SlideShare a Scribd company logo

Serverless architectures on aws

Download as PPTX, PDF
Paolo latella, profile picture
Paolo latella

The document discusses serverless architectures on AWS, detailing components like AWS Lambda, Amazon API Gateway, and Amazon Cognito, along with their roles in building agile, secure applications. It also outlines cost estimates associated with using these services, emphasizing factors like processing costs and request charges. Additionally, the document highlights authentication and authorization mechanisms as well as monitoring and security measures within the AWS ecosystem.

Internet
1 of 34
Downloaded 40 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Paolo Latella @LatellaPaolo Serverless Architectures on AWS
Topics • AWS Serverless Building Block • 3-Tier (Serverless) Architectures • Logic Tier - AWS Lambda and Amazon API Gateway • Authentication and Authorization • Security • Agility • XPeppers Use Case
Serverless https://pbs.twimg.com/media/Cpx8XmGVIAEw2EI.jpg
AWS - Global Infrastructure Regions and number of AZ New Region (Paris) Edge Location (Milano)
AWS - Serverless Building Block AWS Lambda Amazon S3 Amazon DynamoDB Amazon CloudFront AWS CodeCommit AWS CodeDeploy AWS CodePipeline AWS CodeBuild Amazon CloudWatch AWS CloudFormation AWS IAM AWS WAF Amazon Cognito Amazon API Gateway* AWS Step Functions Amazon SES Amazon SQS Amazon SNSSDK Amazon Kinesis Amazon Athena AWS IoT Amazon Machine Learning
AWS - 3-Tier (Serverless) architecture AWS Lambda Amazon DynamoDB Amazon API Gateway mobile client Presentation Logic (serverless) Data Amazon Cognito Amazon S3 Amazon CloudFront
The Logic Tier - Amazon API Gateway Fully managed HTTPS service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. • Low-Cost • Performance • API Monitoring • API Lifecycle management • Flexible Security Controls • Cloudfront, ELB and Lambda Integration
The Logic Tier - AWS Lambda Serverless compute service that runs your code in response to events and automatically manages the underlying resources • Completely Automated Administration • Built-in Fault Tolerance • Run Code at Edge Locations and Step Function (Re:Invent 2016) • Pay-per-use • Supports Java, Node.js, C#, and Python • VPC Integration
Authentication & Authorization Authentication
Authentication - Amazon Cognito Cognito is a fully managed service for sign-up/sign-in functionality and can scale to hundreds of millions of users
Amazon Cognito Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. • Simple, secure, and low-cost authentication options • Authenticate users on Facebook, Twitter, or Amazon • Cognito Authentication Flow • Custom Authentication Flow (AWS Lambda triggers) • Enhanced security features, such as email and phone number verification, and multi-factor authentication
Amazon Cognito - Custom Authentication Flow http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html is user approved ? (PreSignUP Trigger)
Authentication & Authorization Authorization
Authorization • AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources • Roles • Policies • AWS Security Token Services (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM • Use action AssumeRoleWithWebIdentity for federation
Authorization - Web Identity Federation http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_cognito.html AssumeRoleWithWebIdentity
Authorization - API Gateway Access Control API Gateway supports multiple mechanisms of access control, including metering or tracking API uses by clients using API keys. • Control Access for Managing an API • IAM Policy (“Action": “apigateway:*”) • Control Access for Invoking an API • IAM Policy (“Action”: “execute-api:Invoke”) • Custom Authorizers (Lambda functions) • Amazon Cognito User Pools
Security • AWS IAM and Cognito • Authentication and Authorization • AWS Cloudtrail • Monitor All APIs Management (Cognito, Lambda, API Gateway, etc) • AWS Cloudwatch • Monitor All APIs Execution and related resources (Dynamodb, ELB, etc) • AWS WAF (Web Application Firewall) and AWS Shield • Access Control and DDoS Mitigation • AWS Lambda • Automate your security!
Security - always serverless AWS Lambda Amazon DynamoDB Amazon API Gatewaymobile client Amazon Cognito Amazon CloudFront Amazon CloudWatch AWS IAM AWS WAF AWS Shield Amazon Route 53 AWS Lambda AWS CloudTrail alarm Security Logic Business Logic
Security - always serverless - compliance AWS Lambda Amazon DynamoDB Amazon API Gatewaymobile client Amazon Cognito Amazon CloudFront Amazon CloudWatch AWS IAM AWS WAF AWS Shield Amazon Route 53 AWS Lambda AWS CloudTrail alarm https://aws.amazon.com/compliance/services-in-scope/ Security Logic Business Logic AWS CloudFormation
Agility • Serverless Application Model (SAM) • Define the application and its resources • AWS CodeCommit • Your source repository • AWS CodeBuild • Package your source code and SAM templates • AWS CloudFormation • Deploy your Infrastructure as Code • AWS CodePipeline • Orchestrate your application deployment. All Serverless
Agility - Serverless Application Model (SAM) AWS Lambda Amazon DynamoDB Amazon API Gateway* AWS CloudFormation https://github.com/awslabs/serverless-application-model
AWS CloudFormation Amazon CloudWatch Agility - CI&CD Code Build Test Provision Deploy Monitor AWS CodePipeline AWS CodeCommit AWS CodeBuild AWS Lambda AWS Lambda Amazon API Gateway* SAM Amazon S3
Agility - CI&CD Deploy AWS CodePipeline AWS Lambda Amazon API Gateway* AWS Lambda Versioning AWS Lambda Aliasing AWS Lambda Env Variables API Stage API Stage Variables API Swagger import/export
uid:password token token, reference, ID reference, ID ID value, reference value, reference score, reference client OAuth2 API-gw Lambda DynamoDB Trisp Use Case - Flusso lasso di tempo tra l’arrivo della richiesta dal client e l’invio della risposta allo stesso
Use Case - Monitoring
Use Case - Costo API-Gateway Costo totale = Costo chiamate API + Costo trasferimento + Costo cache Costo Trasferimento Tariffe per il trasferimento di dati in uscita di Amazon API Gateway • 0,09 USD/GB per i primi 10 TB • 0,085 USD/GB per i successivi 40 TB • 0,07 USD/GB per i successivi 100 TB • 0,05 USD/GB per i successivi 350 TB Costo chiamate API 3,50 USD per milione di chiamate API ricevute EU-West-1 Costo Cache • 0,5 GB = 0,020 USD/Ora • 1,6 GB = 0,038 USD • 6,1 GB = 0,200 USD …
Use Case - Costo API Gateway Costo Chiamate API • 48.618 * 31 = 1.507.158 * 3,75 USD -> 5,275 USD/Mese Costo Cache (0,5 GB) • 0,020 USD/ora * 24 ore * 31 giorni = 14,88 USD/Mese Costo trasferimento • 48.618 * 512 Byte * 31 giorni * 0.09 USD = 0,064 USD/Mese Costo Totale = 20,219 USD/Mese * = Non considerando il Free Tier EU-West-1
