log forwarding from S3 to ES on AWS using Lambda & Serverless Framework
Log shipping is a fairly popular use case. Deepthi Nalla outlines her method of getting S3 files to Elasticsearch with the help of Lambda.

Serverless session handling for load-balanced PHP applications
Implementing DynamoDB as a shared session store for load-balanced PHP applications from Christian Burger is an interesting use case. It certainly is a step towards serverless, and it’s a heck of a lot better than sticky sessions.

Tracking team mood with Mood-o-Meter app
Do you know if you team is in good spirits? Slava Guzenko created a simple serverless application that can track your team’s mood with just a single click. I think that small, standalone services like this are great use cases for serverless because a) they cost basically nothing to run, b) they are always available, and c) they are independent of other resources, so they never affect critical applications in your stack.

When you want to explore some advanced serverless concepts… 🏗

A Minimum Viable CloudFormation Template
If you’ve ever looked at a 2,000 line CloudFormation template and started experiencing vertigo, then you’re not alone. Adam Johnson takes a slightly different approach to testing CF templates, which is quite simple, but also very powerful.

Building a CI/CD pipeline for Serverless apps
The team at Seed.run has been producing content like it’s nobody’s business lately. They’ve compiled all their recent serverless CI/CD tips into a single post for you.

Serverless on GCP
So for all you Google Cloud fanatics, Tyler Treat does an excellent job outlining and differentiating all the serverless compute options available in GCP. I particularly like his advice at the end: “This is why we usually suggest starting with the highest level of abstraction possible and dropping down if and when needed.”

AWS Lambda or AWS Fargate: The Step-by-Step Guide to Choosing the Right Technology
Excellent post by Illia Saveliev that will help you make the choice between Fargate and Lambda. I personally don’t consider Fargate to be “serverless”, but there are certainly circumstance where you would need something other than Lambda. I think this article does a good job outlining the limits so you make the proper tradeoffs.

For the serverless newbie, we’ve got your back… 🐣

Serverless 101
While there is some debate as to whether or not serverless apps “cost us nothing”, Dorian Machado gives you a really quick intro with some quick concepts and tools to get you started.

How to create your first AWS Lambda function in two easy steps
If you are looking for a very basic intro into how Lambda functions work, this quick post by Mariano Calandra will get you up and running with your first function in a matter of minutes.

Serverless Deployment with AWS SAM
If you want to start your serverless journey with an IaC (Infrastructure as Code) approach, then Olawale Olaleye’s post will give you a quick start using SAM (the Serverless Application Model) from AWS.

Serverless – Hello World
And if you want to use IaC with a framework that isn’t SAM, Dorian Machado has a quick “Hello World” tutorial using the Serverless Framework.

Serverless Tutorials 🏗

A simple event-sourcing example with snapshots using Lambda and DynamoDB
Very interesting post from Yan Cui about using DynamoDB to store an immutable ledger of events that can be used to recreate the current state of your application. The noteworthy part is using periodic snapshots to minimize the aggregate creation, which can be cumbersome in serverless applications without using a caching mechanism.

Build An AWS Serverless Application using SAM
If you have a few spare hours and want to go through a very thorough tutorial on how to build a serverless application with SAM, check out Hongbo Liu’s post.

Refactoring to Amazon DynamoDB
Want to get all that pesky relational data into DynamoDB tables? This post walks you through some data modeling with DynamoDB and shows you how to transfer existing data from a SQL Server database using AWS Glue.

Turn your AWS S3 data into insights you always wanted
This is a quick intro to AWS Athena, which is quite an amazing piece of technology. If you need to store and query event data, take a look at Athena.

Easily Deploy A Serverless CDN With Serverless Components
Serverless Components are small bits of functionality that are prepackaged to make deploying serverless solutions simpler. This post outlines how to create a global-scale CDN with just a few lines of configuration.

Serverless Security 🔒

Somebody else’s problem? Don’t rely on cloud service cybersecurity
This isn’t specific to serverless, but I think the article makes some very good points. It’s true that the underlying infrastructure for cloud providers is very secure, but there are still things cloud practitioners (including serverless developers) need to keep top of mind when deploying their applications. Security was, is, and will always be the most important piece of your application.

Nine AWS Security Hub best practices
And speaking of cloud security, AWS Security Hub is another really powerful tool that can help create more secure environments and applications. This post outlines nine best practices that should give you some ideas of how you can use it in your accounts.

Serverless Reads 🤓

Sleepless In Seattle
Richard Boyd, Cloud Data Engineer at iRobot, and tormentor of Ben Kehoe with AWS CDK stickers, was also at the AWS Developer Influencer Summit last week. He has recapped his experience for you and shared some of what he learned.

Hybrid nano-services and the rise of functional server-less dynamic architectures
Andrew L’Homme has an interesting thought piece on using systems to automatically compose serverless functions to minimize latency across network boundaries. There is a lot of work being done in this area, but whether this happens dynamically, or people do it manually, there is value and optimizations in pre-packaging serverless workflows.

Serverless architect emerges as in-demand job role
This is a good summary of Wisen Tanasa’s post from a few weeks ago. There is little doubt in my mind that companies will start embracing serverless, even if it is only for peripheral workloads. But either way, understanding the concepts outlined in this post will certainly put you in a better position.

Is Serverless Right Now For Your IT Organization?
I like to include interesting articles, even I don’t fully agree with them. Sherri Douville’s piece argues that serverless limitations, from a CIO’s perspective, makes it a “Good Experimental Option For Variable Workloads”, but not for critical ones. I do agree that we should pick the right tool for the job, but I would argue that many mission critical jobs are better off running serverless.

Yan Cui Interview
In this short interview with Yan Cui (aka theburningmonk), we get to hear some of his thoughts on the benefits and weaknesses of serverless, as well as his advice for serverless newbies. He also mentions “Off-by-none” as one of his favorite resources for learning more about the serverless ecosystem (which is much appreciated). 🙌

AWS Architecture Monthly (Cloud Computing)
So this is something I just found this week. Each month there is a selection of the best content around cloud architecture from AWS, and this month was all about serverless. There are a lot of good videos and articles in here.

Let Your Product Define Your Technology, Not Your Technology Define Your Product
This is sort of an advertisement for a software development company, but I really like the approach they take when building products and solutions for their customers. It doesn’t necessarily matter what technology is used to solve a problem, the key is to be flexible and adaptable to the problem. As this piece notes, serverless takes care of the basics, allowing the team to focus on solving domain problems instead. This flexibility can go a long way as the project grows and adapts.

AWS re:Invent 2019: Serverless Session Guide
Is it already time to start thinking about session choices at re:Invent? We’re still three months away, but planning ahead is never a bad idea. If you want some advice, as well as some serverless session options, this post from IOpipe has you covered.

Recession-Proof Your AWS Cloud
It is certainly possible to spend your way to failure if you let your AWS bill get out of control. The Serverless Guru points out some tools and tricks to make sure you eliminate unnecessary costs and optimize your existing services.

The Dark Side of AWS Lambda
Though the title sounds ominous, Adam Link was simply a victim of AWS limits. As he notes in the piece, this can easily be solved with plugins or clean up functions. The serverless-prune-plugin is a staple in all my projects.

Kubernetes Workloads in the Serverless Era: Architecture, Platforms, and Trends
Okay, so I debated whether or not to include this article, because it’s basically just a puff piece for Kubernetes. However, after speaking with an industry analyst the other day, this ridiculous notion of multi-cloud is actually a thing. And because of that, and some of the serverless limitations mentioned in this piece, adoption is suffering at enterprise companies. It’s worth the read, if only to understand the momentum of K8s.

When you’d rather watch the movie instead of read the book… 🍿

Serverless Chats – Episode #11: Serverless Security in the Real World with Hillel Solow
In this episode, I chat with Hillel Solow about what’s different with security in serverless, which attack vectors are actually being targeted, and how we can significantly increase our security posture with good coding practices.

Best serverless video tutorials
If you like watching tutorials, the Dashbird has compiled a big long list of serverless videos for you to binge on a Friday night.

SynchroNet: Extending User Automation and Amazon WorkSpaces Provisioning with AWS Step Functions
Learn how SynchroNet uses a lightweight, serverless, event-driven architecture to ensure that the right user personas get the right workspace resources every time by automating Amazon Workspaces provisioning.

Some new Serverless Architecture videos from John and Mike
Here are two great serverless talks from Mike Roberts and John Chapin over at Symphonia.

When you finally make the Seattle coffee = AWS dev productivity connection… ☕️

Amazon Transcribe now supports speech-to-text in Russian and Chinese Mandarin–Mainland
Now if they can only get Amazon Transcribe to support English! 😂

Amazon ElastiCache announces online vertical scaling for Redis Cluster mode and improves scaling non-Redis Cluster mode
Um, this is pretty darn cool. I know several people (including me) that use Redis quite a bit in our stacks. A simple change to the instance size without losing data is very useful.

Amazon SQS Now Supports Tag-on-Create
Tagging, tagging, tagging! I really love how useful tags are in AWS, so it’s nice to see more first class support. The fact that you couldn’t do this in the past always boggled my mind.

Introducing AI-Powered Health Data Masking
This service helps healthcare organizations identify and mask health data in images or text. I find the move to focus on solutions for specific verticals to be an interesting approach. It provides out of the box solutions, but also lays the foundation for other creative use cases.

Amazon Forecast Now Generally Available
Amazon Forecast is a fully managed service that uses machine learning to deliver highly accurate forecasts. It is based on the same technology used at Amazon.com and might just add a bit of sophistication to your applications with little effort. You can read more about how it works here.

