How Can We Help?

AWS Lambda

You are here:
< All Topics

Serverless Services in AWS include:


API Gateway
Kinesis Data Firehose
Aurora Serverless
Step Functions


exam tests heavily on serverless knowledge!


AWS Lambda




virtual functions – server to manage
limited by time – short execution processes
runs on demand only, only billed when you are actually using it
the scaling is automated


the benefits of Lambda:


easy pricing – pay per request and compute time


free tier covers 1 million Lambda requests and 400k of GB compute time


integrated with all AWS services and programming languages
easy monitoring via CloudWatch
easy to allocate more resources per function –
up to 10GB of RAM! possible


also, increasing RAM improves CPU and network


Lambda language support:


node.js – javascript
java 8
c .net core
c powershell
custom runtime api eg rust


the Lambda container image — this must implement the Lambda runtime api


note that ecs and fargate are preferred for running arbitrary docker images



Lambda integrates with


api gateway


cloudwatch events and eventbridge


cloudwatch logs
sns and sqs
cognito – reacts when a user logs in eg to a database




 Lambda’s maximum execution time is 15 minutes. If you need longer, you can run your code somewhere else such as an EC2 instance or use Amazon ECS.


Lambda use case:


thumbnail image creation


new image uploaded to s3 then triggers a Lambda function to generate a thumbnail of the image
this is pushed to s3 and meta data to dynamo db.


another example:


a very useful practical example….


a serverless CRON job to run jobs


but for cron you usually need to have a server running, but with Lambda you can do this without a server! – this saves having to implement an EC2 instance for this.


eg cloudwatch events or eventbridge every hour triggers a Lambda function, this is instead of the cronjob!



Lambda Pricing



pay per calls first 1mill requests are free


then 20c per 1 mill requests


pay per duration in increments of 1 ms


400k GBseconds of compute time per month is free, charges thereafter on rising scale


very cheap to run Lambda so it is very popular



you can run jobs using many different program languages


you enter your code in Lambda web console and Lambda then runs the code for you.


you can have Lambda respond to events from various sources – eg data processing, streaming analytics, mobile or iot backends


Lambda takes care of scaling for your load, you don’t have to do anything here!
ie seamless scaling



to create a Lambda function you have 4 possibilities:


author from scratch
use a blueprint – these are pre-configured functions
container image
browse serverless app repository





Lambda Limits per region


important for exam…


for execution:


mem allocation 128 mb to 10 gb in 1mb increments


max exec time is 900 secs


env variables 4kb


disk capacity in the function container in /tmp is 512 mb


concurrency executions 1000 – can be increased


for  deployment:


function deployment size compressed .zip is 50mb but size of uncompressed deployment code plus dependencies is 250mb


can use the /tmp to load other files at startup


size of env variables is 4kb


the exam may ask you question to see if you think Lambda can be used or not acc to the requirement for the task… you need to know these above limits in order to judge suitability of Lambda for the task.





if you are deploying a CloudFront cdn and you want to deploy Lambda globally


how to implement request filtering


you can use Lambda@edge for this


you deploy it alongside each region in your cloudfront cdn


you can use Lambda to modify the viewer/origin requests and responses of cloudfront:


this can be:


after cloud front receives a request – viewer request
before cloud front forwards the request to the origin – origin request


after cloudfront receives the response from the origin – origin response
before cloudfront forwards the response to the viewer – viewer response


plus, you can also generate responses to viewers without having to send a request to the origin!


important to know this high level overview for exam.


use cases:


website security/privacy


dynamic web application at the Edge



intelligent routing across origins and data centers

bot mitigation at the Edge


real-time image transformation
a/b testing
user authentication and authorization


user prioritization
user tracking and analytics



Lambda in VPC


by default Lambda functions are launched in an internal AWS VPC – not in one of your own VPCs.


an important consequence of that is that resources in your own VPC CANNOT BE ACCESSED! – exam q!


If you want that functionality, then you have to launch Lambda in your own VPC…


this requires


you define the VPC ID,, subnets and security groups


Lambda will create an ENI – Elastic Network Interface in your subnets..


this gives private connectivity in your own VPC.


a typical use case for this is using Lambda with an RDS Proxy.


but – this can open a very large no of connections under high loads on your database leading to timeouts and other problems


RDS Proxy for Lambda


to avoid this you can create an RDS Proxy, Lambda functions then connect to the proxy and then to your RDS DB.


improves scalability and availability


you can enforce iam authentication and store credentials in secrets manager


remember though the rds proxy is NEVER PUBLICLY accessible,, only private, 

and so the Lambda function must therefore to use this proxy always be deployed in your own aws VPC and not in the AWS own VPC.




Table of Contents