Serverless Picks of the Week
Issue #15: Security on the Mind

Serverless Superhero

This week our serverless superhero is Elias Brange, a cloud consultant at 1337 tech and AWS Community Builder. If you follow serverless topics on Twitter or LinkedIn, you are sure to see his serverless tips - which are tidbits of high value, actionable best practices when going serverless. Elias also shares his knowledge on his blog, where he posts about all things serverless. Thank you for your contributions to the community, Elias!


We don’t talk about security enough. It’s so important and is often casually mentioned, but rarely gone into in depth. Thanks to Brian Tarbox, we get a closer look at how we can protect S3 data by using object lock. Brian talks about what object lock is, how it differs from vault lock, and how to configure it on your buckets.

In any system, monitoring is critically important to the success of your application. Taavi Rehemägi tells us about a new feature in that quickly enables monitoring, alarms, and insights on AWS HTTP APIs. Best part about it? Install a stack and it works! No code changes necessary. Having insights when your APIs begin throwing 500s is a great way to be proactive and fix issues before they are reported by a customer.


Matthew Wilson gives us four lessons learned with AppSync and DynamoDB in his post this week. Commonly seen as the ultimate duo for GraphQL APIs, Matthew warns us about some of the hardships he ran across when getting started. This is a super helpful post if you’re just getting started with AppSync.

Even though we know Amazon Aurora Serverless v2 isn’t really serverless, it’s still a great option out there for relational databases in the cloud. Karthik R walks us through in detail how to get started with it and talks about how it scales, setting size requirements, and how to monitor. It’s a concise, informative article that tells you a lot of what you need before you dive in.

New Releases

AWS has introduced IAM Roles Anywhere this past week in a very cool and intriguing update. While not directly serverless, it is a significant release that extends the capabilities of IAM to applications outside of AWS. This update allows external applications to gain temporary AWS credentials to invoke resources from anywhere.


A significant part of serverless development revolves around APIs. In a follow up to my article on helping you decide if you are really API-first, I wrote about the first 30 days of API-first. If you decide you want to take the plunge into a different style of development, I talk about what you can expect in your first month and predict what the following month will entail.

Last Words

We’re in the middle of summer here in the US. Now is a great time to take the concepts from these amazing articles and try them for yourself. If you have some extra downtime or are trying to avoid the heat by staying inside, why not try your hand at something new?

If it works out, share it with the community. We all enjoy helping people who learn in public!

If you’d like to make a recommendation for the serverless superhero or for an article you found especially useful, send me a message on Twitter, LinkedIn, or email.

Happy Coding!


Join the Serverless Picks of the Week Newsletter

Stay up to date with the best content serverless has to offer, learn about the latest updates to AWS serverless services, and get to know community superheroes, catered by AWS Serverless Hero Allen Helton. New issue every Monday.
Click here to see past issues.

Join the Serverless Picks of the Week Newsletter

Thank you for subscribing!
View past issues.