DevOps Pro Domain 2: Lambda

By | June 1, 2023

This article is the eighth in a series covering my AWS DevOps Professional certification study process, part 7 on Elastic Beanstalk is here.

AWS Lambda logo
This always makes me think of Half Life…

AWS Lambda is a “serverless” service. It is event-driven meaning that some action/event triggers it to run. With it, you can run code for without provisioning or managing VPCs or servers.

In the exam, Lambda is used as a ‘glue’ between two or more different AWS services (like codecommit, codepipeline, etc…)

Lambda Developer Guide (including API reference) and Operator Guide.

The default timeout for a lambda function is 3 sec. This can bumped up to 15 min max (any question that has ‘needs to run > 15 min’ means lambda isn’t the right choice):

Can assign a Lambda to a VPC if it needs to access resources that live in the VPC, like a private RDS DB.

Know the triggers for lambda – EventBridge (cloudwatch events) will be the main trigger for DevOps related actions. Common pattern is using cloudwatch events schedule to create a cron job for lambda.

Know how to use and secure secrets in lambda (Environment variables, KMS keys, and SSM Parameter store, & AWS Secrets Manager).

You can create versions of a lambda. The most recent one is always $LATEST. $LATEST is mutable, but when a version is published, that version becomes immutable. Each new version gets it’s own ARN:

Aliases are pointers to Lambda versions – Versions are immutable, but aliases are mutable. An alias can point only to a function version, not to another alias. You can update an alias to point to a new/different version of the function. Common use case – defined Dev, Test, & Prod aliases then point them to different versions for blue/green deployment using weighting between 2 different versions:

AWS SAM (Serverless Application Model) is a combination of Lambda functions, event sources, and other resources that work together to perform tasks. Note that a serverless application is more than just a Lambda function—it can include resources like APIs, databases, and event source mappings. You can use many common CI/CD systems for deploying AWS SAM applications, including AWS CodePipeline, Jenkins, GitLab CI/CD, and GitHub Actions.

Read deploying serverless apps gradually -> ties together SAM framework, CloudFormation, CodeDeploy, Lambda, canary deployments, versioning/aliases, etc.

Know the AWS Step Functions use cases. Used to visually orchestrate workflows: