API Gateway

Check-list for going live with API Gateway and Lambda

Disclaimer: this is a long list, you don’t need to tick every box to go-live. Think of them as a ladder, the more critical a system the higher you should try and climb. Observability Enable detailed monitoring to get per-method metrics (e.g. latency for GET /index). Without this, CloudWatch only reports aggregated metrics for all …

Check-list for going live with API Gateway and Lambda Read More »

The API Gateway security risk you need to pay attention to

When you deploy an API to API Gateway, throttling is enabled by default in the stage configurations. By default, every method inherits its throttling settings from the stage. Having built-in throttling enabled by default is great. However, the default method limits – 10k req/s with a burst of 5000 concurrent requests – matches your account …

The API Gateway security risk you need to pay attention to Read More »

All you need to know about caching for serverless applications

Last week, someone asked me at the AWS User Group in The Hague “Is caching still relevant for serverless applications?”  The assumption there is that Lambda auto-scales by traffic, so do we still need to worry about caching? And if so, where and how do we implement caching? So let’s break it down. Caching is …

All you need to know about caching for serverless applications Read More »

How to include SNS and Kinesis in your e2e tests

Update 17/09/2019: based on feedback, I added a few more alternatives that do not require you to deploy additional Lambda functions to the e2e-test stage. Scroll to the end to find out more. Being event-driven is a key characteristic of a serverless architecture. Often our Lambda functions would publish events to SNS topics or Kinesis …

How to include SNS and Kinesis in your e2e tests Read More »

A simple event-sourcing example with snapshots using Lambda and DynamoDB

Recently, I have been helping a client implement an event-sourced system. In the process, I put together a very simple demo app to illustrate how one could build such a system using Lambda and DynamoDB. The source code is available on GitHub here. Before you go ahead and read all about the demo app, I …

A simple event-sourcing example with snapshots using Lambda and DynamoDB Read More »

How to connect SNS to Kinesis for cross-account delivery via API Gateway

At DAZN (where I no longer work), the teams work with a number of third-party providers. They often have to synchronize data between different AWS accounts. SNS to SQS is the primary mechanism for these cross-account deliveries because: it was an established pattern within the organization DAZN engineers and third-party engineers are both familiar with …

How to connect SNS to Kinesis for cross-account delivery via API Gateway Read More »

How to create IP-protected endpoints with API Gateway and Lambda

If you haven’t been paying close attention you might have missed the API Gateway announcement for resource policies. It later played a key role in supporting API Gateway private endpoints – a way to put your API inside a private VPC. To configure resource policies with the Serverless framework, you need to upgrade to v1.28.0 or …

How to create IP-protected endpoints with API Gateway and Lambda Read More »

auto-create CloudWatch Alarms for APIs with Lambda

In a previous post we discussed how to auto-subscribe a CloudWatch Log Group to a Lambda function using CloudWatch Events. So that we don’t need a manual process to ensure all Lambda logs would go to our log aggregation service. Whilst this is useful in its own right, it only scratches the surface of what …

auto-create CloudWatch Alarms for APIs with Lambda Read More »

how to do fan-out and fan-in with AWS Lambda

In the last post, we look at how you can implement pub-sub with AWS Lambda. We compared several event sources you can use, SNS, Kinesis streams and DynamoDB streams, and the tradeoffs available to you. Let’s look at another messaging pattern today, push-pull, which is often referred to as fan-out/fan-in. It’s really two separate patterns …

how to do fan-out and fan-in with AWS Lambda Read More »

I’m afraid you’re thinking about AWS Lambda cold starts all wrong

When I discuss AWS Lambda cold starts with folks in the context of API Gateway, I often get responses along the line of: Meh, it’s only the first request right? So what if one request is slow, the next million requests would be fast. Unfortunately that is an oversimplification of what happens. Cold start happens once for …

I’m afraid you’re thinking about AWS Lambda cold starts all wrong Read More »

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close