Serverless Picks of the Week
Issue #115: Lambda open source projects and security patterns
June 10, 2024
Share on:
This week's newsletter is authored by Benjamen Pyle.

Serverless Superhero

Our serverless superhero this week is Lee James Gilmore. He is the author and core contributor on the Serverless Advocate, an international speaker, and a recognized AWS Community builder. Lee contributes a broad wealth of content in serverless while also sharing infrastructure as code patterns in CDK and the Serverless Application Model. Thank you, Lee, for all you do for the community!

Tutorials

Security is hard and can be complex. This is especially true when it comes to service-to-service communication which can be either synchronous or asynchronous. Ran Isenberg published an article on Leveraging IAM for Service-to-Service Authentication and Authorization which is the first in a security series specifically on this topic.

Java is a language that doesn’t get a lot of attention as it relates to Lambda due to its traditionally slower start up times. However, all of that changed in November 2022 with the release of AWS SnapStart. Since that time, Vadym Kazulkin has been releasing a series of articles on demonstrating Java and Lambda benchmarks in addition to best practices when using SnapStart. In this article, he explores measuring cold and warm starts with Java 17 using synchronous HTTP clients.

Configuration isn’t something that is at the forefront of every developer’s mind, but it’s vital when creating durable and repeatable applications. Serverless and cloud-native specifically create unique challenges that require performant and cost-effective solutions. This week, Samuel Lock delivered an article titled cost-effective management of static data in serverless apps.

Interesting Content

There’s been a great deal of talk lately about the state of serverless and what does serverless mean in 2024. James Eastham released a new video this week on YouTube that dives into what serverless should mean to you as a developer or architect. The bottom line is there is choice and choice as a builder is almost always a good thing.

Continuing down the video content theme, David Calavera delivered a talk this week on the Believe in Serverless weekly lunch and learn on the Rust Lambda Runtime. Rust is gaining serious traction in the community and this talk explored some of the deep internals of how Rust and Lambda work together.

Darko Mesaros has been working on an open-source project that he’s named shuk. Shuk is a cargo command that provides a command line tool that uploads files to Amazon S3 buckets, and generates presigned URLs for easy sharing. I love seeing open-source serverless tools being provided for the community. There are many ways to work with the S3 from a CLI perspective, but this is a tool that you need to look into.

Spotlight

Serverless applications often respond to a myriad of events that are generated in a system. Managing events, schemas, dependencies, and service-to-service implementations can be challenging for even the most diligent of teams. David Boyne has been working on the EventCatalog for quite some time but just recently has pushed a host of updates that provide significant value. Being purely open source, I love his passion around this often forgotten but vitally important part of building event-driven systems.

Tip of the Week

The age is here where developers are looking to squeeze every ounce of performance out of a Lambda Function. Whether that means switching your language, increasing the amount of memory, or changing from x86_64 to ARM64, the point is speed matters.

AJ Stuyvenberg shared that pre-compiled .pyc files will reduce init duration as well as memory required. Sounds like a win/win!

New Releases

Something that many serverless developers have been waiting on for years, AWS has provided the capability to increase the timeout on an API Gateway endpoint beyond the 30 seconds it has been for years. This feature gives developers another option when building longer running service operations.

OpenSearch serverless was launched in November 2022, and while the feature set is amazing, it requires a minimum number of compute units even for workloads that don’t consume that much capacity. This week, AWS slashed the entry point for all collection types in half. This lower-cost entry point will allow builders to take advantage of cheaper pricing in non-production and production-type environments.

Kinesis Data Firehose launched a native integration with Secrets Manager. This feature provides Firehose with access to things like database credentials or other common secrets that integration developers often face with managing themselves. This is a nice quality of life release.

AWS HealthImaging is an interesting service that allows the storage, sharing, and processing of Petabyte scale healthcare images. It’s a niche product for sure, but healthcare software companies face all kinds of challenges with HIPAA, PHI, and a host of archival challenges. Additionally, integrating healthcare solutions into modern event-driven systems can require a great deal of custom code. With this release, which enables an integration with EventBridge, builders can extend this wonderful service through a serverless standard in EventBridge. These types of releases are super important because again, quality of life improvements in the world of healthcare software can have major impacts on patient experience. And patient experience is often the last thing that software providers focus on.

AWS EventBridge Pipes picked up a new target in TimeStream. TimeStream is a serverless time series database that can be used for storing metric type data, oriented around a point in time, with additional tagging and metadata for enrichment. With EventBridge Pipes, data can be filtered, enriched, and ultimately shipped into TimeStream formatted and ready for storage. This is exciting as TimeStream is one of those services that is underutilized in many serverless architectures, but it’s a quality database built on purpose for time-based storage.

Last Words

Serverless is probably close to 10 years old at this point. There were early releases before AWS Lambda, but the birth of the serverless movement really started in 2014. If you are just getting into serverless or have been an early adopter for many years, the future has never been brighter. If you are excited about shipping value without having to worry about physical infrastructure, buckle up and hang on for the ride!

If you’d like to make a recommendation for the serverless superhero or for an article you found especially useful, send me a message on Twitter, LinkedIn, or email.

Happy coding!

Benjamen

Join the Serverless Picks of the Week Newsletter

Stay up to date with the best content serverless has to offer, learn about the latest updates to AWS serverless services, and get to know community superheroes, catered by AWS Serverless Hero Allen Helton. New issue every Monday.
Click here to see past issues.

Join the Serverless Picks of the Week Newsletter

Thank you for subscribing!
View past issues.