The latest articles on DEV Community by James Lee (@jamesli). https://dev.to/jamesli https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2415836%2Fb3164384-9e59-4018-8224-c72be9619c2e.jpg https://dev.to/jamesli en James Lee Tue, 26 May 2026 07:55:48 +0000 https://dev.to/jamesli/serverless-best-practices-production-architecture-stateless-design-cost-optimization-378c https://dev.to/jamesli/serverless-best-practices-production-architecture-stateless-design-cost-optimization-378c <p>Over the past six articles, we've covered how Lambda works internally — cold starts, triggers, scaling, traffic routing, automation, and workflow orchestration.</p> <p>This final article is different. It's not about how Lambda works — it's about how to <strong>use it well</strong>.</p> <p>These are the patterns, pitfalls, and architectural decisions that separate a Lambda function that works in a demo from one that runs reliably in production at scale.</p> <h2> 1. Function Granularity: How Much Should One Function Do? </h2> <p>The "Function" in FaaS is misleading. In traditional programming, a function is a small, single-purpose unit of code. In serverless, a "function" is better understood as a <strong>deployable unit</strong> — it can be a single method, a complete feature, an entire module, or even a full web framework.</p> <p>This flexibility creates a real architectural decision: <strong>how much should one Lambda function do?</strong></p> <h3> The Two Failure Modes </h3> <p><strong>Too granular</strong> (one Lambda per API endpoint):</p> <ul> <li>Hundreds of functions to manage and monitor</li> <li>Repeated configuration across functions (IAM roles, VPC settings, env vars)</li> <li>Higher cold start frequency — each function has its own warm pool</li> <li>Debugging distributed failures becomes complex</li> </ul> <p><strong>Too coarse</strong> (one Lambda for everything):</p> <ul> <li>Memory configuration is dominated by the most expensive operation</li> <li>High-memory functions cost more even for lightweight requests</li> <li>A single deployment updates unrelated functionality</li> <li>Concurrency limits affect all operations equally</li> </ul> <h3> Two Practical Principles </h3> <p><strong>Principle 1: Resource Similarity</strong></p> <p>Group operations that have similar resource requirements into one function. Separate operations with dramatically different requirements.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Example: Brand API with 10 endpoints ├── 9 endpoints: 128MB memory, &lt;100ms, read-only DynamoDB └── 1 endpoint: 2048MB memory, 30s timeout, runs ML inference → Split into two functions: brand-api-standard (128MB, handles 9 endpoints) brand-api-ml (2048MB, handles ML endpoint) </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># brand-api-standard/handler.py — lightweight CRUD operations </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brands</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">path</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">rawPath</span><span class="sh">'</span><span class="p">]</span> <span class="n">method</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">http</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">method</span><span class="sh">'</span><span class="p">]</span> <span class="n">routes</span> <span class="o">=</span> <span class="p">{</span> <span class="p">(</span><span class="sh">'</span><span class="s">GET</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">/brand/{id}</span><span class="sh">'</span><span class="p">):</span> <span class="n">get_brand</span><span class="p">,</span> <span class="p">(</span><span class="sh">'</span><span class="s">POST</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">/brand</span><span class="sh">'</span><span class="p">):</span> <span class="n">create_brand</span><span class="p">,</span> <span class="p">(</span><span class="sh">'</span><span class="s">PUT</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">/brand/{id}</span><span class="sh">'</span><span class="p">):</span> <span class="n">update_brand</span><span class="p">,</span> <span class="p">(</span><span class="sh">'</span><span class="s">GET</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">/brand/{id}/colors</span><span class="sh">'</span><span class="p">):</span> <span class="n">get_colors</span><span class="p">,</span> <span class="c1"># ... 9 lightweight routes </span> <span class="p">}</span> <span class="n">handler_fn</span> <span class="o">=</span> <span class="n">routes</span><span class="p">.</span><span class="nf">get</span><span class="p">((</span><span class="n">method</span><span class="p">,</span> <span class="n">path</span><span class="p">))</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">handler_fn</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">404</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">Not found</span><span class="sh">'</span><span class="p">})}</span> <span class="k">return</span> <span class="nf">handler_fn</span><span class="p">(</span><span class="n">event</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># brand-api-ml/handler.py — memory-intensive ML operations </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">torch</span> <span class="c1"># heavy dependency — justified here </span> <span class="c1"># Model loaded once during cold start, reused across warm invocations </span><span class="n">model</span> <span class="o">=</span> <span class="bp">None</span> <span class="k">def</span> <span class="nf">get_model</span><span class="p">():</span> <span class="k">global</span> <span class="n">model</span> <span class="k">if</span> <span class="n">model</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Download and load model </span> <span class="n">model</span> <span class="o">=</span> <span class="nf">load_logo_classifier</span><span class="p">()</span> <span class="k">return</span> <span class="n">model</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># Only this function pays the 2048MB memory cost </span> <span class="n">classifier</span> <span class="o">=</span> <span class="nf">get_model</span><span class="p">()</span> <span class="k">return</span> <span class="nf">classify_logo</span><span class="p">(</span><span class="n">classifier</span><span class="p">,</span> <span class="n">event</span><span class="p">)</span> </code></pre> </div> <p><strong>Principle 2: Functional Cohesion</strong></p> <p>Don't bundle fundamentally different concerns into one function, even if their resource requirements are similar.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>❌ Bad: one function handles both: - WebSocket chat connections (stateful, long-lived) - User registration/login (stateless, short-lived) ✅ Good: separate functions: brand-chat-handler (WebSocket connections) brand-auth-handler (registration, login, token refresh) </code></pre> </div> <h3> Cost Impact of Right-Sizing </h3> <p>Memory configuration directly multiplies your bill. Here's a concrete example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Two functions, each invoked 10,000 times/day, ~100ms duration: Function A: 1536MB (oversized) Cost = (1536/1024) × (100/1000) × 10,000 × $0.0000166667/GB-s = 1.5 × 0.1 × 10,000 × $0.0000166667 ≈ $0.25/day → ~$7.50/month Function B: 256MB (right-sized) Cost = (256/1024) × (100/1000) × 10,000 × $0.0000166667/GB-s = 0.25 × 0.1 × 10,000 × $0.0000166667 ≈ $0.04/day → ~$1.25/month </code></pre> </div> <p><strong>Right-sizing saves ~83% on that function alone.</strong> Multiply across dozens of functions and the savings compound significantly.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Use AWS Lambda Power Tuning to find the optimal memory setting # https://github.com/alexcasalboni/aws-lambda-power-tuning # Run it as a Step Functions workflow — it tests multiple memory configs # and returns a cost/performance curve </span> <span class="c1"># Quick manual approach: measure actual memory usage </span><span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># After execution, check CloudWatch Logs for: </span> <span class="c1"># "Max Memory Used: XXX MB" </span> <span class="c1"># Set your memory config to ~1.5x the max observed usage </span> <span class="k">pass</span> </code></pre> </div> <h2> 2. Stateless by Design (But Not Naive About It) </h2> <p>Lambda functions are stateless — execution environments are ephemeral and can be recycled at any time. But "stateless" doesn't mean "no shared state ever exists."</p> <h3> What Stateless Actually Means </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ❌ What stateless PREVENTS — don't do this: </span><span class="n">request_counter</span> <span class="o">=</span> <span class="mi">0</span> <span class="c1"># This WILL drift — multiple instances, recycled environments </span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">global</span> <span class="n">request_counter</span> <span class="n">request_counter</span> <span class="o">+=</span> <span class="mi">1</span> <span class="c1"># unreliable across instances </span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">count</span><span class="sh">'</span><span class="p">:</span> <span class="n">request_counter</span><span class="p">}</span> <span class="c1"># meaningless in distributed context </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ✅ What stateless REQUIRES — persist state externally: </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">request-counters</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># Atomic increment in DynamoDB — correct across all instances </span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">counterId</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">global</span><span class="sh">'</span><span class="p">},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">ADD #count :inc</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeNames</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">#count</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">count</span><span class="sh">'</span><span class="p">},</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:inc</span><span class="sh">'</span><span class="p">:</span> <span class="mi">1</span><span class="p">},</span> <span class="n">ReturnValues</span><span class="o">=</span><span class="sh">'</span><span class="s">UPDATED_NEW</span><span class="sh">'</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">count</span><span class="sh">'</span><span class="p">:</span> <span class="nf">int</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Attributes</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">count</span><span class="sh">'</span><span class="p">])}</span> </code></pre> </div> <h3> Instance Reuse: The "Stateful Stateless" Reality </h3> <p>Lambda recycles execution environments — but not immediately. An environment that handled a request may handle the next one too. This is a feature (warm starts, reusable connections) and a risk (stale state from previous requests).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ✅ Good: leverage instance reuse for connection pooling </span><span class="kn">import</span> <span class="n">boto3</span> <span class="c1"># Initialized ONCE per execution environment (not per request) # Reused across warm invocations — this is intentional and correct </span><span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brands</span><span class="sh">'</span><span class="p">)</span> <span class="n">ssm_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ssm</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Cache config — valid for the lifetime of this environment </span><span class="n">_config_cache</span> <span class="o">=</span> <span class="bp">None</span> <span class="k">def</span> <span class="nf">get_config</span><span class="p">():</span> <span class="k">global</span> <span class="n">_config_cache</span> <span class="k">if</span> <span class="n">_config_cache</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="n">response</span> <span class="o">=</span> <span class="n">ssm_client</span><span class="p">.</span><span class="nf">get_parameter</span><span class="p">(</span><span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">/brand-api/config</span><span class="sh">'</span><span class="p">)</span> <span class="n">_config_cache</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Parameter</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">])</span> <span class="k">return</span> <span class="n">_config_cache</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">config</span> <span class="o">=</span> <span class="nf">get_config</span><span class="p">()</span> <span class="c1"># SSM called once, then cached </span> <span class="n">result</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]})</span> <span class="k">return</span> <span class="n">result</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">Item</span><span class="sh">'</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ❌ Risk: stale temporary files from previous requests </span><span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">tempfile</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">tmp_path</span> <span class="o">=</span> <span class="sh">'</span><span class="s">/tmp/processing_output.json</span><span class="sh">'</span> <span class="c1"># ❌ If a previous request created this file and it wasn't cleaned up, </span> <span class="c1"># this open() call will read stale data from the previous request </span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="n">tmp_path</span><span class="p">,</span> <span class="sh">'</span><span class="s">r</span><span class="sh">'</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> <span class="k">return</span> <span class="n">json</span><span class="p">.</span><span class="nf">load</span><span class="p">(</span><span class="n">f</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ✅ Safe: use unique filenames per request </span><span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">uuid</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># Unique filename per invocation — no collision with previous requests </span> <span class="n">tmp_path</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">'</span><span class="s">/tmp/</span><span class="si">{</span><span class="n">context</span><span class="p">.</span><span class="n">aws_request_id</span><span class="si">}</span><span class="s">.json</span><span class="sh">'</span> <span class="k">try</span><span class="p">:</span> <span class="c1"># Process and write </span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="n">tmp_path</span><span class="p">,</span> <span class="sh">'</span><span class="s">w</span><span class="sh">'</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dump</span><span class="p">(</span><span class="nf">process</span><span class="p">(</span><span class="n">event</span><span class="p">),</span> <span class="n">f</span><span class="p">)</span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="n">tmp_path</span><span class="p">,</span> <span class="sh">'</span><span class="s">r</span><span class="sh">'</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> <span class="k">return</span> <span class="n">json</span><span class="p">.</span><span class="nf">load</span><span class="p">(</span><span class="n">f</span><span class="p">)</span> <span class="k">finally</span><span class="p">:</span> <span class="c1"># Always clean up — don't leave state for the next request </span> <span class="k">if</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">exists</span><span class="p">(</span><span class="n">tmp_path</span><span class="p">):</span> <span class="n">os</span><span class="p">.</span><span class="nf">remove</span><span class="p">(</span><span class="n">tmp_path</span><span class="p">)</span> </code></pre> </div> <p><strong>The rule</strong>: Use instance reuse intentionally (connection pools, config caches). Guard against it accidentally (temp files, global mutable state).</p> <h2> 3. File Handling in Lambda </h2> <p>Lambda's stateless nature changes how you handle file uploads and storage. The traditional pattern of saving files to local disk doesn't work.</p> <h3> Why Local File Storage Fails </h3> <ul> <li> <code>/tmp</code> is limited to <strong>512MB</strong> (up to 10GB with ephemeral storage configuration)</li> <li>Files in <code>/tmp</code> are lost when the execution environment is recycled</li> <li>Multiple concurrent instances each have their own <code>/tmp</code> — no shared filesystem</li> </ul> <h3> Pattern 1: S3 Pre-Signed URLs (Recommended for Large Files) </h3> <p>Never route large file uploads through Lambda. Instead, generate a pre-signed S3 URL and let the client upload directly to S3.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># generate_upload_url.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">uuid</span> <span class="kn">import</span> <span class="n">os</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">)</span> <span class="n">UPLOAD_BUCKET</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">UPLOAD_BUCKET</span><span class="sh">'</span><span class="p">]</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Client requests an upload URL. Lambda generates a pre-signed S3 PUT URL. Client uploads directly to S3 — Lambda never touches the file bytes. </span><span class="sh">"""</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">pathParameters</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="n">content_type</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">queryStringParameters</span><span class="sh">'</span><span class="p">].</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">contentType</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">image/png</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Validate content type </span> <span class="n">allowed_types</span> <span class="o">=</span> <span class="p">{</span><span class="sh">'</span><span class="s">image/png</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">image/jpeg</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">image/svg+xml</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">image/webp</span><span class="sh">'</span><span class="p">}</span> <span class="k">if</span> <span class="n">content_type</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">allowed_types</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">Unsupported type: </span><span class="si">{</span><span class="n">content_type</span><span class="si">}</span><span class="sh">'</span><span class="p">})</span> <span class="p">}</span> <span class="c1"># Generate unique S3 key </span> <span class="n">file_id</span> <span class="o">=</span> <span class="nf">str</span><span class="p">(</span><span class="n">uuid</span><span class="p">.