An Overview of AWS Serverless Services
We will review AWS serverless services and give you an overview of what they are for, why you would use them, and how you could use them to build an application. The AWS website has a section focused on serverless computing. When serverless was initially branded, the purpose of serverless was to help you focus on delivering outcomes rather than on servers.
With servers, you must install the operating system and any runtime applications (like PHP, Node, JavaScript, or Python). We also need to consider the web server, the database server, and cybersecurity (where you harden it to avoid hackers breaking into your server). There can be a lot to it.
With serverless, the idea is that you use a service or upload your code without worrying about all the server configurations. If you need to execute code, you upload it, and AWS takes care of the rest of the process, including how to run it and how to secure where it is running. They run the code and deliver the output.
Let’s discuss some of the services AWS highlights on its serverless services web page.
Code Execution
Lambda is where you upload your code, and it’ll run that code. The underlying technology is a container, which is a really small computer that’s running virtually. It turns on, does what it needs to, and turns off. The container is hidden from us. We do not know exactly how AWS does it, though we are informed they are using container technology. We can configure the container to some extent, but we don’t have much control over how it’s organized.
Fargate does use container services. You can use their ECS (Amazon Elastic Container Service) or the popular container software Kubernetes.
Orchestration
When you want to integrate your application, you can use different services. Amazon EventBridge will receive and forward events to other AWS services or third-party endpoints. An event is just a piece of code or text with information. It comes into EventBridge and can be forwarded to a server, a web application, a third-party service, or a Lambda function.
Step functions allow you to create different Lambda functions and organize them in a logical order. It’s like creating a flow diagram in Visio and imagining each Visio element runs some code.
SQS (Simple Queue Service) is similar to EventBridge. It gets an event and holds it in a queue until a message is requested. Then, it processes it and tells the queue, “I’m done with it,” whereas EventBridge takes it and forwards it.
SNS is a very simple version of EventBridge. It can forward events, push notifications, or text messages to end users
Application Programming Interfaces
API Gateway is an application programming interface. It has an HTTPS web address where you can send data, and it’ll respond. That’s how you can build the backend for the front end of a website or a mobile app.
AppSync is a way of getting data from a database from a single endpoint and using its query language.
Data Storage
There are many other different ways of storing data. We are mainly going to focus on S3 and DynamoDB. These have the lowest barrier to entry.
S3 is blob storage.
DynamoDB is a NoSQL database, and you can’t do SQL queries. It uses a different query mechanism. It’s more like big data tables.
AWS serverless services in greater depth.
Let’s explore each service.
Amazon Lambda
Lambda, as we mentioned, is for computing, running code, and running on some container technology that is hidden from us. We do not need to configure how the container runs, but we can specify some container configurations. For example, we can specify whether we want to run Node.js, Python, or Java.
Lambda is pay-as-you-go. You define how much CPU and RAM you need (depending on how computation-intensive your code is). Then, you can upload your code, and it’ll run. Based on a pricing table, you’ll be billed for the number of seconds and the amount of computing resources.
Let’s explore some examples of how to use Lambda.
Let’s say you upload a file into an S3 bucket. You can tell the S3 bucket to trigger a Lambda function. The Lambda function will then run code to resize that image. It will store that image in the same S3 bucket or a different one. You will have different image sizes for the different devices that are viewing the photograph.
You can have a website get data from an API gateway for web applications. The API will forward the event request from the HTTP connection to a Lambda function that processes the event. The Lambda function may need to get data from Amazon DynamoDB, our serverless database. The Lambda function will then send the DynamoDB data back to the API. Lastly, the website will use that data as appropriate.
You can do the same kind of thing with a mobile backend. Instead of a website, you have a mobile app with an API gateway.
Amazon API Gateway
You can create a RESTful API with the typical HTTP methods (such as GET
, POST
, PUT
, and DELETE
).
You can define the endpoints. It could be something like api.mydomain.com/books
with a GET
method. The /books
endpoint will return the list of books. If we configure the POST
method, it will then update the book list by adding a new one, for example.
A WebSocket API uses WebSocket technology. It has an active, continuous connection from the website to the API, so it does not have to make constant HTTP requests. It can also send messages back and forth.
As we mentioned, you can have a website or a mobile app. You can have IoT devices or anything that needs to send messages to a backend. They will send the HTTP request to the API gateway, and then the API gateway is configured; if it has caching enabled, it can just send a cached response to save on processing.
But if it’s not a cached response, it can forward the request to a different endpoint like Lambda or Kinesis, an EC2 server, a DynamoDB direct integration, etc. There are many ways you can configure this. This is a serverless technology because if nothing makes an API request to the API gateway, it does not do anything. And, it is an on-demand service where you will be charged for what you use.
Amazon S3
S3 is probably the simplest way to start using serverless. S3 is object storage, or you may have heard the term blob storage.
It can hold data of any type: text, images, gigabyte-sized files, backup drives, or whatever you need it to be. It just stores objects and is not specific to what the object is.
It’s not like file storage, where the file has to conform to the file format, and you cannot search it like file storage. It is a key-value storage. You have a key that defines the file and how you find it, and then the value is the file's data, whether it is text, image, base64 encoding, etc.
You pay for what you need.
S3 essentially provides infinite storage. You have limitations on how big the file can be, but it is really, really big. You also have a limit on the number of objects. But again, that’s really, really big.