Serverless Tools 🛠

ddbsizemetric – Lambda Custom Resource that emits a metric on the size of your DynamoDB Tables
Richard Boyd published some AWS CDK constructs for Python and Node that lets you emit DynamoDB table storage sizes.

keithrozario/Klayers – A collection of AWS Lambda Layers for Python 3.7
If you’re looking for precompiled binaries for your Lambda Python projects, check out this great collection from Keith Rozario.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

August 29, 2019 –  ServerlessDays Melbourne

August 29, 2019  Serverless Framework : What’s New Demo (webinar)

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

September 19, 2019 – IOpipe and Mapbox Webinar: Visualizing critical, location-based metrics on serverless

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Rebecca Marshburn (@beccaodelay).  Rebecca is probably the most influential person in serverless that you’ve likely never heard of. That’s because she is a Product Marketing Manager for Serverless at AWS who works behind the scenes to wrangle and coordinate all the AWS Serverless Heroes. Since I first joined the program, she has been instrumental in helping with conference talks, travel, content, promotion, encouragement, and so much more! If it wasn’t for Rebecca, I’m not sure we’d be able to do the work that we do. Last week’s AWS Developer Influencer Summit was just another example of the valuable work that Rebecca does to help guide the future of serverless and make it easier for those in the community to learn and provide feedback. Rebecca, you are awesome! Thank you so much for all the ways you make us (and the community) better.  🙌

Final Thoughts 🤔

Listening to all the awesome feedback from some of the smartest people I’ve ever met, and having the teams at AWS be so excited by it, was very encouraging. The future of serverless is very bright, and I can’t wait to see what AWS does with the feedback it received. I have a feeling that the announcements at re:Invent are going to change the way people think about serverless.

Also, don’t forget that next week Off-by-none turns ONE YEAR OLD! We might have a few surprises for you as well as some special thank yous for you, our loyal readers! 🎉🎂🎁

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Until next time,
Jeremy

Off-by-none: Issue #51

Live from the AWS Developer Influencer Summit… 🤓

Welcome to Issue #51 of Off-by-none. Thanks for being here!

Last week, we welcomed Oracle to the brave new world of FaaS and shared a ridiculous amount of serverless content. This week, I’m at the AWS Developer Influencer Summit, learning about how AWS plans on making their serverless offerings better, and giving our feedback. But have no fear, we’ve got plenty of great serverless content to share this week.

There is a lot of great content to get to. So let’s get right to it. 👍

Serverless News & Product Announcements 🚀

Announcing the general availability of Python support in Azure Functions
Python support for Azure Functions is now generally available. You can now develop Python 3.6 apps to run on the cross-platform, open-source Functions 2.0 runtime.

Seed only deploys the services that have been updated
This is a great new feature from the team over at Seed.run. Monorepos are great for small to mid-size projects, but using it to deploy multiple Serverless projects can be a pain. This new update should solve that issue.

Protego Serverless Security Announces Integration with Splunk and Slack
This is a helpful new feature. Security teams and operations can now get security posture data, security events, and tasks sent straight to their favorite alerting platform from Protego.

Serverless Programming Cookbook
If you’re interested in building serverless applications on AWS with Java, the Serverless Programming Cookbook is available for free.

Debugging the Node.js 10 runtime on AWS Lambda with IOpipe
The Node.js 10.x runtime in AWS Lambda is getting better, but it’s still not perfect. But at least you can monitor it with IOpipe’s new update.

Serverless Stories 📖

Amazon Prime Day 2019 – Powered by AWS
While I’m glad Jeff Barr got a great deal on a new monitor, I’m more interested in the fact that across the 48 hours of Prime Day, there were 7.11 trillion calls to the DynamoDB API, peaking at 45.4 million requests per second. I’m betting your traffic is lower than that. 😉

Killing Trees with Lambda Functions
This is an extremely thorough and well thought out piece by Shea Kelly that outlines his organization’s serverless journey. Could make a great roadmap for people looking to get started.

How We Built a Serverless Progressive Web App with Cloudflare Workers
Krayx is a personal finance application to gain insights into your finances, and was built entirely using CloudFlare Workers and WebAssembly. That’s pretty interesting.

Serverless Use Cases 🗺

Automating AWS infrastructure workflows with the Serverless Framework
This is a great post by Bernat Ràfales that shows three different ways his organization utilized Lambda functions and native AWS infrastructure to add automation to their existing stack. All of these are a great way to start your serverless journey.

AWS Lambda as form submit handler
Form handling is a classic use case for serverless. Nickolay Laptev outlines this use case in a way that’s much more complex than it needs to be, but the general idea is correct.

How to put EC2 instances to sleep automatically
Dave Macdonald uses Lambdas in a similar way to shutdown unneeded EC2 instances at night. This post also contains a complete tutorial to get you up and running (or shutting down) in no time.

Serverless Transactional Email Setup with Analytics using AWS SES, Glue, Athena, QuickSight
Pratik Bhopal outlines some ideas for building a serverless email component for sending transaction emails. He then uses Athena and QuickSight to add some performance reporting.

If you’re interested in learning some advanced serverless concepts… 🏗

SQS and Lambda: the missing guide on failure modes
There seems to be a lot of confusion around subscribing Lambdas to SQS queues. Yan Cui wrote this piece to clear some things up.

Tracking API Gateway metrics in Serverless applications
Debugging errors with API Gateway and Lambda functions can be an arduous task. Alex DeBrie identifies three major visibility issues and explains how the new full lifecycle Serverless Framework is making it easier for you.

What is the right way to do rollbacks in Serverless apps
You might think that rollbacks in serverless would be very similar to those in more traditional systems. Frank from Seed.run points out why this isn’t always the case.

What you gonna do when failures come for you?
Karol Junde explains how using Step Functions and implementing the SAGA pattern can help you add more resiliency to your serverless applications.

Common Design Patterns in Distributed Architectures
This is a great article by Nitzan Shapira from Epsagon about four patterns that can be used with our distributed applications.

Why you should use a manual approval step in a Serverless CI/CD pipeline
More sound advice from Seed.run. I’d love to live in a world of continuous deployment, but having that manual approval step has saved me a few times in the past.

Deploying a monorepo Serverless app with interdependent services
I’m always wary of creating too much coupling between serverless services, but this is a common technique. In circumstances like this, I usually deploy a separate service with just an SNS topic. This way, services are dependent on a single higher level abstraction, instead of each other.

When are Cold Starts a Problem?
Ido Neeman gives a complete breakdown of what causes cold starts, what factors impact them, and how the cloud providers compare.

If you’re just starting your serverless journey… 🐣

10 Things I Wish I Had Known About Serverless
I feel like there have been a lot of these posts lately, but nonetheless, worth the read if you’re starting with serverless.

The time for serverless is now – tips for getting started
Chris Wahl shares his experiences getting to grips with serverless technology, what he learned throughout the process, and whether, ultimately, serverless is something worth considering. TLDR; It is.

The traits of serverless architecture
Wisen Tanasa has a great piece that outlines six different “traits” of serverless applications and how we need to understand them to build better serverless applications.

Why is Serverless Architecture becoming popular for App Development?
This is a bit of a lengthy piece, but if you’re looking for a general overview of the serverless paradigm, as well as some pros and cons, this might be a good read. And, yes, we know there are servers in serverless.

Serverless Tutorials 🏗

The difficulty with monitoring AWS Lambda functions (and how to solve it)
Gareth McCumskey outlines some of the difficulties of monitoring Lambda functions and shows how the Serverless Framework’s new monitoring capabilities can help you.

How to deploy only the updated services in a monorepo Serverless app
The team at Seed.run adds a bit more context to the difficulties of deploying multiple services in a monorepo. In this post, they offer two great strategies for handling this yourself (that is, if you don’t want to use their product).

Uploading objects to S3 using one-time pre signed URLs
Eetu Tuomala had some ideas for creating one-time pre-signed URLs for S3. This is an interesting approach, that he’ll walk you through.

Rest Api Just with ApiGateway and DynamoDb
API Gateway Service Integrations are incredibly powerful and allow you to skip using a Lambda function altogether. Rafael Campana gives us a quick and dirty intro. Be sure to heed his advice about securing your API.

Serverless – PDF Generation
Jose Santos outlines how to configure a Serverless application to generate PDF reports.

Serverless PHP using AWS Lambda
More helpful tips for serverless PHP fans. Jacques Fu shows you how to use bref to setup a serverless Laravel project on AWS Lambda.

Callbacks with AWS Step Functions
Using callbacks to control Step Function executions opens up lots of really handy use cases. Ross Rhodes Shows you how to set them up using the CDK.

Adding serverless functionality to existing applications
James Beswick walks you through deploying applications and components using the Serverless Application Repository (SAR). He also shows you how to build your own. Why reinvent the wheel if you don’t need to?

Using callback URLs for approval emails with AWS Step Functions
If you want another great example from SAR, let Ben Kehoe walk you through using the sfn-callback-urls SAR app to generate one-time-use callback URLs through a call to either an Amazon API Gateway or a Lambda function.

Good to Go: Getting Started with AWS Lambda and Go
Using Go with Lambda is fast. If you’re interested in how you can get started, this piece from Ran Ribenzaft with give you a good primer.

Serverless Security 🔒

Severe Truth About Serverless Security and Ways to Mitigate Major Risks
I don’t think that Roman Sachenko is trying to scare you, but he does make several really good points about serverless security. I don’t think serverless apps are more “porous”, as he puts it, but this is definitely worth the read.

Serverless Reads 🤓

Lambda vs Lambdas
This is a great piece by Sheen Brisals that calls attention to the dilemma that we face every day as serverless developers. While the single responsibility principle makes a ton of sense, the practicality of its implementation often leaves us hitting a performance brick wall.

