Lambda

What is Lambda

  • Data Centers
  • Hardware
  • Assembly Code/Protocols
  • High Level Languages
  • Operating Systems
  • Application layer/AWS APIs
  • AWS Lambda
  • AWS Lambda is a compute service where you can upload your code and create a lambda function.
  • AWS lambda takes care of provisioning and managing the servers that you use to run the code
  • You don’t have to worry about operating systems, patching, scaling, etc
  • You can use lambda in the following ways:
    • As an event-driven compute service where AWS lambda runs your code in response to events
      • Events could be changes to data in S3 bucket or Amazon DynamoDB
    • Run your code in response to HTTP requests using Amazon API gateway or API calls made using AWS SDKs
  • Lambda functions can trigger lambda functions
  • HTTP requests hit API gateway then to lambda
  • 2 http requests triggered in parallel (2 lambda functions triggered)

What languages?

  • Node.js
  • Java
  • Python
  • C#
  • Go

How is lambda priced?

  • Number of requests
    • First 1 million requests are free
    • .20 per 1 million requests thereafter
  • Duration
    • Duration is calculated from the time your code beings executing until it returns or otherwise terminates, rounded up to the nearest 100ms
    • Price depends on the amount of memory you allocate to your function
    • You are charged .00001667 for every gb-second used

Why is lambda cool?

  • No servers
  • Continuous Scaling
  • Super super cheap

Amazon Echo & Alexa

  • Talking to lambda

Lambda - Exam Tips

  • Lambda scales out (not up) automatically
  • Lambda functions are independent, 1 event = 1 function
  • Lambda is serverless
  • Know what services are serverless!
    • Lambda
    • Api gateway
    • S3
    • DynamoDB
  • Lambda functions can trigger other lambda functions, 1 event can = x functions if functions trigger other functions
  • Architectures can get extremely complicated, AWS X-ray allows you to debug what is happening
  • Lambda can do things globally, you can use it to back up S3 buckets to other S3 buckets
    • Not stuck to one region
  • Know your triggers

Extras

  • An Amazon API Gateway Lambda authorizer (formerly known as a custom authorizer) is a Lambda function that you provide to control access to your API. A Lambda authorizer uses bearer token authentication strategies, such as OAuth or SAML. Before creating an API Gateway Lambda authorizer, you must first create the AWS Lambda function that implements the logic to authorize and, if necessary, to authenticate the caller.
    • Main giveaway here is 3rd party. Use Lambda Authorizer for 3rd party
  • Lambda Hooks are used for integration with Lambda
  • Stage varaibles are name-value pairs that you can define as configuration attributes associated with a deployment stage of an API. They act like environment variables and can be used in your API setup and mapping templates.
  • With deployment stages in API Gateway, you can manage multiple release stages for each API, such as alpha, beta, and production.
    • Using stage variables you can configure an API deployment stage to interact with different backend components
  • Lambda X-Ray active tracing must be enabled
    • To enable tracing on your Lambda function using the Lambda CLI, you must first add tracing permissions to your function's execution role.
    • If your Lambda function runs on a schedule, or is invoked by a service that is not instrumented, you can configure Lambda to sample and record invocations with active tracing
  • To encrypt the data passed to functions and encrypted and encrypted at runetime, use Envelope Encryptoin and store as a file within the code
    • AWS Lambda environment variables have a max size of 4 KB
    • The direct Encrypt PI of KMS also has a max size of 4 KB.
    • To Encrypt 1 MB, you need to use the Encrpytion SDK and pack the encrypted file with the lambda function
    • Envelope encryption is the practice of encrypting plaintext data with a data key, and then encrypting the data key under another key.
    • https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#enveloping
  • Lambda Aliases can be used to route a specific percentage of traffic to a secpfic Lambda version.
    • routing-config parameter
  • Lambda Limits
    • Environment Variables
      • 4KB
    • Deployment Package size
      • Zipped, for direct upload
        • 50MB
      • Unzipped, including layers
        • 250MB
    • /tmp Directory Storage
      • 512 MB
    • Execution Processes/Threads
      • 1024MB
    • Maximum memory allocation
      • 3 GB (3,008 MB)
    • https://docs.aws.amazon.com/lambda/latest/dg/limits.html
  • Maximum timeout is 15 minutes
  • To enable tracing on your Lambda function using the Lambda CLI, you must first add tracing permissions to your function's execution role.
    • Then ensure the active tracing setting is enabled. * https://docs.aws.amazon.com/lambda/latest/dg/limits.html
  • Lambda functions are packaged with the function and dependencies in one folder, zipped
  • The InvalidParameterValueException will be returned if one of the parameters in the request is invalid.
    • For example, if you provided an IAM role in the CreateFunction API which AWS Lambda is unable to assume. Hence, this option is the most likely cause of the issue in this scenario.
  • Concurrency can be calculated based on the number of requests * the duration of processing
    • So if we have 50 requests per second, and each request takes 100 seconds to complete, we have 5,000 concurrent executions
    • The concurrency limit by default is 1,000
  • To enable a DLQ (Dead Letter Queue) for a lambda function, specify the ARN of the SQS queue in the Lambda Function's DeadLetterConfig parameter
  • When referencing the reamining time left for a Lambda function to run within the function's code, use the context object
  • Deployment package should contain function code and libraries not included within the runtime.