The number of buckets is limited, but the number of objects within a bucket is unlimited. A bucket is essentially a storage location. So you can think of it as a file server; each bucket is like its own.
Each bucket has its own permissions. If you only have access to the first bucket and not the second one, you can only get the data on the first one.
Anything you put in there is called an object. You can use it for many different things, such as backing up and restoring data, archiving data, and storing generative AI training data.
We will use it to create our front-end website in the Mastering AWS Serverless course. We will put our website files up there and then enable the web server feature in S3 so that you can show up as a website.
Amazon CloudFront
We can use S3 with CloudFront, a content delivery network (CDN) that provides the web server's functionality.
CloudFront caches copies of the website files at various routers worldwide, bringing the content closer to the user. When we go to a website and enter the website address, the browser will connect to CloudFront. CloudFront will try to return the content closest to the browser’s physical location from an edge router.
Let’s suppose you are a user in California, and you chose an AWS S3 location in North Virginia. Without CloudFront, the HTTP request would have to travel all the way to North Virginia, get the data from S3, and send it back to California. That is about 6,000 miles that the data has to travel.
However, with CloudFront, a copy of the data is cached locally at an edge router. Let’s suppose the edge router is in Northern California. The HTTP request would only go as far as Northern California and back to Southern California to get the data. That results in a faster delivery time since the data has to travel a shorter distance.
You can also run Lambda functions in CloudFront to modify certain properties, like the headers or data in the request. That gives you additional functionality but has very limited execution compared to a typical Lambda function that can run almost any workload. The Lambda@Edge is a very specific function that modifies the request or the response.
Amazon DynamoDB
DynamoDB is a serverless database that is a NoSQL key-value database. You can create a table and then define your schema for the table. The schema includes a primary key and a sort key. The primary key is essentially the index.
You can have entries with the same index if they have a different sort key if you define the sort key. You can get a specific entry if you provide both the primary and sort keys while searching. But if you need the data for that primary key, then you will get all the entries with the primary key value.
You can configure it to have on-demand or provisioned capacity. With provisioned capacity, you can specify how many kilobytes of data you need to read and write within one second and have it guaranteed. Or you can pay higher for reading and writing with on-demand capacity.
Choosing provisioned or on-demand capacity depends on the application’s traffic patterns. If your traffic is on and off and inconsistent, it is probably not worth paying for provisioned throughput. But if you get steady, consistent requests every hour, you might consider provisioning it.
With DynamoDB, you also pay for the storage. You do not need to pay for read-and-write usage if you use on-demand capacity.
Amazon CloudWatch
CloudWatch is a service that goes well with serverless. It provides logging, monitoring, and alerting. When you are executing your Lambda functions, and it writes a log entry (such as a print
statement in Python or console.log
Node.js), that entry gets written to a CloudWatch log.
You can start logging errors, and then you can run a Lambda function or some workload to look for how many errors are being written, and you can monitor that over time.
CloudWatch also has built-in metrics. You can, for example, monitor the number of 500 HTTP errors in an API from API Gateway. If it exceeds a certain amount, you can set an alarm that notifies your team of excess error codes. That could be an indicator that there is a bug in the code or something is broken.
Amazon Simple Email Service (SES)
SES allows you to send emails. What you do is make an API request to the SES API, and you can have it send an email from your application. Let’s say you want to email a user whenever they buy something from your website or log in. You can use a lambda function to make that API request to SES, and it’ll send an email to the user about the purchase or login.
Amazon Simple Notification Service
SNS allows you to send push notifications and messages. Let’s say you want to periodically have a Lambda function that looks for an entry in a database on that DynamoDB table. It finds records that are flagged as unprocessed and can second those records to an SNS topic.
A topic is a set of messages you want to send out; anyone subscribing to that topic will get the message. The topic could, for example, send those records to an email address for manual processing by a team. The team will read the email and process those records.
A Lambda function could subscribe to that topic. That Lambda function will execute the business logic to process those records. That’s one way to orchestrate or architect your application.
You can also use it to send text messages or push notifications to mobile apps that subscribe to that SNS topic.
Amazon Cognito
Cognito is Amazon’s identity provider solution for your application. It allows you to create users and have them log in with a password or passwordless. You can have them configure multi-factor authentication to protect their account with an authenticator app or a text message code.
You can integrate your Cognito application. You define:
- How you want users to sign up.
- How you want them to sign in.
- The information you want the users to provide.
- Whether they can log in with Google or an Apple ID.
- Whether they can use a security key.
- How to get an access token for the application used by the web application.
Cognito provides you with many options to configure authentication for your application.
AWS Identity and Access Management
Lastly, this is Identity and Access Management, or IAM. This is how AWS gives resources permission to access other resources.
For example, if I have a Lambda function and want to get data from an S3 bucket, I have the API request to S3 in my code to get an object. It’ll deny me because, by default, resources do not have access to other resources. I will need to create an IAM policy that says the Lambda function allows any object for a bucket with a certain bucket name. Then, I will assign that policy to a role, and the role is assigned to the Lambda function.
You can also use it to authenticate users into your AWS account. We’ll mainly focus on using IAM for the serverless application.
Before you go
The Mastering AWS Serverless Companion Course
Learn how to build a serverless front end and back end using the AWS console. This course is the companion course for the Mastering AWS Serverless book. You do not need to have the book to benefit from this course.
This post was transcribed from the Mastering AWS Serverless Companion Course videos using TurboScribe.ai and edited with Grammarly Premium.