</span><span class="nf">uuid4</span><span class="p">())</span> <span class="n">s3_key</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">'</span><span class="s">uploads/</span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">file_id</span><span class="si">}</span><span class="sh">'</span> <span class="c1"># Generate pre-signed URL (valid for 15 minutes) </span> <span class="n">upload_url</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">generate_presigned_url</span><span class="p">(</span> <span class="sh">'</span><span class="s">put_object</span><span class="sh">'</span><span class="p">,</span> <span class="n">Params</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">Bucket</span><span class="sh">'</span><span class="p">:</span> <span class="n">UPLOAD_BUCKET</span><span class="p">,</span> <span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="n">s3_key</span><span class="p">,</span> <span class="sh">'</span><span class="s">ContentType</span><span class="sh">'</span><span class="p">:</span> <span class="n">content_type</span><span class="p">,</span> <span class="p">},</span> <span class="n">ExpiresIn</span><span class="o">=</span><span class="mi">900</span> <span class="c1"># 15 minutes </span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">'</span><span class="s">uploadUrl</span><span class="sh">'</span><span class="p">:</span> <span class="n">upload_url</span><span class="p">,</span> <span class="sh">'</span><span class="s">fileId</span><span class="sh">'</span><span class="p">:</span> <span class="n">file_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">s3Key</span><span class="sh">'</span><span class="p">:</span> <span class="n">s3_key</span><span class="p">,</span> <span class="sh">'</span><span class="s">expiresIn</span><span class="sh">'</span><span class="p">:</span> <span class="mi">900</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Upload flow: Client → GET /upload-url → Lambda → S3 pre-signed URL → Client Client → PUT {file bytes} → S3 directly (Lambda not involved) S3 ObjectCreated event → Lambda (process the uploaded file) </code></pre> </div> <h3> Pattern 2: Base64 for Small Files (Avatars, Icons) </h3> <p>For small files (&lt;1MB), you can accept Base64-encoded content through API Gateway:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handle_small_upload.py </span><span class="kn">import</span> <span class="n">base64</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">uuid</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Handle small file uploads via Base64 encoding</span><span class="sh">"""</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">])</span> <span class="n">file_data</span> <span class="o">=</span> <span class="n">base64</span><span class="p">.</span><span class="nf">b64decode</span><span class="p">(</span><span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">fileData</span><span class="sh">'</span><span class="p">])</span> <span class="n">content_type</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">contentType</span><span class="sh">'</span><span class="p">]</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># Size check — API Gateway limit is 10MB, keep it under 1MB for safety </span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">file_data</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">1</span> <span class="o">*</span> <span class="mi">1024</span> <span class="o">*</span> <span class="mi">1024</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">413</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">File too large. Use pre-signed URL for files &gt;1MB</span><span class="sh">'</span><span class="p">})</span> <span class="p">}</span> <span class="n">s3_key</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">'</span><span class="s">logos/</span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">uuid</span><span class="p">.</span><span class="nf">uuid4</span><span class="p">()</span><span class="si">}</span><span class="sh">'</span> <span class="n">s3</span><span class="p">.</span><span class="nf">put_object</span><span class="p">(</span> <span class="n">Bucket</span><span class="o">=</span><span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">UPLOAD_BUCKET</span><span class="sh">'</span><span class="p">],</span> <span class="n">Key</span><span class="o">=</span><span class="n">s3_key</span><span class="p">,</span> <span class="n">Body</span><span class="o">=</span><span class="n">file_data</span><span class="p">,</span> <span class="n">ContentType</span><span class="o">=</span><span class="n">content_type</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">s3Key</span><span class="sh">'</span><span class="p">:</span> <span class="n">s3_key</span><span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h2> 4. WebSocket with Lambda </h2> <p>Lambda is stateless and request-driven — it can't maintain a persistent WebSocket connection itself. But you can implement WebSocket by combining <strong>API Gateway WebSocket API</strong> with Lambda.</p> <p>API Gateway maintains the persistent connections; Lambda handles the messages.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client ←──WebSocket──→ API Gateway ←──events──→ Lambda (persistent) (manages connections) (stateless) </code></pre> </div> <h3> Three Lambda Handlers for WebSocket </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># websocket_handlers.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">connections_table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">websocket-connections</span><span class="sh">'</span><span class="p">)</span> <span class="n">apigw</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span> <span class="sh">'</span><span class="s">apigatewaymanagementapi</span><span class="sh">'</span><span class="p">,</span> <span class="n">endpoint_url</span><span class="o">=</span><span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">WEBSOCKET_ENDPOINT</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># e.g., https://abc123.execute-api.us-east-1.amazonaws.com/prod </span><span class="p">)</span> <span class="k">def</span> <span class="nf">connect_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Called when a client establishes a WebSocket connection. Store the connection ID for later message delivery. </span><span class="sh">"""</span> <span class="n">connection_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">]</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">queryStringParameters</span><span class="sh">'</span><span class="p">].</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">anonymous</span><span class="sh">'</span><span class="p">)</span> <span class="n">connections_table</span><span class="p">.</span><span class="nf">put_item</span><span class="p">(</span><span class="n">Item</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">:</span> <span class="n">connection_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">connectedAt</span><span class="sh">'</span><span class="p">:</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">requestTimeEpoch</span><span class="sh">'</span><span class="p">]</span> <span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Client connected: </span><span class="si">{</span><span class="n">connection_id</span><span class="si">}</span><span class="s"> (brand: </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">}</span> <span class="k">def</span> <span class="nf">disconnect_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Called when a client disconnects.</span><span class="sh">"""</span> <span class="n">connection_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">]</span> <span class="n">connections_table</span><span class="p">.</span><span class="nf">delete_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">:</span> <span class="n">connection_id</span><span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Client disconnected: </span><span class="si">{</span><span class="n">connection_id</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">}</span> <span class="k">def</span> <span class="nf">message_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Called when a client sends a message.</span><span class="sh">"""</span> <span class="n">connection_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">]</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">])</span> <span class="n">message_type</span> <span class="o">=</span> <span class="n">body</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">)</span> <span class="k">if</span> <span class="n">message_type</span> <span class="o">==</span> <span class="sh">'</span><span class="s">subscribe_brand</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># Update subscription in DynamoDB </span> <span class="n">connections_table</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">:</span> <span class="n">connection_id</span><span class="p">},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">SET subscribedBrand = :brand</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:brand</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">}</span> <span class="p">)</span> <span class="c1"># Send acknowledgment back to this client </span> <span class="nf">send_message</span><span class="p">(</span><span class="n">connection_id</span><span class="p">,</span> <span class="p">{</span> <span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">subscribed</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span> <span class="p">})</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">}</span> <span class="k">def</span> <span class="nf">send_message</span><span class="p">(</span><span class="n">connection_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">message</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Send a message to a specific connected client.</span><span class="sh">"""</span> <span class="k">try</span><span class="p">:</span> <span class="n">apigw</span><span class="p">.</span><span class="nf">post_to_connection</span><span class="p">(</span> <span class="n">ConnectionId</span><span class="o">=</span><span class="n">connection_id</span><span class="p">,</span> <span class="n">Data</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">message</span><span class="p">).</span><span class="nf">encode</span><span class="p">(</span><span class="sh">'</span><span class="s">utf-8</span><span class="sh">'</span><span class="p">)</span> <span class="p">)</span> <span class="k">except</span> <span class="n">apigw</span><span class="p">.</span><span class="n">exceptions</span><span class="p">.</span><span class="n">GoneException</span><span class="p">:</span> <span class="c1"># Client disconnected — clean up stale connection </span> <span class="n">connections_table</span><span class="p">.</span><span class="nf">delete_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">:</span> <span class="n">connection_id</span><span class="p">})</span> <span class="k">def</span> <span class="nf">broadcast_brand_update</span><span class="p">(</span><span class="n">brand_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">update_data</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Broadcast a brand update to all subscribed clients. Called from other Lambda functions when brand data changes. </span><span class="sh">"""</span> <span class="c1"># Find all connections subscribed to this brand </span> <span class="n">response</span> <span class="o">=</span> <span class="n">connections_table</span><span class="p">.</span><span class="nf">scan</span><span class="p">(</span> <span class="n">FilterExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">subscribedBrand = :brand</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:brand</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">}</span> <span class="p">)</span> <span class="n">message</span> <span class="o">=</span> <span class="p">{</span><span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">brand_updated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">data</span><span class="sh">'</span><span class="p">:</span> <span class="n">update_data</span><span class="p">}</span> <span class="k">for</span> <span class="n">item</span> <span class="ow">in</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Items</span><span class="sh">'</span><span class="p">]:</span> <span class="nf">send_message</span><span class="p">(</span><span class="n">item</span><span class="p">[</span><span class="sh">'</span><span class="s">connectionId</span><span class="sh">'</span><span class="p">],</span> <span class="n">message</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Broadcast to </span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">"</span><span class="s">Items</span><span class="sh">"</span><span class="p">])</span><span class="si">}</span><span class="s"> clients for brand </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">wsConnect</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">websocket_handlers.connect_handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">websocket</span><span class="pi">:</span> <span class="na">route</span><span class="pi">:</span> <span class="s">$connect</span> <span class="na">wsDisconnect</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">websocket_handlers.disconnect_handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">websocket</span><span class="pi">:</span> <span class="na">route</span><span class="pi">:</span> <span class="s">$disconnect</span> <span class="na">wsMessage</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">websocket_handlers.message_handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">websocket</span><span class="pi">:</span> <span class="na">route</span><span class="pi">:</span> <span class="s">$default</span> </code></pre> </div> <h2> 5. Lambda Extensions: Graceful Lifecycle Management </h2> <p>AWS Lambda Extensions allow you to run code alongside your function — for flushing metrics, closing connections, and handling graceful shutdown. This is Lambda's equivalent of Kubernetes lifecycle hooks (<code>preStop</code>, <code>postStart</code>).</p> <h3> The Problem They Solve </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ❌ Without extensions: metrics may be lost </span><span class="kn">import</span> <span class="n">datadog</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">process_brand</span><span class="p">(</span><span class="n">event</span><span class="p">)</span> <span class="c1"># This metric send is async — if Lambda freezes the environment </span> <span class="c1"># immediately after handler returns, the metric may never arrive </span> <span class="n">datadog</span><span class="p">.</span><span class="n">statsd</span><span class="p">.</span><span class="nf">increment</span><span class="p">(</span><span class="sh">'</span><span class="s">brand.processed</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="n">result</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># ✅ With Lambda Extensions: flush metrics before freeze/shutdown # extensions/metrics_flusher.py — runs as a separate process alongside your function </span> <span class="kn">import</span> <span class="n">http.server</span> <span class="kn">import</span> <span class="n">urllib.request</span> <span class="kn">import</span> <span class="n">json</span> <span class="k">class</span> <span class="nc">ExtensionHandler</span><span class="p">(</span><span class="n">http</span><span class="p">.</span><span class="n">server</span><span class="p">.</span><span class="n">BaseHTTPRequestHandler</span><span class="p">):</span> <span class="k">def</span> <span class="nf">do_GET</span><span class="p">(</span><span class="n">self</span><span class="p">):</span> <span class="k">if</span> <span class="n">self</span><span class="p">.</span><span class="n">path</span> <span class="o">==</span> <span class="sh">'</span><span class="s">/pre-freeze</span><span class="sh">'</span><span class="p">:</span> <span class="c1"># Called before Lambda freezes this environment </span> <span class="c1"># Flush all pending metrics synchronously </span> <span class="nf">flush_metrics_to_datadog</span><span class="p">()</span> <span class="n">self</span><span class="p">.</span><span class="nf">send_response</span><span class="p">(</span><span class="mi">200</span><span class="p">)</span> <span class="n">self</span><span class="p">.</span><span class="nf">end_headers</span><span class="p">()</span> <span class="k">elif</span> <span class="n">self</span><span class="p">.</span><span class="n">path</span> <span class="o">==</span> <span class="sh">'</span><span class="s">/pre-stop</span><span class="sh">'</span><span class="p">:</span> <span class="c1"># Called before Lambda terminates this environment </span> <span class="c1"># Close database connections, flush logs, update status </span> <span class="nf">close_db_connections</span><span class="p">()</span> <span class="nf">flush_final_metrics</span><span class="p">()</span> <span class="n">self</span><span class="p">.</span><span class="nf">send_response</span><span class="p">(</span><span class="mi">200</span><span class="p">)</span> <span class="n">self</span><span class="p">.</span><span class="nf">end_headers</span><span class="p">()</span> <span class="k">def</span> <span class="nf">log_message</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="nb">format</span><span class="p">,</span> <span class="o">*</span><span class="n">args</span><span class="p">):</span> <span class="k">pass</span> <span class="c1"># suppress default logging </span> <span class="k">def</span> <span class="nf">flush_metrics_to_datadog</span><span class="p">():</span> <span class="sh">"""</span><span class="s">Ensure all buffered metrics are sent before environment freezes</span><span class="sh">"""</span> <span class="c1"># Implementation: flush your metrics client's buffer </span> <span class="nf">print</span><span class="p">(</span><span class="sh">'</span><span class="s">Pre-freeze: flushing metrics buffer</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># datadog.statsd.flush() </span> <span class="k">def</span> <span class="nf">close_db_connections</span><span class="p">():</span> <span class="sh">"""</span><span class="s">Gracefully close connections before environment is terminated</span><span class="sh">"""</span> <span class="nf">print</span><span class="p">(</span><span class="sh">'</span><span class="s">Pre-stop: closing database connections</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># db_pool.close_all() </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — attach the extension</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandApi</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">layers</span><span class="pi">:</span> <span class="pi">-</span> <span class="kt">!Ref</span> <span class="s">MetricsFlusherExtensionLayer</span> <span class="c1"># your extension as a Lambda Layer</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">MetricsFlusherExtensionLayer</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Lambda::LayerVersion</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">LayerName</span><span class="pi">:</span> <span class="s">metrics-flusher-extension</span> <span class="na">Content</span><span class="pi">:</span> <span class="na">S3Bucket</span><span class="pi">:</span> <span class="s">your-deployment-bucket</span> <span class="na">S3Key</span><span class="pi">:</span> <span class="s">extensions/metrics-flusher.zip</span> <span class="na">CompatibleRuntimes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">python3.12</span> </code></pre> </div> <h2> 6. Static Assets: Keep Them Out of Lambda </h2> <p>A common mistake when migrating existing applications to Lambda: routing static asset requests through your Lambda function.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>❌ Bad architecture: Client → API Gateway → Lambda → returns CSS/JS/images (every asset request consumes Lambda concurrency and costs money) ✅ Good architecture: Client → CloudFront → S3 (static assets: CSS, JS, images) Client → CloudFront → API Gateway → Lambda (API calls only) </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — separate static assets from API</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">StaticAssetsBucket</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::S3::Bucket</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">BucketName</span><span class="pi">:</span> <span class="s">brand-platform-static</span> <span class="na">CloudFrontDistribution</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::CloudFront::Distribution</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">DistributionConfig</span><span class="pi">:</span> <span class="na">Origins</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Id</span><span class="pi">:</span> <span class="s">StaticAssets</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">StaticAssetsBucket.DomainName</span> <span class="na">S3OriginConfig</span><span class="pi">:</span> <span class="pi">{}</span> <span class="pi">-</span> <span class="na">Id</span><span class="pi">:</span> <span class="s">BrandApi</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s1">'</span><span class="s">${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com'</span> <span class="na">CustomOriginConfig</span><span class="pi">:</span> <span class="na">HTTPSPort</span><span class="pi">:</span> <span class="m">443</span> <span class="na">OriginProtocolPolicy</span><span class="pi">:</span> <span class="s">https-only</span> <span class="na">CacheBehaviors</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">PathPattern</span><span class="pi">:</span> <span class="s1">'</span><span class="s">/api/*'</span> <span class="na">TargetOriginId</span><span class="pi">:</span> <span class="s">BrandApi</span> <span class="na">CachePolicyId</span><span class="pi">:</span> <span class="s">4135ea2d-6df8-44a3-9df3-4b5a84be39ad</span> <span class="c1"># CachingDisabled</span> <span class="na">ViewerProtocolPolicy</span><span class="pi">:</span> <span class="s">https-only</span> <span class="na">DefaultCacheBehavior</span><span class="pi">:</span> <span class="na">TargetOriginId</span><span class="pi">:</span> <span class="s">StaticAssets</span> <span class="na">ViewerProtocolPolicy</span><span class="pi">:</span> <span class="s">https-only</span> <span class="na">CachePolicyId</span><span class="pi">:</span> <span class="s">658327ea-f89d-4fab-a63d-7e88639e58f6</span> <span class="c1"># CachingOptimized</span> </code></pre> </div> <h2> Production Readiness Checklist </h2> <p>Before deploying a Lambda function to production, verify:</p> <p><strong>Architecture</strong></p> <ul> <li>[ ] Function granularity follows resource similarity + functional cohesion principles</li> <li>[ ] Static assets served from S3 + CloudFront, not Lambda</li> <li>[ ] Heavy operations (ML inference, video processing) in separate functions</li> </ul> <p><strong>Stateless Design</strong></p> <ul> <li>[ ] No persistent state stored in global variables across requests</li> <li>[ ] Temp files use unique names (<code>/tmp/{request_id}.ext</code>) and are cleaned up</li> <li>[ ] Connection pools and config caches are intentionally reused (not accidentally shared)</li> </ul> <p><strong>Cost Optimization</strong></p> <ul> <li>[ ] Memory configured based on measured usage (not default 128MB or maximum 3008MB)</li> <li>[ ] Timeout set to realistic maximum (not default 3s or maximum 15min)</li> <li>[ ] Reserved concurrency set where appropriate to cap costs and protect downstream</li> </ul> <p><strong>Reliability</strong></p> <ul> <li>[ ] DLQ or failure destination configured for all async functions</li> <li>[ ] Retry logic defined for all Task states (if using Step Functions)</li> <li>[ ] CloudWatch alarms on error rate, throttles, and duration P99</li> </ul> <p><strong>Security</strong></p> <ul> <li>[ ] IAM role follows least-privilege (no <code>*</code> actions unless justified)</li> <li>[ ] Secrets in Secrets Manager or Parameter Store, not environment variables</li> <li>[ ] VPC only configured where genuinely needed</li> </ul> <p><strong>Observability</strong></p> <ul> <li>[ ] Structured logging (JSON) for CloudWatch Logs Insights queries</li> <li>[ ] X-Ray tracing enabled for latency debugging</li> <li>[ ] Custom metrics for business-level monitoring</li> </ul> <h2> Summary: The Mental Model </h2> <p>After six articles, here's the mental model that ties everything together:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Lambda function = a stateless, event-driven compute unit Trigger → defines invocation model (sync vs async) → determines retry behavior and error routing Concurrency → scales automatically, but has limits → control with reserved concurrency + Provisioned Concurrency State → lives outside Lambda (DynamoDB, S3, ElastiCache) → execution environment reuse is a performance feature, not a state store Cost → memory × duration × invocations → right-size memory, minimize duration, avoid unnecessary invocations Reliability → DLQ for async, Catch/Retry for Step Functions → idempotent handlers for at-least-once delivery Deployment → always use aliases, never $LATEST in production → canary + CloudWatch alarms for safe rollouts </code></pre> </div> <p>Serverless doesn't eliminate operational complexity — it <strong>relocates</strong> it. The infrastructure concerns move to AWS; the architectural concerns move to you. Understanding Lambda's internals — the cold start pipeline, the concurrency model, the invocation types, the scaling mechanics — is what lets you make those architectural decisions confidently.</p> <p><strong>Build small. Scale automatically. Fail gracefully.</strong></p> <p><em>This concludes the **Serverless Internals: How AWS Lambda Really Works</em>* series.*</p> <p><em>If you found this series useful, consider following for more content on AWS architecture, LLM engineering, and production AI systems.</em></p> architecture aws serverless systemdesign James Lee Tue, 26 May 2026 07:55:11 +0000 https://dev.to/jamesli/serverless-workflows-orchestrating-multi-step-pipelines-with-aws-step-functions-5fim https://dev.to/jamesli/serverless-workflows-orchestrating-multi-step-pipelines-with-aws-step-functions-5fim <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>}, "NotifyDownstream": { "Type": "Task", "Resource": "arn:aws:states:::sns:publish", "Parameters": { "TopicArn": "arn:aws:sns:us-east-1:123:brand-asset-processed", "Message.$": "States.JsonToString($)" }, "End": true }, "HandleProcessingError": { "Type": "Task", "Resource": "arn:aws:lambda:us-east-1:123:function:handle-processing-error", "End": true } </code></pre> </div> <p>}<br> }<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> ### Step 2: The Lambda Functions Each state's Lambda function does one thing well — the orchestration logic lives in the state machine, not the functions. </code></pre> </div> <p><br> python</p> <h1> validate_brand_asset.py </h1> <p>import json</p> <p>class ValidationError(Exception):<br> pass</p> <p>def handler(event, context):<br> """<br> Validates incoming brand asset upload.<br> Input: { brandId, s3Bucket, s3Key, fileSize, contentType }<br> Output: same event, passed through to next state<br> """<br> brand_id = event.get('brandId')<br> s3_key = event.get('s3Key')<br> content_type = event.get('contentType', '')<br> file_size = event.get('fileSize', 0)</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>if not brand_id: raise ValidationError('Missing required field: brandId') if not s3_key: raise ValidationError('Missing required field: s3Key') allowed_types = {'image/png', 'image/jpeg', 'image/svg+xml', 'image/webp'} if content_type not in allowed_types: raise ValidationError(f'Unsupported content type: {content_type}') max_size_bytes = 10 * 1024 * 1024 # 10MB if file_size &gt; max_size_bytes: raise ValidationError(f'File too large: {file_size} bytes (max 10MB)') print(f'Validation passed for brand {brand_id}: {s3_key}') # Pass through the event — next state receives this as input return event </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> </code></pre> </div> <p><br> python</p> <h1> detect_logo.py </h1> <p>import boto3<br> import os</p> <p>rekognition = boto3.client('rekognition')</p> <p>def handler(event, context):<br> """<br> Runs Rekognition label detection on the uploaded brand asset.<br> Input: { brandId, s3Bucket, s3Key, ... }<br> Output: { logoLabels: [...] } ← merged into parallel results<br> """<br> bucket = event['s3Bucket']<br> key = event['s3Key']</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>response = rekognition.detect_labels( Image={'S3Object': {'Bucket': bucket, 'Name': key}}, MaxLabels=15, MinConfidence=75 ) labels = [ {'name': label['Name'], 'confidence': round(label['Confidence'], 2)} for label in response['Labels'] ] print(f'Detected {len(labels)} labels for {key}') return {'logoLabels': labels} </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> </code></pre> </div> <p><br> python</p> <h1> generate_color_palette.py </h1> <p>import boto3<br> from PIL import Image<br> import io<br> from collections import Counter</p> <p>s3 = boto3.client('s3')</p> <p>def handler(event, context):<br> """<br> Extracts dominant colors from the brand asset.<br> Input: { brandId, s3Bucket, s3Key, ... }<br> Output: { colors: ['#FF5733', '#C70039', ...] }<br> """<br> bucket = event['s3Bucket']<br> key = event['s3Key']</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># Download image from S3 obj = s3.get_object(Bucket=bucket, Key=key) image_data = obj['Body'].read() # Extract dominant colors img = Image.open(io.BytesIO(image_data)).convert('RGB') img = img.resize((100, 100)) # downsample for speed pixels = list(img.getdata()) color_counts = Counter(pixels) top_colors = color_counts.most_common(5) hex_colors = [ '#{:02x}{:02x}{:02x}'.format(r, g, b) for (r, g, b), _ in top_colors ] print(f'Extracted {len(hex_colors)} dominant colors from {key}') return {'colors': hex_colors} </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> ### Step 3: Deploy with Serverless Framework </code></pre> </div> <p><br> yaml</p> <h1> serverless.yml </h1> <p>service: brand-asset-pipeline</p> <p>provider:<br> name: aws<br> runtime: python3.12<br> region: us-east-1</p> <p>plugins:</p> <ul> <li>serverless-step-functions</li> </ul> <p>functions:<br> validateBrandAsset:<br> handler: validate_brand_asset.handler</p> <p>detectLogo:<br> handler: detect_logo.handler<br> timeout: 30 # Rekognition can be slow</p> <p>generateColorPalette:<br> handler: generate_color_palette.handler<br> timeout: 30</p> <p>handleValidationError:<br> handler: error_handlers.handle_validation_error</p> <p>handleProcessingError:<br> handler: error_handlers.handle_processing_error</p> <p>stepFunctions:<br> stateMachines:<br> brandAssetPipeline:<br> name: brand-asset-ingestion-pipeline<br> definition: ${file(state_machine.json)}<br> loggingConfig:<br> level: ALL<br> includeExecutionData: true<br> destinations:<br> - arn:aws:logs:us-east-1:123:log-group:/aws/states/brand-pipeline<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> --- ## Key Patterns in Step Functions ### Pattern 1: Retry with Exponential Backoff Every `Task` state should define retry behavior for transient failures (Lambda throttling, downstream API timeouts): </code></pre> </div> <p><br> json<br> "Retry": [<br> {<br> "ErrorEquals": [<br> "Lambda.ServiceException",<br> "Lambda.AWSLambdaException",<br> "Lambda.TooManyRequestsException",<br> "Lambda.SdkClientException"<br> ],<br> "IntervalSeconds": 2,<br> "MaxAttempts": 3,<br> "BackoffRate": 2,<br> "JitterStrategy": "FULL"<br> },<br> {<br> "ErrorEquals": ["RateLimitError"],<br> "IntervalSeconds": 10,<br> "MaxAttempts": 5,<br> "BackoffRate": 1.5<br> }<br> ]<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> The retry sequence with `BackoffRate: 2` and `IntervalSeconds: 2`: - Attempt 1 fails → wait 2s - Attempt 2 fails → wait 4s - Attempt 3 fails → wait 8s - All retries exhausted → `Catch` block fires ### Pattern 2: Map State for Batch Processing Process a list of items in parallel — like processing multiple brand assets in one workflow execution: </code></pre> </div> <p><br> json<br> "ProcessBrandBatch": {<br> "Type": "Map",<br> "ItemsPath": "$.brandIds",<br> "MaxConcurrency": 10,<br> "Iterator": {<br> "StartAt": "ProcessSingleBrand",<br> "States": {<br> "ProcessSingleBrand": {<br> "Type": "Task",<br> "Resource": "arn:aws:lambda:us-east-1:123:function:process-brand",<br> "End": true<br> }<br> }<br> },<br> "Next": "AggregateResults"<br> }<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> Input: </code></pre> </div> <p><br> json<br> {<br> "brandIds": ["nike", "adidas", "puma", "reebok", "newbalance"]<br> }<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> Step Functions processes all 5 brands in parallel (up to `MaxConcurrency: 10`), then waits for all to complete before moving to `AggregateResults`. ### Pattern 3: Wait for Human Approval (Callback Pattern) For workflows that need human review before proceeding — use the `.waitForTaskToken` integration: </code></pre> </div> <p><br> json<br> "WaitForApproval": {<br> "Type": "Task",<br> "Resource": "arn:aws:states:::lambda:invoke.waitForTaskToken",<br> "Parameters": {<br> "FunctionName": "send-approval-email",<br> "Payload": {<br> "taskToken.$": "$$.Task.Token",<br> "brandId.$": "$.brandId",<br> "reviewUrl.$": "States.Format('<a href="https://admin.yourdomain.com/review/%7B%7D" rel="noopener noreferrer">https://admin.yourdomain.com/review/{}</a>', $.brandId)"<br> }<br> },<br> "HeartbeatSeconds": 86400,<br> "Next": "ProcessApprovedBrand"<br> }<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> </code></pre> </div> <p><br> python</p> <h1> send_approval_email.py </h1> <p>import boto3<br> import os</p> <p>ses = boto3.client('ses')<br> sfn = boto3.client('stepfunctions')</p> <p>def handler(event, context):<br> """<br> Sends approval email with approve/reject links.<br> The workflow pauses until the reviewer clicks a link,<br> which calls SendTaskSuccess or SendTaskFailure.<br> """<br> task_token = event['taskToken']<br> brand_id = event['brandId']<br> review_url = event['reviewUrl']</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># Store token for later callback # (in practice, store in DynamoDB keyed by brandId) ses.send_email( Source='noreply@yourdomain.com', Destination={'ToAddresses': ['reviewer@yourdomain.com']}, Message={ 'Subject': {'Data': f'Brand Review Required: {brand_id}'}, 'Body': {'Html': {'Data': f''' &lt;p&gt;Brand &lt;b&gt;{brand_id}&lt;/b&gt; requires review.&lt;/p&gt; &lt;p&gt;&lt;a href="{review_url}?token={task_token}&amp;action=approve"&gt;✅ Approve&lt;/a&gt;&lt;/p&gt; &lt;p&gt;&lt;a href="{review_url}?token={task_token}&amp;action=reject"&gt;❌ Reject&lt;/a&gt;&lt;/p&gt; '''}} } ) # Return immediately — workflow is now paused waiting for callback return {'status': 'approval_email_sent', 'brandId': brand_id} </code></pre> </div> <p>def handle_approval_callback(task_token: str, approved: bool):<br> """Called by your API when reviewer clicks approve/reject"""<br> if approved:<br> sfn.send_task_success(<br> taskToken=task_token,<br> output=json.dumps({'approved': True})<br> )<br> else:<br> sfn.send_task_failure(<br> taskToken=task_token,<br> error='ReviewRejected',<br> cause='Brand rejected by human reviewer'<br> )<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> ### Pattern 4: Express vs Standard Workflows Step Functions offers two workflow types with very different characteristics: | | Standard Workflows | Express Workflows | |---|---|---| | **Max duration** | 1 year | 5 minutes | | **Execution model** | Exactly-once | At-least-once | | **Pricing** | Per state transition | Per execution duration | | **Execution history** | Full (90 days) | CloudWatch Logs only | | **Best for** | Long-running, auditable workflows | High-volume, short pipelines | </code></pre> </div> <p><br> yaml</p> <h1> Express workflow for high-volume, short-lived pipelines </h1> <p>stepFunctions:<br> stateMachines:<br> brandMetricsPipeline:<br> type: EXPRESS # ← Express workflow<br> name: brand-metrics-pipeline<br> definition: ${file(express_state_machine.json)}</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> Use **Standard** for: order processing, approval workflows, data ingestion with audit requirements. Use **Express** for: real-time data transformation, IoT event processing, high-frequency API backends. --- ## Step Functions vs DIY Orchestration A common question: why not just chain Lambda functions with SQS queues? | Concern | SQS + Lambda DIY | Step Functions | |---|---|---| | State tracking | You build it | Built-in | | Retry logic | You build it | Built-in per-state | | Parallel execution | Complex fan-out/fan-in | Native `Parallel` state | | Execution history | CloudWatch logs only | Visual execution graph | | Error routing | Manual DLQ wiring | Native `Catch` blocks | | Long-running (&gt;15min) | Requires external state | Native support (Standard) | | Cost | Lower for simple cases | Per state transition | The tipping point: **if your workflow has more than 3 steps, branching logic, or retry requirements, Step Functions pays for itself in reduced complexity.** --- ## Summary | Concept | AWS Step Functions Implementation | |---|---| | **State machine** | JSON-defined workflow (Amazon States Language) | | **Sequential steps** | Default — each state transitions to `Next` | | **Branching** | `Choice` state with condition rules | | **Parallel execution** | `Parallel` state — branches run simultaneously | | **Batch processing** | `Map` state — iterate over arrays | | **Retry logic** | Per-state `Retry` with exponential backoff | | **Error handling** | Per-state `Catch` with error routing | | **Human-in-the-loop** | `.waitForTaskToken` callback pattern | | **Workflow types** | Standard (long-running) vs Express (high-volume) | Step Functions doesn't replace Lambda — it elevates it. Individual functions stay small and focused; the workflow handles coordination, state, retries, and error routing. The result is a system where each piece is independently testable, observable, and replaceable. **Build small functions. Orchestrate big workflows.** --- *Next in this series: **Part 7 — Serverless Best Practices: Production Architecture, Stateless Design &amp; Cost Optimization*** </code></pre> </div> aws python serverless tutorial James Lee Tue, 26 May 2026 07:53:00 +0000 https://dev.to/jamesli/event-driven-automation-building-a-serverless-maintenance-bot-with-lambda-eventbridge-51jj https://dev.to/jamesli/event-driven-automation-building-a-serverless-maintenance-bot-with-lambda-eventbridge-51jj <p>Traditional ops automation means cron jobs on a dedicated server, custom monitoring daemons, or a full Ansible/Chef setup just to restart a service at midnight.</p> <p>Serverless flips this model entirely. With Lambda + EventBridge, you can build a fully automated maintenance bot that:</p> <ul> <li>Reacts to infrastructure events in real time (EC2 failure → auto-snapshot)</li> <li>Runs scheduled maintenance at 2 AM without a single server</li> <li>Remediates CloudWatch alarms automatically</li> <li>Costs essentially nothing when idle</li> </ul> <p>This article walks through building exactly that — a production-grade serverless ops automation system on AWS.</p> <h2> Why Serverless Is a Natural Fit for Ops Automation </h2> <p>Ops automation tasks share a common pattern:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Something happens (event) │ ▼ Run a script (function) │ ▼ Done — wait for next event </code></pre> </div> <p>This is precisely what Lambda + EventBridge is designed for. The function runs only when triggered, scales to handle multiple simultaneous events, and costs nothing between invocations.</p> <p>Compare this to the traditional approach:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Infrastructure</th> <th>Cost</th> <th>Reliability</th> </tr> </thead> <tbody> <tr> <td>Cron on EC2</td> <td>Dedicated server</td> <td>Always running</td> <td>Single point of failure</td> </tr> <tr> <td>Ansible Tower</td> <td>Full platform</td> <td>Expensive</td> <td>Complex to maintain</td> </tr> <tr> <td>Lambda + EventBridge</td> <td>Zero servers</td> <td>Pay per execution</td> <td>Managed, highly available</td> </tr> </tbody> </table></div> <h2> Architecture Overview </h2> <p>The maintenance bot consists of three independent automation modules, each triggered by a different event source:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────────────┐ │ Serverless Maintenance Bot │ ├─────────────────────────────────────────────────────┤ │ │ │ EC2 State Change ──► auto-snapshot-lambda │ │ (EventBridge) (backup EBS on failure) │ │ │ │ EventBridge Schedule ──► nightly-maintenance-lambda│ │ (cron: 2 AM daily) (cleanup, reset, report) │ │ │ │ CloudWatch Alarm ──► auto-remediation-lambda │ │ (CPU &gt; 80%) (scale out / restart) │ │ │ └─────────────────────────────────────────────────────┘ </code></pre> </div> <h2> Module 1: Auto-Snapshot on EC2 Failure </h2> <p>When an EC2 instance fails or reboots unexpectedly, you want an automatic EBS snapshot created immediately — before any manual intervention.