Why You Should Double Down On Serverless Infrastructure
Jesse Moore argues that serverless allows an individual or a company to focus its entire efforts on its Unique Selling Proposition (USP), and he’s not wrong.

Mono- or Multi-repo?
This isn’t specific to serverless, but it is always interesting to hear other people’s experience with mono vs multi-repos. John Clarke adds his perspective.

FaaS is Key to DevOps Efficiency
I think that DevOps is a great onramp for serverless adoption. There are so many things that can be automated (or re-automated) with Lambda functions. Mike Duensing only scratches the surface here, but I definitely like the angle.

When you prefer multimedia experiences… 📽

Episode #10: Testable Serverless Applications with Slobodan Stojanović
In this episode, I chat with Slobodan Stojanović about why testing is important, how it changes with serverless, and how to make our applications more testable using hexagonal architecture.

Upload a file to S3 using Amplify | Serverless
In this video, Marcia Villalba shows us how to upload a file to S3 from a React app using AWS Amplify library.

Serverless v Containers
World renowned serverless hero and aspiring rapper, Forrest Brazeal, brings us the latest song to take over the tech/cloud/serverless rap world. Watch and listen as Forrest leads you through three minutes of artisanal, eloquently crafted english in this beautiful yet raw masterpiece. 🎤

When you’re wondering what AWS is building… 👷‍♀️

Amazon Athena now supports querying data from Amazon S3 Requester Pays Buckets
With this release, Athena workgroup administrators can configure workgroup settings to allow members to reference S3 Requester Pays buckets in queries.

AWS App Mesh now supports routing based on HTTP headers and specifying route priorities
AWS App Mesh now supports HTTP header-based routing to manage traffic between services, in addition to the previously available path prefix based and host based routing capabilities.

Serverless Tools 🛠

horike37/serverless-apigateway-service-proxy: Serverless Framework plugin that supports the AWS service proxy integration feature of API Gateway
Make building service integrations easier with this Serverless Framework plugin. It now supports an S3 proxy as well.

lambci/node-custom-lambda: A custom runtime for AWS Lambda to execute functions in Node.js v10.x or v12.x
If, for some reason, you need to use Node.js v12.x, the node-custom-lambda runtime has been updated with v12.8.1.

Thoughts from Twitter 🐦

Recently, there seems to be a trend of dumbnification of AWS services to make it easier for newcomers, while making good design harder. This is not a good trend. ~ @bjorg
Sometimes over simplifications can create constraints. I’m curious about your thoughts on this.

What would you consider are the “best practices” and “anti-patterns” of using the @goserverless framework? e.g. using * for IAM perm is definitely an anti-pattern! #serverless #aws #awslambda ~ @theburningmonk
Interesting discussion here. There are so many ways to accomplish things, but certainly we are getting to a point where rights and wrongs are becoming more understood.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

August 22, 2019 – We are the AWS Serverless Heroes – Ask the Experts

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

September 19, 2019 – IOpipe and Mapbox Webinar: Visualizing critical, location-based metrics on serverless

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Sheen Brisals (@sheenbrisals).  Sheen is a seasoned software engineer and AWS Certified Solutions Architect that is architecting and guiding engineers building serverless ecommerce solutions at LEGO (yes, that LEGO). Sheen has been speaking at serverless conferences around the world and spreading LEGO’s serverless success story. Recently, he’s written some blog posts that are highlighting the serverless purity versus practicality issue that so many developers and companies are facing. These are the types of stories that others need to hear and cloud providers need to address. Thanks for your continued insights and contributions, Sheen!  🙌

Final Thoughts 🤔

I’ve only been at this AWS Developer Influencer Summit for a few hours, but it is abundantly clear that AWS is committed to upping their serverless game. If you have any questions or feedback that you’d like me to pass on to the team, just let me know.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

See you next week,
Jeremy

Off-by-none: Issue #50

So much serverless content… 📚

Welcome to Issue #50 of Off-by-none. Thanks for stopping by! 😉

Last week, we looked at the new Serverless Components from Serverless, Inc. This week, we welcome Oracle to the FaaS party, share some excellent podcast listening, and we have a ridiculous amount of amazing serverless content from the community.

There is so much serverless goodness to get to, so we need to get right to it. 🎯

Serverless News & Product Announcements 🚀

Oracle Functions Now Generally Available
Oracle Cloud Infrastructure’s functions-as-a-service (FaaS) platform is now GA. (insert wisecrack here about being a little late to the dance).

Serverless September CFP!
The Cloud Advocates at Microsoft are hosting Serverless September. A new Azure serverless blog or tutorial will be posted every day during the month of September. Fill out this form if you’d like to contribute.

Serverless Stories 📖

From LAMP to serverless: case study of externals.io
Matthieu Napoli walks us through the migration of a PHP application to serverless on AWS using Bref. Lots of really interesting detail in here as well as an assessment of the effort required to accomplish each major task.

Building a minimal Evernote alternative in 6 hours with Amplify
Adam Clark was inspired by an old blog post of mine 🙌, and ended up building a prototype of a serverless note taking app in just a few hours!

How We Reduced Lambda Functions Costs by Thousands of Dollars
Mohamed Labouardy explains how his team implemented monitoring to tune their serverless infrastructure and save thousands of dollars.

Serverless: The Ideal Choice For Startups? (CloudForecast Case Study)
I love stories like this! Francois Lagier actually shows you the serverless.yml file that contains the four functions and IAM permissions that launched his startup’s infrastructure for $0.

Serverless with real-time communication (WebSockets)
Oskar Kaminski explains how his team built real-time communications into their app using API Gateway and websockets.

Serverless Use Cases 🗺

Some examples for micro services you can extract to serverless functions
Are you running enough server capacity to handle unexpected spikes? Philipp Heuberger explains why breaking off pieces of your application to make them serverless makes a whole lot of sense.

Building an infinitely scalable cloud host for less than $5/mo
Levi Nunnink does some back of the envelope math and discovers that a serverless solution would be quite inexpensive. Sure, there are other costs involved, but for the most part, his math isn’t far off.

How to Schedule Any Task with AWS Lambda
This is becoming a very common use case. Renato Byrro outlines several different serverless ways to schedule tasks with AWS.

Serverless Commit Message Validation
Here’s a simple use case that could come in quite handy. Harish Aravindan uses Lambda to validate commit messages by making sure they reference a JIRA ticket.

If you’re interested in learning some advanced serverless concepts… 🏗

The five Serverless Framework commands that you should be using
Ryan Jones outlines five common Serverless Framework commands that you should have at the ready. Deploying a single function and local testing are my two favorites.

How to generate deployment artifacts in your CI/CD pipeline for Serverless apps
This post looks at generating deployment artifacts in your CI/CD pipeline for Serverless Framework applications.

How to Manage Multiple Serverless API Gateways on AWS
The ability for custom domains in API Gateway to point different base paths to separate API Gateways is an incredibly powerful feature. Eoin Shanaghy shows you the basics in this post.

Differences between PUT and POST S3 signed URLs
Tamás Sallai explains the difference between PUT and POST S3 signed URLs. It’s good stuff to know, but he suggests just sticking with POST.

Getting the most out of CloudWatch Logs
Yan Cui does a deep dive into CloudWatch Logs and explains Subscription filters, metric filters for creating CloudWatch Metrics, and CloudWatch Logs Insights for analyzing log messages.

An easy way to manage Serverless project resources by using AWS Resource Groups
Yi Ai gives you a quick tutorial to show you how to use AWS Resource Groups with CloudFormation Stacks to list and perform tasks on corresponding resources in a group.

Understanding the AWS Lambda SQS Integration
Lots of people still struggle with the correct settings for SQS event sources with Lambda. Frank Rosner does a great job explaining the services and what to look out for in the configurations.

Why Serverless deployment artifacts cannot be reused across stages
Jack Jiang from Seed.run explains why you can’t reuse artifacts from the Serverless Framework as part of stage promotions in your CI/CD process.

If you’re just starting your serverless journey… 🐣

The Ultimate Guide to Migrating to the Cloud with Serverless
Sam Williams has created this step by step guide to migrating an existing software product to run serverlessly in the cloud. If you’re looking to get started, this should help.

Why Use Serverless Architecture for App Development
Manisha Mishra outlines five reasons why you would want to utilize serverless. I’m curious if this statistic is correct: “developers spend 30–40% time in resolving the infrastructure or backend issues” with traditional architectures. It wouldn’t surprise me.

Developing AWS locally with Serverless Offline Plugins
I like to debug and test serverless functions locally, but Tobias Schaber takes it further by using local versions of DynamoDB and S3. I’m not a huge fan of local mocks, but do what you need to do to be productive.

Major in Serverless Confidence at Serverless Summer School!
If you haven’t had a chance to check out Stackery’s Serverless Summer School, you really should. There is a lot of great information and this will definitely help you develop (or sharpen) your serverless skills.

Serverless Tutorials 🏗

Meet AWS SAM CLI: sam init
Eric Johnson gives you a run down of all the commands you need to know to get you started with the AWS SAM CLI.

Building a Full-Stack Serverless App with Cloudflare Workers
In this tutorial, Kristian Freeman shows you how to build a full-stack serverless application on top of the CloudFlare Workers platform, using Wrangler, Cloudflare’s command-line tool for building and deploying Workers applications.

New – Local Mocking and Testing with the Amplify CLI
Danilo Poccia gives you a quick tutorial on how to use the new local mocking and testing features in the Amplify CLI.

