SRI KRISHNA COLLEGE OF ENGINEERING AND TECHNOLOGY

Kuniamuthur, Coimbatore, Tamilnadu, India

An Autonomous Institution, Affiliated to Anna University,
Accredited by NAAC with “A” Grade & Accredited by NBA (CSE, ECE, IT, MECH ,EEE, CIVIL& MCT)

Course : SERVER LESS COMPUTING

Module :2
TOPICS : Computing Services
Faculty : Prof.M.Vengateshwaran AP/CSE
 MODULE 2
Serverless Security: Comparing FaaS to laaS - Serverless Framework -
Serverless Functions - Understanding lambda functions - Command line
interface - Integrating Lambda Layers with the Serverless Framework-
Serverless storage services and Database services.
Case Study: Amazon DynamoDB and AWS Lambda Functions.
2.1 Comparing FaaS to laaS
 2.1 Comparing FaaS to laaS
Parameters IaaS FaaS
Full-Form Infrastructure as a Service Function as a Service
Access The IaaS service provides its it’s based on the functions
users with access to various which can be triggered by a
resources like virtual storage given event, so it’s an
and virtual machines. event-based architecture.
Technical Understanding A user requires technical The developer just writes a
knowledge to make use of IaaS function and doesn’t have to
services. ponder about topics such as
deployment, server resources,
scalability…
 Comparing FaaS to laaS
Parameters IaaS FaaS
Used by The network architects primarily FaaS cloud providers or more often
use the IaaS. referred to as, serverless providers
that offer FaaS.

Cloud Services VCloud Express, Sun, Amazon Amazon Web Services Lambda,
Web Services. Google Cloud Functions, Microsoft
Azure Functions, IBM Cloud
Functions, and Oracle Cloud Fn are
public cloud serverless offerings via
FaaS.
 Comparing FaaS to laaS
Parameters IaaS FaaS
Enterprise Services Virtual Private Cloud by AWS. FaaS is often used to deploy
microservices and may also be
referred to as serverless
computing.
Model The IaaS is a service model. It functions Function as a service (FaaS)
to provide various visualized computing is a cloud computing model
resources all over the internet. that enables cloud customers
to develop applications and
deploy functionalities and
only be charged when the
functionality executes.
Serverless Framework and Serverless
Functions
Serverless Framework
• how do you implement it? You need a framework for that. It is
called, serverless.
• The serverless framework helps us develop and deploy functions/
applications designed to run in a serverless fashion.
• The framework goes a step ahead and takes care of the deployment of the
entire stack required for our serverless functions to run.
• What is a stack? Well, the stack comprises of all the resources that you
will require for deploying, storing, and monitoring your serverless
applications.
Serverless Framework
•Develop, deploy, troubleshoot and secure your
serverless applications with radically less
overhead and cost by using the Serverless
Framework.
•The Serverless Framework consists of an open
source CLI and a hosted dashboard.
•Together, they provide you with full serverless
application lifecycle management.
Serverless Framework
• It includes the actual function/ application, storage containers, monitoring
solutions, and a lot more.
• For example, in the context of AWS, your stack will consist of your actual
Lambda function, S3 bucket for your function files, Cloudwatch resources
linked to your function, and so on.
• The serverless framework creates this entire stack for us.
• This allows us to focus completely on our function.
• Serverless takes away the headache of maintaining a server and serverless
(framework) takes away the headache of creating and deploying the stack
necessary to run our function.
Serverless Framework
• The serverless framework also takes care of assigning the necessary
permissions to our functions/ applications.
• Some applications (examples of which we will see in this tutorial) even
require databases to be linked to them.
• Serverless framework again takes care of creating and linking the DBs.
• How does serverless know what to include in the stack and which
permissions to provide? All of it is mentioned in the serverless.
• yml file, which will be our main focus.
Serverless - Installing

