Weekly update 14

Yan Cui

I help clients go faster for less using serverless technologies.

This article is brought to you by

Hookdeck: The Serverless Event Gateway

Hookdeck is a reliable and scalable serverless event gateway for sending, receiving, authenticating, transforming, filtering, and routing events between services in your event-driven architecture.

Learn more

Hi, welcome to the first weekly update of November!

MEAP update for Production-Ready Serverless

There has been delays in publishing the rest of the VPC unit the last two weeks as my editor has been away. But worry not, I’m already working on the last unit on canary deployment and both units should be on their way to you soon.

Remember, whilst the course is still in the MEAP, you can get 40% off the face price using the code ytcui.

I have also turned this course into a classroom setting, so if you’re interested in having me run this as a workshop in your company, then drop me a line via the Contact page.

New Posts

AWS Lambda programming language comparison. I wrote a guest post for Epsagon where we compared several popular programming languages that are supported by Lambda – Node.js, Python, Go, C# and Java. We compared them on cold and warm start performance, cost impact, as well platform support.

More than functions – serverless observability webinar. To celebrate the launch of Epsagon I took part in their launch webinar along with Jeremy Daly and Corey Quinn. I had a great time hanging out with the guys and talking about serverless. You can check out the recording here.


It’s been a busy two weeks and I managed to pack in four conferences in that time. I spoke at VoxxedDays Bristol, Get.Net Gdansk, O’Reilly Software Architecture conference and finally O’Reilly Velocity. Interestingly, I spoke about something different at every single event (but always around serverless, of course!). You can find all the slides below, I’ll post the links to the videos as well once they’re up.

Upcoming Talks

November is going to be a busy month of travelling for me. Here are the conferences I will be speaking at, if you happen to be at one of these events please don’t hesitate to come and say hi :-)

  • CodeMesh (London) – I’m giving a workshop as well as a talk on serverless
  • Serverless Computing London
  • BuildStuff (Vilnius) – I’m giving a workshop as well as a talk on serverless
  • CodeMotion Berlin – get 20% off ticket price with the code AFFILIATE
  • re:invent (Las Vegas) – my first time speaking at re:invent, yay!
  • DevTernity (Riga) – I’m giving a full-day workshop on productionizing serverless apps

Good Reads

How we got to $1 million in annual recurring revenue with $0 in fundraising – time is your most scarce resource, not money.

Here’s a couple of posts that lets you take a peek behind the curtain to see how the big boys do it ;-)

Why Netflix rolled its own Node.js Function-as-a-Service for its API platform. This slidedeck gives some more insight into this platform they call NodeQuark. Given their scale and needs, as well as the skillsets they possess, it makes sense for them to roll their own. But, for almost everybody else, please don’t do this!

I discovered this cool project called PacBot from TMobile. Pac stands for policy-as-code, it’s a platform for doing continuous compliance monitoring and reporting.

Ten platform commandments. Another great post from Charity Majors.

Github showcased a bunch of demos for their new Github Actions feature. I don’t know about you, but I’m quite excited to finally be able to use Github to drive my CI/CD pipelines without having to run a separate tool. I’m surprised it took them this long to get into this game but better late than never!

Securing serverless: attacking an AWS account via a Lambda function. Excellent story of how Ory (CTO of Puresec) hacked lambshell.com.

Customized rate limiting for API Gateway by path parameter, query parameter, and more. Nice trick to let you specify the API Key (hence control rate limiting) via a query parameter instead of the x-api-key header. I’m not sure when I’d actually use it, maybe in the case where a customer can’t specify HTTP headers for some reason? (I know, it’s stretching a little, but I have seen some weird limitations when integrating with third parties)

And finally, some wisdom from the one and only Dan North:

Whenever you’re ready, here are 4 ways I can help you:

  1. Production-Ready Serverless: Join 20+ AWS Heroes & Community Builders and 1000+ other students in levelling up your serverless game. This is your one-stop shop for quickly levelling up your serverless skills.
  2. Do you want to know how to test serverless architectures with a fast dev & test loop? Check out my latest course, Testing Serverless Architectures and learn the smart way to test serverless.
  3. I help clients launch product ideas, improve their development processes and upskill their teams. If you’d like to work together, then let’s get in touch.
  4. Join my community on Discord, ask questions, and join the discussion on all things AWS and Serverless.