</p> <p><strong>Event source</strong>: EventBridge automatically captures EC2 state change notifications (instance stopping, stopping, rebooting) as native events. No custom monitoring agent needed.</p> <h3> The Event Structure </h3> <p>When EC2 emits a state change event, EventBridge delivers this payload to your Lambda:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"6a7e8feb-b491-4cf7-a9f1-bf3703467718"</span><span class="p">,</span><span class="w"> </span><span class="nl">"source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"aws.ec2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail-type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"EC2 Instance State-change Notification"</span><span class="p">,</span><span class="w"> </span><span class="nl">"region"</span><span class="p">:</span><span class="w"> </span><span class="s2">"us-east-1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"instance-id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"i-0123456789abcdef0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="w"> </span><span class="s2">"stopped"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> The Lambda Handler </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># auto_snapshot.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">logging</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span> <span class="n">logger</span> <span class="o">=</span> <span class="n">logging</span><span class="p">.</span><span class="nf">getLogger</span><span class="p">()</span> <span class="n">logger</span><span class="p">.</span><span class="nf">setLevel</span><span class="p">(</span><span class="n">logging</span><span class="p">.</span><span class="n">INFO</span><span class="p">)</span> <span class="n">ec2</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ec2</span><span class="sh">'</span><span class="p">)</span> <span class="n">sns</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">sns</span><span class="sh">'</span><span class="p">)</span> <span class="n">ALERT_TOPIC_ARN</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">ALERT_TOPIC_ARN</span><span class="sh">'</span><span class="p">]</span> <span class="n">SNAPSHOT_TAG_KEY</span> <span class="o">=</span> <span class="sh">'</span><span class="s">AutoSnapshot</span><span class="sh">'</span> <span class="n">SNAPSHOT_TAG_VALUE</span> <span class="o">=</span> <span class="sh">'</span><span class="s">true</span><span class="sh">'</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Triggered by EventBridge on EC2 state change. Creates EBS snapshots for all volumes attached to the affected instance. </span><span class="sh">"""</span> <span class="n">detail</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">detail</span><span class="sh">'</span><span class="p">]</span> <span class="n">instance_id</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">'</span><span class="s">instance-id</span><span class="sh">'</span><span class="p">]</span> <span class="n">state</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">'</span><span class="s">state</span><span class="sh">'</span><span class="p">]</span> <span class="n">region</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">region</span><span class="sh">'</span><span class="p">]</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">EC2 state change: </span><span class="si">{</span><span class="n">instance_id</span><span class="si">}</span><span class="s"> → </span><span class="si">{</span><span class="n">state</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Only act on unexpected stops/reboots (not intentional shutdowns) </span> <span class="n">trigger_states</span> <span class="o">=</span> <span class="p">{</span><span class="sh">'</span><span class="s">stopped</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">stopping</span><span class="sh">'</span><span class="p">}</span> <span class="k">if</span> <span class="n">state</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">trigger_states</span><span class="p">:</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">State </span><span class="si">{</span><span class="n">state</span><span class="si">}</span><span class="s"> does not require snapshot. Skipping.</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">skipped</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">reason</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">state=</span><span class="si">{</span><span class="n">state</span><span class="si">}</span><span class="sh">'</span><span class="p">}</span> <span class="c1"># Check if this instance is tagged for auto-snapshot </span> <span class="n">instance</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">describe_instances</span><span class="p">(</span><span class="n">InstanceIds</span><span class="o">=</span><span class="p">[</span><span class="n">instance_id</span><span class="p">])</span> <span class="n">tags</span> <span class="o">=</span> <span class="n">instance</span><span class="p">[</span><span class="sh">'</span><span class="s">Reservations</span><span class="sh">'</span><span class="p">][</span><span class="mi">0</span><span class="p">][</span><span class="sh">'</span><span class="s">Instances</span><span class="sh">'</span><span class="p">][</span><span class="mi">0</span><span class="p">].</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">Tags</span><span class="sh">'</span><span class="p">,</span> <span class="p">[])</span> <span class="n">tag_map</span> <span class="o">=</span> <span class="p">{</span><span class="n">t</span><span class="p">[</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">]:</span> <span class="n">t</span><span class="p">[</span><span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">]</span> <span class="k">for</span> <span class="n">t</span> <span class="ow">in</span> <span class="n">tags</span><span class="p">}</span> <span class="k">if</span> <span class="n">tag_map</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="n">SNAPSHOT_TAG_KEY</span><span class="p">)</span> <span class="o">!=</span> <span class="n">SNAPSHOT_TAG_VALUE</span><span class="p">:</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Instance </span><span class="si">{</span><span class="n">instance_id</span><span class="si">}</span><span class="s"> not tagged for auto-snapshot. Skipping.</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">skipped</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">reason</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">not tagged</span><span class="sh">'</span><span class="p">}</span> <span class="n">instance_name</span> <span class="o">=</span> <span class="n">tag_map</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">,</span> <span class="n">instance_id</span><span class="p">)</span> <span class="c1"># Get all EBS volumes attached to this instance </span> <span class="n">volumes_response</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">describe_volumes</span><span class="p">(</span> <span class="n">Filters</span><span class="o">=</span><span class="p">[{</span> <span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">attachment.instance-id</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Values</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="n">instance_id</span><span class="p">]</span> <span class="p">}]</span> <span class="p">)</span> <span class="n">volumes</span> <span class="o">=</span> <span class="n">volumes_response</span><span class="p">[</span><span class="sh">'</span><span class="s">Volumes</span><span class="sh">'</span><span class="p">]</span> <span class="n">snapshot_ids</span> <span class="o">=</span> <span class="p">[]</span> <span class="n">timestamp</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">().</span><span class="nf">strftime</span><span class="p">(</span><span class="sh">'</span><span class="s">%Y%m%d-%H%M%S</span><span class="sh">'</span><span class="p">)</span> <span class="k">for</span> <span class="n">volume</span> <span class="ow">in</span> <span class="n">volumes</span><span class="p">:</span> <span class="n">volume_id</span> <span class="o">=</span> <span class="n">volume</span><span class="p">[</span><span class="sh">'</span><span class="s">VolumeId</span><span class="sh">'</span><span class="p">]</span> <span class="n">device</span> <span class="o">=</span> <span class="n">volume</span><span class="p">[</span><span class="sh">'</span><span class="s">Attachments</span><span class="sh">'</span><span class="p">][</span><span class="mi">0</span><span class="p">][</span><span class="sh">'</span><span class="s">Device</span><span class="sh">'</span><span class="p">]</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Creating snapshot for volume </span><span class="si">{</span><span class="n">volume_id</span><span class="si">}</span><span class="s"> (</span><span class="si">{</span><span class="n">device</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="n">snapshot</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">create_snapshot</span><span class="p">(</span> <span class="n">VolumeId</span><span class="o">=</span><span class="n">volume_id</span><span class="p">,</span> <span class="n">Description</span><span class="o">=</span><span class="sa">f</span><span class="sh">'</span><span class="s">Auto-snapshot: </span><span class="si">{</span><span class="n">instance_name</span><span class="si">}</span><span class="s"> (</span><span class="si">{</span><span class="n">instance_id</span><span class="si">}</span><span class="s">) state=</span><span class="si">{</span><span class="n">state</span><span class="si">}</span><span class="sh">'</span><span class="p">,</span> <span class="n">TagSpecifications</span><span class="o">=</span><span class="p">[{</span> <span class="sh">'</span><span class="s">ResourceType</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">snapshot</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Tags</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">auto-</span><span class="si">{</span><span class="n">instance_name</span><span class="si">}</span><span class="s">-</span><span class="si">{</span><span class="n">device</span><span class="si">}</span><span class="s">-</span><span class="si">{</span><span class="n">timestamp</span><span class="si">}</span><span class="sh">'</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">InstanceId</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="n">instance_id</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">TriggerState</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="n">state</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">AutoCreated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">true</span><span class="sh">'</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">CreatedAt</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="n">timestamp</span><span class="p">}</span> <span class="p">]</span> <span class="p">}]</span> <span class="p">)</span> <span class="n">snapshot_ids</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">])</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Snapshot created: </span><span class="si">{</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">"</span><span class="s">SnapshotId</span><span class="sh">"</span><span class="p">]</span><span class="si">}</span><span class="s"> for volume </span><span class="si">{</span><span class="n">volume_id</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Send alert notification </span> <span class="n">sns</span><span class="p">.</span><span class="nf">publish</span><span class="p">(</span> <span class="n">TopicArn</span><span class="o">=</span><span class="n">ALERT_TOPIC_ARN</span><span class="p">,</span> <span class="n">Subject</span><span class="o">=</span><span class="sa">f</span><span class="sh">'</span><span class="s">[Auto-Snapshot] </span><span class="si">{</span><span class="n">instance_name</span><span class="si">}</span><span class="s"> (</span><span class="si">{</span><span class="n">state</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">,</span> <span class="n">Message</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">'</span><span class="s">instance_id</span><span class="sh">'</span><span class="p">:</span> <span class="n">instance_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">instance_name</span><span class="sh">'</span><span class="p">:</span> <span class="n">instance_name</span><span class="p">,</span> <span class="sh">'</span><span class="s">state</span><span class="sh">'</span><span class="p">:</span> <span class="n">state</span><span class="p">,</span> <span class="sh">'</span><span class="s">snapshots_created</span><span class="sh">'</span><span class="p">:</span> <span class="n">snapshot_ids</span><span class="p">,</span> <span class="sh">'</span><span class="s">timestamp</span><span class="sh">'</span><span class="p">:</span> <span class="n">timestamp</span> <span class="p">},</span> <span class="n">indent</span><span class="o">=</span><span class="mi">2</span><span class="p">)</span> <span class="p">)</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Auto-snapshot complete: </span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">snapshot_ids</span><span class="p">)</span><span class="si">}</span><span class="s"> snapshots created</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">instance_id</span><span class="sh">'</span><span class="p">:</span> <span class="n">instance_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">state</span><span class="sh">'</span><span class="p">:</span> <span class="n">state</span><span class="p">,</span> <span class="sh">'</span><span class="s">snapshots_created</span><span class="sh">'</span><span class="p">:</span> <span class="n">snapshot_ids</span> <span class="p">}</span> </code></pre> </div> <h3> EventBridge Rule Configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">autoSnapshot</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">auto_snapshot.handler</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">eventBridge</span><span class="pi">:</span> <span class="na">pattern</span><span class="pi">:</span> <span class="na">source</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">aws.ec2</span> <span class="na">detail-type</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">EC2 Instance State-change Notification</span> <span class="na">detail</span><span class="pi">:</span> <span class="na">state</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">stopped</span> <span class="pi">-</span> <span class="s">stopping</span> <span class="na">iamRoleStatements</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Effect</span><span class="pi">:</span> <span class="s">Allow</span> <span class="na">Action</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">ec2:DescribeInstances</span> <span class="pi">-</span> <span class="s">ec2:DescribeVolumes</span> <span class="pi">-</span> <span class="s">ec2:CreateSnapshot</span> <span class="pi">-</span> <span class="s">ec2:CreateTags</span> <span class="pi">-</span> <span class="s">sns:Publish</span> <span class="na">Resource</span><span class="pi">:</span> <span class="s1">'</span><span class="s">*'</span> </code></pre> </div> <blockquote> <p><strong>Production tip</strong>: Tag your instances with <code>AutoSnapshot: true</code> to opt in. This prevents the function from creating snapshots for every EC2 stop event in your account (including intentional deployments).</p> </blockquote> <h2> Module 2: Nightly Maintenance Bot </h2> <p>Scheduled maintenance tasks — cleanup, reporting, data archival — are a perfect fit for Lambda + EventBridge cron rules. No dedicated server, no cron daemon, no SSH access needed.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># nightly_maintenance.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">logging</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timedelta</span> <span class="n">logger</span> <span class="o">=</span> <span class="n">logging</span><span class="p">.</span><span class="nf">getLogger</span><span class="p">()</span> <span class="n">logger</span><span class="p">.</span><span class="nf">setLevel</span><span class="p">(</span><span class="n">logging</span><span class="p">.</span><span class="n">INFO</span><span class="p">)</span> <span class="n">ec2</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ec2</span><span class="sh">'</span><span class="p">)</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">)</span> <span class="n">sns</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">sns</span><span class="sh">'</span><span class="p">)</span> <span class="n">RETENTION_DAYS</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">SNAPSHOT_RETENTION_DAYS</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">30</span><span class="sh">'</span><span class="p">))</span> <span class="n">METRICS_TABLE</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">METRICS_TABLE</span><span class="sh">'</span><span class="p">]</span> <span class="n">REPORT_BUCKET</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">REPORT_BUCKET</span><span class="sh">'</span><span class="p">]</span> <span class="n">ALERT_TOPIC_ARN</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">ALERT_TOPIC_ARN</span><span class="sh">'</span><span class="p">]</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Runs nightly at 2 AM UTC via EventBridge scheduled rule. Performs: snapshot cleanup, metrics archival, daily report generation. </span><span class="sh">"""</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sh">'</span><span class="s">Nightly maintenance bot started</span><span class="sh">'</span><span class="p">)</span> <span class="n">results</span> <span class="o">=</span> <span class="p">{}</span> <span class="c1"># Task 1: Clean up old auto-created snapshots </span> <span class="n">results</span><span class="p">[</span><span class="sh">'</span><span class="s">snapshot_cleanup</span><span class="sh">'</span><span class="p">]</span> <span class="o">=</span> <span class="nf">cleanup_old_snapshots</span><span class="p">()</span> <span class="c1"># Task 2: Archive daily metrics to S3 </span> <span class="n">results</span><span class="p">[</span><span class="sh">'</span><span class="s">metrics_archival</span><span class="sh">'</span><span class="p">]</span> <span class="o">=</span> <span class="nf">archive_daily_metrics</span><span class="p">()</span> <span class="c1"># Task 3: Generate and send daily ops report </span> <span class="n">results</span><span class="p">[</span><span class="sh">'</span><span class="s">daily_report</span><span class="sh">'</span><span class="p">]</span> <span class="o">=</span> <span class="nf">send_daily_report</span><span class="p">(</span><span class="n">results</span><span class="p">)</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Nightly maintenance complete: </span><span class="si">{</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">results</span><span class="p">)</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="n">results</span> <span class="k">def</span> <span class="nf">cleanup_old_snapshots</span><span class="p">()</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Delete auto-created snapshots older than RETENTION_DAYS</span><span class="sh">"""</span> <span class="n">cutoff_date</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">()</span> <span class="o">-</span> <span class="nf">timedelta</span><span class="p">(</span><span class="n">days</span><span class="o">=</span><span class="n">RETENTION_DAYS</span><span class="p">)</span> <span class="c1"># Find all auto-created snapshots </span> <span class="n">response</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">describe_snapshots</span><span class="p">(</span> <span class="n">OwnerIds</span><span class="o">=</span><span class="p">[</span><span class="sh">'</span><span class="s">self</span><span class="sh">'</span><span class="p">],</span> <span class="n">Filters</span><span class="o">=</span><span class="p">[{</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">tag:AutoCreated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Values</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="sh">'</span><span class="s">true</span><span class="sh">'</span><span class="p">]}]</span> <span class="p">)</span> <span class="n">deleted</span> <span class="o">=</span> <span class="p">[]</span> <span class="n">kept</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">for</span> <span class="n">snapshot</span> <span class="ow">in</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Snapshots</span><span class="sh">'</span><span class="p">]:</span> <span class="n">start_time</span> <span class="o">=</span> <span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">StartTime</span><span class="sh">'</span><span class="p">].