• we will be learning all about the deployment of AWS Lambda functions

using the serverless framework.
Step 1 − Install nodejs
• To begin with, you need to first install nodejs. You can check whether
nodejs is installed in your machine or not by opening the Command Prompt
and typing node -v.
• If it is installed, you will get the version number of node. Otherwise, you
can download and install node from here.
Serverless - Installing
• Step 2 − Install serverless using the npm command
• You can install serverless using the following command (npm stands
for node package manager) −
• You can check whether it got successfully installed by
running serverless create --help. If serverless is successfully installed,
you should see the help screen for the create plugin.
Step 3 − Configure Credentials
• You need to obtain credentials from AWS for configuring serverless.
• For that, either create a user (through IAM -> Users -> Add user) in
the AWS Console or click on an existing User in IAM -> Users.
• If you are creating a new user, you will need to attach some required
policies (like Lambda Access, S3 Access, etc.) or provide
Administrator access to the user.
Step 3 − Configure Credentials
 Step 3 − Configure Credentials
• After create the user, then will be able to see the access key and secret
key. Please keep this very secure and confidential.

• If you are an existing user, you can generate a new Access Key and
Secret by following the steps mentioned here.
 Step 3 − Configure Credentials
• Once you have the access and secret keys handy, you can configure credentials in
serverless using the following command −
serverless config credentials --provider aws --key 1234
--secret 5678 --profile custom-profile

• The profile field is optional. If you leave it blank, the default profile is 'aws’.
• Remember what profile name you set because you will have to mention it in the
serverless.yml file.
• If you've completed the above steps, the serverless configuration is complete. Move
on to the next to create your first serverless project.
 Serverless - Deploying Function
• Creating a New Project

Navigate to a new folder wherein you want to create your first project
to be deployed to serverless. Within that folder, run the following
command −
sls create --template
aws-python3
Creating a New Project

• Once the boilerplate code is created, you will see two files in your
folder: handler.py and serverless.yml.
• handler.py is the file containing the lambda function code.
• serverless.yml is the file that tells AWS how to create your lambda
functions.
• It is the configuration file or the settings file that is going to be the
focus.
• Let us go through the handler.py file first.
Code:handler.py
import json
def hello(event, context):
body =
{
"message": "Go Serverless v1.0! Your function executed successfully!", "input": event
}
response =
{
"statusCode": 200, "body": json.dumps (body)
}
return response
# Use this code if you don't use the http event with the LAMBDA-PROXY # integration
""" return {
"message": "Go Serverless v1.0! Your function executed successfully!", "event": event
}
"""
Function ‘hello’
• It contains one function hello.
• This function takes in two arguments: event and context.
• Both of these are required arguments for any AWS Lambda function.
• Whenever the lambda function is invoked, the lambda runtime passes
two arguments to the function − event and context.
Event argument
• The event argument contains the data for the lambda function to
process.
• For instance, if you trigger your lambda function through a REST API,
whatever data you send in the path parameters or the body of the API,
are sent to the lambda function in the event parameter.
• The important thing to note is that the event is usually of the
python dict type, although can also be of str, float, int, list,
or NoneType type.
•
Context Argument
• The context object is another argument passed on to your lambda
function at runtime.
• It is not used very often.
• The official AWS Documentation states that this object provides
methods and properties that provide information about the
invocation, function, and runtime environment.
• You can read more about the event and context objects here.
Context Argument
• It simply returns a message with status code 200.
• There is a comment at the bottom that should be used if we don't use
the HTTP event with the LAMBDA-PROXY setting.
Serverless . yml
• Now, let us look at the serverless.yml file.
• It is a heavily commented file. The comments are extremely useful for
someone starting off with serverless.
• You are encouraged to go through the comments thoroughly. We will
be looking at a lot of concepts related to serverless.yml.
•
• If you look at the serverless.yml file after removing the comments, this
is how it will look like −
service: aws-serverless
frameworkVersion: '2'

