The adoption of serverless is on the rise, but until now, little guidance has been available for development teams that want to apply this technology on AWS. This definitive guide is packed with architectural, security, and data best practices and patterns for architects and engineers who want to build reliable enterprise-scale serverless solutions. Sheen Brisals, an AWS Serverless Hero, and Luke Hedger, an AWS Community Builder, outline the serverless adoption requirements for an enterprise, examine the development tools your team needs, and explain in depth the nuances of testing event-driven and distributed serverless services. You'll gain practical guidance for keeping up with change and learn how to build serverless solutions with sustainability in mind. Examine the serverless technology ecosystem and AWS services needed to develop serverless applications Learn the approach and preparation required for a successful serverless adoption in an enterprise Learn serverless architectures and implementation patterns Design, develop, and test distributed serverless microservices on AWS cloud Apply security best practices while building serverless solutions Identify and adapt the implementation patterns for your particular use case Incorporate the necessary measures for observable serverless applications Implement sustainable serverless applications in the cloud

lgrsnf/Serverless Development on AWS Building Enterprise-Scale Serverless Solutions (Brisals, Sheen, Hedger, Luke).pdf

zlib/Computers/Enterprise Computing Systems/Sheen Brisals, Luke Hedger/Serverless Development on AWS: Building Enterprise-Scale Serverless Solutions_27756696.pdf

Brisals, Sheen

Oreilly & Associates Inc

United States, United States of America

O'Reilly Media, Sebastopol, CA, 2024

Copyright
Table of Contents
Foreword
Preface
Who We Wrote This Book For
Conventions Used in This Book
Supplemental Material
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Introduction to Serverless on AWS
The Road to Serverless
From Mainframe Computing to the Modern Cloud
The Influence of Running Everything as a Service
Managed Versus Fully Managed Services
The Characteristics of Serverless Technology
Pay-per-Use
Autoscaling and Scale to Zero
High Availability
Cold Start
The Unique Benefits of Serverless
Individuality and Granularity of Resources
Ability to Optimize Services for Cost, Performance, and Sustainability
Support for Deeper Security and Data Privacy Measures
Incremental and Iterative Development
Multiskilled, Diverse Engineering Teams
The Parts of a Serverless Application and Its Ecosystem
Why Is AWS a Great Platform for Serverless?
The Popularity of Serverless Services from AWS
The AWS Well-Architected Framework
AWS Technical Support Plans
AWS Developer Community Support
Summary
Interview with an Industry Expert
Danilo Poccia, Chief Evangelist (EMEA), Amazon Web Services
Chapter 2. Enterprise Readiness for Serverless
Preparing for “Thinking in Serverless”
Creating a Serverless Mindset
First Principles for Successful Serverless Adoption
Assessing Workloads for Serverless Suitability
How Do You Bring Serverless Awareness to Business Stakeholders?
The Role of Organizational Culture
Vendor Lock-in Demystified
Why Is Vendor Lock-in Seen as So Critical?
Is It Possible to Avoid Getting Locked In?
Should You Be Worried About Vendor Lock-in in Serverless?
Consider the Cloud Provider (AWS) as Your Partner, Not a Vendor
Strategies for Migrating Legacy Applications to Serverless
Lift-and-Shift
All-at-Once Service Rewrite
Phased Migration
Comparing Migration Strategies
Growing Serverless Talent
Growing Versus Building
Essential Ingredients for Growing a Serverless Team
The Structure of a Multidisciplinary Serverless Team
Summary
Interview with an Industry Expert
David Anderson, Architect, G-P Globalization Partners
Chapter 3. Software Architecture for Building Serverless Microservices
Popular Architectural Patterns
Event-Driven Architecture
Client/Server Architecture
Layered Versus Tiered Architecture
Hexagonal Architecture
Characteristics of a Microservice
Independently Deployable
Represents Part of a Business Domain
Single Purpose
Well-Defined Communication Boundary
Loosely Coupled
Observable at a Granular Level
Owned by a Single Team
Microservice Communication Strategies
Synchronous Communication
Asynchronous Event-Driven Communication
Breaking Down a Problem to Identify Its Parts
Using a Set Piece Analogy to Identify the Parts
Building Microservices to Serverless’s Strengths
Event-Driven Architecture for Microservices Development
Event-Driven Computing and Reactive Services
Is My Microservice a Reactive Service?
An Introduction to Amazon EventBridge
Domain Events, Event Categories, and Types
The Importance of Event Sourcing in Serverless Development
EventStorming
Summary
Interview with an Industry Expert
Matt Lewis, Chief AWS Architect, IBM UK, AWS Data Hero
Chapter 4. Serverless and Security
Security Can Be Simple
Security Challenges
Getting Started
Combining the Zero Trust Security Model with Least Privilege Permissions
The Power of AWS IAM
The AWS Shared Responsibility Model
Think Like a Hacker
Meet the OWASP Top 10
Serverless Threat Modeling
Securing the Serverless Supply Chain
Securing the Dependency Supply Chain
Going Further with SLSA
Lambda Code Signing
Protecting Serverless APIs
Securing REST APIs with Amazon Cognito
Securing HTTP APIs
Validating and Verifying API Requests
Message Verification in Event-Driven Architectures
Protecting Data
Data Encryption Everywhere
AWS KMS
Security in Production
Go-Live Security Checklist for Serverless Applications
Maintaining Security in Production
Detecting Sensitive Data Leaks
Summary
Interview with an Industry Expert
Nicole Yip, Principal Engineer
Chapter 5. Serverless Implementation Patterns
An Overview of Software Patterns
What Is a Pattern?
How Do Patterns Accelerate Serverless Development?
Serverless Migration: The Strangler Fig Pattern
Implementation Approaches
Strangling Data Processing Flows
Strangling API Routes to Backend Services
Resilient Architecture: The Circuit Breaker Pattern
Why Is the Circuit Breaker Pattern Relevant in Serverless?
Core Concepts of Circuit Breaker Implementation
Failing Faster When the Circuit Is Open
Storing Requests When the Circuit Is Open and Replaying Them When Closed
The Functionless Integration Pattern
Use Cases for Functionless Integration
Things to Be Aware of with Native Service Integrations
The Event Triage Pattern
What Is Event Triage?
Implementation Details
Frequently Asked Questions
The Gatekeeper Event Bus Pattern
The Need for a Gatekeeper Event Bus
Implementation Approach
Use Cases for the Gatekeeper Event Bus Pattern
Things to Be Aware of with the Gatekeeper Event Bus Pattern
Microservices Choreography
Things to Be Aware of While Choreographing Services
Service Orchestration
What Do You Orchestrate?
In-Service Orchestration
Cross-Service Orchestration
Distributed Orchestration
Summary
Interview with an Industry Expert
Jeremy Daly, CEO, Ampt, AWS Serverless Hero
Chapter 6. Implementing Serverless Applications
Serverless Compute with AWS Lambda
How to Write Lambda Functions
Optimizing Lambda Functions
Most of the Code You Write Will Be Infrastructure