</span><span class="nf">replace</span><span class="p">(</span><span class="n">tzinfo</span><span class="o">=</span><span class="bp">None</span><span class="p">)</span> <span class="k">if</span> <span class="n">start_time</span> <span class="o">&lt;</span> <span class="n">cutoff_date</span><span class="p">:</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">delete_snapshot</span><span class="p">(</span><span class="n">SnapshotId</span><span class="o">=</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">])</span> <span class="n">deleted</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">])</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Deleted old snapshot: </span><span class="si">{</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">"</span><span class="s">SnapshotId</span><span class="sh">"</span><span class="p">]</span><span class="si">}</span><span class="s"> </span><span class="sh">'</span> <span class="sa">f</span><span class="sh">'</span><span class="s">(created: </span><span class="si">{</span><span class="n">start_time</span><span class="p">.</span><span class="nf">date</span><span class="p">()</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="k">else</span><span class="p">:</span> <span class="n">kept</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">])</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Snapshot cleanup: deleted=</span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">deleted</span><span class="p">)</span><span class="si">}</span><span class="s">, kept=</span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">kept</span><span class="p">)</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">deleted</span><span class="sh">'</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">deleted</span><span class="p">),</span> <span class="sh">'</span><span class="s">kept</span><span class="sh">'</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">kept</span><span class="p">)}</span> <span class="k">def</span> <span class="nf">archive_daily_metrics</span><span class="p">()</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Archive yesterday</span><span class="sh">'</span><span class="s">s metrics from DynamoDB to S3</span><span class="sh">"""</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="n">METRICS_TABLE</span><span class="p">)</span> <span class="n">yesterday</span> <span class="o">=</span> <span class="p">(</span><span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">()</span> <span class="o">-</span> <span class="nf">timedelta</span><span class="p">(</span><span class="n">days</span><span class="o">=</span><span class="mi">1</span><span class="p">)).</span><span class="nf">strftime</span><span class="p">(</span><span class="sh">'</span><span class="s">%Y-%m-%d</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Scan yesterday's records (use Query with GSI in production) </span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">scan</span><span class="p">(</span> <span class="n">FilterExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">begins_with(#ts, :date)</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeNames</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">#ts</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">timestamp</span><span class="sh">'</span><span class="p">},</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:date</span><span class="sh">'</span><span class="p">:</span> <span class="n">yesterday</span><span class="p">}</span> <span class="p">)</span> <span class="n">records</span> <span class="o">=</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Items</span><span class="sh">'</span><span class="p">]</span> <span class="k">if</span> <span class="n">records</span><span class="p">:</span> <span class="c1"># Write to S3 as JSON Lines </span> <span class="n">s3_key</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">'</span><span class="s">metrics-archive/</span><span class="si">{</span><span class="n">yesterday</span><span class="si">}</span><span class="s">/metrics.jsonl</span><span class="sh">'</span> <span class="n">body</span> <span class="o">=</span> <span class="sh">'</span><span class="se">\n</span><span class="sh">'</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">r</span><span class="p">)</span> <span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">records</span><span class="p">)</span> <span class="n">s3</span><span class="p">.</span><span class="nf">put_object</span><span class="p">(</span> <span class="n">Bucket</span><span class="o">=</span><span class="n">REPORT_BUCKET</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">s3_key</span><span class="p">,</span> <span class="n">Body</span><span class="o">=</span><span class="n">body</span><span class="p">.</span><span class="nf">encode</span><span class="p">(</span><span class="sh">'</span><span class="s">utf-8</span><span class="sh">'</span><span class="p">),</span> <span class="n">ContentType</span><span class="o">=</span><span class="sh">'</span><span class="s">application/x-ndjson</span><span class="sh">'</span> <span class="p">)</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Archived </span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">records</span><span class="p">)</span><span class="si">}</span><span class="s"> records to s3://</span><span class="si">{</span><span class="n">REPORT_BUCKET</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">s3_key</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">records_archived</span><span class="sh">'</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">records</span><span class="p">),</span> <span class="sh">'</span><span class="s">date</span><span class="sh">'</span><span class="p">:</span> <span class="n">yesterday</span><span class="p">}</span> <span class="k">def</span> <span class="nf">send_daily_report</span><span class="p">(</span><span class="n">results</span><span class="p">:</span> <span class="nb">dict</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Send daily ops summary via SNS</span><span class="sh">"""</span> <span class="n">today</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">().</span><span class="nf">strftime</span><span class="p">(</span><span class="sh">'</span><span class="s">%Y-%m-%d</span><span class="sh">'</span><span class="p">)</span> <span class="n">report</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">'</span><span class="s">date</span><span class="sh">'</span><span class="p">:</span> <span class="n">today</span><span class="p">,</span> <span class="sh">'</span><span class="s">maintenance_results</span><span class="sh">'</span><span class="p">:</span> <span class="n">results</span><span class="p">,</span> <span class="sh">'</span><span class="s">generated_at</span><span class="sh">'</span><span class="p">:</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">().</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}</span> <span class="n">sns</span><span class="p">.</span><span class="nf">publish</span><span class="p">(</span> <span class="n">TopicArn</span><span class="o">=</span><span class="n">ALERT_TOPIC_ARN</span><span class="p">,</span> <span class="n">Subject</span><span class="o">=</span><span class="sa">f</span><span class="sh">'</span><span class="s">[Daily Ops Report] </span><span class="si">{</span><span class="n">today</span><span class="si">}</span><span class="sh">'</span><span class="p">,</span> <span class="n">Message</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">report</span><span class="p">,</span> <span class="n">indent</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span> <span class="n">default</span><span class="o">=</span><span class="nb">str</span><span class="p">)</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">report_sent</span><span class="sh">'</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">'</span><span class="s">date</span><span class="sh">'</span><span class="p">:</span> <span class="n">today</span><span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">nightlyMaintenance</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">nightly_maintenance.handler</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">300</span> <span class="c1"># 5 minutes — cleanup may take time</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">SNAPSHOT_RETENTION_DAYS</span><span class="pi">:</span> <span class="s1">'</span><span class="s">30'</span> <span class="na">METRICS_TABLE</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">MetricsTable</span> <span class="na">REPORT_BUCKET</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">ReportBucket</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">rate</span><span class="pi">:</span> <span class="s">cron(0 2 * * ? *)</span> <span class="c1"># 2:00 AM UTC every day</span> <span class="na">enabled</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">destinations</span><span class="pi">:</span> <span class="na">onFailure</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="c1"># alert if the maintenance bot itself fails</span> </code></pre> </div> <h2> Module 3: CloudWatch Alarm Auto-Remediation </h2> <p>Instead of waking up an engineer at 3 AM for a high-CPU alert, trigger a Lambda function to remediate automatically.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># auto_remediation.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">logging</span> <span class="kn">import</span> <span class="n">os</span> <span class="n">logger</span> <span class="o">=</span> <span class="n">logging</span><span class="p">.</span><span class="nf">getLogger</span><span class="p">()</span> <span class="n">logger</span><span class="p">.</span><span class="nf">setLevel</span><span class="p">(</span><span class="n">logging</span><span class="p">.</span><span class="n">INFO</span><span class="p">)</span> <span class="n">ec2</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ec2</span><span class="sh">'</span><span class="p">)</span> <span class="n">autoscaling</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">autoscaling</span><span class="sh">'</span><span class="p">)</span> <span class="n">sns</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">sns</span><span class="sh">'</span><span class="p">)</span> <span class="n">ALERT_TOPIC_ARN</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">ALERT_TOPIC_ARN</span><span class="sh">'</span><span class="p">]</span> <span class="n">ASG_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">AUTO_SCALING_GROUP_NAME</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Triggered by CloudWatch Alarm via SNS → Lambda. Parses alarm state and takes automated remediation action. </span><span class="sh">"""</span> <span class="c1"># CloudWatch alarms arrive via SNS — parse the message </span> <span class="k">for</span> <span class="n">record</span> <span class="ow">in</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">]:</span> <span class="n">message</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">Sns</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">Message</span><span class="sh">'</span><span class="p">])</span> <span class="n">alarm_name</span> <span class="o">=</span> <span class="n">message</span><span class="p">[</span><span class="sh">'</span><span class="s">AlarmName</span><span class="sh">'</span><span class="p">]</span> <span class="n">alarm_state</span> <span class="o">=</span> <span class="n">message</span><span class="p">[</span><span class="sh">'</span><span class="s">NewStateValue</span><span class="sh">'</span><span class="p">]</span> <span class="n">old_state</span> <span class="o">=</span> <span class="n">message</span><span class="p">[</span><span class="sh">'</span><span class="s">OldStateValue</span><span class="sh">'</span><span class="p">]</span> <span class="n">reason</span> <span class="o">=</span> <span class="n">message</span><span class="p">[</span><span class="sh">'</span><span class="s">NewStateReason</span><span class="sh">'</span><span class="p">]</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Alarm: </span><span class="si">{</span><span class="n">alarm_name</span><span class="si">}</span><span class="s"> | </span><span class="si">{</span><span class="n">old_state</span><span class="si">}</span><span class="s"> → </span><span class="si">{</span><span class="n">alarm_state</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Reason: </span><span class="si">{</span><span class="n">reason</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">if</span> <span class="n">alarm_state</span> <span class="o">!=</span> <span class="sh">'</span><span class="s">ALARM</span><span class="sh">'</span><span class="p">:</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sh">'</span><span class="s">Alarm resolved or insufficient data. No action needed.</span><span class="sh">'</span><span class="p">)</span> <span class="k">continue</span> <span class="c1"># Route to appropriate remediation based on alarm name </span> <span class="k">if</span> <span class="sh">'</span><span class="s">high-cpu</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">alarm_name</span><span class="p">.</span><span class="nf">lower</span><span class="p">():</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">remediate_high_cpu</span><span class="p">(</span><span class="n">alarm_name</span><span class="p">)</span> <span class="k">elif</span> <span class="sh">'</span><span class="s">disk-space</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">alarm_name</span><span class="p">.</span><span class="nf">lower</span><span class="p">():</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">remediate_disk_space</span><span class="p">(</span><span class="n">alarm_name</span><span class="p">)</span> <span class="k">else</span><span class="p">:</span> <span class="n">result</span> <span class="o">=</span> <span class="p">{</span><span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">no_handler</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">alarm</span><span class="sh">'</span><span class="p">:</span> <span class="n">alarm_name</span><span class="p">}</span> <span class="n">logger</span><span class="p">.</span><span class="nf">warning</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">No remediation handler for alarm: </span><span class="si">{</span><span class="n">alarm_name</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Notify ops team of automated action taken </span> <span class="n">sns</span><span class="p">.</span><span class="nf">publish</span><span class="p">(</span> <span class="n">TopicArn</span><span class="o">=</span><span class="n">ALERT_TOPIC_ARN</span><span class="p">,</span> <span class="n">Subject</span><span class="o">=</span><span class="sa">f</span><span class="sh">'</span><span class="s">[Auto-Remediation] </span><span class="si">{</span><span class="n">alarm_name</span><span class="si">}</span><span class="sh">'</span><span class="p">,</span> <span class="n">Message</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">'</span><span class="s">alarm</span><span class="sh">'</span><span class="p">:</span> <span class="n">alarm_name</span><span class="p">,</span> <span class="sh">'</span><span class="s">state</span><span class="sh">'</span><span class="p">:</span> <span class="n">alarm_state</span><span class="p">,</span> <span class="sh">'</span><span class="s">reason</span><span class="sh">'</span><span class="p">:</span> <span class="n">reason</span><span class="p">,</span> <span class="sh">'</span><span class="s">automated_action</span><span class="sh">'</span><span class="p">:</span> <span class="n">result</span> <span class="p">},</span> <span class="n">indent</span><span class="o">=</span><span class="mi">2</span><span class="p">)</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">processed</span><span class="sh">'</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">])}</span> <span class="k">def</span> <span class="nf">remediate_high_cpu</span><span class="p">(</span><span class="n">alarm_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Scale out the Auto Scaling Group to handle high CPU load</span><span class="sh">"""</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">ASG_NAME</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">skipped</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">reason</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">ASG_NAME not configured</span><span class="sh">'</span><span class="p">}</span> <span class="c1"># Get current desired capacity </span> <span class="n">asg</span> <span class="o">=</span> <span class="n">autoscaling</span><span class="p">.</span><span class="nf">describe_auto_scaling_groups</span><span class="p">(</span> <span class="n">AutoScalingGroupNames</span><span class="o">=</span><span class="p">[</span><span class="n">ASG_NAME</span><span class="p">]</span> <span class="p">)[</span><span class="sh">'</span><span class="s">AutoScalingGroups</span><span class="sh">'</span><span class="p">][</span><span class="mi">0</span><span class="p">]</span> <span class="n">current_desired</span> <span class="o">=</span> <span class="n">asg</span><span class="p">[</span><span class="sh">'</span><span class="s">DesiredCapacity</span><span class="sh">'</span><span class="p">]</span> <span class="n">max_size</span> <span class="o">=</span> <span class="n">asg</span><span class="p">[</span><span class="sh">'</span><span class="s">MaxSize</span><span class="sh">'</span><span class="p">]</span> <span class="n">new_desired</span> <span class="o">=</span> <span class="nf">min</span><span class="p">(</span><span class="n">current_desired</span> <span class="o">+</span> <span class="mi">2</span><span class="p">,</span> <span class="n">max_size</span><span class="p">)</span> <span class="c1"># add 2 instances, respect max </span> <span class="k">if</span> <span class="n">new_desired</span> <span class="o">==</span> <span class="n">current_desired</span><span class="p">:</span> <span class="n">logger</span><span class="p">.</span><span class="nf">warning</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">ASG </span><span class="si">{</span><span class="n">ASG_NAME</span><span class="si">}</span><span class="s"> already at max capacity (</span><span class="si">{</span><span class="n">max_size</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">at_max_capacity</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">current</span><span class="sh">'</span><span class="p">:</span> <span class="n">current_desired</span><span class="p">}</span> <span class="n">autoscaling</span><span class="p">.