Severless - Lambda, DynamoDB, API Gateway, Cognito

Question 1

10 Serverless products in AWS?

Answer 1

• AWS Lambda
• DynamoDB
• AWS Cognito
• AWS API Gateway
• Amazon S3
• AWS SNS & SQS
• AWS Kinesis Data Firehose
• Aurora Serverless
• Step Functions
• Fargate

Question 2

• Virtual functions – no servers to manage!
• Limited by time - short executions
• Run on-demand
• Scaling is automated!

Answer 2

Amazon Lambda

Question 3

With Lambda, Increasing ___________ will also improve ________ and network!

Answer 3

RAM
CPU

Question 4

With Lambda, is it Easy to get more resources per functions?

Answer 4

YES (up to 10GB of RAM)

Question 5

• The container image must implement the Lambda Runtime API
• ECS / Fargate is preferred for running arbitrary Docker images

Answer 5

Lambda Container Image

Question 6

AWS Lambda Limits are _______?

Answer 6

per region

Question 7

AWS Lambda Execution - Memory allocation

Answer 7

128 MB – 10GB (1 MB increments)

Question 8

AWS Lambda Execution - Maximum execution time

Answer 8

900 seconds (15 minutes)

Question 9

AWS Lambda Execution - Environment variables

Answer 9

(4 KB)

Question 10

AWS Lambda Execution - Disk capacity in the “function container” (in /tmp)

Answer 10

512 MB to 10GB

Question 11

AWS Lambda Execution - Concurrency executions

Answer 11

1000 (can be increased)

Question 12

AWS Lambda Deployment - Lambda function deployment size (compressed .zip)

Answer 12

50 MB

Question 13

AWS Lambda Deployment - Size of uncompressed deployment (code + dependencies)

Answer 13

250 MB

Question 14

AWS Lambda Deployment - Can use the ___________ directory to load other files at startup

Answer 14

/tmp

Question 15

AWS Lambda Deployment - Size of environment variables

Answer 15

4 KB

Question 16

What are the 2 types of Edge Functions that CloudFront provides for Lambda??

Answer 16

CloudFront Functions
Lambda@Edge

Question 17

Lambda Customization At The Edge … do you need to manage any servers?

Answer 17

NO, They are deployed globally

Question 18

What are 10 use cases for CloudFront Functions & Lambda@Edge

Answer 18

• Website Security and Privacy
• Dynamic Web Application at the Edge
• Search Engine Optimization (SEO)
• Intelligently Route Across Origins and Data Centers
• Bot Mitigation at the Edge
• Real-time Image Transformation
• A/BTesting
• User Authentication and Authorization
• User Prioritization
• User Tracking and Analytics

Question 19

• Lightweight functions written in JavaScript
• For high-scale, latency-sensitive CDN customizations
• Sub-ms startup times, millions of requests/second
• Used to change Viewer requests and responses:
  
  • Viewer Request: after CloudFront receives a request from a
    viewer
  • Viewer Response: before CloudFront forwards the response to
    the viewer
• Native feature of CloudFront (manage code entirely within CloudFront)

Answer 19

CloudFront Functions

Question 20

• Lambda functions written in NodeJS or Python
• Scales to 1000s of requests/second
• Used to change CloudFront requests and responses:
  
  • Viewer Request – after CloudFront receives a request from a
    viewer
  • Origin Request – before CloudFront forwards the request to the
    origin
  • Origin Response – after CloudFront receives the response from
    the origin
  • Viewer Response – before CloudFront forwards the response to
    the viewer
• Author your functions in one AWS Region (us-east-1), then CloudFront replicates to its locations

Answer 20

Lambda@Edge

Question 21

Look at Slide 458

Question 22

Use Cases:
* Cache key normalization
* Transform request attributes (headers, cookies, query strings,
URL) to create an optimal Cache Key
* Header manipulation
* Insert/modify/delete HTTP headers in the
request or response
* URL rewrites or redirects
* Request authentication & authorization
* Create and validate user-generated tokens (e.g., JWT) to
allow/deny requests

Answer 22

CloudFront Functions

Question 23

Use Cases:
* Longer execution time (several ms)
* Adjustable CPU or memor y
* Your code depends on a 3rd libraries (e.g., AWS SDK to access other AWS services)
* Network access to use external ser vices for processing
* File system access or access to the body of HTTP requests

Answer 23

Lambda@Edge

Question 24

By default .. where is your Lambda Function launched?

Answer 24

outside your own VPC

Question 25

Lambda in VPC

Answer 25

* You must define the VPC ID, the Subnets and the Security Groups * Lambda will create an ENI (Elastic Network Interface) in your subnets

Question 26

Lambda by default

Answer 26

* By default, your Lambda function is launched outside your own VPC (in an AWS-owned VPC) * Therefore, it cannot access resources in your VPC (RDS, ElastiCache, internal ELB...)

Question 27

What must you do to connect a Lambda function to RDS Proxy?

Answer 27

The Lambda function must be deployed in your VPC, because RDS Proxy is never publicly accessible

Question 27

* Improve scalability by pooling and sharing DB connections * Improve availability by reducing by 66% the failover time and preserving connections * Improve security by enforcing IAM authentication and storing credentials in Secrets Manager

Answer 27

RDS Proxy

Question 28

Which RDS support Invoking Lambda?