Use Case - Costo Lambda Costo totale = Costo elaborazione + Costo richieste Richieste Il costo viene calcolato in base al numero totale di richieste per tutte le funzioni. Lambda conteggia una richiesta ogni volta che avvia un'elaborazione in risposta alla notifica di un evento o a una chiamata Invoke. Il costo è di 0,20 USD ogni milione di richieste (0,0000002 USD a richiesta). Il primo milione di richieste ogni mese è gratuito Elaborazione La durata viene calcolata a partire dal momento in cui viene avviata l'esecuzione del codice e fino al momento in cui viene restituito o comunque terminato il codice, arrotondata al decimo di secondo più vicino. Il prezzo dipende dalla quantità di memoria allocata per la funzione. Il costo è di 0,00001667 USD per ogni GB/secondo impiegato. EU-West-1
Use Case - Costo Lambda Costo Elaborazione • Free Tier: 400.000 GB/secondo al mese • Il costo dell'elaborazione mensile è 0,00001667 USD per GB/s • Elaborazione (sec) = (48.618 * 99.98%) * 0.876 sec = 42581 sec • Elaborazione (GB/s) = 42581 secondi * (512 MB / 1024) = 21.290 GB/s • Costi Elaborazione = 0,00001667 USD * 21.290 * 31 = 10,964 USD/Mese* Costo Richieste • Free Tier: 1.000.000 richieste/mese • Dalla richiesta successiva, il costo è di 0,20 USD ogni milione di richieste • Costi Richieste 48.618 * 0,0000002 USD = 0,30 USD/Mese* Costo Totale = 11,264 USD/Mese * = Non considerando il Free Tier EU-West-1
Use Case - Costo DynamoDB Costo totale = Costo storage + Costo capacità + Costo Trasferimento Capacità Read/Write Consente di specificare il throughput per le richieste in lettura e scrittura che deve raggiungere la propria tabella: • Throughput scrittura: $0,00735 all'ora ogni 10 unità di capacità in scrittura • Throughput lettura: $0,00735 all'ora ogni 50 unità di capacità in lettura Storage First 25 GB stored per month is free $0,283 per GB al mese successivamente EU-West-1 Trasferimento Trasferimento IN = $0,000 per GB Trasferimento OUT = $0,090 per GB
Use Case - Costo DynamoDB Costo Storage • Storage = 2.5 GB -> Costo = 0 USD/Mese* Costo Capacità • Totale RU = 50 -> Costo = $0.00735 * 24 ore * 31 giorni = 5,47 USD/Mese • Totale WU = 10 -> Costo = $0.00735 * 24 ore * 31 giorni = 5,47 USD/Mese Costo Trasferimento OUT • 48.618 * 512 Byte * 31 = 0.718 GB/Mese -> Costo = 0** Costo Totale = 10,94 USD/Mese * = First 25 GB stored per month is free ** = Primo GB/mese is free EU-West-1
Use Case - Totale Costo Totale API Gateway = 20,219 USD/Mese Costo Totale Lambda = 11,264 USD/Mese Costo Totale Dynamo = 10,94 USD/Mese Costo Totale ElasticSearch = 15 USD/Mese Costo Altri servizi = 10 USD/Mese Costo Totale = 67,423 USD/Mese
Reference https://www.manning.com/b ooks/aws-lambda-in-action https://www.manning.co m/books/serverless- architectures-on-aws http://docs.aws.amazon.com/cognito/latest/developerguide/cognito- user-identity-pools-working-with-aws-lambda-triggers.html http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_ oidc_cognito.html https://aws.amazon.com/compliance/services-in-scope/ https://github.com/awslabs/serverless-application-model
www.xpeppers.com /xpepperssrl@xpeppers