Introduction to Amazon Lambda, Layers and boto3 using Python3
Gabriel Dos Santos Goncalves gives you the basics of setting up a Lambda function and using Lambda Layers to load a CSV file as a Pandas DataFrame, do some data wrangling, and save the metrics and plots on report files to an S3 bucket.

Found in translation
James Beswick shows how to connect an Amazon S3 bucket to Amazon Translate, so every time a new text object is added to the bucket it will be automatically translated into a number of different languages. Very cool.

Learn Serverless by Making a Slack App: Part 1
In this (very in depth) tutorial, Lekha Surasani shows you how to create a serverless Slack application with AWS.

Make your website live with Serverless framework
Maciek Grzybek gives you a quick and easy way to deploy your Gatsby site to AWS using the Serverless Framework with the serverless-finch plugin.

A Beginner’s Guide to AWS AppSync
Looking for a quick start on AWS AppSync? Ran Ribenzaft has a great tutorial to get you started.

How to create PDF in Lambda using Puppeteer
Crespo Wang follows up on his wkhtmltopdf post and this time uses Puppeteer and chrome-aws-lambda to accomplish the same task.

Developing and testing GraphQL APIs, Storage and Functions with Amplify Framework Local Mocking features
Ed Lima gives you another run through of working with the new local development features of Amplify.

Serverless Security 🔒

Serverless Security: Best Practices to Secure your Serverless Infrastructure
Hillel Solow outlines a number of serverless security best practices to make sure that your serverless infrastructure is secure.

Is Your Serverless Application Secure?
Swaroop Yermalkar points out several ways to exploit Lambda functions if you leave your application open to application level attacks. This is a good reminder that it doesn’t matter how secure the cloud is, YOU are still responsible for app security.

AWS Amplify’s Security UX is Insufficient and Dangerous
Ross Williams points out some security concerns with AWS Amplify. I’m curious if others have verified this?

Serverless Computing Services Security Quick Guide
Trisha Paine from Protego outlines more best practices for making sure your serverless applications are secure.

AWS Lambda Security Checklist
Ben Ellerby points out a few main things to be conscious of when deploying your serverless applications. Good advice.

Serverless Reads 🤓

How to do blue-green deployment for Step Functions
This is really interesting. Do you know what happens to Step Function executions when you deploy a new version? Yan Cui looks into it.

ICYMI: Serverless Q2 2019
Everything you could possibly want to know about serverless happenings at AWS in Q2, nicely curated for you.

Non Prod AWS Lambda Environments
How does serverless benefit us in environments & deployment management? Muhammad Umair explains.

Approaches for serverless without vendor lock-in
Jason Umiker wrote a demo Express.js app that can be deployed to all three major cloud providers. I get the initial appeal of this, but I think making potentially subpar technology choices just to avoid highly unlikely migration costs in the future is wasted productivity.

Why Serverless Apps Are Taking Over
This post is another take on the pros and cons of serverless applications. There are more and more pieces like this, but I always like seeing what others make of the benefits (and shortcomings) of serverless.

Whole-Event Serverless Observability
Erica Windisch explains why IOpipe has chosen to implement Whole Event Observability that is complete, unsampled, and non-aggregated.

Serverless Functions With WebAssembly Modules
This is a really interesting set of experiments run by James Thomas. Being able to use WebAssembly modules in our Node.js serverless functions is pretty cool, especially if we need more complex compiled libraries.

Why I Converted an AWS SAM Template to Serverless (And Maybe You Should Too)
Yann Stoneman from Serverless Gurus really likes the Serverless Framework. According to this post, using the Serverless Framework reduced deployment complexity by 97.4%. I do like what AWS is doing with SAM, but the Serverless Framework is just so easy.

Serverless application architecture with GraphQL
Pritam Roy explains why he believes GraphQL is superior to traditional REST APIs. I’m a big fan of GraphQL, but I still love REST for lots of things.

Python Pandas at Extreme Performance
What if you could write simple code in Python and run it faster than using Spark, without requiring any re-coding or devops overhead? Yaron Haviv says it’s possible today using Nuclio and RAPIDS.

When you prefer multimedia experiences… 📽

Serverless Chats – Episode #9: Chaos Engineering in Serverless with Gunnar Grosch
In this episode, I chat with Gunnar Grosch about the motivations behind chaos engineering, how we run chaos experiments, and what are some of the common weaknesses we can test for in our serverless applications.

Serverless beyond Functions: Building Modern Applications
Another great presentation by Danilo Poccia. These are just the slides, but just reading through them is still worth it.

Fast, Cheap & Global React Apps via Serverless Framework Components [Video]
Here’s a tutorial from Austen Collins on how you can deploy React applications that are fast, global and cheap to host. The outcome of this is a website with a React app, a custom domain and SSL certificate.

ServerlessTalk – S02 Episode 2 – Discussing Observability with Honeycomb CTO Charity Majors
This is an excellent episode featuring Charity Majors. Charity says failed deployments should be rare, and if you’re not deploying on Fridays, you’re sacrificing 20% of your velocity. “Code only matters once it’s been shipped!”

Testing Serverless AWS AppSync GraphQL APIs with AWS Amplify – Quick Start
In this quick video, Nader Dabit shows you how to use the “mock” command that was added as part of new test suite built into the Amplify CLI that allows you to test GraphQL APIs, NoSQL databases, storage, and Lambda functions.

When you’re wondering what AWS is building… 👷‍♀️

Amazon SNS Message Filtering Adds Support for Attribute Key Matching
Amazon Simple Notification Service (SNS) message filtering now supports attribute key matching. This feature lets you create an Amazon SNS subscription filter policy that matches incoming messages which contain an attribute key, regardless of the attribute value associated with this key.

Amazon CloudFront Announces Support for Resource-Level and Tag-Based Permissions
You can now define Identity and Access Management (IAM) policies to specify granular resource-level and tag-based user permission in CloudFront. These new features give you increased flexibility to manage access to your CloudFront distributions.

Amazon Rekognition now detects violence, weapons, and self-injury in images and videos; improves accuracy for nudity detection
Hot dog, or not hot dog. Plus Amazon Rekognition improves Face Analysis.

AWS Step Functions Adds Support for Nested Workflows
AWS Step Functions now allows you to orchestrate more complex processes by composing modular, reusable workflows. This is pretty cool!

Amazon DynamoDB now helps you monitor as you approach your account limits
Amazon DynamoDB now publishes account metrics to help you monitor capacity consumption against your account limits. You can now alarm as your capacity approaches your account limits and proactively request limit increases, helping ensure your DynamoDB tables are always available.

Serverless Tools 🛠

Automating AWS Lambda Layer Creation for Python with Makefile
Ojas Kale gives you a simple Makefile that will automate the creation of Lambda Layers for Python.

A History of Amazon Web Services (AWS)
Not sure if this classifies as a “tool” or not, but Jerry Hargrove has done an amazing job putting together this list of announcement and launch dates for AWS services.

sosw – Serverless Orchestrator of Serverless Workers
sosw is a set of serverless tools for orchestrating asynchronous invocations of AWS Lambda Functions. Nikolay Grishchenko has a post that explores how you can use it to solve some uncommon use cases.

Thoughts from Twitter 🐦

“My question is: what happens in a serverless world when the cloud provider doesn’t detect hardware wonkiness due to gray failure? How would an app owner identify that an increase in errors is localized to a particular “node”, if that abstraction isn’t exposed?” ~ Lorin Hochstein
This is just one of those really interesting questions that most of us never think to ask.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

August 16, 2019 – Serverless Application Troubleshooting Webinar with Yan Cui (Lumigo)

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

October 24, 2019 –  ServerlessDays Stockholm

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Rich Buggy (@richbuggy).  Rich is the CTO at piiq digital and a serverless consultant from Sydney, Australia. He also writes about all aspects of the serverless development process on his excellent blog, goingserverless.com. But one of the things that makes Rich such a valuable member of the serverless community, is his willingness to help people. It’s hard to find a post on forum.serverless.com that he hasn’t replied to. And if he can’t provide you with an answer, he’ll at least point you in the right direction.  His continued dedication not only makes the forums more useful, but he makes the community a better place to be. Thanks for everything you do, Rich! 🙌

Final Thoughts 🤔

Wow. There was so much content this week! 😳 Speaking of which, I’ve been adding some additional content sources to find new and interesting serverless posts, but if you ever have an article to share, please send it to me. Also, Off-by-none is turning ONE in a few weeks. We’re planning something big, so stay tuned. 🎂

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Until next time,
Jeremy

Off-by-none: Issue #49

Introducing Serverless Components… 🚀

Welcome to Issue #49 of Off-by-none. Thanks for being here! 🙌

Last week, we took a deep dive into Laravel Vapor, a new service that lets you deploy serverless Laravel applications. This week, we look at the new Serverless Components, plus we have plenty of great serverless content from the community.

There’s a lot of serverless to get to, so let’s get started. 🏇

When you’d rather focus on outcomes… 🏆

This past week, Serverless, Inc. announced Serverless Components Beta, a new way to easily deploy serverless applications without complex infrastructure configuration files. The idea is to create reusable, composable, cloud-agnostic components that completely abstract away infrastructure configuration. It’s sort of like SAR (the Serverless Application Repository) from AWS, but even easier to use. Just a few simple parameters, and all of the infrastructure complexity is handled for you.

You can check out the repo here: serverless/components

People have already started playing around with Serverless Components. Check out Gavin Lewis’s Road Testing Serverless Framework’s Components and Christopher Bartling’s Deploying Gatsby websites using Serverless Components for some early feedback.

Serverless News & Product Announcements 🚀

Epsagon Delivers Automated, Distributed Tracing for .NET Apps
Epsagon now supports .NET, enabling more support for hybrid environments.