provider:
name: aws
runtime: python3.8
lambdaHashingVersion: 20201221
functions:
hello:
handler: handler.hello
• The service field determines the name of the CloudFormation stack
within which your lambda function and all the required resources will
be created.
• Think of the service as your project.
• Everything required for the AWS Lambda function to execute will be
created within that service.
• You can set a service name of your choice.
• The framework version refers to the version of the serverless framework.
• It is an optional field, ususally kept to ensure that the same version number
is used by people with whom you share your code.
• If there frameworkVersion mentioned in serverless.yml is different than the
version of serverless installed in your machine, you will receive an error
during deployment.
• You can also specify a range for frameworkVersion
like frameworkVersion − >=2.1.0 && <3.0.0. You can read more about
frameworkVersions here.
•
• provider, can be considered as a set of global settings.
• Here, we will focus on the parameters available. The name field
determines the name of your platform environment, which is aws in
this case.
• The runtime is python3.8 because we used the python3 template.
• The lambdaHashingVersion refers to the name of the hashing
algorithm that should be used by the framework.
• if you've added a custom profile in the config credentials step then you
will need to add the profile parameter in provide.
• For instance, I set my profile name to yash-sanghvi. Therefore, my
provider looks like −
provider:
name: aws
runtime: python3.8
lambdaHashingVersion: 20201221
profile: yash-sanghvi
• Finally, the functions block defines all the lambda functions.
• We have just one function here, in the handler file.
• The name of the function is hello. The path of the function is
mentioned in the handler field.
Deploying the function
• To deploy the function you need to open the Command Prompt,
navigate to the folder containing your serverless.yml, and enter the
following command −

• sls deploy -v
• The -v is an optional argument that indicates verbose output.
• It helps you understand the background processes better.
• Once your function is deployed, you should be able to see it on the
AWS Console in the us-east-1 region (which is the default).
• You can invoke it from the console, using the 'Test' feature (you can
keep the same default event since our lambda function is anyway not
using the event input).
• You can also test it using the Command Prompt using −
sls invoke --function hello
2.3 Understanding Lambda Function
AWS Lambda
Internally
AWS LAMBDA MANAGEMENT CONSOLE
● Lambda runs your code on a high-availability compute infrastructure and performs
all of the administration of the compute resources, including server and operating
system maintenance, capacity provisioning and automatic scaling, and logging.
● With Lambda, you can run code for virtually any type of application or backend
service.
● All you need to do is supply your code in one of the languages that Lambda supports.
● Lambda runs your function only when needed and scales automatically,
from a few requests per day to thousands per second.
● You pay only for the compute time that you consume—there is no charge
when your code is not running.
Lambda is an ideal compute service for many application scenarios, as long
as you can run your application code using the Lambda standard runtime
environment and within the resources that Lambda provides.
When to use Lambda
● File processing: Use Amazon Simple Storage Service (Amazon S3) to trigger Lambda data
processing in real time after an upload.

● Stream processing: Use Lambda and Amazon Kinesis to process real-time streaming data for
application activity tracking, transaction order processing, clickstream analysis, data cleansing,
log filtering, indexing, social media analysis, Internet of Things (IoT) device data telemetry, and
metering.
When to use Lambda

● Web applications: Combine Lambda with other AWS services to build powerful web applications that
automatically scale up and down and run in a highly available configuration across multiple data
centers.

● IoT backends: Build serverless backends using Lambda to handle web, mobile, IoT, and third-party API
requests.