More Related Content

PDF
CI & CD on Amazon Web Services
Paolo latella
 
PDF
CI&CD on AWS - Meetup Roma Oct 2016
Paolo latella
 
PPTX
Amazon Web Services and Docker: from developing to production
Paolo latella
 
PDF
Aws cli
Anh Vu Pham
 
PDF
"How to optimize the architecture of your platform" by Julien Simon
TheFamily
 
PPTX
AWS CloudFormation template with single & redundant system
Naoya Hashimoto
 
PDF
AWS CloudFormation (February 2016)
Julien SIMON
 
PPTX
2017 AWSome day Taichung sharing
Yu-Lin Huang
 
CI & CD on Amazon Web Services
Paolo latella
 
CI&CD on AWS - Meetup Roma Oct 2016
Paolo latella
 
Amazon Web Services and Docker: from developing to production
Paolo latella
 
Aws cli
Anh Vu Pham
 
"How to optimize the architecture of your platform" by Julien Simon
TheFamily
 
AWS CloudFormation template with single & redundant system
Naoya Hashimoto
 
AWS CloudFormation (February 2016)
Julien SIMON
 
2017 AWSome day Taichung sharing
Yu-Lin Huang
 

Similar to Serverless architectures on aws (13)

PDF
AWS Lambda Presentation (Tech Talk DC)
Doguhan Uluca
 
PPTX
Introduce AWS Lambda for newbie and Non-IT
Chitpong Wuttanan
 
PDF
Getting Started with AWS Lambda & Serverless Cloud
Ian Massingham
 
PPTX
Introduction to Aws lambda and build first application | Namespace IT
namespaceit
 
PPTX
DevOps, Microservices and Serverless Architecture
Mikhail Prudnikov
 
PDF
BoxLang-Dynamic-AWS-Lambda by Luis Majano.pdf
Ortus Solutions, Corp
 
PDF
June Webinar: BoxLang-Dynamic-AWS-Lambda
Ortus Solutions, Corp
 
PDF
Serverless Design Patterns
Yan Cui
 
PPTX
Developing serverless applications with .NET on AWS
Woody Pewitt
 
PDF
Webinar: Serverless Architectures with AWS Lambda and MongoDB Atlas
MongoDB
 
PDF
2016-06 - Design your api management strategy - AWS - Microservices on AWS
SmartWave
 
PDF
Čtvrtkon #64 - AWS Serverless - Michal Haták
Ctvrtkoncz
 
PPTX
Containerless in the Cloud with AWS Lambda
Ryan Cuprak
 
AWS Lambda Presentation (Tech Talk DC)
Doguhan Uluca
 
Introduce AWS Lambda for newbie and Non-IT
Chitpong Wuttanan
 
Getting Started with AWS Lambda & Serverless Cloud
Ian Massingham
 
Introduction to Aws lambda and build first application | Namespace IT
namespaceit
 
DevOps, Microservices and Serverless Architecture
Mikhail Prudnikov
 
BoxLang-Dynamic-AWS-Lambda by Luis Majano.pdf
Ortus Solutions, Corp
 
June Webinar: BoxLang-Dynamic-AWS-Lambda
Ortus Solutions, Corp
 
Serverless Design Patterns
Yan Cui
 
Developing serverless applications with .NET on AWS
Woody Pewitt
 
Webinar: Serverless Architectures with AWS Lambda and MongoDB Atlas
MongoDB
 
2016-06 - Design your api management strategy - AWS - Microservices on AWS
SmartWave
 
Čtvrtkon #64 - AWS Serverless - Michal Haták
Ctvrtkoncz
 
Containerless in the Cloud with AWS Lambda
Ryan Cuprak
 
Ad

More from Paolo latella (8)

PDF
XPeppers e AWS
Paolo latella
 
PPT
AWSUGIT-Promo
Paolo latella
 
PPTX
Data Analysis on AWS
Paolo latella
 
PPT
Amazon Web Services and Docker
Paolo latella
 
PDF
Hybrid Cloud With AWS and Eucalyptus
Paolo latella
 
PDF
Mobile app and disaster recovery with aws
Paolo latella
 
PDF
Cloud Transcoding with Amazon Web Services
Paolo latella
 
PDF
Amazon Web Services and Interact - Workshop Giugno 2013
Paolo latella
 
XPeppers e AWS
Paolo latella
 
AWSUGIT-Promo
Paolo latella
 
Data Analysis on AWS
Paolo latella
 
Amazon Web Services and Docker
Paolo latella
 
Hybrid Cloud With AWS and Eucalyptus
Paolo latella
 
Mobile app and disaster recovery with aws
Paolo latella
 
Cloud Transcoding with Amazon Web Services
Paolo latella
 
Amazon Web Services and Interact - Workshop Giugno 2013
Paolo latella
 
Ad

Recently uploaded (20)

PPTX
Mathew Digital SEO Checklist Guidlines 2025
Mathew Digital
 
PDF
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PDF
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
PPTX
Internet___Basics___Styled_ presentation
poonam62133
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PPT
Ethics in Information System - Management Information System
faizhossain3
 
