Off-by-none: Issue #103

August 18, 2020

Only have a few minutes? Check out this week's MOST POPULAR links as chosen by our email subscribers.

Why buy the cow if you get the Machine Learning for free? 🐮

Welcome to Issue #103 of Off-by-none. Thanks for joining us!

Last week, we got some awesome insights into serverless and cloud security and took a look at serverless machine learning. This week, we learn why you don’t need to buy a cow to do machine learning, how serverless can speed up your regression tests and we get a full season of Sessions with SAM to binge watch. Plus, we have plenty of great serverless content from the community.

Before we begin, make sure you check out TriggerMesh. They let you connect all your key SaaS and on-premises apps with AWS EventBridge. And you can also trigger workloads running on any managed Kubernetes cloud. Join the Beta program for Free! Sponsored

When you’re looking for serverless success stories… 📖

“Some of the integrations that weren’t useful anymore, remained in production as nobody was sure if they will break something else by removing it.” If that sounds like an old app you’re working with, see how Marin Radjenovic migrated a legacy application to serverless with EventBridge.

And if that’s not exciting enough for you, check out this post by Fernando Devegili that details how his team used serverless to reduce the amount of time it took to do visual regression tests from 20 minutes to 10 seconds.

When you’re looking for some good serverless use cases… 🗺

Why worry about writing an entire backend when you can just send e-mails right from Cloudflare Workers? Or if you’d like to create an SVG graph from your SQLite database, Alejandro Oviedo will show you how to do it using a Lambda function.

Jerry Mullis shows us how to stop EC2 instances on a scheduled basis, one of those classic serverless DevOps use cases. But if you want to get really meta, how about using serverless to manage its own scalability by scheduling AWS Lambda Provisioned Concurrency?

When there’s more to learn about serverless… 👩‍🏫

Paul Swail answers “where does Fargate fit into your serverless toolkit?” (just in case you had that question too), Yan Cui gives us some tips for debugging AWS Lambda timeouts, and Serkan Özal gives you the pros and cons of using a mono- or multi-repo in a serverless world.

There’s an entire series on running Ruby on AWS Lambda from the team at Hint Media, Ernesto Marquez explains when you should use Amazon RDS vs. Aurora Serverless, and Aman Sharma shares an introduction to Serverless/Edge scripting.

If you want to go back to basics, Shane Lee gives a brief 10-point guide to AWS Lambda. And if you’d like to explore more complex concepts, like static IPs for AWS Lambdas, Austin McDaniel has some ideas for you.

No time to write tests? Jan Groth has  12 recommendations on unit-testing AWS Lambdas in Python. There’s some good advice in here, like not bothering to test boto or other frameworks. They’re probably already well tested, so you should focus on your own business logic.

James Beswick has a new series that will tell you why using serverless backends to iterate quickly on web apps is important to rapid development and deployments, and Yan Cui has another great post that explains what alerts you should have for your serverless applications. Once you figure that out, James Allardice will demonstrate the process of setting up CloudWatch alarms with serverless.

When you just want to build something… 👷‍♀️

Auto-instrumented, trace-centric observability for serverless & k8s
If you’re running distributed serverless, Kubernetes, or containerized environments, you need a specialized tool that’s built to monitor them. Epsagon enables teams to automatically detect, troubleshoot, and resolve issues within complex microservices with no training, manual coding, tagging or maintenance required. Try free today, connect your first trace instantly, and grab one of our “cloud observability” drones! Sponsored

If you’re using Flutter to build native apps and you need a serverless backend, check out this post on full-stack Flutter that’ll show you how to create a backend for your app using AWS & serverless.

Just need to deploy a static site? Abhishek Wagh shows you how to deploy your websites with AWS Amplify (no, not the framework, the console). While you can deploy backends with the Amplify Console as well, Netlify has a pretty slick setup. You may want to check out this introduction to serverless functions.

Ben Smith isn’t ready to quit on the whole serverless PHP thing, so he wrote a post introducing the CDK construct library for the serverless LAMP stack. Regardless of your runtime of choice, implementing a passwordless API using Cognito and the Serverless framework might be a cool addition to your serverless apps.

What to do to tighten up your serverless security… 🔒

Another take on the recent ESG study points out that half of DevOps teams surveyed pushed vulnerable code “because the vulnerabilities identified were discovered too late in the [development] cycle to resolve them in time.” Um, I know lots of us face a tremendous amount of pressure to ship stuff, but knowingly shipping vulnerable code should be a show stopper.

Another interesting post I read was about the dangers of Denial-of-Wallet attacks. I think the possibilities of DoW attacks are very real and that you should absolutely put in place mitigation strategies in order to deal with them if they occur. That being said, I haven’t heard any major horror stories about this other than from devs accidentally doing it to themselves. I’m not saying this won’t be a thing, I just haven’t seen it yet.

When you’re looking for some interesting reading… 🤓

Charity Majors has a great post called The Future of Ops Jobs. In it she explains how Ops are not going away, but morphing into something different than you may be used to. Lots of great advice in here for those Ops people looking to advance their careers.

Remember when people were saying that serverless was a spectrum? Well Gillian Armstrong says that Machine Learning is spectrum and explains how to cheat at it by not owning a cow. There’s a helpful parable in here, but all you really need to know is that buying butter isn’t cheating. 😉

Not sure I’d read this to my kids, but Mariliis Retter wrote a “techy bedtime story” explaining how serverless came to be; complete with wizards, caves, and server monsters. In other serverless analogies, Shrikant Navelkar explains why serverless is like good portion control and helps us overcome the sunk cost fallacy.

