๐Ÿš€ Project Update:

Lambda API: v0.8.1 Released

Lambda API v0.8.1 has been released to patch an issue with middleware responses and a path prefixing options bug. The release is immediately available via NPM. Read More...
๐Ÿš€ Project Update:

Lambda API: v0.6 Released

v0.6 is all about making the serverless developer's life easier! New support for both callback-style and async-awaitย in route functions and middleware, new HTTP method routing features, and route debugging tools. Plus Etag support and automatic authorization parsing. Read More...
๐Ÿš€ Project Update:

Lambda API: v0.5 Released

v0.5 takes advantage of AWS Lambda's recently released support for Node v8.10 and has removed its Bluebird promise dependency in favor of async/await. Lambda API is now faster and adds built-in CORS support, additional wildcard features, new HTTP header management methods and more. Read More...
๐Ÿš€ Project Update:

Lambda API: v0.4 Released

v0.4 adds support for a number of standard use cases while still keeping it as lightweight and unopinionated as possible. This new release adds Static & Binary File Support, Route Prefixing, and more. Read More...
๐Ÿš€ Project Update:

Lambda API: v0.3.0 released

v0.3.0 adds JSONP support, cookie lifecycle management, and some additional updates, inching it closer to becoming a full-featured web framework for serverless applications.ย โšก๏ธ๐Ÿค˜๐Ÿป Read More...

Securing Serverless: A Newbie’s Guide

So you’ve decided to build a serverless application. That’s awesome!ย May I be the first to welcome you to the future.ย ๐Ÿค–ย I bet you’ve done a lot of research. You’ve probably even deployed a few test functions to AWS Lambda or Google Cloud Functions and you’re ready to actually build something useful. You probably still have a bunch of unanswered questions, and that’s cool. We can still build some really great applications even if we only know the basics. However, when we start working with new things we typically make a bunch of dumb mistakes. While some are relatively innocuous, security mistakes can cause some serious damage.

I’ve been working with serverless applications since AWS launched Lambda in early 2015. Over the last few years I’ve developed many serverless applications covering a wide range of use cases. The most important thing I’ve learned: SECURE YOUR FUNCTIONS! I can tell you from personal experience, getting burned by an attack is no bueno. I’d hate to see it happen to you.ย ๐Ÿ˜ข

To make sure it doesn’t happen to you, I’ve put together a list ofย ๐Ÿ”’Serverless Security Best Practices. This is not a comprehensive list, but it covers the things you ABSOLUTELY must do. I also give you some more things to think about as you continue on your serverless journey.ย ๐Ÿš€

Continue Reading…

How To: Build a Serverless API with Serverless, AWS Lambda and Lambda API

AWS Lambda and AWS API Gateway have made creating serverless APIs extremely easy. Developers can simply create Lambda functions, configure an API Gateway, and start responding to RESTful endpoint calls. While this all seems pretty straightforward on the surface, there are plenty of pitfalls that can make working with these services frustrating.

There are, for example, lots of confusing and conflicting configurations in API Gateway. ย Managing deployments and resources can be tricky, especially when publishing to multiple stages (e.g. dev, staging, prod, etc.). Even structuring your application code and dependencies can be difficult to wrap your head around when working with multiple functions.

In this post I’m going to show you how to setup and deploy a serverless API using the Serverless framework and Lambda API, a lightweight web framework for your serverless applications using AWS Lambda and API Gateway. We’ll create some sample routes, handle CORS, and discuss managing authentication. Let’s get started.

Continue Reading…

๐Ÿš€ Project Update:

Lambda API: v0.1.0-beta released

I made a few changes to support empty response and automatic string conversion. There were some minor documentation updates as well. Almost ready for a stable version.ย ๐ŸŽธ Read More...