PPT
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
PPTX
innovation process that make everything different.pptx
SoumyadipPaul18
 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
PDF
💰 𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓 💰
GRAB
 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
PPTX
Funds Management Learning Material for Beg
NKKumar16
 
Mathew Digital SEO Checklist Guidlines 2025
Mathew Digital
 
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
Internet___Basics___Styled_ presentation
poonam62133
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
Ethics in Information System - Management Information System
faizhossain3
 
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
innovation process that make everything different.pptx
SoumyadipPaul18
 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
💰 𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓 💰
GRAB
 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
Funds Management Learning Material for Beg
NKKumar16
 

Serverless architectures on aws

  • 2. Topics • AWS Serverless Building Block • 3-Tier (Serverless) Architectures • Logic Tier - AWS Lambda and Amazon API Gateway • Authentication and Authorization • Security • Agility • XPeppers Use Case
  • 4. AWS - Global Infrastructure Regions and number of AZ New Region (Paris) Edge Location (Milano)
  • 5. AWS - Serverless Building Block AWS Lambda Amazon S3 Amazon DynamoDB Amazon CloudFront AWS CodeCommit AWS CodeDeploy AWS CodePipeline AWS CodeBuild Amazon CloudWatch AWS CloudFormation AWS IAM AWS WAF Amazon Cognito Amazon API Gateway* AWS Step Functions Amazon SES Amazon SQS Amazon SNSSDK Amazon Kinesis Amazon Athena AWS IoT Amazon Machine Learning
  • 6. AWS - 3-Tier (Serverless) architecture AWS Lambda Amazon DynamoDB Amazon API Gateway mobile client Presentation Logic (serverless) Data Amazon Cognito Amazon S3 Amazon CloudFront
  • 7. The Logic Tier - Amazon API Gateway Fully managed HTTPS service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. • Low-Cost • Performance • API Monitoring • API Lifecycle management • Flexible Security Controls • Cloudfront, ELB and Lambda Integration
  • 8. The Logic Tier - AWS Lambda Serverless compute service that runs your code in response to events and automatically manages the underlying resources • Completely Automated Administration • Built-in Fault Tolerance • Run Code at Edge Locations and Step Function (Re:Invent 2016) • Pay-per-use • Supports Java, Node.js, C#, and Python • VPC Integration
  • 10. Authentication - Amazon Cognito Cognito is a fully managed service for sign-up/sign-in functionality and can scale to hundreds of millions of users
  • 11. Amazon Cognito Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. • Simple, secure, and low-cost authentication options • Authenticate users on Facebook, Twitter, or Amazon • Cognito Authentication Flow • Custom Authentication Flow (AWS Lambda triggers) • Enhanced security features, such as email and phone number verification, and multi-factor authentication
  • 12. Amazon Cognito - Custom Authentication Flow http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html is user approved ? (PreSignUP Trigger)
  • 14. Authorization • AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources • Roles • Policies • AWS Security Token Services (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM • Use action AssumeRoleWithWebIdentity for federation
  • 15. Authorization - Web Identity Federation http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_cognito.html AssumeRoleWithWebIdentity