When your Netflix Watch List is empty… 🍿

On Episode #62 of the Serverless Chats podcast, I had a chat with Nica Fee about the recently released New Relic One Platform, how observability can both reduce MTTR and help us optimize our applications for happier customers, and how New Relic is embracing open source and making observability available to teams of all sizes. Watch this episode on YouTube!

Yan Cui had an awesome conversation with Zack Kanter from Stedi on Real World Serverless, Episode #24. There’s a great discussion in here about tenancy and how Stedi thinks about it.

And if you’re looking for something to binge watch, all the episodes from Season one of Sessions with SAM starring Eric Johnson are nicely curated in this convenient blog post.

When you realize that apparently the devs at AWS never sleep… ☕️

There was a lot happening this past week at AWS. Let’s see if we can give you a quick summary of some of the major points. First of all Quantum computing is now available on AWS through Amazon Braket. I know it has nothing to do with serverless, but Jeff Barr is really excited about it.

ElastiCache also had a big week, announcing support for resource-based permission policies and ElastiCache Redis now supporting up to 500 Nodes per cluster. And not to be outdone, Amazon DynamoDB Accelerator (DAX) now supports next-generation, memory-optimized Amazon EC2 R5 nodes.

Moving on to more serverless related announcements, AWS is EOLing Amazon Linux 1 support in Lambda on December 30, 2020. Eric Johnson shows you how you should be migrating AWS Lambda functions to Amazon Linux 2 (note that this means updating your runtimes). In related news, AWS Lambda now supports custom runtimes on Amazon Linux 2 as well as support for Go on Amazon Linux 2. Plus AWS Lambda now supports Java 8 (Corretto), if you’re into that sort of thing.

In slightly more exciting news, AWS Lambda now supports Amazon Managed Streaming for Apache Kafka as an event source, which James Beswick explains how to set it up here.

AWS Step Functions added support for string manipulation, new comparison operators, and improved output processing, giving customer more flexibility within their state machine definitions and allowing for more dynamic behavior. This post goes into more detail and shows you some of the cool new things you can do.

Amplify iOS v1.1 was released, which includes support for the Combine framework for Swift, Amazon Comprehend added five new languages to Custom Entity Recognition, and Amazon Cognito User Pools now support customization of token expiration.

You can also set up CloudWatch Application Insights using CloudFormation, use the Copy API with Amazon S3 Access Points, and check out the updated Serverless Bot Framework solution that added support for securely integrating with third-party APIs.

When you need some handy serverless tools… 🛠

Any good builder needs their trusty tool belt, and if you’re building with serverless, sls-dev-tools gives you much of what you need. Ben Ellerby outlines some of the most useful features.

Ran Isenberg wrote up a piece on how to do AWS Lambda Event Validation using a tool called Pydantic. If you’re writing functions in python, this could be worth checking out.

Thoughts from Twitter 🐦

“I will die on this hill: One application environment per AWS account.” ~ Tom McLaughlin
As Tom is from Boston, I’ll assume he means Bunker Hill. Regardless, one application environment per account should be the absolute minimum. I heard AWS does one account PER MICROSERVICE. Think about that! 🤔

Serverless Jobs 👩‍💻 Sponsored

Serverless Engineer – stedi.com
At Stedi, we’re working in one of the biggest markets on the planet – EDI, the technological backbone of the physical product economy. We’re building a next-generation platform: a ubiquitous commercial trading network to automate the trillions of dollars in B2B transactions exchanged by nearly every company on Earth. If you’re interested in what we’re building and how we’re building it, we’d love to hear from you.

Have a job listing you’d like to share? Please contact me for more information.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

August 19, 2020 –AWS Lambda Data Storage: Choosing Between S3, EFS, and Local Storage (AWS Tech Talk)

August 24, 2020 –Embedding Analytics in Your Applications (AWS Tech Talk)

August 25, 2020 – 3 hours of Serverless Conference

September 1, 2020 – Deliver Business Value Faster with AWS Step Functions

September 3, 2020 – ServerlessDays Warsaw

October 1-2, 2020 – ServerlessDays Hamburg 2019

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Jiju Thomas Mathew (@jijutm). Jiju is an Associate Process Manager at UST Global and an AWS Community Builder. He was previously CTO and cloud computing advisor for Innoval Digital Solutions Pvt Ltd. Jiju is the co-founder of an AWS User Group in Trivandrum, and has organized and spoken at meetups and community days for local developers. Thank you, Jiju, for being a leader and contributor within the serverless community! 🙌

Final Thoughts 🤔

Every week I try to make this newsletter shorter, and every week I seem to fail miserably. I even cut out two whole sections this week! I love reading all these stories and sharing them with you, so that won’t stop. But I am implementing something new that will trim some of the fat. It should 🤞 be ready next week. If you’ve read this far, you are a saint and I appreciate your commitment. I welcome any other ideas you may have to make this easier to consume.

I hope you enjoyed this newsletter. We’re always looking for ideas and feedback to make it better and more inclusive, so please feel free to reach out to me via Twitter, LinkedIn, Facebook, or email.

Cheers,
Jeremy