EventBridge Use Cases and Examples
v1.49.0 of the Serverless Framework now has support for Amazon EventBridge. Philipp Müns gives us a great overview of some of the use cases that it can support.

Announcing PartiQL: One query language for all your data
Hmm, this looks… interesting. Too bad it needs to run on a JVM. I’ll be curious to see where this goes and whether or not it crosses over into ORM territory.

Introducing the AWS Baseline
Florian Motlik just released a really interesting open source tool that lets you deploy and manage multiple AWS accounts using a series of customizable defaults. He explains the differences between this and Control Tower in this post, and why you might want to take a look at what he’s done.

Serverless Step Functions: no more leaky abstractions
Version 2.2 of the Serverless Step Functions plugin now allows you to use the local function name instead of CloudFormation logical IDs generated by the Serverless Framework. 👍

Serverless Stories 📖

Monolith to Microservices to Serverless — Our journey
Ben Jones from ResponseTap discusses his teams transition from a traditional monolith, through K8s, and then finally on to serverless.

Custom Runtimes in AWS Lambda. A good idea? Yes, but only if you have to!
Ben Ellerby recounts his experience with the pros and cons of using custom runtimes in AWS Lambda.

Serverless Use Cases 🗺

Building a state-aware workflow with Amazon Connect and AWS Step Functions
Naveen Narayan shows you how to use Step Functions along with other AWS services to build a better customer support ticketing system.

Launch: AWS Budgets Integration with AWS Chatbot
This is a great example by Erin Carlson and Matt Cowsert of how to stitch a few AWS serverless services together to solve real world problems.

Cross-Region Actions with CodePipeline on AWS
Gavin Lewis outlines a use case that could be applied to lots of deployment scenarios. I honestly don’t think I’ve ever seen two CI/CD pipelines that are alike.

If you’re interested in learning some advanced serverless concepts… 🏗

Building a Custom Serverless Chatbot — Pieces & Parts
Paul Heath put together quite the compendium of information on serverless chatbots. Lots of reference information in here, but if you’re thinking of building one, this could save you quite a bit of research time.

Intro to Lambda Layers in Python
Lambda Layers are incredibly powerful and make it easy to split out reusable code into separate components. This piece will get you started.

AWS Amplify beyond the quickstart
Christophe Bougère does a deep dive into AWS Amplify, along with thoughts on limitations, some real world integration examples, and a wishlist for the Amplify team.

If you’re just starting your serverless journey… 🐣

How to Create an HTTP Endpoint on AWS With Serverless Framework
Matt Solomon has a great starter tutorial for anyone looking to get started with the Serverless Framework.

Building RESTful APIs — Serverless — Part 1 – AWS Cognito User PoolsPart 2 – AWS Lambda, and Part 3 – API Gateway
In this three part series by Mahfuzul Alam, he walks you through building a serverless RESTful API using AWS services. Next step is IaC.

Anatomy of a Serverless YAML File
Here’s a great resource from Richard Keller that explains what each part of the serverless.yml file does.

The Serverless Framework vs Stackery
This is like a heavyweight title bout. 💪 Masoud Abdi gives some of the reasons why you might choose one over the other, but I still think Muhammad Ali would come out on top. 😉

Function as a Service — A new paradigm shift in Software Development
Dineshkumar Yadav has some thoughts on the power and limitations of FaaS.

Move Your Spring Boot API to AWS Lambda and Reduce Costs by 100%
Yann Stoneman points out the benefits of moving your Java app to Lambda.

Serverless Tutorials 🏗

Toward a bastion-less world
I still haven’t tried this new feature with AWS Session Manager, but Vinod Shukla gives you a full rundown of how to configure it.

Serverless WebSockets
Mischa Spiegelmock takes you through the history of bi-directional web communication and shows you how to use WebSocket support in API Gateway.

Testing Cloud Functions with Jest
Testing is one of my favorite topics, and Keith Coughtrey has put together a good overview of how to get started with Jest.

How to make serverless framework boilerplates customizable
Yan Cui has some ways to customize boilerplates in your serverless.yml files. This overcomplicates things for me, but I can see it working in the right circumstances.

Excluding the AWS SDK from a Serverless Package
Chris Shepherd offers a workaround to reduce your package sizes by cutting out the AWS-SDK. Current best practice is to include the version of the AWS-SDK that you need for your project, which seems heavy, but will get better once v3 is launched.

Serverless Security 🔒

Secrets Management for AWS Powered Serverless Applications
Gareth McCumskey has another great post about managing secrets in Serverless applications. There are many ways to do this, but the new Serverless Framework capabilities are pretty sweet.

Analyzing AWS WAF logs with Amazon ES, Amazon Athena, and Amazon QuickSight
Great post by Aaron Franco that shows you how to aggregate all your AWS WAF logs into a central data lake so that you can query and visualize them.

S3 Bucket Namesquatting – Abusing predictable S3 bucket names
This is an interesting piece by Ian Mckay that talks about a different type of vulnerability that could affect your automation scripts.

Serverless Reads 🤓

Serverless is not a Technology
Toby Fee explains why serverless is not a technology and not a product, but a goal. Great comparison to DevOps as being an ideal state of collaboration.

Infrastructure as Code in the Era of GraphQL and Full Stack Serverless
Nader Dabit has a vision for the future of full stack application development, and Amplify is a manifestation of that vision. This is a very interesting read.

AWS CloudFormation is an infrastructure graph management service — and needs to act more like it
Ben Kehoe outlines one of the major issues with CloudFormation that requires sanctioned workarounds in order to appropriately connect resources when deploying your infrastructure.

Do X-Ray and IOpipe play nice together?
According to Austin Huminski, yes, they do. There is some good detail in here about how X-Ray works and how observability services like IOpipe go beyond what standard AWS tools do.

Building Serverless Data Lake Pipeline on AWS
Looking for some ideas around building a data lake, Joey Yi Zhao outlines his thoughts on using Glue along with some other services to create one of his own. Sample code included.

Cloud Run VS Cloud Functions: What’s the lowest cost?
This is a really interesting piece by Guillaume Blaquiere that compares these Google Cloud services on more than just cost. I really like the isolation that the single concurrency model brings, but Cloud Run is really interesting.

It’s Time for Fullstack Dev Tools
Interesting idea by Nir Soudry to start integrating browser dev tools with backend tracing technologies. It would be really great to see the whole picture.

When you prefer multimedia experiences… 📽

Serverless Chats Podcast – Episode #8: Observability in Modern Applications with Ran Ribenzaft
In this episode, I chat with Ran Ribenzaft about the three pillars of observability, how we instrument our code, and the how and why of distributed tracing in modern applications.

Simple example using Amazon EventBridge
Marcia Villalba shows you the basics of EventBridge with the Serverless Framework. But since this video was recorded (just a week ago), native support has been added in the Framework. Things move fast!

Building Resilient Serverless Systems
In this QCon presentation, John Chapin explains how to use serverless technologies and IaC to build resilient systems in the cloud.

Serverless chaos – Disk space failure
Gunnar Grosch looks at using tmp storage with AWS Lambda and creates a chaos engineering experiment to simulate a disk space failure.

FLOSS Weekly 540 Serverless – Podcast
Gareth McCumskey is a guest on this podcast and explains what serverless is and what you can do with it. If you think everybody knows about serverless, I think this podcast will open your eyes a bit. We have a ways to go to spread the word of serverless.

The Right Serverless Mindset & Multi-Cloud Strategies and Compliance and Zero-Trust
The new Serverless Smarts podcast by Protego has an episode with Ryan Jones from Serverless Guru. These are two posts that sum up parts of the discussion.

Distributed Tracing in Modern Applications – Microservices and Containers
Epsagon has a webinar with Ran Ribenzaft and Hen Peretz, along with Stuart Scott from Cloud Academy to give you some fundamentals of distributed tracing and instrumentation.

When you’re wondering what AWS is building… 👷‍♀️

Amazon Polly Launches Neural Text-to-Speech and Newscaster Voices
Neural Text-to-Speech (NTTS) technology, which delivers “ground-breaking improvements in speech quality through a new machine learning approach”, is now available on Polly. Plus several new voices.

Amplify Framework Adds Predictions Category
“No previous machine learning experience is required.” This new Predications category lets you easily plug in services like Rekognition, Textract, Transcribe, and Comprehend. More details here.

Lambda@Edge Adds Support for Python 3.7
What’s next, custom runtimes? 😜 There’s more work to be done with Lambda@Edge, but adding additional runtimes is a good next step.

AWS CloudFormation now supports higher StackSets limits
The number of stack sets you can have in your administrator account has increased from 20 to 100. The number of stack instances you can have per stack set has increased from 500 to 2000. That’s a lot of StackSets.

Serverless Tools 🛠

Serverless costs calculator for AWS Lambda
Simple tool from the Bref team to give you a rough idea of your Lambda costs on AWS.

hammerframework/hammer: Opinionated, full stack, serverless JAMstack web application framework
It seems as though this project is just getting off the ground, but more projects like this will pave the way for more serverless adoption.

Serverless PHP on App Engine Cloud Firestore with Firevel
Laravel recently went serverless with Laravel Vapor for AWS, now this new project is offering a Google Cloud alternative.

Thoughts from Twitter 🐦

Quick life update: Friday was my last day on the AWS Evangelism team. I’ve moved to the Amazon Connect team to help build out new features and tools for a super fun product. I’ll still be around and speaking but with less of a focus on outbound. Thanks for an amazing 5 years! ~ Randall Hunt
Randall has been at the core of the AWS Evangelism team for as long as I can remember, and has been a source of some truly amazing and helpful content. Wishing him well in his next role!