  • 16. Authorization - API Gateway Access Control API Gateway supports multiple mechanisms of access control, including metering or tracking API uses by clients using API keys. • Control Access for Managing an API • IAM Policy (“Action": “apigateway:*”) • Control Access for Invoking an API • IAM Policy (“Action”: “execute-api:Invoke”) • Custom Authorizers (Lambda functions) • Amazon Cognito User Pools
  • 17. Security • AWS IAM and Cognito • Authentication and Authorization • AWS Cloudtrail • Monitor All APIs Management (Cognito, Lambda, API Gateway, etc) • AWS Cloudwatch • Monitor All APIs Execution and related resources (Dynamodb, ELB, etc) • AWS WAF (Web Application Firewall) and AWS Shield • Access Control and DDoS Mitigation • AWS Lambda • Automate your security!
  • 18. Security - always serverless AWS Lambda Amazon DynamoDB Amazon API Gatewaymobile client Amazon Cognito Amazon CloudFront Amazon CloudWatch AWS IAM AWS WAF AWS Shield Amazon Route 53 AWS Lambda AWS CloudTrail alarm Security Logic Business Logic
  • 19. Security - always serverless - compliance AWS Lambda Amazon DynamoDB Amazon API Gatewaymobile client Amazon Cognito Amazon CloudFront Amazon CloudWatch AWS IAM AWS WAF AWS Shield Amazon Route 53 AWS Lambda AWS CloudTrail alarm https://aws.amazon.com/compliance/services-in-scope/ Security Logic Business Logic AWS CloudFormation
  • 20. Agility • Serverless Application Model (SAM) • Define the application and its resources • AWS CodeCommit • Your source repository • AWS CodeBuild • Package your source code and SAM templates • AWS CloudFormation • Deploy your Infrastructure as Code • AWS CodePipeline • Orchestrate your application deployment. All Serverless
  • 21. Agility - Serverless Application Model (SAM) AWS Lambda Amazon DynamoDB Amazon API Gateway* AWS CloudFormation https://github.com/awslabs/serverless-application-model
  • 22. AWS CloudFormation Amazon CloudWatch Agility - CI&CD Code Build Test Provision Deploy Monitor AWS CodePipeline AWS CodeCommit AWS CodeBuild AWS Lambda AWS Lambda Amazon API Gateway* SAM Amazon S3
  • 23. Agility - CI&CD Deploy AWS CodePipeline AWS Lambda Amazon API Gateway* AWS Lambda Versioning AWS Lambda Aliasing AWS Lambda Env Variables API Stage API Stage Variables API Swagger import/export
  • 24. uid:password token token, reference, ID reference, ID ID value, reference value, reference score, reference client OAuth2 API-gw Lambda DynamoDB Trisp Use Case - Flusso lasso di tempo tra l’arrivo della richiesta dal client e l’invio della risposta allo stesso
  • 25. Use Case - Monitoring
  • 26. Use Case - Costo API-Gateway Costo totale = Costo chiamate API + Costo trasferimento + Costo cache Costo Trasferimento Tariffe per il trasferimento di dati in uscita di Amazon API Gateway • 0,09 USD/GB per i primi 10 TB • 0,085 USD/GB per i successivi 40 TB • 0,07 USD/GB per i successivi 100 TB • 0,05 USD/GB per i successivi 350 TB Costo chiamate API 3,50 USD per milione di chiamate API ricevute EU-West-1 Costo Cache • 0,5 GB = 0,020 USD/Ora • 1,6 GB = 0,038 USD • 6,1 GB = 0,200 USD …
  • 27. Use Case - Costo API Gateway Costo Chiamate API • 48.618 * 31 = 1.507.158 * 3,75 USD -> 5,275 USD/Mese Costo Cache (0,5 GB) • 0,020 USD/ora * 24 ore * 31 giorni = 14,88 USD/Mese Costo trasferimento • 48.618 * 512 Byte * 31 giorni * 0.09 USD = 0,064 USD/Mese Costo Totale = 20,219 USD/Mese * = Non considerando il Free Tier EU-West-1
  • 28. Use Case - Costo Lambda Costo totale = Costo elaborazione + Costo richieste Richieste Il costo viene calcolato in base al numero totale di richieste per tutte le funzioni. Lambda conteggia una richiesta ogni volta che avvia un'elaborazione in risposta alla notifica di un evento o a una chiamata Invoke. Il costo è di 0,20 USD ogni milione di richieste (0,0000002 USD a richiesta). Il primo milione di richieste ogni mese è gratuito Elaborazione La durata viene calcolata a partire dal momento in cui viene avviata l'esecuzione del codice e fino al momento in cui viene restituito o comunque terminato il codice, arrotondata al decimo di secondo più vicino. Il prezzo dipende dalla quantità di memoria allocata per la funzione. Il costo è di 0,00001667 USD per ogni GB/secondo impiegato. EU-West-1