Invoking Lambda

  • Lambda supports synchronous and asynchronous invocation of Lambda functions
  • You can control the invocation type only when you invoke a Lambda function
    • Custom application invokes a Lambda Function
    • Manually invoke a Lambda function (i.e. using the AWS CLI) for testing purposes
  • in both cases, we will be using the invoke operation
    • can specify the invocation type as synchronous or asynchronous
  • When you use AWS services as a trigger, the invocation type is predetermined for each service
  • You have no control over the invocation type that these event sources use when they invoke your Lambda Function
  • In the Invoke API, you have 3 options to choose from for the InvocationType
    • RequestResponse (default)
      • Invoke the function synchronously
      • Keep the connection open until the function returns a response or times out
      • The aPI response includes the function response and additional data
    • Event
      • Invoke the function asynchronously
      • Send events that fail multiple times to the function's dead-letter queue (if its configured)
      • The API response only includes a status code
    • DryRun
      • Validate parameter values and verify that the user or role has permission to invoke the function
  • Invoking AWS Lambda Functions
  • Invoke API

Event Source Mapping

  • An Event sour mapping is an AWS Lambda resource that reads from an event source and invokes a Lambda function
  • You can use event source mappings to process items from a stream or queue in services that don't invoke Lambda functions directly
  • Lambda provides event source mappings for the following services:
    • Kinesis
    • DynamoDB
    • SQS
  • An event source mapping uses permissions in the function's execution role to read and manage items in the event source
  • Permissions, event structure, settings, and polling behavior vary by event source
  • To manage event source mappings, use the following API actions
    • CreateEventSourceMapping
    • ListEventSourceMappings
    • GetEventSourceMapping
    • UpdateEventSourceMapping
    • DeleteEventSourceMapping

Event source mappings read items from a stream or queue in batches, and include multiple items in the event that your function receives. You can configure the size of the batch that the event source mapping reads, up to a maximum that varies by service. The number of items in the event can be smaller than the batch size if there aren't enough items available, or if the batch is too large to send in one event and has to be split up.

For streams, an event source mapping creates an iterator for each shard in the stream and processes items in each shard in order. You can configure the event source mapping to read only new items that appear in the stream, or to start with older items. If your function returns an error, the entire batch is reprocessed until the function succeeds, or the items in the batch expire. To ensure in-order processing, processing for the affected shard is paused until the error is resolved. Processed items aren't removed from the stream and might be processed by other functions or consumers.

For queues, items aren't necessarily processed in order. Failed batches are returned to the queue as individual items and might be processed in a different grouping than the original batch. Occasionally, the event source mapping might receive the same item from the queue twice, even if no function error occurred. Lambda deletes items from the queue after they're processed successfully.

Lambda Layers

You can configure your Lambda function to pull in additional code and content in the form of layers. A layer is a ZIP archive that contains libraries, a custom runtime, or other dependencies. With layers, you can use libraries in your function without needing to include them in your deployment package.

Layers let you keep your deployment package small, which makes development easier. You can avoid errors that can occur when you install and package dependencies with your function code. For Node.JS, Python, and Ruby functions, you can develop your function code in the Lambda console as long as you keep your deployment package under 3MB.

A Function can use up to 5 layers at a time. The total unzipped size of the function and all layers can't exceed the unzipped deployment package size limit of 250MB.

You can create layers, or use layers published by AWS and other AWS customers. Layers suppoprt resource-based policies for granting layer usage permissions to specific AWS accounts, AWS Organizations, or all accounts. Layers are extracted to the /opt directory in the function execution environment. Each runtime looks for libraries in a different location under /opt, depending on the language. Structure your layter so that function code can access libraries without additional configuration.

AWS Lambda Layers

Implementing a Custom Runtime

You can implement an AWS Lambda runtime in any programming language. A runtime is a program that runs a Lambda function's handler method when the function is invoked. You can include a runtime in your function's deployment package in the form of an executable file named bootstrap.

A runtime is responsible for unning the function's setup code, reading the handler name from an environment variable, and reading invocation events from the Lambda runtime API. The runtime passes the event data to the function handler, and posts the response from the handler back to Lambda.

Your custom runtime runs on the standard Lambda execution environment. It can be a shells cript, a script in a language that's included in Amazon Linux, or a binary executable file that's compiled in Amazon Linux.

To use a custom runtime, set your function's runtime to provided. The runtime can be included in your function's deployment package, or in a layer.

If there's a file named boostrap in your deployment package, Lambda executes that file. If not, Lambda looks for a runtime in the function's layers. If the boostrap file isn't found or isn't executable, your function returns an error upon invocation.

Custom AWS Lambda Runtimes

Lambda Best Practices

  1. Separate the Lambda handler (entry point) from your core logic
  2. Take advantage of Execution Context reuse to improve the performance of your function.
  3. Use AWS Lambda Environment Variables to pass operational parameters to your function.
  4. Control the dependencies in your function's deployment package.
  5. Minimize your deployment package size to its runtime necessities.
  6. Reduce the time it takes Lambda to unpackm deployment packages.
  7. Minimize the complexity of your dependencies.
  8. Avoid using recursive code.

Lambda Best Practices