I didn’t get why “stackery local invoke” is better than the SAM CLI until I tried it. Here’s the killer feature: It magics a trust onto your deployed Lambda roles so you can test local code under the *cloud stack’s* permissions. This is the future. ~ Forrest Brazeal
I’m a huge fan of testing serverless functions locally. It’s a workflow that I’m used to and most productive with. Stackery is making that easier for us.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

October 7-9, 2019 – Serverlessconf 2019 in New York City

October 14-16, 2019 – Serverless Architecture Conference Berlin

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Adrian Hornsby (@adhorn). Adrian is a Senior Tech Evangelist at AWS that likes to break things, but in a good way. Adrian has been writing and talking about building resilient serverless applications for quite some time, and has been instrumental in bringing serverless Chaos Engineering to the masses. He has written a Lambda Layer that you can use to start running chaos experiments, and he has a blog that contains a treasure-trove of information on building battle-tested serverless applications. Thank you for what you do, Adrian. The serverless community is lucky to have you!  🙌

Final Thoughts 🤔

Every week, I spend a lot of time reading posts that teach people about serverless, reviewing serverless forums, and scrolling through community Slack channels. And every week I see people eager to learn, people eager to teach, and most importantly, people eager to help one another. This past weekend, the United States was devastated by another hate-filled attack. I don’t pretend to know how to solve this problem, but I do know this:

People helping people is a beautiful thing. Learning from one another, and celebrating diversity in opinions, culture, mindset, backgrounds, and ideas, makes us better developers, better community members, and better human beings. Differences are inevitable, but the way we work through those differences can either move us forward, or set us back. I see the serverless community as an example of people trying to move us forward, welcoming anyone who wishes to take part, and treating everyone with the respect and dignity they deserve. We need more of this. ❤️

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Cheers,
Jeremy

Off-by-none: Issue #48

Turning PHP Servers into Vapor… 💨

Welcome to Issue #48 of Off-by-none. Thanks for joining us this week! 👋

Last week, we looked at the new full lifecycle Serverless Framework and heard some additional thoughts about Amazon EventBridge. This week, we take a deep dive into the recently announced Laravel Vapor, and as always, share lots of amazing content from the serverless community.

Before we begin, make sure you fill out the State Of Serverless Community Survey that Serverless, Inc. is running. Always amazing insights from the results.

Okay, there’s a lot of amazing serverless content to get to. Let’s get right to it. 🏎

When you find out that a massive community of PHP developers can now go serverless… 🙌

This past week at Laracon, Taylor Otwell, creator of the Laravel framework for PHP, launched Laravel Vapor. Vapor is a new deployment and management service that lets you run serverless Laravel! Using your existing Laravel projects, you can use Vapor to deploy your application to a combination of Lambda, SQS, S3, and CloudFront. You also have several options around caches and databases, including Aurora Serverless.

This is a very, very big deal for the serverless community. Laravel is extremely popular, has an active community, and boasts tens of thousands of production implementations in the wild. Introducing an entire population of PHP developers to serverless and letting them easily reuse millions of hours of development time, is perhaps one of the most frictionless paths to serverless I’ve ever seen! Plus, Vapor only interfaces with the customer’s AWS account, giving developers complete control to add additional services to extend their applications with other serverless AWS offerings. I’m excited to see what people do with this.

If you’re interested in learning more about the details of Vapor, Taylor Otwell and I had a chat (Serverless Chats – Episode #7) about it. Lots of really great information in here that gets into the nuts and bolts of how it works, and what the future of Laravel and serverless might look like.

Serverless News & Product Announcements 🚀

New tool from cloud startup Stackery streamlines AWS serverless development
Wow! Stackery has released their CLI as a standalone tool that anyone can use, even without a Stackery account. Debugging and iterating locally is a huge time saver when developing serverless applications. Tying into your cloud resources makes this so much easier. Learn more here.

Zero Configuration AWS Lambda Notifications & Alerts with Serverless Framework
Some new details about the recently released full lifecycle Serverless Framework. The notifications and alerts feature includes zero configuration anomaly detection that tracks and alerts on metrics like memory usage, function duration, errors, and invocations.

Sigma Product Updates
The Sigma web-based IDE for serverless applications announced support for Python as well as the ability to debug Lambda functions before deployment.

SAM v1.13.0 Released
A new version of the Serverless Application Model has been released with OpenApi 3 Support, Request Models Support, and a number of bug fixes.

Introducing Durable Entities for Serverless State
Jeremy Likness gives you a rundown of the new Durable Entities for Microsoft Azure. Lots of interesting serverless stuff happening over there at Azure. 🧐

Serverless Stories 📖

Starting my Python journey with a Serverless application
I always love seeing people experience the magic of serverless. In this piece, Hirudinee Liyanage walks you through building a serverless function in Python using the Sigma IDE.

How we made our Serverless payments platform CMS driven
Static sites using headless CMS tools seems like all the rage these days.

How I’m writing Nodejs Serverless services these days
Ewan Valentine has developed some conventions for developing serverless applications, and he graciously shares them with us. I feel like a lot of us that have been working with AWS and Lambda for awhile have a similar post swirling around in our brains.

Serverless Use Cases 🗺

Simple Two-way Messaging using the Amazon SQS Temporary Queue Client
What sort of black magic is this? Temporary queue clients for Request-Response scenarios using SQS instead of HTTPs? Very interesting, though not sure how long-polling receivers would work with Lambdas just yet.

Serverless Web Scraping With Python, AWS Lambda and Chalice
Danny Aziz lays out a five step plan for using Lambda to pull data from other sites.

Manage databases through custom skills with Amazon Alexa and AWS Systems Manager
“Alexa, drop all my production databases.” As long as that command isn’t supported, I think this is a pretty cool use case.

Debugging AWS Services with Lambda
The power of Lambdas (beyond just resizing images for you). Gary Sieling points out an excellent use case, debugging other services in your account.

Serverless Video Rendering
I’ve seen some examples of this before, but parallelizing video rendering could be very powerful if it is done right.

Attaining Spending Sanity with Serverless
Trying to enforce CloudFormation resource tagging to help track and manage your cloud costs? Use serverless like Justin Rice does.

If you’re interested in learning some advanced serverless concepts… 🏗

Ten Things Serverless Architects Should Know
Justin Pirtle from AWS has an excellent piece that outlines some very important concepts that serverless architects definitely should know.

Chaos Engineering — Part 2
Adrian Hornsby’s work is the gift that keeps on giving. His Failure Injection Lambda Layer makes it easy to start implementing serverless chaos experiments, and this posts gives you some much needed context for figuring out what to test.

AWS S3 Event Notifications have “probably once” delivery
Eric Urban coined this phrase to emphasize the “on very rare occasions, events might be lost” issue with S3 notifications. He implements a clever way of dealing with it, though a delivery guarantee would be much better.

Building a Modern CI/CD Pipeline in the Serverless Era with GitOps
Shimon Tolts discusses the transition and the different steps of modern software development to showcase the possible solutions for the serverless world.

A walkthrough of the Amazon DynamoDB Accelerator console – Part 2
If you’re using DynamoDB and you need microsecond response times, DAX is an excellent write-through cache solution. Ishita Mehta-Desai gives you a walkthrough of the console and how it works.

AWS Serverless App: Testing
A quick run down on setting up unit tests on serverless projects with Sinon, Chai, and NYC for recording test coverage.

If you’re just starting your serverless journey… 🐣

The 6 concepts you need to know before trying Serverless
If you’re getting started with serverless, take Lou Bichard’s advice and learn these six key concepts. I agree with all of them.

serverless.help –  Serverless help from experts
Got serverless questions? Jared and Forrest at Trek10 set up this great little Q&A site that should get you pointed in the right direction.

Building applications rapidly with Serverless
Gareth McCumskey’s article will get you started with the Serverless Framework, including setting up an account to see the new full lifecycle capabilities. Don’t get distracted by the adorable baby photo in his profile picture.

Introduction to AWS SAM and Installation and Initialization of Project
If you’d rather get started with AWS’s Serverless Application Model instead, take a look at this article.

Awfully Thorough Guide to Choosing the Best Serverless Solution
I included this post by Ilya Kritsmer two weeks ago, and he has since added Part 1.2Part 1.3Part 2.1, and Part 2.2. Excellent content, but I think he should pace himself a bit. 😉

Serverless Tutorials 🏗

Forms without servers — handling form submissions with Lambda
James Beswick is back with another great post. I’d guess that 99.9% of websites could be static if it wasn’t for that pesky contact form. Serverless to the rescue.

Introducing a better way to record custom metrics
Yan Cui wrote a new SAR app that parses custom metrics from CloudWatch Logs and sends them to CloudWatch as custom metrics.

Serverless contact form handling for static websites
If you’re using Google Cloud instead of AWS, here’s how to add that serverless contact form to your static sites.

Automating Amazon CloudWatch alarms with an AWS CloudFormation macro
Interesting post by Alex Nicot that shows you a clever way to utilize CloudFormation macros.

How to process media in AWS Lambda? (FFMPEG)
Mohammed Lutfalla shows you how he set up a media processing pipeline using FFMPEG and Python. There’s also a Lambda layer for this.

Developing and Testing Lambdas with pytest and LocalStack
It’s always interesting to see how people set up local development workflows and local testing. Ciaran Evans shares his methods.

Deploy Serverless App with Next.js 8, AWS Lambda and CircleCI — Part 1
This is a full walkthrough to get you started using Next.js and AWS Lambda to get a serverless service up and running. Code included.