  • 29. Use Case - Costo Lambda Costo Elaborazione • Free Tier: 400.000 GB/secondo al mese • Il costo dell'elaborazione mensile è 0,00001667 USD per GB/s • Elaborazione (sec) = (48.618 * 99.98%) * 0.876 sec = 42581 sec • Elaborazione (GB/s) = 42581 secondi * (512 MB / 1024) = 21.290 GB/s • Costi Elaborazione = 0,00001667 USD * 21.290 * 31 = 10,964 USD/Mese* Costo Richieste • Free Tier: 1.000.000 richieste/mese • Dalla richiesta successiva, il costo è di 0,20 USD ogni milione di richieste • Costi Richieste 48.618 * 0,0000002 USD = 0,30 USD/Mese* Costo Totale = 11,264 USD/Mese * = Non considerando il Free Tier EU-West-1
  • 30. Use Case - Costo DynamoDB Costo totale = Costo storage + Costo capacità + Costo Trasferimento Capacità Read/Write Consente di specificare il throughput per le richieste in lettura e scrittura che deve raggiungere la propria tabella: • Throughput scrittura: $0,00735 all'ora ogni 10 unità di capacità in scrittura • Throughput lettura: $0,00735 all'ora ogni 50 unità di capacità in lettura Storage First 25 GB stored per month is free $0,283 per GB al mese successivamente EU-West-1 Trasferimento Trasferimento IN = $0,000 per GB Trasferimento OUT = $0,090 per GB
  • 31. Use Case - Costo DynamoDB Costo Storage • Storage = 2.5 GB -> Costo = 0 USD/Mese* Costo Capacità • Totale RU = 50 -> Costo = $0.00735 * 24 ore * 31 giorni = 5,47 USD/Mese • Totale WU = 10 -> Costo = $0.00735 * 24 ore * 31 giorni = 5,47 USD/Mese Costo Trasferimento OUT • 48.618 * 512 Byte * 31 = 0.718 GB/Mese -> Costo = 0** Costo Totale = 10,94 USD/Mese * = First 25 GB stored per month is free ** = Primo GB/mese is free EU-West-1
  • 32. Use Case - Totale Costo Totale API Gateway = 20,219 USD/Mese Costo Totale Lambda = 11,264 USD/Mese Costo Totale Dynamo = 10,94 USD/Mese Costo Totale ElasticSearch = 15 USD/Mese Costo Altri servizi = 10 USD/Mese Costo Totale = 67,423 USD/Mese

Editor's Notes

  • #18: A user pool is integrated with an API as a method authorizer. When calling the methods with such an authorizer enabled, an API client includes in the request headers the user's identity token provisioned from the user pool. API Gateway then validates the token to ensure it belongs to the configured user pool and authenticates the caller before passing the request to the back end.
  • #21: https://aws.amazon.com/compliance/services-in-scope/
  • #22: This post shows you how to leverage AWS services to create a continuous deployment pipeline for your serverless applications. You use the Serverless Application Model (SAM) to define the application and its resources, CodeCommit as your source repository, CodeBuild to package your source code and SAM templates, AWS CloudFormation to deploy your application, and CodePipeline to bring it all together and orchestrate your application deployment.
  • #25: publish-version: Publishes a version of your function from the current snapshot of $LATEST. That is, AWS Lambda takes a snapshot of the function code and configuration information from $LATEST and publishes a new version. The code and configuration cannot be modified after publication invoke: --qualifier (string) You can use this optional parameter to specify a Lambda function version or alias name. If you specify a function version, the API uses the qualified function ARN to invoke a specific Lambda function. If you specify an alias name, the API uses the alias ARN to invoke the Lambda function version to which the alias points.
  • #35: https://www.manning.com/books/serverless-architectures-on-aws