● Mobile backends: Build backends using Lambda and Amazon API Gateway to authenticate and process
API requests. Use AWS Amplify to easily integrate your backend with your iOS, Android, Web, and
React Native frontends.
Features
● Scaling
● Concurrency controls
● Function URLs
● Asynchronous invocation
● Event source mappings
● Destinations
● Function blueprints
● Testing and deployment tools
● Application templates
Lambda Function Permissions
Execution Permission
Resource Based Policy
EVENT PUSH AND PULL MODEL
Lambda Execution Context Reuse
Cold start
Context reuse
Provisioned Concurrency
stateless/state
Types of Lambda Invocations
Synchronous
Asynchronous
AWS Lambda
Handler
Function
 Handler Function
Handler function runs when Lambda is invoked (Entry point)

You need to provide filename, and name of function in Lambda

Configuration

Handler function is exported so that it is visible

Can be used to identify/specify particular handler among various files

AWS Lambda
Event
Object
 Event Object
Data that is transferred from Trigger to Lambda function, get stored
with event object

Data transferred to Lambda function is stored with Event object

along with its details
Event Object
 Info passed to Event Object

GET https://123.14.15.72:8070/hello/Smith?location=Bangalore&year=2019
 Info stored with Event Object

{
"path": "/hello/Smith",
"headers": { "Accept": “application/json“ }
"pathParameters": { “userName": “Smith“ },
"requestContext": { "accountId": "12345678912“ },
"httpMethod": “GET",
“queryStringParameters”: {“location”: “Bangalore”, “year”: “2019”}
}
 For more details and documentation

https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-l
ambda-proxy-integrations.html
AWS Lambda
Context
Object
 Context Object
Provides runtime information of the Lambda function- functionName

Provides details about the execution environment- memory limit

Provides some properties and methods

Context Object
Context Object
Context Object
AWS Lambda
Callback
function
 Callback parameter

Exit point of your lambda function.

Callback parameter in handler function is optional.

If no callback is present then it means callback is called without any

parameter
Callback parameter
Callback parameter
Callback parameter
Callback parameter
Callback parameter
Callback parameter
2.4 AWS CLI Command reference
2.5 AWS Lambda Layers
AWS Lambda Layers

• If you are using AWS as a provider, all layers inside the service
are AWS Lambda layers.
Configuration
• All of the Lambda layers in your serverless service can be found in
serverless.yml under the layers property.

•
 retain: false # optional, false by default. If true, layer versions are not deleted as new ones are
created

retain: false # optional, false by default. If true, layer versions

are not deleted as new ones are created
• You can add up to 5 layers as you want within this property.
• Your layers can either inherit their packaging settings from the global
package property.
• Or you can specify them at the layer level.

• Keep in mind that all patterns (even when inherited from the service
config) are resolved against the layer's path and not the service path.
• You can also specify a prebuilt archive to create your layer. When you
do this, you do not need to specify the path element of your layer.
Permissions
• You can make your layers usable by other accounts by setting the
allowedAccounts property:
• Another example, making the layer publicly accessible:
2.6 AWS Storage Services
 AWS Storage Services
Object, file, and block storage
• Amazon S3(Simple Storage Service)
- Object storage built to retrieve any amount of data from anywhere.
• Amazon Elastic File System(EFS)
- Serverless, fully elastic file storage.
• Amazon FSx
- Launch, run, and scale feature-rich and highly-performant file
systems with
just a few clicks.
• Amazon Elastic Block Store (EBS)
- Easy to use, high performance block storage at any scale.
• Amazon File Cache
- High-speed cache for datasets stored anywhere.
Amazon S3-Features
• Amazon S3 used to organize and manage your data in ways that
support specific use cases, enable cost efficiencies, enforce security,
and meet compliance requirements.
• Data is stored as objects within resources called “buckets”,
• A single object can be up to 5 terabytes in size.
• Objects can be accessed through S3 Access Points or directly through
the bucket hostname.
 S3 features include capabilities to:

✔ Append metadata tags to objects,

✔ Move and store data across the S3 Storage Classes,
✔ Configure and enforce data access controls,
✔ Secure data against unauthorized users,
✔ Run big data analytics,
✔ Monitor data at the object and bucket levels,
✔ View storage usage and activity.
 Storage management and monitoring
• All objects are stored in S3 buckets and can be organized with
shared names called prefixes.
• You can also append up to 10 key-value pairs called S3
object tags to each object, which can be created, updated,
and deleted throughout an object’s lifecycle.
• To keep track of objects and their respective tags, buckets, and
prefixes, you can use an S3 Inventory Report that lists your
stored objects within an S3 bucket or with a specific prefix, and
their respective metadata and encryption status.
• S3 Inventory can be configured to generate reports on a daily
or a weekly basis.
Amazon S3 Glacier
• Amazon S3 Glacier (S3 Glacier) is a secure and durable
service for low-cost data archiving and long-term backup.
• With S3 Glacier, you can store your data cost effectively for
months, years, or even decades.
• S3 Glacier helps you offload the administrative burdens of
operating and scaling storage to AWS
• so you don't have to worry about capacity planning, hardware
provisioning, data replication, hardware failure detection and
recovery, or time-consuming hardware migrations.
Amazon S3 Glacier
•Amazon Simple Storage Service (Amazon S3) also
provides three Amazon S3 Glacier archive storage
classes.
•These storage classes are designed for different
access patterns and storage duration.
•These storage classes differ as follows:
•S3 Glacier Instant Retrieval – Use for archiving data
that is rarely accessed and requires milliseconds
retrieval.
Amazon S3 Glacier
• S3 Glacier Flexible Retrieval (formerly the S3 Glacier storage
class) – Use for archives where portions of the data might need
to be retrieved in minutes. Data stored in the S3 Glacier Flexible
Retrieval storage class can be accessed in as little as 1-5
minutes by using Expedited retrieval. You can also request free
Bulk retrievals in up to 5-12 hours.
• S3 Glacier Deep Archive – Use for archiving data that rarely
needs to be accessed. Data stored in the S3 Glacier Deep
Archive storage class has a default retrieval time of 12 hours.
What is Block Storage?
• Block storage is technology that controls data storage and
storage devices.
• It takes any data, like a file or database entry, and divides it into
blocks of equal sizes.
• The block storage system then stores the data block on
underlying physical storage in a manner that is optimized for
fast access and retrieval.
• Developers prefer block storage for applications that require
efficient, fast, and reliable data access.
• Think of block storage as a more direct pipeline to the data. By
contrast, file storage has an extra layer consisting of a file
system (NFS, SMB) to process before accessing the data.
Amazon Elastic Block Store (Amazon
EBS)
Amazon Elastic Block Store (Amazon EBS) is an easy-to-use,

scalable, high-performance block-storage service designed for

Amazon Elastic Compute Cloud (Amazon EC2).