Serverless Security 🔒

7 Serverless Auth Strategies for Protecting Gated Functions
David Wells outlines the pros and cons of seven different strategies used to authorize access to your serverless functions.

The Truth About Serverless Security
Roman Sachenko covers a long list of precautions that developers should take when developing serverless applications. I agree with nearly all his suggestions, but it is important to stress that you’re already way ahead of the security game when you switch to serverless.

7 Ways to Deal with Application Secrets in Azure
I’m a fan of whatever Mikhail Shilkov writes, so I’ve included this for two reasons. I think this is good info in general, and with a few tweaks, it would apply to AWS as well.

Use AWS S3, KMS and Python for Secrets Management
Ruan Bekker proposes a solution for secrets management.

Serverless Reads 🤓

Cloud Irregular: Amazon won’t spin off AWS, and that’s too bad for AWS
Forrest Brazeal has a great post about the pressure software vendors feel to avoid using AWS because of conflicts from potential clients that compete with Amazon.com. According to him, this is resulting in suboptimal technology choices in order to hedge bets against future customers. Seems crazy, but I totally get it.

How Serverless Is Impacting the IT Landscape
Bit of a plug article, but has some interesting statistics about the electricity use of data centers. Serverless provides an interesting solution to this problem versus always-on, dedicated resources.

Serverless for Startups — A quick way to build and validate your ideas.
Edmo Lima gets it, and hopefully others will too. For any technology startup looking to move fast, iterate quickly, and scale without worrying about rewrites, serverless is the fastest and cheapest way to get there.

Why we didn’t brew our Chai on AWS Lambda
Okay, serverless isn’t all rainbow and unicorns, and it’s important to hear stories where it doesn’t work well for someone. Nikhil Sharma outlines why their team decided against it.

Serverless Architecture Market Size Worth $9.17 Billion by 2023
This is a pitch for the full-report, but there are a few stats that are shared in this post, plus a sample report.

When you’d rather have the book read to you… 🔊

Serverless Chats – Episode #7: Serverless Laravel using Vapor with Taylor Otwell
In this episode, I chat with Taylor Otwell about Laravel Vapor, a new service that lets you deploy your Laravel PHP applications to Amazon Web Services and run them using a fully managed suite of serverless components.

Cedrus: Migrating a Legacy Application to a Serverless Ecosystem
Matt and Bradley walk us through the migration of the ABCL’s legacy Visual Basic and Oracle application to a Serverless ecosystem that leverages Amazon AppSync to allow users to query data without having to understand query languages or data structures.

Modern Apps on AWS: Challenges and Solutions
Trevor Hansen from AWS, Forrest Brazeal from Trek10, and Nitzan Shapira from Epsagon give a master class in modern application development.

When you’re wondering what the devs at AWS are building… 👷‍♀️

Introducing AI-Driven Social Media Dashboard
Monitor and ingest specified tweets using stream processing and leverage a serverless architecture and machine learning services to translate and extract insights from those tweets. 😳

Amazon SNS Adds Support for AWS X-Ray
You can now enable AWS X-Ray for your messages passing through Amazon SNS, making it easier to trace and analyze messages as they travel through to the downstream services.

Introducing AWS Chatbot (beta): ChatOps for AWS in Amazon Chime and Slack Chat Rooms
AWS Chatbot provides an interactive agent that enables you to monitor and interact with your AWS resources from team chat rooms. More on this here.

AWS Amplify Console adds support for automatically deploying branches that match a specific pattern
This is pretty cool. The Amplify console now supports branch pattern deployments, allowing developers to automatically deploy branches that match a specific pattern without any extra configuration.

CloudWatch Logs Insights adds cross log group querying
This is quite amazing. Being able to consolidate metrics from across multiple functions is incredibly powerful. This is perfect for common metrics that span across multiple Lambda functions.

Amazon S3 adds support for percentiles on Amazon CloudWatch Metrics
More good stuff for CloudWatch Metrics. This provides customers with more granularity about their request patterns on S3 and helps them observe and diagnose anomalies in request patterns on S3.

AWS IoT Events actions now support AWS Lambda, SQS, Kinesis Firehose, and IoT Events as targets
This seems extremely useful for a number of use cases. In addition to publishing messages to SNS and MQTT, these extra targets now open up a ton of new capabilities.

Temporary Queue Client Now Available for Amazon SQS
The client supports common messaging patterns such as request-response, and helps you save development time and deployment costs when creating application-managed temporary queues.

Serverless Tools 🛠

AnomalyInnovations/serverless-bundle
An extension of the serverless-webpack plugin. This plugin bundles your Node.js Lambda functions with sensible defaults so you don’t have to maintain your own Webpack configs.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

July 31, 2019 – Serverless Summer School: Class is in session! by Stackery

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

October 7-9, 2019 – Serverlessconf 2019 in New York City (I’m giving a talk here)

October 14-16, 2019 – Serverless Architecture Conference Berlin (I’m speaking here as well)

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Taylor Otwell (@taylorotwell). Taylor is the creator and maintainer of the Laravel framework, and a big supporter of the open source PHP community. Even though Vapor is his first major foray into the serverless world, the impact is massive. The work he’s done over the last year has made it possible for Laravel users to easily switch to a serverless solution on AWS. This has the potential to introduces hundreds of thousands of developers to serverless, and that is a very big deal. Thanks for all your work on Laravel, Taylor. And thank you for building out Vapor so that Laravel users can begin to make the serverless leap! 🙌

Final Thoughts 🤔

This was a banner week for serverless. I really think Vapor is going to be a huge gateway for hundreds of thousands of developers to experience serverless. The bigger this community gets, and the more voices we hear from, means we get more tools, better services from cloud vendors, and more innovation and ideas. I really love watching this community grow and seeing all these new faces learning, adopting, and teaching serverless.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Until next time,
Jeremy

Off-by-none: Issue #47

The Serverless Framework You’ve Been Waiting For… ⚡️

Welcome to Issue #47 of Off-by-none. It’s super awesome that you’re here! 😎

Last week, we took a deep dive into the new Amazon EventBridge service. This week, we look at the new Serverless Framework, we hear some more thoughts about Amazon EventBridge, and, of course, we share lots of amazing content from the serverless community.

There is plenty of great serverless stuff to get to, so let’s jump right in! 🏊‍♀️

When you thought the Serverless Framework couldn’t get any better… 🙌

Unless you’ve been trapped in a cave for the last several years (or maybe work at a datacenter 🧛‍♂️- no offense to the wonderful people who keep our servers running, BTW), you’ve likely heard of the Serverless Framework. In marketing speak, the Serverless Framework lets you “build apps with radically less overhead and cost.” In technospeak, you can easily build and deploy serverless applications running on AWS and other public cloud providers. I’m a huge fan and have been using it since the early days.

The last several months have been pretty exciting as the team at Serverless, Inc. has been working to build a platform that supports enterprises with advanced features and services that cover the full lifecycle of serverless applications. They just announced that they are making it available to everyone, and you can use it for free. There are a ton of great new features (you may have seen some released recently) and an entire platform to build, test, deploy, secure and monitor your serverless applications.

For more information about the new capabilities, check out their overview video or Marcia Villalba’s new episode of Foo Bar that looks at the new dashboards. There’s also an article on TechCrunch (Serverless, Inc. expands free Framework to include monitoring and security) about the release. The serverless ecosystem is expanding rapidly with lots of tools and services to help make building your serverless applications easier. Having these features integrated directly into the deployment platform (that we know and love) is very cool.

When people are still talking about Amazon EventBridge… 🌉

Last week we looked at the new Amazon EventBridge service that was announced at AWS Summit New York. On the day it was announced, Chris Munns from AWS, was speaking at ServerlessDays London. Instead of giving his scheduled talk, he pulled a fast one on the attendees and gave this presentation on EventBridge instead. It’s a great presentation and worth reviewing to understand some of the important concepts of EventBridge.

There have been some more thoughts on EventBridge since last week as well. Darragh O’Grady (aka The Learning CTO) wrote this piece about Why AWS EventBridge Changes Everything, Jerry Hargrove created a nice set of Visual Notes for it, and despite the clickbaity title, Mark Runyon is rather optimistic about its potential in AWS EventBridge: Revolutioning Serverless or CloudWatch Events 2.0?

I promised some more thoughts on this from me as well, and so far I’ve been doing a lot of poking and prodding to see what’s possible. I did have an idea for using the observable nature of events with EventBridge, along with its built-in retry mechanisms to implement the SAGA pattern using an attached resolver service. I got some interesting feedback, and I’m still fleshing out some ideas, so expect some more info on this soon.

In the meantime, if you’re wondering what is the best AWS service to use to manage events in your application, try Jared Short’s AWS Event Source Wizard.

Serverless News & Product Announcements 🚀

Serverlessconf NYC 2019 agenda announced
54 serverless experts speaking over the course of two days. The agenda is now available! I’m speaking on Day 2.

Epsagon Makes Troubleshooting Apache OpenWhisk a Snap
In its latest release, Epsagon now supports tracing for OpenWhisk. I think this is a great tactic for monitoring and observability companies that have been closely tied to AWS and their serverless offerings.

Maintaining peace in your serverless stack with Thundra Alerts!
Thundra’s new alerting functionality builds on top of their powerful querying capabilities. You can now save queries to trigger alerts, set the severity of them, and easily throttle or mute them during an issue.

Monitoring for Serverless Workloads Now Generally Available in Datadog
This new release from Datadog includes visualizing service maps, correlating traces and logs with AWS X-Ray and Cloudwatch Logs, additional support for Python, Node.js, and Go, and more.