Answer 28

RDS for PostgreSQL and Aurora MySQL

Question 29

* Must allow outbound traffic to your Lambda function from within your DB instance (Public, NAT GW,VPC Endpoints) * DB instance must have the required permissions to invoke the Lambda function (Lambda Resource-based Policy & IAM Policy)

Answer 29

Invoking Lambda from RDS & Aurora

Question 30

* Notifications that tells information about the DB instance itself (created, stopped, start, ...) * You don’t have any information about the data itself * Subscribe to the following event categories: DB instance, DB snapshot, DB Parameter Group, DB Security Group, RDS Proxy, Custom Engine Version * Near real-time events (up to 5 minutes) * Send notifications to SNS or subscribe to events using EventBridge

Answer 30

RDS Event Notifications

Question 31

DynamoDB - Fully managed, highly available with replication __________?

Answer 31

across multiple AZs

Question 32

* Scales to massive workloads, distributed database * Millions of requests per seconds, trillions of row, 100s of TB of storage * Fast and consistent in performance * Integrated with IAM for security, authorization and administration

Answer 32

DynamoDB

Question 33

How fast and consistent in performance is DynamoDB?

Answer 33

(single-digit millisecond)

Question 34

Does Dynamo DB have auto-scaling capabilities?

Answer 34

YES

Question 35

Is DynamoDB always available?

Answer 35

YES

Question 36

What are the 2 types of Table Classes in DynamoDB

Answer 36

Standard Infrequent Access (IA)

Question 37

DynamoDB is made of _______?

Answer 37

Tables

Question 38

Each DyanmoDB table has a __________ (must be decided at creation time)

Answer 38

Primary Key

Question 39

Each DyanmoDB table can have __________ number of items

Answer 39

an infinite

Question 40

Each DynamoDB item has ____________

Answer 40

attributes

Question 41

Can item attributes be added over time? Can item attributes be null?

Answer 41

Yes Yes

Question 42

What is the maximum size of a DynamoDB item?

Answer 42

400KB

Question 43

Which data types are supported in DynamoDB?

Answer 43

* Scalar Types – String, Number, Binary, Boolean, Null * Document Types – List, Map * Set Types – String Set, Number Set, Binary Set

Question 44

Therefore, in DynamoDB you can _______?

Answer 44

rapidly evolve schemas

Question 45

DynamoDB – Read/Write Capacity Modes (2)

Answer 45

Provisioned Mode (default)

Question 46

* You specify the number of reads/writes per second * You need to plan capacity beforehand * Pay for provisioned Read Capacity Units (RCU) & Write Capacity Units (WCU) * Possibility to add auto-scaling mode for RCU & WCU

Answer 46

Provisioned Mode (default)

Question 47

* Read/writes automatically scale up/down with your workloads * No capacity planning needed * Pay for what you use, more expensive ($$$) * Great for unpredictable workloads, steep sudden spikes

Answer 47

On-Demand Mode

Question 48

* Fully-managed, highly available, seamless in- memory cache for DynamoDB * Help solve read congestion by caching * Doesn’t require application logic modification (compatible with existing DynamoDB APIs)

Answer 48

DynamoDB Accelerator (DAX)

Question 49

What is DynamoDB Accelerator (DAX) latency for cached data?

Answer 49

Microseconds

Question 50

What is DynamoDB Accelerator (DAX) TTL for cache (default)

Answer 50

5 minutes

Question 51

Ordered stream of item-level modifications (create/update/delete) in a table

Answer 51

DynamoDB – Stream Processing

Question 52

What are 5 uses cases for DynamoDB – Stream Processing

Answer 52

* React to changes in real-time (welcome email to users) * Real-time usage analytics * Insert into derivative tables * Implement cross-region replication * Invoke AWS Lambda on changes to your DynamoDB table

Question 53

What are 2 types of DynamoDB – Stream Processing

Answer 53

DynamoDB Streams Kinesis Data Streams (newer)

Question 54

* 24 hours retention * Limited # of consumers * Process using AWS Lambda Triggers, or DynamoDB Stream Kinesis adapter

Answer 54

DynamoDB Streams

Question 55

* 1 year retention * High # of consumers * Process using AWS Lambda, Kinesis Data Analytics, Kineis Data Firehose, AWS Glue Streaming ETL...

Answer 55

Kinesis Data Streams (newer)

Question 56

* Make a DynamoDB table accessible with low latency in multiple-regions * Active-Active replication * Applications can READ and WRITE to the table in any region * Must enable DynamoDB Streams as a pre-requisite

Answer 56

DynamoDB Global Tables

Question 57

* Automatically delete items after an expiry timestamp

Answer 57

DynamoDB –TimeTo Live (TTL)

Question 58

DynamoDB –TimeTo Live (TTL) use cases

Answer 58

- reduce stored data by keeping only current items - adhere to regulatory obligations - web session handling

Question 59

What are 2 types of DynamoDB – Backups for disaster recovery

Answer 59

Continuous backups using point-in-time recovery (PITR) On-demand backups

Question 60

DynamoDB – Backups for disaster recovery * Full backups for long-term retention, until explicitely deleted * Doesn’t affect performance or latency * Can be configured and managed in AWS Backup (enables cross-region copy) * The recovery process creates a new table

Answer 60

On-demand backups

Question 60

DynamoDB – Backups for disaster recovery * Optionally enabled for the last 35 days * Point-in-time recovery to any time within the backup window * The recovery process creates a new table

Answer 60

Continuous backups using point-in-time recovery (PITR)

Question 61

* Works for any point of time int he last 35 days * Doesn’t affect the read capacity of your table * Perform data analysis on top of DynamoDB * Retain snapshots for auditing * ETL on top of S3 data before importing back into DynamoDB * Export in DynamoDB JSON or ION format

Answer 61

Export to S3 (must enable PITR)

Question 62

* Import CSV, DynamoDB JSON or ION format * Doesn’t consume any write capacity * Creates a new table * Import errors are logged in CloudWatch Logs

Answer 62

Import from S3