Infrastructure as Code
Direct Service Integrations and Delegating to the Experts
Production Is Just a Name
Ship on Day 1, and Every Day After
Boring Delivery Pipelines—Safety, Speed, and Predictability
Documentation: Quality, Not Quantity
Summary
Interview with an Industry Expert
Sara Gerion, Senior Solutions Architect, Amazon Web Services
Chapter 7. Testing Serverless Applications
How Can Serverless Applications Be Tested?
Why Serverless Requires a Novel Approach to Testing
The Serverless Square of Balance: The Trade-off Between Delivery and Stability
Serverless Failure Modes and Effects Analysis
Designing a Serverless Test Strategy
Identifying the Critical Paths
Just Enough and Just-in-Time Testing
Upholding Standards with a Definition of Done
Hands-on Serverless Testing
Event-Driven Testing
Unit Testing Business Logic in Lambda Functions
Contract Testing Integration Points
Summary
Interview with an Industry Expert
Sarah Hamilton, AWS Community Builder and Senior Software Engineer
Chapter 8. Operating Serverless
Identifying the Units of Scale
Promoting Serverless Observability
Observing the Health of Critical Paths
Metrics, Alarms, and Alerts
Critical Health Dashboard
Capability Alerting
Event-Driven Logging
Using Distributed Tracing to Understand the Whole System
When Things Go Wrong
Accepting Failure and Budgeting for Errors
Everything Fails All the Time: Fault Tolerance and Recovery
Debugging with the Core Analysis Loop
Disaster Recovery
Avoiding Single Points of Failure
Understanding AWS Availability
Multi-Account, Multi-Region: Is It Worth It?
Summary
Interview with an Industry Expert
Yan Cui, AWS Serverless Hero
Chapter 9. Cost of Serverless Operation
Understanding Serverless Cost Models
Total Cost of Ownership in the Cloud
Compute Costs
Storage Costs
Avoiding Serverless Cost Gotchas
Serverless Cost Estimation
How to Estimate Costs
The More You Use, the Less You Spend
How Much Can Be Done with the AWS Free Tier?
Serverless Cost Monitoring Best Practices
Creating Cost Awareness in a Serverless Team
Monitoring Costs with Budget Alerts
Reducing the Operational Cost of Serverless
Summary
Interview with an Industry Expert
Ben Ellerby, Founder, aleios, AWS Serverless Hero
Chapter 10. Sustainability in Serverless
So, What Is Sustainability?
The Three Pillars of Sustainability
The UN Sustainable Development Goals
Why Is Sustainability Thinking Necessary in Serverless?
The Three Elements of the Cloud
The Serverless Sustainability Triangle
Building Sustainable Serverless Applications
How Do You Identify Unsustainable Serverless Applications?
Characteristics of a Sustainable Application
Development Processes and Practices That Promote Sustainability
Follow Lean Development Principles and Reduce Resource Waste
Start from a Simple Set of Requirements and Scale Fast
Automate Everything Possible
Rethink the Throwaway Prototypes of the Past
Nurture Your Serverless Engineers
Sustainability and the AWS Cloud
Implementation Patterns and Best Practices for Sustainability
User Behavior
Software Architecture
Data and Storage
Development and Deployment
Introducing Sustainability in Your Engineering Teams
Sustainability in Technology: Awareness Day
Sustainability Focus Areas for Your Team
Sustainability Audit Checklist
Summary
Interview with an Industry Expert
Adrian Cockcroft, Partner, OrionX
Chapter 11. Preparing for the Future with Serverless
Emerging Trends in Serverless
The Low-Code and Functionless Promise
The Renaissance of Event-Driven Architecture
Multicloud Orchestration
Infrastructure from Code
The Evolution and Influence of Generative AI
Keeping Up with the Evolution of Serverless
Challenges Facing Enterprise Teams
Sustaining a Serverless Knowledge Pool
Embracing Continuous Refactoring
Playing the Long Game
Establishing a Serverless Guild and Center of Excellence
Becoming a Serverless Evangelist
Joining a Serverless Community
Summary
Interview with an Industry Expert
Farrah Campbell, Head of Modern Compute Community, AWS
Appendix A. PostNL’s Serverless Journey
Appendix B. Taco Bell’s Serverless Journey
Appendix C. Templates and Worksheets
Index
About the Authors
Colophon

"The adoption of serverless is on the rise, but until now, little guidance has been available for development teams that want to apply this technology on AWS. This definitive guide is packed with architectural, security, and data best practices and patterns for architects and engineers who want to build reliable enterprise-scale serverless solutions. Sheen Brisals, an AWS Serverless Hero, and Luke Hedger, an AWS Community Builder, outline the serverless adoption requirements for an enterprise, examine the development tools your team needs, and explain in depth the nuances of testing event-driven and distributed serverless services. You'll gain practical guidance for keeping up with change and learn how to build serverless solutions with sustainability in mind. Examine the serverless technology ecosystem and AWS services needed to develop serverless applications; learn the approach and preparation required for a successful serverless adoption in an enterprise; learn serverless architectures and implementation patterns; design, develop, and test distributed serverless microservices on AWS cloud; apply security best practices while building serverless solutions; identify and adapt the implementation patterns for your particular use case; incorporate the necessary measures for observable serverless applications; implement sustainable serverless applications in the cloud "--

2024-02-12