Introducing Adobe I/O Runtime: How Serverless at Adobe Will Shape the Future of Digital Marketing and Creativity
This caught my eye a while back, and now that it’s GA, I need to explore it more. But the idea of companies providing serverless compute resources to enable custom workflows for their customers is something I think is very interesting.

Introducing Conference App in a Box
Deploy a themeable, customizable, full stack and cross-platform mobile app for your next event in minutes. Thanks to Nader Dabit.

Serverless Stories 📖

ALB Triggers for a Serverless Web App
Andreea Paduraru discusses the experience the big data team at Hotels.com had when building a new serverless application. They found ALB to be a more suitable solution than API Gateway. Maybe it’s right for your app?

Intermittent RDS Errors When Triggering Lambda Functions
Ethan Bray shares an issue he had that turned out to be a misconfiguration of subnets. Little things like this can be frustrating, so if you’ve ever done something like this, you’re not alone.

How Bank of America Is Using Adobe I/O Runtime to Boost the Efficiency of Its Personalized Offers in Adobe Target
Curious what integrated serverless runtimes can do and how powerful they can be? This piece shows how Bank of America used Adobe’s I/O Runtime to manage personalized offers to its customers.

Serverless Use Cases 🗺

How to extract a HUGE zip file in an Amazon S3 bucket by using AWS Lambda and Python
Working with large files is a common use case. John Paul Hayes outlines a solution in Python that lets you bypass the 500MB Lambda limit.

Build a Serverless API for IoT Devices
Moheeb Zara shows you how to use AWS Lambda and API Gateway to publish messages to an AWS IoT Device.

Connecting existing user database to AWS Cognito
Miki Wawrzyniak needed to use a legacy database with Cognito. I’m not sure this is a common use case, but he presents a solution for you.

If you’re interested in learning some serverless basics… 🏗

Data modeling with Amazon DynamoDB – ADB301 – New York AWS Summit
Alex DeBrie gave a presentation at the New York summit on DynamoDB and data modeling. I wish the video was available for this.

How to Optimize Lambda Memory and CPU
Renato Byrro gives you some details into how choosing the right amount of memory affects the CPU and performance of your Lambda functions.

Understand AWS Serverless architecture in 10 minutes
There are more than 9 services that can trigger Lambda, but Corentin Doue from Theodo gives you a good overview of the most common ones.

Why deploy your Serverless app into multiple AWS accounts?
The team at Seed.run continues with more Serverless Tips, this time outlining the pros of maintaining AWS account segregation.

How to share an API domain between services in a monorepo Serverless app
And in another excellent Serverless Tip from Seed.run, they outline two different ways to have multiple services share the same domain name with API Gateway. I prefer the first method as it significantly reduces coupling, and still provides you with independent APIs for each service.

If you’re just starting your serverless journey… 🐣

What is Serverless and how to use it in practice
Rafael Quintanilha from ButterCMS outlines some basics on serverless architecture, what problems it solves, and when you should use it.

5 tips to choose a serverless vendor
Tips #1, #2 and #5 make sense. I wouldn’t worry too much about vendor lock-in from a FaaS standpoint, as for #4, any public cloud provider will be fine to run your dev and production workloads.

Serverless Tutorials 🏗

Injecting Chaos to AWS Lambda functions with Lambda Layers- RELOADED
Adrian Hornsby’s latency injection layer for Lambda has evolved into a more general failure injection one. This article explains what it is, and how to use it to inject some chaos into your serverless applications.

How to connect SNS to Kinesis for cross-account delivery via API Gateway
Yan Cui outlines a number of different solutions to deal with the problem of per account concurrency and resource limitations. There’s even a solution that uses EventBridge.

Separating queries and managing costs using Amazon Athena workgroups
Roy Hasson shows you how to separate workloads, control user access and
manage query usage and costs when working with Amazon Athena workgroups.

Generate a PDF in AWS Lambda with NodeJS and Puppeteer
Nice walkthrough from Aki Rautio that shows you how to perform this common task. Code is included.

Build a serverless website with SAM on AWS
Fabrizio Fortunato shows you how to configure a SAM template to deploy a static website onto AWS.

Serverless Security 🔒

A Deep Dive Into Serverless Attacks. SLS-6: Security Misconfiguration
Tal Melamed from Protego details some of the perils (and ways to mitigate) misconfigurations in your serverless functions.

How Serverless Is Changing Security: The Good, Bad, Ugly, and How to Fix It
I don’t agree with everything in this article (such as serverless creates a larger attack surface and that 3rd party services are more of a risk), but overall, Alexander Posashenko gives a good overview of the changing nature of serverless security.

Winning with Serverless DevSecOps Pipelines
Abhay Bhargav Serverless DevSecOps pipeline offers a very secure process for developing, analyzing, deploying and monitoring serverless applications. I’m a stickler for security too, but this is probably too extreme for many organizations.

Serverless Reads 🤓

What you need to become a full-stack serverless developer
Sam Williams outlines the 4 areas of development you need to know to call yourself a full-stack serverless developer.

Accelerating Agile with Serverless
Sarjeel Yusuf from Thundra outlines the effect that serverless has on the agile process and why it will likely win out over containers to shorten release cycles even more.

Why serverless is the future for small startups
Aidan Hallett has some thoughts on when to use serverless and why it helps early stage companies get off the ground.

The Serverless Revolution
Steven Yue’s collection of thoughts over the last few months about serverless. Some interesting points in here.

Serverless Days – London – My Key Takeaways
If you missed ServerlessDays London, Decebal Dobrica took some notes and shares his takeaways in this post.

Going Serverless
A group from the Nielsen Marketing Cloud team explores the computing world’s journey from an ownership model TO a leasing model and eventually TO a short-term-rental model.

When you prefer Netflix to AWS Documentation… 📼

Serverless Chats – Episode #6: Why Developers Need to Think About Cloud Costs with Erik Peterson
In this episode, I chat with Erik Peterson about cultural changes around cost optimization in the cloud, cost as a first class metric, and how to predict total cost of ownership (TCO) according to your product roadmap.

Building Happy Little APIs
Maybe I’m just getting old, but I find Twitch really hard to navigate. Luckily, the good folks at AWS have taken Eric Johnson’s fabulous “Building Happy Little APIs” series, and put it in a YouTube playlist, where old guys like me can more easily find it. Lots of great information in these episodes.

Serverless Patterns (The awkward years)
I came across this PDF of slides from Mike Roberts talk at SACON (2019, I think). Really interesting slide deck that is loaded with patterns that apply to serverless development.

Macquarie Bank: Securing Payment Websites at the Edge Serverless-ly
AWS’s This is My Architecture shows how Macquarie Bank migrated to a serverless architecture largely at the edge, leveraging Amazon S3, AWS Lambda@Edge, Amazon Cloudfront, AWS WAF and AWS Shield.

When you think the AWS Serverless team might be on holiday… 🏖

Not a lot of “serverless” announcements this past week, but I’m sure the teams are gearing up for something big soon (or maybe sitting on a beach). There was this announcement that Amazon Comprehend Custom Entities now supports multiple entity types. When you used custom entities with Comprehend in the past, multiple entity types required separate models, meaning multiple calls per document. Now it supports up to 12 entity types per model, so that’s pretty cool.

Thoughts from Twitter… 🐦

Gartner’s cautions around @awscloud are spot on and mirror what I’ve seen. ~ Corey Quinn
This is a great thread that highlights Gartner’s analysis of the big public cloud vendors. If you work for these companies, some of these things might sting a little. But I think the analysis is probably spot on. 🤷‍♂️

Results from the short attendee survey we did with the tickets on usage of #Serverless … 386 respondents ~ ServerlessDays London
Quick little survey of the ServerlessDays London attendees. Still a big group of people that are barely using serverless. So, still lots of minds to change.

This makes EventBridge a big no-go for me. #serverless ~ Ryan Marsh
According to the docs, “typical latency is about half a second” for EventBridge. For asynchronous workflows, this doesn’t seem unreasonable to me. Do you agree with Ryan on this one?

Serverless Tools 🛠

Version 1.3 of Lambda Power Tuning Released by Alex Casalboni
AWS Lambda Power Tuning is a state machine powered by AWS Step Functions that helps you tune the memory configuration of Lambda functions in a data-driven fashion.

adrai/aws-lambda-fastify
Inspired by the AWSLABS aws-serverless-express library, this is tailor-made for the Fastify web framework, letting you run your existing Fastify projects in Lambda.

ccbrown/keyvaluestore: robust key-value store abstraction for DynamoDB
This package provides an interface with a Redis-like API and implementations for multiple key-value store backends.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

July 25, 2019 – Distributed Tracing in Modern Applications – Microservices and Containers (webinar)

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

September 4-6, 2019 – Production-ready Serverless Workshop – Full Stack Fest

October 7-9, 2019 – Serverlessconf 2019 in New York City (I’m giving a talk here)

October 14-16, 2019 – Serverless Architecture Conference Berlin (I’m speaking here as well)

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Austen Collins (@austencollins).  Austen is the creator of the Serverless Framework (which probably needs no introduction) and the founder of Serverless, Inc. He’s been a driving force in building the serverless ecosystem and the serverless community, with the Serverless Framework empowering thousands of developers and organizations to more easily adopt serverless technologies. His contributions to the CNCF Serverless Working Group and the latest version of the framework (that includes tools to manage the full lifecycle of your serverless applications) continues to push the industry forward and make serverless more accessible than ever. Thanks for all you do, Austin!  🙌

Final Thoughts 🤔

This was another week filled with so much serverless goodness! Every week the community continues to grow, the tools continue to evolve, and the content continues to flow. It’s an exciting time to be alive. 😉

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Cheers,
Jeremy