</span><span class="nf">set_desired_capacity</span><span class="p">(</span> <span class="n">AutoScalingGroupName</span><span class="o">=</span><span class="n">ASG_NAME</span><span class="p">,</span> <span class="n">DesiredCapacity</span><span class="o">=</span><span class="n">new_desired</span><span class="p">,</span> <span class="n">HonorCooldown</span><span class="o">=</span><span class="bp">False</span> <span class="c1"># bypass cooldown for alarm-triggered scaling </span> <span class="p">)</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Scaled out </span><span class="si">{</span><span class="n">ASG_NAME</span><span class="si">}</span><span class="s">: </span><span class="si">{</span><span class="n">current_desired</span><span class="si">}</span><span class="s"> → </span><span class="si">{</span><span class="n">new_desired</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">scale_out</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">asg</span><span class="sh">'</span><span class="p">:</span> <span class="n">ASG_NAME</span><span class="p">,</span> <span class="sh">'</span><span class="s">previous_desired</span><span class="sh">'</span><span class="p">:</span> <span class="n">current_desired</span><span class="p">,</span> <span class="sh">'</span><span class="s">new_desired</span><span class="sh">'</span><span class="p">:</span> <span class="n">new_desired</span> <span class="p">}</span> <span class="k">def</span> <span class="nf">remediate_disk_space</span><span class="p">(</span><span class="n">alarm_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="sh">"""</span><span class="s">Log disk space alert — automated cleanup is risky, notify instead</span><span class="sh">"""</span> <span class="n">logger</span><span class="p">.</span><span class="nf">warning</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Disk space alarm: </span><span class="si">{</span><span class="n">alarm_name</span><span class="si">}</span><span class="s">. Manual review recommended.</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">action</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">notification_sent</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">reason</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">disk cleanup requires manual review</span><span class="sh">'</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">autoRemediation</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">auto_remediation.handler</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">AUTO_SCALING_GROUP_NAME</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">AppAutoScalingGroup</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">sns</span><span class="pi">:</span> <span class="na">arn</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">CloudWatchAlarmTopic</span> <span class="na">topicName</span><span class="pi">:</span> <span class="s">cloudwatch-alarms</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="c1"># CloudWatch alarm that triggers remediation</span> <span class="na">HighCpuAlarm</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::CloudWatch::Alarm</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">AlarmName</span><span class="pi">:</span> <span class="s">app-server-high-cpu</span> <span class="na">MetricName</span><span class="pi">:</span> <span class="s">CPUUtilization</span> <span class="na">Namespace</span><span class="pi">:</span> <span class="s">AWS/EC2</span> <span class="na">Statistic</span><span class="pi">:</span> <span class="s">Average</span> <span class="na">Period</span><span class="pi">:</span> <span class="m">300</span> <span class="c1"># 5-minute average</span> <span class="na">EvaluationPeriods</span><span class="pi">:</span> <span class="m">2</span> <span class="c1"># must be high for 10 minutes</span> <span class="na">Threshold</span><span class="pi">:</span> <span class="m">80</span> <span class="na">ComparisonOperator</span><span class="pi">:</span> <span class="s">GreaterThanThreshold</span> <span class="na">AlarmActions</span><span class="pi">:</span> <span class="pi">-</span> <span class="kt">!Ref</span> <span class="s">CloudWatchAlarmTopic</span> <span class="c1"># → SNS → Lambda</span> <span class="na">Dimensions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">AutoScalingGroupName</span> <span class="na">Value</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">AppAutoScalingGroup</span> </code></pre> </div> <h2> Putting It All Together: The Complete IaC Stack </h2> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — complete maintenance bot stack</span> <span class="na">service</span><span class="pi">:</span> <span class="s">serverless-maintenance-bot</span> <span class="na">provider</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aws</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">python3.12</span> <span class="na">region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="na">iam</span><span class="pi">:</span> <span class="na">role</span><span class="pi">:</span> <span class="na">statements</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Effect</span><span class="pi">:</span> <span class="s">Allow</span> <span class="na">Action</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">ec2:Describe*</span> <span class="pi">-</span> <span class="s">ec2:CreateSnapshot</span> <span class="pi">-</span> <span class="s">ec2:DeleteSnapshot</span> <span class="pi">-</span> <span class="s">ec2:CreateTags</span> <span class="pi">-</span> <span class="s">autoscaling:Describe*</span> <span class="pi">-</span> <span class="s">autoscaling:SetDesiredCapacity</span> <span class="pi">-</span> <span class="s">dynamodb:Scan</span> <span class="pi">-</span> <span class="s">dynamodb:Query</span> <span class="pi">-</span> <span class="s">s3:PutObject</span> <span class="pi">-</span> <span class="s">sns:Publish</span> <span class="na">Resource</span><span class="pi">:</span> <span class="s1">'</span><span class="s">*'</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">autoSnapshot</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">auto_snapshot.handler</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">eventBridge</span><span class="pi">:</span> <span class="na">pattern</span><span class="pi">:</span> <span class="na">source</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">aws.ec2</span><span class="pi">]</span> <span class="na">detail-type</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">EC2 Instance State-change Notification</span><span class="pi">]</span> <span class="na">detail</span><span class="pi">:</span> <span class="na">state</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">stopped</span><span class="pi">,</span> <span class="nv">stopping</span><span class="pi">]</span> <span class="na">nightlyMaintenance</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">nightly_maintenance.handler</span> <span class="na">timeout</span><span class="pi">:</span> <span class="m">300</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">SNAPSHOT_RETENTION_DAYS</span><span class="pi">:</span> <span class="s1">'</span><span class="s">30'</span> <span class="na">METRICS_TABLE</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">MetricsTable</span> <span class="na">REPORT_BUCKET</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">ReportBucket</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">rate</span><span class="pi">:</span> <span class="s">cron(0 2 * * ? *)</span> <span class="na">destinations</span><span class="pi">:</span> <span class="na">onFailure</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">autoRemediation</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">auto_remediation.handler</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">ALERT_TOPIC_ARN</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="na">AUTO_SCALING_GROUP_NAME</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">AppAutoScalingGroup</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">sns</span><span class="pi">:</span> <span class="na">arn</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">CloudWatchAlarmTopic</span> <span class="na">topicName</span><span class="pi">:</span> <span class="s">cloudwatch-alarms</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">OpsAlertTopic</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::SNS::Topic</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">TopicName</span><span class="pi">:</span> <span class="s">ops-alerts</span> <span class="na">Subscription</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Protocol</span><span class="pi">:</span> <span class="s">email</span> <span class="na">Endpoint</span><span class="pi">:</span> <span class="s">${env:OPS_EMAIL}</span> <span class="na">CloudWatchAlarmTopic</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::SNS::Topic</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">TopicName</span><span class="pi">:</span> <span class="s">cloudwatch-alarms</span> <span class="na">MetricsTable</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::DynamoDB::Table</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">TableName</span><span class="pi">:</span> <span class="s">app-metrics</span> <span class="na">BillingMode</span><span class="pi">:</span> <span class="s">PAY_PER_REQUEST</span> <span class="na">AttributeDefinitions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">AttributeName</span><span class="pi">:</span> <span class="s">id</span> <span class="na">AttributeType</span><span class="pi">:</span> <span class="s">S</span> <span class="na">KeySchema</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">AttributeName</span><span class="pi">:</span> <span class="s">id</span> <span class="na">KeyType</span><span class="pi">:</span> <span class="s">HASH</span> <span class="na">ReportBucket</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::S3::Bucket</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">BucketName</span><span class="pi">:</span> <span class="s">${self:service}-reports-${aws:accountId}</span> <span class="na">LifecycleConfiguration</span><span class="pi">:</span> <span class="na">Rules</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Id</span><span class="pi">:</span> <span class="s">archive-old-reports</span> <span class="na">Status</span><span class="pi">:</span> <span class="s">Enabled</span> <span class="na">Transitions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">TransitionInDays</span><span class="pi">:</span> <span class="m">90</span> <span class="na">StorageClass</span><span class="pi">:</span> <span class="s">GLACIER</span> </code></pre> </div> <h2> Operational Best Practices </h2> <h3> 1. Always Set a Failure Destination </h3> <p>Your maintenance bot failing silently is worse than it not existing. Every async Lambda function should have a failure destination.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">destinations</span><span class="pi">:</span> <span class="na">onFailure</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">OpsAlertTopic</span> <span class="c1"># you WILL know when the bot breaks</span> </code></pre> </div> <h3> 2. Make Every Handler Idempotent </h3> <p>EventBridge and SNS guarantee <strong>at-least-once delivery</strong>. Your function may be called twice for the same event. Design for it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Idempotent snapshot creation — check before creating </span><span class="k">def</span> <span class="nf">create_snapshot_if_not_exists</span><span class="p">(</span><span class="n">volume_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">instance_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="n">existing</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">describe_snapshots</span><span class="p">(</span> <span class="n">Filters</span><span class="o">=</span><span class="p">[</span> <span class="p">{</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">volume-id</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Values</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="n">volume_id</span><span class="p">]},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">tag:InstanceId</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Values</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="n">instance_id</span><span class="p">]},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">tag:AutoCreated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Values</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="sh">'</span><span class="s">true</span><span class="sh">'</span><span class="p">]},</span> <span class="c1"># Only check snapshots from the last hour </span> <span class="p">],</span> <span class="n">OwnerIds</span><span class="o">=</span><span class="p">[</span><span class="sh">'</span><span class="s">self</span><span class="sh">'</span><span class="p">]</span> <span class="p">)</span> <span class="k">if</span> <span class="n">existing</span><span class="p">[</span><span class="sh">'</span><span class="s">Snapshots</span><span class="sh">'</span><span class="p">]:</span> <span class="n">snap_id</span> <span class="o">=</span> <span class="n">existing</span><span class="p">[</span><span class="sh">'</span><span class="s">Snapshots</span><span class="sh">'</span><span class="p">][</span><span class="mi">0</span><span class="p">][</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">]</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Snapshot already exists: </span><span class="si">{</span><span class="n">snap_id</span><span class="si">}</span><span class="s">. Skipping duplicate.</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="n">snap_id</span> <span class="c1"># Create new snapshot </span> <span class="n">snapshot</span> <span class="o">=</span> <span class="n">ec2</span><span class="p">.</span><span class="nf">create_snapshot</span><span class="p">(</span><span class="n">VolumeId</span><span class="o">=</span><span class="n">volume_id</span><span class="p">,</span> <span class="p">...)</span> <span class="k">return</span> <span class="n">snapshot</span><span class="p">[</span><span class="sh">'</span><span class="s">SnapshotId</span><span class="sh">'</span><span class="p">]</span> </code></pre> </div> <h3> 3. Use Dead Letter Queues for Critical Automation </h3> <p>For automation that must not be silently skipped, add an SQS DLQ:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">functions</span><span class="pi">:</span> <span class="na">autoSnapshot</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">auto_snapshot.handler</span> <span class="na">deadLetter</span><span class="pi">:</span> <span class="na">targetArn</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">AutoSnapshotDLQ.Arn</span> </code></pre> </div> <h3> 4. Tag Everything Your Bot Creates </h3> <p>Every resource created by automation should be tagged — makes auditing, cost allocation, and cleanup trivial.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">Tags</span><span class="o">=</span><span class="p">[</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">AutoCreated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">true</span><span class="sh">'</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">CreatedBy</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">serverless-maintenance-bot</span><span class="sh">'</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">LambdaFunction</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="n">context</span><span class="p">.</span><span class="n">function_name</span><span class="p">},</span> <span class="p">{</span><span class="sh">'</span><span class="s">Key</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">CreatedAt</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">().</span><span class="nf">isoformat</span><span class="p">()}</span> <span class="p">]</span> </code></pre> </div> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Module</th> <th>Trigger</th> <th>Action</th> </tr> </thead> <tbody> <tr> <td><strong>Auto-Snapshot</strong></td> <td>EventBridge (EC2 state change)</td> <td>Create EBS snapshots on unexpected stop</td> </tr> <tr> <td><strong>Nightly Maintenance</strong></td> <td>EventBridge (cron 2 AM)</td> <td>Cleanup, archive, daily report</td> </tr> <tr> <td><strong>Auto-Remediation</strong></td> <td>CloudWatch Alarm → SNS</td> <td>Scale out ASG on high CPU</td> </tr> </tbody> </table></div> <p>The serverless maintenance bot replaces what used to require a dedicated ops server, a monitoring daemon, and an on-call engineer for routine events. The entire stack deploys in minutes, costs cents per month in execution time, and handles failures more reliably than any cron job.</p> <p><strong>The best ops automation is the kind that runs itself.</strong></p> <p><em>Next in this series: **Part 6 — Serverless Workflows: Orchestrating Multi-Step Pipelines with AWS Step Functions</em>**</p> automation aws devops serverless James Lee Tue, 26 May 2026 07:52:23 +0000 https://dev.to/jamesli/traffic-routing-in-aws-lambda-canary-deployments-weighted-aliases-bluegreen-1bfa https://dev.to/jamesli/traffic-routing-in-aws-lambda-canary-deployments-weighted-aliases-bluegreen-1bfa <p>Deploying a new version of a Lambda function sounds simple — upload code, done. But in production, you never want 100% of traffic hitting an untested version simultaneously.</p> <p>How does Lambda route traffic between versions? How do you do a canary release that shifts 5% of traffic to a new version and automatically rolls back on errors? How does async traffic flow differently from sync traffic?</p> <p>This article covers Lambda's traffic routing model from the inside out.</p> <h2> Lambda Versions and Aliases: The Foundation </h2> <p>Before traffic routing makes sense, you need to understand Lambda's versioning model.</p> <h3> Versions </h3> <p>Every time you publish a Lambda function, AWS creates an immutable <strong>version</strong> — a snapshot of your code and configuration at that point in time.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>$LATEST → always points to the latest unpublished code (mutable) :1 → first published version (immutable) :2 → second published version (immutable) :3 → third published version (immutable) </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Publish a new version via boto3 </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="n">response</span> <span class="o">=</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">publish_version</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">,</span> <span class="n">Description</span><span class="o">=</span><span class="sh">'</span><span class="s">v2.1.0 — faster logo lookup with DynamoDB cache</span><span class="sh">'</span> <span class="p">)</span> <span class="n">version_arn</span> <span class="o">=</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">FunctionArn</span><span class="sh">'</span><span class="p">]</span> <span class="n">version_number</span> <span class="o">=</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Version</span><span class="sh">'</span><span class="p">]</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Published version </span><span class="si">{</span><span class="n">version_number</span><span class="si">}</span><span class="s">: </span><span class="si">{</span><span class="n">version_arn</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># → Published version 42: arn:aws:lambda:us-east-1:123:function:brand-api:42 </span></code></pre> </div> <p>Versions are immutable — you cannot change the code of <code>:42</code> after it's published. This is the foundation of safe deployments.</p> <h3> Aliases </h3> <p>An <strong>alias</strong> is a named pointer to a specific version. Your API Gateway, EventBridge rules, and other triggers should always point to an alias — never to <code>$LATEST</code> or a version number directly.