Check out my new course Learn you some Lambda best practice for great good! and learn the best practices for performance, cost, security, resilience, observability and scalability.
Hi, welcome to another weekly update.
Production-Ready Serverless is live!
It’s been a long time coming, my Manning video course Production-Ready Serverless is officially completed! All postscripts and other course materials have been added to the course. Manning is also running a special promotion for March so that ALL video courses are $25 each, what better time to learn about serverless? ;-)
Welcome PureSec as our sponsor for March!
It is my pleasure to welcome PureSec as sponsor for this month. Here’s a message from PureSec to explain what they’re building and their vision for Serverless security.
PureSec: The Leading Serverless Security Solution.PureSec’s Serverless Security Platform is designed exclusively for serverless applications, and provides an end-to-end application security solution for serverless, which is tightly integrated into the CI/CD process. The platform provides protection for applications using public cloud serverless architecture such as AWS Lambda, so you can ensure that your functions are free from risk and safe from threats at every stage of the application lifecycle.Key platform features:
- Serverless asset inventory and unparalleled real time threat visibility
- Risk management and security posture analysis
- Automatically generates IAM Roles – makes sure your AWS Lambda permissions are least-privileged
- Serverless-focused static analysis for detection and mitigation of weaknesses, vulnerabilities and misconfigurations during development
- Serverless application firewall capable of detecting and stopping event-data injection attacks such as: SQL injection, Cross-Site-Scripting, External XML entities, Runtime code injection, Local file include and Command injections
- ML-based behavioral protection capable of detecting and preventing malicious behavior such as data leakage through outbound network connections, execution of malicious processes, unauthorized access to the file-system
- Integration with SIEM systems and data analysis platforms such as Splunk.
Give PureSec a try and enjoy a 30-days free trial at https://www.puresec.io/get-puresec
Chaos test your Lambda functions with Thundra. I wrote a guest post for Thundra on their new SDK and how you can use its failure injection capabilities to chaos test your function. These tests help you identify weaknesses in your code so that you can patch them before these failure modes actually happen in production. Weaknesses such as missing timeout handling so that slow response from a dependency can cause the function to timeout, or missing error handling or fallbacks.
All three episodes of my mini-series with Forrest Brazeal from Trek10 are now live!
Part 1 – Serverless in production. We spoke about my experience with running serverless in production, my course with Manning and some of the mistakes I see people make when adopting serverless.
Part 2 – Bursting the serverless bubble. We discussed challenges with serverless adoption and what can we do to burst the serverless bubble.
Part 3 – From DevOps to FinDev. We discussed the idea of FinDev. What should the finance department and the engineering organization have in common, and why is serverless a catalyst for this transformation.
I gave a new talk at NDC Porto this week on “How to build a social network on serverless”. In this talk I discussed my journey of migrating Yubl to serverless, and how we were able to improve performance, scalability and time to market. I discussed how serverless technologies such as Lambda are used to implement each part of the system, including search, push notifications, timeline, user recommendations, and business intelligence.
I specialise in rapidly transitioning teams to serverless and building production-ready services on AWS.
Are you struggling with serverless or need guidance on best practices? Do you want someone to review your architecture and help you avoid costly mistakes down the line? Whatever the case, I’m here to help.
Check out my new podcast Real-World Serverless where I talk with engineers who are building amazing things with serverless technologies and discuss the real-world use cases and challenges they face. If you’re interested in what people are actually doing with serverless and what it’s really like to be working with serverless day-to-day, then this is the podcast for you.
Check out my new course, Learn you some Lambda best practice for great good! In this course, you will learn best practices for working with AWS Lambda in terms of performance, cost, security, scalability, resilience and observability. We will also cover latest features from re:Invent 2019 such as Provisioned Concurrency and Lambda Destinations. Enrol now and start learning!
Check out my video course, Complete Guide to AWS Step Functions. In this course, we’ll cover everything you need to know to use AWS Step Functions service effectively. There is something for everyone from beginners to more advanced users looking for design patterns and best practices. Enrol now and start learning!
Are you working with Serverless and looking for expert training to level-up your skills? Or are you looking for a solid foundation to start from? Look no further, register for my Production-Ready Serverless workshop to learn how to build production-grade Serverless applications!
Here is a complete list of all my posts on serverless and AWS Lambda. In the meantime, here are a few of my most popular blog posts.
- Lambda optimization tip – enable HTTP keep-alive
- You are wrong about serverless and vendor lock-in
- You are thinking about serverless costs all wrong
- Just how expensive is the full AWS SDK?
- Many faced threats to Serverless security
- We can do better than percentile latencies
- Yubl’s road to Serverless
- AWS Lambda – should you have few monolithic functions or many single-purposed functions?
- AWS Lambda – compare coldstart time with different languages, memory and code sizes
- Guys, we’re doing pagination wrong
- Top 10 Serverless framework best practices