How its works?
• Serverless, fully elastic file storage
Serverless Database services
Serverless Database
• A serverless database eliminates the operational overhead of
deployment, capacity planning, upgrading and management.
• It does all this without downtime and allows developers to focus on
what matters – coding
• A serverless database is any database that embodies the core
principles of the serverless computing paradigm.
• The exact flavor of the application doesn’t matter;
Serverless Database
• whether a serverless database, a cloud data warehouse or even a
custom backend to a CRM app, anything calling itself serverless
should be built with the following principles in mind:
✔ Little to no manual server management
✔ Automatic, elastic app/service scale
✔ Built-in resilience and inherently fault tolerant service
✔ Always available and instant access
✔ Consumption-based rating or billing mechanism
• Data should be accurate and of high integrity, but — and of
equal importance — data must also be available everywhere,
and with very low latency.
• The very nature of serverless is inherently multi-regional:
• never tied to a single region and able to deliver all of this value
anywhere.
• These four additional principles are:
✔ Survive any failure domain, including regions
✔ Geographic scale
✔ Transactional guarantees
✔ The elegance of relational SQL
https://youtu.be/GxjKsKSOWJk
Key Serverless Capabilities
1. Little to no manual server management
• A serverless database eliminates the operational overhead of
deployment, capacity planning, upgrading and management.
2. Automatic, elastic scale
• Elastic scale allows your service or app to consume the right amount
of resources necessary for whatever your workload demands at any
time.
• This elastic scale is automated and requires no changes to your app
and will help optimize compute costs.
3. Built-in resilience and inherently fault-tolerant
• A serverless database will survive backend failures and guarantee
data correctness even when these issues happen.
4. Always available and instant access
• Your apps and services will rely on your serverless database to
be always on and always available.
• More importantly, it should minimize any “waking up” time so
that all customer requests are serviced in a timely manner.
5. Consumption-based rating or billing mechanism
• It’s serverless, so you only pay for the resources you use, when
you use them.
6. Survive any failure domain, including an entire region
• A serverless database to survive the collapse of any failure domain
(instance, rack, AZ, region, cloud provider, etc) it should persist
multiple copies of data and then intelligently control where the data
resides to avoid these failures.
7. Geographic scale
• For a serverless database, scale can also be extended to
geography as data is needed everywhere.
8. Transactional guarantees
• Transactional guarantees and data integrity are less complex in a
single region, but we aren’t talking about a single region when we
speak of the ultimate definition of serverless. Serverless knows no
bounds.
9. The beauty and elegance of a relational database (SQL)
• Delivering the elegance of SQL may not be a requirement of every
serverless database, but it should be considered an adjunct
requirement because of its importance to most of our operational
workloads.
serverless databases

• Amazon DynamoDB and Aurora Serverless.

• Microsoft Cosmos DB Serverless and Azure SQL Serverless.
• Google Firestore.
• PlanetScale.
• MongoDB Atlas Serverless.
• CockroachDB Serverless.
• Fauna.
Amazon DynamoDB
• Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database

designed to run high-performance applications at any scale.

• DynamoDB offers built-in security, continuous backups, automated multi-Region

replication, in-memory caching, and data import and export tools.

• Fast, flexible NoSQL database service for single-digit millisecond performance at

any scale
Amazon DynamoDB
•With DynamoDB, you can create database tables that
can store and retrieve any amount of data and serve
any level of request traffic.
•You can scale up or scale down your tables'
throughput capacity without downtime or
performance degradation.
•You can use the AWS Management Console to
monitor resource utilization and performance
metrics.
https://docs.aws.amazon.com/amazondynamodb/latest/d
Amazon DynamoDB
• create on-demand backups and enable point-in-time recovery
for your Amazon DynamoDB tables.
• Point-in-time recovery helps protect your tables from accidental
write or delete operations.
• With point-in-time recovery, you can restore a table to any point
in time during the last 35 days.
• DynamoDB allows you to delete expired items from tables
automatically to help you reduce storage usage and the cost of
storing data that is no longer relevant.
How Its work?
• Free 25 GB of storage and up to 200 million read/write requests per
month with the AWS Free Tier.
AWS Lambda function
AWS Lambda function
• AWS Lambda is a serverless, event-driven compute service that lets
you run code for virtually any type of application or backend service
without provisioning or managing servers.
• You can trigger Lambda from over 200 AWS services and software as
a service (SaaS) applications, and only pay for what you use.
 File Processing

Use Amazon Simple Storage Service (Amazon S3) to trigger AWS Lambda data processing in real
time after an upload, or connect to an existing Amazon EFS file system to enable massively parallel
shared access for large-scale file processing.
 Stream Processing

•Diagram showing how Serverless stream processing works. Social media stream is loaded into
Amazon Kinesis, then Lambda is triggered. Lambda runs code that generates hashtag trend data,
and the data is stored in DynamoDB for easy querying.
Web application

Diagram showing how Amazon S3, API Gateway, AWS Lambda, and
DynamoDB work together to retrieve weather data for a web or mobile
application.
IoT

Build serverless backends using AWS Lambda to handle web, mobile,

Internet of Things (IoT), and third-party API requests.
THANK YOU