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>brand-api:prod → points to :42 (production traffic) brand-api:staging → points to :43 (staging traffic) brand-api:canary → points to :42 (95%) + :43 (5%) ← weighted routing </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Create or update an alias </span><span class="n">lambda_client</span><span class="p">.</span><span class="nf">create_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="sh">'</span><span class="s">42</span><span class="sh">'</span><span class="p">,</span> <span class="n">Description</span><span class="o">=</span><span class="sh">'</span><span class="s">Production alias</span><span class="sh">'</span> <span class="p">)</span> <span class="c1"># Update alias to point to new version </span><span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="sh">'</span><span class="s">43</span><span class="sh">'</span> <span class="p">)</span> </code></pre> </div> <h2> Traffic Splitting: Canary Deployments with Weighted Aliases </h2> <p>The most powerful traffic routing feature in Lambda is <strong>weighted aliases</strong> — you can split traffic between two versions with any percentage split.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>brand-api:prod ├── version :42 → 95% of traffic └── version :43 → 5% of traffic ← canary </code></pre> </div> <p>This is Lambda's equivalent of what Knative achieves with Istio VirtualService traffic splitting — but built natively into the Lambda service.</p> <h3> Implementing a Canary Deployment </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># deploy_canary.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">time</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="n">cloudwatch</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">cloudwatch</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">deploy_canary</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">new_version</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">canary_percent</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">5</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Deploy a new Lambda version as a canary. Routes canary_percent% of traffic to new version. </span><span class="sh">"""</span> <span class="c1"># Get current prod alias </span> <span class="n">alias</span> <span class="o">=</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">get_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span> <span class="p">)</span> <span class="n">current_version</span> <span class="o">=</span> <span class="n">alias</span><span class="p">[</span><span class="sh">'</span><span class="s">FunctionVersion</span><span class="sh">'</span><span class="p">]</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Current prod version: </span><span class="si">{</span><span class="n">current_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Deploying canary: version </span><span class="si">{</span><span class="n">new_version</span><span class="si">}</span><span class="s"> at </span><span class="si">{</span><span class="n">canary_percent</span><span class="si">}</span><span class="s">%</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Update alias with weighted routing </span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">current_version</span><span class="p">,</span> <span class="c1"># stable version gets majority </span> <span class="n">RoutingConfig</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">AdditionalVersionWeights</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span> <span class="n">new_version</span><span class="p">:</span> <span class="n">canary_percent</span> <span class="o">/</span> <span class="mi">100</span> <span class="c1"># e.g., 0.05 = 5% </span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Canary deployed: </span><span class="si">{</span><span class="mi">100</span> <span class="o">-</span> <span class="n">canary_percent</span><span class="si">}</span><span class="s">% → v</span><span class="si">{</span><span class="n">current_version</span><span class="si">}</span><span class="s">, </span><span class="sh">'</span> <span class="sa">f</span><span class="sh">'</span><span class="si">{</span><span class="n">canary_percent</span><span class="si">}</span><span class="s">% → v</span><span class="si">{</span><span class="n">new_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">promote_canary</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">new_version</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Promote canary to 100% — full deployment</span><span class="sh">"""</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">new_version</span><span class="p">,</span> <span class="n">RoutingConfig</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">AdditionalVersionWeights</span><span class="sh">'</span><span class="p">:</span> <span class="p">{}</span> <span class="c1"># clear weighted routing </span> <span class="p">}</span> <span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Canary promoted: 100% traffic now on version </span><span class="si">{</span><span class="n">new_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">rollback_canary</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">stable_version</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Roll back — remove canary, restore 100% to stable version</span><span class="sh">"""</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">stable_version</span><span class="p">,</span> <span class="n">RoutingConfig</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">AdditionalVersionWeights</span><span class="sh">'</span><span class="p">:</span> <span class="p">{}</span> <span class="c1"># clear canary </span> <span class="p">}</span> <span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Rolled back: 100% traffic restored to version </span><span class="si">{</span><span class="n">stable_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Usage </span><span class="nf">deploy_canary</span><span class="p">(</span><span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">,</span> <span class="n">new_version</span><span class="o">=</span><span class="sh">'</span><span class="s">43</span><span class="sh">'</span><span class="p">,</span> <span class="n">canary_percent</span><span class="o">=</span><span class="mi">5</span><span class="p">)</span> </code></pre> </div> <h3> Automated Canary with CloudWatch Alarms (CodeDeploy) </h3> <p>Manually managing canary percentages is error-prone. AWS CodeDeploy integrates with Lambda to automate the shift — and automatically roll back if CloudWatch alarms fire.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — automated canary deployment</span> <span class="na">provider</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">aws</span> <span class="na">deploymentMethod</span><span class="pi">:</span> <span class="s">direct</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandApi</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">deploymentSettings</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">Canary10Percent5Minutes</span> <span class="c1"># shift 10% now, 100% after 5 minutes</span> <span class="na">alias</span><span class="pi">:</span> <span class="s">prod</span> <span class="na">alarms</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">BrandApiErrorRateAlarm</span> <span class="c1"># rollback if this alarm fires</span> <span class="pi">-</span> <span class="s">BrandApiLatencyAlarm</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># CloudFormation — define the rollback alarms</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">BrandApiErrorRateAlarm</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::CloudWatch::Alarm</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">AlarmName</span><span class="pi">:</span> <span class="s">brand-api-error-rate-canary</span> <span class="na">MetricName</span><span class="pi">:</span> <span class="s">Errors</span> <span class="na">Namespace</span><span class="pi">:</span> <span class="s">AWS/Lambda</span> <span class="na">Dimensions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">FunctionName</span> <span class="na">Value</span><span class="pi">:</span> <span class="s">brand-api</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">Resource</span> <span class="na">Value</span><span class="pi">:</span> <span class="s">brand-api:prod</span> <span class="c1"># monitor the alias, not a specific version</span> <span class="na">Statistic</span><span class="pi">:</span> <span class="s">Sum</span> <span class="na">Period</span><span class="pi">:</span> <span class="m">60</span> <span class="na">EvaluationPeriods</span><span class="pi">:</span> <span class="m">2</span> <span class="na">Threshold</span><span class="pi">:</span> <span class="m">5</span> <span class="c1"># rollback if &gt;5 errors in 2 minutes</span> <span class="na">ComparisonOperator</span><span class="pi">:</span> <span class="s">GreaterThanThreshold</span> <span class="na">BrandApiLatencyAlarm</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::CloudWatch::Alarm</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">AlarmName</span><span class="pi">:</span> <span class="s">brand-api-p99-latency-canary</span> <span class="na">MetricName</span><span class="pi">:</span> <span class="s">Duration</span> <span class="na">Namespace</span><span class="pi">:</span> <span class="s">AWS/Lambda</span> <span class="na">Dimensions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">FunctionName</span> <span class="na">Value</span><span class="pi">:</span> <span class="s">brand-api</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">Resource</span> <span class="na">Value</span><span class="pi">:</span> <span class="s">brand-api:prod</span> <span class="na">ExtendedStatistic</span><span class="pi">:</span> <span class="s">p99</span> <span class="na">Period</span><span class="pi">:</span> <span class="m">60</span> <span class="na">EvaluationPeriods</span><span class="pi">:</span> <span class="m">2</span> <span class="na">Threshold</span><span class="pi">:</span> <span class="m">2000</span> <span class="c1"># rollback if P99 &gt; 2000ms</span> <span class="na">ComparisonOperator</span><span class="pi">:</span> <span class="s">GreaterThanThreshold</span> </code></pre> </div> <p><strong>CodeDeploy deployment types for Lambda</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Type</th> <th>Behavior</th> </tr> </thead> <tbody> <tr> <td><code>AllAtOnce</code></td> <td>100% traffic shifts immediately (no canary)</td> </tr> <tr> <td><code>Canary10Percent5Minutes</code></td> <td>10% for 5 min, then 100%</td> </tr> <tr> <td><code>Canary10Percent10Minutes</code></td> <td>10% for 10 min, then 100%</td> </tr> <tr> <td><code>Canary10Percent15Minutes</code></td> <td>10% for 15 min, then 100%</td> </tr> <tr> <td><code>Linear10PercentEvery1Minute</code></td> <td>+10% every minute until 100%</td> </tr> <tr> <td><code>Linear10PercentEvery2Minutes</code></td> <td>+10% every 2 minutes until 100%</td> </tr> </tbody> </table></div> <h2> How Traffic Flows: Sync vs Async </h2> <p>Traffic routing in Lambda isn't just about version weights — the entire flow differs between synchronous and asynchronous invocations.</p> <h3> Synchronous Traffic Flow (API Gateway) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client Request │ ▼ API Gateway │ (points to alias: brand-api:prod) ▼ Lambda Service (weighted routing) ├── 95% → Execution Environment running v42 └── 5% → Execution Environment running v43 │ ▼ Response returned to API Gateway → Client </code></pre> </div> <p>Key characteristics:</p> <ul> <li> <strong>Direct path</strong>: client waits for the response</li> <li> <strong>No buffering</strong>: if Lambda is throttled, API Gateway immediately returns <code>429</code> to the client</li> <li> <strong>Version routing</strong>: Lambda's weighted alias determines which version handles each request </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py — use context to log which version is handling the request </span><span class="kn">import</span> <span class="n">os</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># Log version info for canary monitoring </span> <span class="n">function_version</span> <span class="o">=</span> <span class="n">context</span><span class="p">.</span><span class="n">function_version</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Handled by version: </span><span class="si">{</span><span class="n">function_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Your business logic </span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">pathParameters</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="k">return</span> <span class="nf">get_brand</span><span class="p">(</span><span class="n">brand_id</span><span class="p">)</span> </code></pre> </div> <h3> Asynchronous Traffic Flow (SQS / EventBridge) </h3> <p>Async traffic introduces a <strong>buffer layer</strong> between the event source and Lambda execution. This is the key architectural difference.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Event Source (S3 upload / EventBridge rule) │ ▼ Lambda Internal Queue ← traffic is buffered here │ ▼ (Lambda polls the queue) Lambda Service (weighted routing) ├── 95% → Execution Environment running v42 └── 5% → Execution Environment running v43 │ ▼ Result → CloudWatch Logs → Success destination (SNS/SQS/EventBridge/Lambda) → Failure destination (DLQ) on repeated failures </code></pre> </div> <p>The buffer is critical: it decouples the event producer from Lambda's availability. If Lambda is throttled or scaling out, events queue up and are processed when capacity is available — nothing is dropped.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py — async handler with destination routing </span><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Async handler — processes S3 upload events. On success: result routed to success-destination SQS. On failure: after 2 retries, routed to DLQ. </span><span class="sh">"""</span> <span class="k">for</span> <span class="n">record</span> <span class="ow">in</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">]:</span> <span class="n">bucket</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">bucket</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">name</span><span class="sh">'</span><span class="p">]</span> <span class="n">key</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">object</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">key</span><span class="sh">'</span><span class="p">]</span> <span class="k">try</span><span class="p">:</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">process_brand_asset</span><span class="p">(</span><span class="n">bucket</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Successfully processed: </span><span class="si">{</span><span class="n">key</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">processed</span><span class="sh">'</span><span class="p">:</span> <span class="n">key</span><span class="p">,</span> <span class="sh">'</span><span class="s">result</span><span class="sh">'</span><span class="p">:</span> <span class="n">result</span><span class="p">}</span> <span class="k">except</span> <span class="nb">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Failed to process </span><span class="si">{</span><span class="n">key</span><span class="si">}</span><span class="s">: </span><span class="si">{</span><span class="n">e</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">raise</span> <span class="c1"># re-raise to trigger Lambda retry + eventual DLQ routing </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — configure async destinations</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">processBrandAsset</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">destinations</span><span class="pi">:</span> <span class="na">onSuccess</span><span class="pi">:</span> <span class="s">arn:aws:sqs:us-east-1:123:brand-asset-success</span> <span class="na">onFailure</span><span class="pi">:</span> <span class="s">arn:aws:sqs:us-east-1:123:brand-asset-dlq</span> <span class="na">maximumRetryAttempts</span><span class="pi">:</span> <span class="m">2</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">s3</span><span class="pi">:</span> <span class="na">bucket</span><span class="pi">:</span> <span class="s">brand-assets</span> <span class="na">event</span><span class="pi">:</span> <span class="s">s3:ObjectCreated:*</span> </code></pre> </div> <h2> Concurrency Control at the Traffic Layer </h2> <p>In Knative's model, the <code>queue-proxy</code> sidecar acts as a per-pod concurrency limiter — it queues excess requests locally before forwarding to the user container, and reports metrics to the autoscaler.</p> <p>AWS Lambda implements an equivalent mechanism natively, without requiring a sidecar:</p> <h3> Per-Function Concurrency Limiting </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Set maximum concurrency — Lambda queues excess async requests </span><span class="n">lambda_client</span><span class="p">.</span><span class="nf">put_function_concurrency</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-logo-processor</span><span class="sh">'</span><span class="p">,</span> <span class="n">ReservedConcurrentExecutions</span><span class="o">=</span><span class="mi">50</span> <span class="c1"># max 50 simultaneous executions </span><span class="p">)</span> </code></pre> </div> <p>For <strong>synchronous</strong> invocations: requests beyond the concurrency limit are immediately throttled (<code>429</code>).</p> <p>For <strong>asynchronous</strong> invocations: requests beyond the concurrency limit are queued in Lambda's internal event queue (up to 6 hours) and retried as capacity becomes available.</p> <h3> Per-Alias Concurrency (Provisioned Concurrency on Aliases) </h3> <p>You can apply Provisioned Concurrency specifically to an alias, ensuring the production alias always has warm environments while the canary alias uses on-demand scaling:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Apply provisioned concurrency to prod alias only </span><span class="n">lambda_client</span><span class="p">.</span><span class="nf">put_provisioned_concurrency_config</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">,</span> <span class="n">Qualifier</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="c1"># the alias name </span> <span class="n">ProvisionedConcurrentExecutions</span><span class="o">=</span><span class="mi">20</span> <span class="p">)</span> <span class="c1"># Canary alias uses on-demand (may cold start, but that's acceptable for 5% traffic) # No provisioned concurrency set on 'canary' alias </span></code></pre> </div> <h2> Blue/Green Deployment Pattern </h2> <p>For changes that are too risky for gradual canary (e.g., breaking schema changes), use a full blue/green deployment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Blue environment: brand-api:prod → version :42 (100% traffic) Green environment: brand-api:green → version :43 (0% traffic, fully tested) After validation: Blue environment: brand-api:prod → version :43 (100% traffic, instant cutover) Green environment: brand-api:green → version :42 (kept for instant rollback) </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># blue_green_deploy.