Our serverless superhero this week is Marcia Villalba, Principal Serverless DA at AWS. Marcia is the mastermind behind FooBar Serverless, a YouTube channel that covers (almost) literally everything available in AWS serverless. She creates content in both English and Spanish and has an incredible impact on the serverless community. If you don’t follow her already, now is the time as she’s almost halfway through #30daysofserverless where she is sharing a video every day for 30 days to help teach people about serverless and event-driven architectures. Thank you Marcia, for helping shape what serverless is today!
There are many use cases for feature flags like hiding work in progress, enabling premium-tier functionality, and A/B testing. When talking about feature flags, something you don’t often see is time-based use cases. Well, Ran Isenberg aims to change that. In his post on Lambda smart feature flags with time-based conditions, he walks through some new functionality he added to the Lambda Powertools for Python package. This new functionality enables you to turn features on/off on certain days of the month, specific days of the week, or specific hours of the day. Ran describes meaningful use cases for each condition that make this new functionality feel super easy to use.
One of the big benefits of GraphQL is the consolidation of data from multiple sources in a single query. While that sounds like a dream for many, it has some dangers that can come with it and be difficult to maintain at an enterprise scale. Lee Gilmore walks us through step-by-step how to build serverless GraphQL API federation in such a way that it is easy to maintain and scale. He provides a full code example and explains all the key details from end to end. It’s a great read that helps explain some of the nuances that go into private APIs and the consolidation of data.
Like most things, there is nuance when working with distributed systems. Sometimes the nuance is masked particularly well when working with AWS services. An issue many people were unaware of was controlling throughput of Lambda functions popping items off an SQS queue. Mario Bittencourt explains why the new maximum concurrency setting for this trigger is important with his post on concurrency control using Lambda and SQS. He goes into detail with some simple and effective diagrams that help show how we’ve improved from previous capabilities. But as we pointed out in Serverless Picks of the Week Issue #43, the SQS overpull issue is still something we need to be wary of.
The serverless community always amazes me with what they come up with. Nicolas Triantafillou might take the cake. He shared with us how he used an event-based serverless architecture to run his Christmas lights last year. You know those YouTube videos you see where the houses are covered in tens of thousands of lights? Yeah, that’s Nicolas. And he controls it all with a serverless app he built! It’s a very cool read about a fun use case.
Efficient, scalable serverless apps are often pie in the sky for many of us getting started. The time from idea to “hello world” takes minutes and gives us a false impression that building serverlessly is going to be easy. We can get features out faster than ever before, but often with unforeseen consequences. Last week I (Allen Helton) wrote about the risks of moving too quickly with serverless. I remind readers of several things you should consider when building an app and offer some potential solutions. The key takeaway here is to slow down.
Baselime, a continuous observability tool for serverless applications, went public beta last week. You can give it a trial run for free and check out a new monicker, Observability as Code.
Security never gets enough love. We could probably talk about it every day and it still wouldn’t be enough. It’s arguably one of the most important components of any piece of software. The Serverless Edge talked about their guide to the AWS security pillar in the Well-Architected Framework. They cover important components like automation, least privilege, data protection, and much more. Awareness is the first step to success with security, and these guys shine a light on all corners of security.
Even if you’re not a SAM user, an exciting new feature was released last week we can all take advantage of. SAM now allows you to list endpoints, resources, and outputs of your stacks via the CLI! This is a great update for visibility. Props to Praneeta Prakash and her team for some huge releases so far in 2023!
`sam list --endpoints` will give you the endpoints for resources deployed in your stack. pic.twitter.com/Ry519GCH35— Praneeta Prakash (@praneetaprakash) February 2, 2023
If you’re interested in how I built the platform that powers this newsletter, I’m talking about it this Friday at 2pm CST at the serverless NYC and Boston meetups. It’s free to attend and you can get a peek under the covers at how I run both my newsletter and blog.