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">blue_green_cutover</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">new_version</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Instant traffic cutover from current prod version to new version. Previous version kept on </span><span class="sh">'</span><span class="s">previous</span><span class="sh">'</span><span class="s"> alias for instant rollback. </span><span class="sh">"""</span> <span class="c1"># Get current prod version (this becomes 'blue' / previous) </span> <span class="n">current</span> <span class="o">=</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">get_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span> <span class="p">)</span> <span class="n">current_version</span> <span class="o">=</span> <span class="n">current</span><span class="p">[</span><span class="sh">'</span><span class="s">FunctionVersion</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># Preserve current version on 'previous' alias for rollback </span> <span class="k">try</span><span class="p">:</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">previous</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">current_version</span> <span class="p">)</span> <span class="k">except</span> <span class="n">lambda_client</span><span class="p">.</span><span class="n">exceptions</span><span class="p">.</span><span class="n">ResourceNotFoundException</span><span class="p">:</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">create_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">previous</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">current_version</span> <span class="p">)</span> <span class="c1"># Cut over prod to new version (instant, no gradual shift) </span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">new_version</span><span class="p">,</span> <span class="n">RoutingConfig</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">AdditionalVersionWeights</span><span class="sh">'</span><span class="p">:</span> <span class="p">{}}</span> <span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Cutover complete: prod now on v</span><span class="si">{</span><span class="n">new_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Rollback available: run rollback() to restore v</span><span class="si">{</span><span class="n">current_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">instant_rollback</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Roll back to previous version instantly</span><span class="sh">"""</span> <span class="n">previous</span> <span class="o">=</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">get_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">previous</span><span class="sh">'</span> <span class="p">)</span> <span class="n">previous_version</span> <span class="o">=</span> <span class="n">previous</span><span class="p">[</span><span class="sh">'</span><span class="s">FunctionVersion</span><span class="sh">'</span><span class="p">]</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">update_alias</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">FunctionVersion</span><span class="o">=</span><span class="n">previous_version</span><span class="p">,</span> <span class="n">RoutingConfig</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">AdditionalVersionWeights</span><span class="sh">'</span><span class="p">:</span> <span class="p">{}}</span> <span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Rolled back: prod restored to v</span><span class="si">{</span><span class="n">previous_version</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> </code></pre> </div> <h2> Deployment Strategy Decision Guide </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>How risky is this deployment? │ ├── Low risk (config change, minor bug fix) │ └── AllAtOnce — deploy directly to 100% │ ├── Medium risk (new feature, refactor) │ └── Canary — start at 5–10%, monitor errors/latency, │ auto-promote or rollback via CodeDeploy alarms │ ├── High risk (breaking change, new external dependency) │ └── Blue/Green — full parallel environment, │ instant cutover after validation, instant rollback │ └── Schema/data migration (irreversible changes) └── Feature flags in code + gradual rollout (decouple deployment from feature activation) </code></pre> </div> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Concept</th> <th>AWS Lambda Implementation</th> </tr> </thead> <tbody> <tr> <td><strong>Traffic splitting</strong></td> <td>Weighted aliases (e.g., 95% v42 / 5% v43)</td> </tr> <tr> <td><strong>Canary deployment</strong></td> <td>CodeDeploy + Lambda aliases + CloudWatch alarms</td> </tr> <tr> <td><strong>Blue/Green</strong></td> <td>Two aliases pointing to different versions, instant cutover</td> </tr> <tr> <td><strong>Async traffic buffering</strong></td> <td>Lambda internal event queue (up to 6 hours)</td> </tr> <tr> <td><strong>Concurrency control</strong></td> <td>Reserved concurrency + Provisioned Concurrency per alias</td> </tr> <tr> <td><strong>Automatic rollback</strong></td> <td>CodeDeploy monitors alarms, rolls back if threshold breached</td> </tr> </tbody> </table></div> <p>The key insight: <strong>Lambda's alias + versioning system is its traffic routing layer</strong>. Every production Lambda function should be invoked via an alias — never via <code>$LATEST</code>. This single practice unlocks canary deployments, blue/green releases, and instant rollbacks.</p> <p><em>Next in this series: **Part 5 — Event-Driven Automation: Building a Serverless Maintenance Bot with Lambda &amp; EventBridge</em>**</p> aws cicd devops serverless James Lee Tue, 26 May 2026 07:51:32 +0000 https://dev.to/jamesli/auto-scaling-in-aws-lambda-concurrency-throttling-scale-to-zero-km8 https://dev.to/jamesli/auto-scaling-in-aws-lambda-concurrency-throttling-scale-to-zero-km8 <p>One of the most compelling promises of serverless is "infinite scale" — your function handles 1 request or 100,000 requests, and you never touch a config file.</p> <p>But that promise comes with nuance. Lambda's scaling model has hard limits, specific behaviors under load, and failure modes that will surprise you in production if you haven't studied them.</p> <p>In this article, we'll break down exactly how Lambda scales: the concurrency model, how scale-out works internally, what happens when you hit limits, and how to design for scale in production.</p> <h2> The Fundamental Unit: Concurrency </h2> <p>Lambda doesn't scale by CPU or memory — it scales by <strong>concurrency</strong>.</p> <p><strong>Concurrency</strong> = the number of function instances handling requests simultaneously.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Time → Request A: [===========] (200ms) Request B: [===========] (200ms) Request C: [===========] (200ms) Concurrency at peak = 3 simultaneous executions </code></pre> </div> <p>Each concurrent execution runs in its own isolated execution environment (a Firecracker microVM, as we covered in Part 1). There is no shared state between concurrent executions.</p> <p><strong>The scaling formula is simple</strong>:</p> <p>$$\text{Concurrency} = \text{Requests per second} \times \text{Average duration (seconds)}$$</p> <p>Example: 500 requests/second, each taking 200ms (0.2s):</p> <p>$$\text{Concurrency} = 500 \times 0.2 = 100 \text{ concurrent executions}$$</p> <p>This means you need 100 execution environments running simultaneously. If your function takes longer (say, 2 seconds per request), the same traffic requires 1,000 concurrent environments.</p> <blockquote> <p><strong>Key insight</strong>: Slow functions are expensive at scale — not just in duration cost, but in the concurrency they consume. Optimizing function duration directly reduces the concurrency you need.</p> </blockquote> <h2> Three Types of Concurrency </h2> <p>AWS Lambda has three concurrency concepts you need to understand:</p> <h3> 1. Account-Level Concurrency Limit </h3> <p>Every AWS account has a <strong>regional concurrency limit</strong> — by default, <strong>1,000 concurrent executions</strong> per region. This is a hard ceiling shared across ALL Lambda functions in that region.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Account concurrency pool: 1,000 ├── function-A: using 400 ├── function-B: using 350 ├── function-C: using 200 └── Available: 50 </code></pre> </div> <p>If all 1,000 slots are consumed, any new invocation is <strong>throttled</strong> — Lambda returns a <code>429 TooManyRequestsException</code>.</p> <p>You can request a limit increase via AWS Support (up to tens of thousands for production workloads).</p> <h3> 2. Reserved Concurrency </h3> <p>You can <strong>reserve</strong> a fixed number of concurrency slots for a specific function. This does two things:</p> <ul> <li> <strong>Guarantees</strong> the function always has those slots available (other functions can't consume them)</li> <li> <strong>Caps</strong> the function at that maximum (it can never exceed the reserved amount) </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Set reserved concurrency via boto3 </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">put_function_concurrency</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="sh">'</span><span class="s">brand-logo-processor</span><span class="sh">'</span><span class="p">,</span> <span class="n">ReservedConcurrentExecutions</span><span class="o">=</span><span class="mi">200</span> <span class="c1"># max 200 concurrent executions </span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Account pool: 1,000 ├── brand-logo-processor: RESERVED 200 (guaranteed + capped) ├── brand-api: RESERVED 300 (guaranteed + capped) └── Unreserved pool: 500 (shared by all other functions) </code></pre> </div> <p><strong>When to use reserved concurrency</strong>:</p> <ul> <li>Protect a downstream database from being overwhelmed (cap Lambda concurrency to match DB connection pool size)</li> <li>Guarantee capacity for a critical function during high traffic</li> <li>Prevent a runaway function from consuming the entire account pool</li> </ul> <h3> 3. Provisioned Concurrency </h3> <p>As covered in Part 1, Provisioned Concurrency pre-initializes execution environments so they're ready to handle requests with zero cold start. It's a subset of reserved concurrency.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Reserved: 200 └── Provisioned: 50 (always warm, zero cold start) └── On-demand: 150 (scale up as needed, may cold start) </code></pre> </div> <h2> How Lambda Scales Out: The Internal Mechanics </h2> <p>When traffic increases, Lambda needs to spin up new execution environments. This is where the internal scaling mechanics matter.</p> <h3> The Burst Scaling Limit </h3> <p>Lambda doesn't scale from 0 to 10,000 instantly. There's a <strong>burst concurrency limit</strong> — the maximum number of new execution environments Lambda can add <strong>per minute</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Region</th> <th>Initial Burst Limit</th> <th>Scale Rate After Burst</th> </tr> </thead> <tbody> <tr> <td>us-east-1, us-west-2, eu-west-1</td> <td>3,000</td> <td>+500/minute</td> </tr> <tr> <td>All other regions</td> <td>500–1,000</td> <td>+500/minute</td> </tr> </tbody> </table></div> <p><strong>What this means in practice</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Minute 0: Traffic spike hits. Lambda starts at current concurrency. Minute 1: +500 new environments provisioned Minute 2: +500 more Minute 3: +500 more ...until account limit is reached or traffic stabilizes </code></pre> </div> <p>If your traffic spikes from 0 to 5,000 concurrent requests instantly (e.g., a viral event), Lambda <strong>cannot</strong> serve all of them immediately. The first ~3,000 are handled (in us-east-1), and the rest are throttled until the next minute's burst capacity is available.</p> <p><strong>Mitigation</strong>: Use Provisioned Concurrency for latency-sensitive functions that may experience sudden spikes.</p> <h3> Scale-to-Zero </h3> <p>Unlike traditional servers or Kubernetes deployments, Lambda scales all the way down to <strong>zero</strong> when there's no traffic. No idle execution environments, no cost.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Traffic pattern: 08:00 ████████████████ (high traffic — many environments active) 12:00 ████ (moderate traffic) 03:00 (no traffic — zero environments, zero cost) </code></pre> </div> <p>This is fundamentally different from Kubernetes HPA (Horizontal Pod Autoscaler), which cannot scale to zero. HPA monitors CPU/memory metrics — if there are no pods running, there are no metrics to monitor, so HPA can't trigger scale-up from zero.</p> <p>Lambda solves this with a different model: the trigger mechanism itself (API Gateway, SQS, EventBridge) acts as the "activator" — it wakes Lambda up when traffic arrives, even from zero.</p> <h2> The Metrics → Decision → Scale Loop </h2> <p>Lambda's auto-scaling follows a three-phase loop that mirrors how all serious auto-scalers work:</p> <h3> Phase 1: Metrics Collection </h3> <p>Lambda continuously monitors:</p> <ul> <li> <strong>Concurrent executions</strong>: how many environments are actively processing</li> <li> <strong>Throttle rate</strong>: percentage of invocations being throttled</li> <li> <strong>Queue depth</strong> (for SQS/Kinesis triggers): how many unprocessed messages</li> </ul> <p>These metrics are available in CloudWatch and can be used to build custom scaling alarms.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Monitor Lambda concurrency with CloudWatch </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">cloudwatch</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">cloudwatch</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Get concurrent executions for the last 5 minutes </span><span class="n">response</span> <span class="o">=</span> <span class="n">cloudwatch</span><span class="p">.</span><span class="nf">get_metric_statistics</span><span class="p">(</span> <span class="n">Namespace</span><span class="o">=</span><span class="sh">'</span><span class="s">AWS/Lambda</span><span class="sh">'</span><span class="p">,</span> <span class="n">MetricName</span><span class="o">=</span><span class="sh">'</span><span class="s">ConcurrentExecutions</span><span class="sh">'</span><span class="p">,</span> <span class="n">Dimensions</span><span class="o">=</span><span class="p">[{</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">FunctionName</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Value</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">brand-api</span><span class="sh">'</span><span class="p">}],</span> <span class="n">StartTime</span><span class="o">=</span><span class="sh">'</span><span class="s">2024-01-01T00:00:00Z</span><span class="sh">'</span><span class="p">,</span> <span class="n">EndTime</span><span class="o">=</span><span class="sh">'</span><span class="s">2024-01-01T00:05:00Z</span><span class="sh">'</span><span class="p">,</span> <span class="n">Period</span><span class="o">=</span><span class="mi">60</span><span class="p">,</span> <span class="n">Statistics</span><span class="o">=</span><span class="p">[</span><span class="sh">'</span><span class="s">Maximum</span><span class="sh">'</span><span class="p">]</span> <span class="p">)</span> <span class="k">for</span> <span class="n">datapoint</span> <span class="ow">in</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Datapoints</span><span class="sh">'</span><span class="p">]:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Max concurrency at </span><span class="si">{</span><span class="n">datapoint</span><span class="p">[</span><span class="sh">'</span><span class="s">Timestamp</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">: </span><span class="si">{</span><span class="n">datapoint</span><span class="p">[</span><span class="sh">'</span><span class="s">Maximum</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h3> Phase 2: Scaling Decision </h3> <p>Lambda's internal scheduler makes scaling decisions based on incoming request rate and available environments. The decision logic follows two modes (similar to Knative's Stable/Panic modes):</p> <p><strong>Normal mode</strong> (gradual traffic increase):</p> <ul> <li>Scale out proportionally to match incoming request rate</li> <li>Target: keep concurrency utilization below ~70% of reserved limit</li> </ul> <p><strong>Burst mode</strong> (sudden traffic spike):</p> <ul> <li>Scale as fast as the burst limit allows (+500 environments/minute after initial burst)</li> <li>Prioritize getting new environments online over perfect efficiency</li> </ul> <h3> Phase 3: Execution </h3> <p>Once the scaling decision is made, Lambda provisions new execution environments (triggering cold starts for the new instances) and routes traffic to them. Existing warm environments continue handling requests uninterrupted.</p> <h2> Throttling: What Happens When You Hit the Limit </h2> <p>When Lambda can't scale further (account limit reached, reserved concurrency exhausted, or burst limit hit), it <strong>throttles</strong> — rejects new invocations with a <code>429 ThrottlingException</code>.</p> <p>Throttling behavior differs by invocation type:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Invocation Type</th> <th>Throttle Behavior</th> </tr> </thead> <tbody> <tr> <td> <strong>Synchronous</strong> (API Gateway)</td> <td>Returns <code>429</code> immediately to caller</td> </tr> <tr> <td> <strong>Asynchronous</strong> (S3, EventBridge)</td> <td>Retries for up to 6 hours with exponential backoff</td> </tr> <tr> <td><strong>SQS</strong></td> <td>Message stays in queue, retried based on visibility timeout</td> </tr> <tr> <td><strong>Kinesis/DynamoDB Streams</strong></td> <td>Shard processing pauses, retried until success or expiry</td> </tr> </tbody> </table></div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Handle throttling in synchronous callers </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">time</span> <span class="kn">from</span> <span class="n">botocore.exceptions</span> <span class="kn">import</span> <span class="n">ClientError</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">invoke_with_retry</span><span class="p">(</span><span class="n">function_name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">payload</span><span class="p">:</span> <span class="nb">dict</span><span class="p">,</span> <span class="n">max_retries</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">3</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Invoke Lambda with exponential backoff on throttling</span><span class="sh">"""</span> <span class="k">for</span> <span class="n">attempt</span> <span class="ow">in</span> <span class="nf">range</span><span class="p">(</span><span class="n">max_retries</span><span class="p">):</span> <span class="k">try</span><span class="p">:</span> <span class="n">response</span> <span class="o">=</span> <span class="n">lambda_client</span><span class="p">.</span><span class="nf">invoke</span><span class="p">(</span> <span class="n">FunctionName</span><span class="o">=</span><span class="n">function_name</span><span class="p">,</span> <span class="n">InvocationType</span><span class="o">=</span><span class="sh">'</span><span class="s">RequestResponse</span><span class="sh">'</span><span class="p">,</span> <span class="n">Payload</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">payload</span><span class="p">)</span> <span class="p">)</span> <span class="k">return</span> <span class="n">response</span> <span class="k">except</span> <span class="n">ClientError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">if</span> <span class="n">e</span><span class="p">.</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Error</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">Code</span><span class="sh">'</span><span class="p">]</span> <span class="o">==</span> <span class="sh">'</span><span class="s">TooManyRequestsException</span><span class="sh">'</span><span class="p">:</span> <span class="n">wait_time</span> <span class="o">=</span> <span class="p">(</span><span class="mi">2</span> <span class="o">**</span> <span class="n">attempt</span><span class="p">)</span> <span class="o">+</span> <span class="n">random</span><span class="p">.</span><span class="nf">uniform</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Throttled. Retrying in </span><span class="si">{</span><span class="n">wait_time</span><span class="si">:</span><span class="p">.</span><span class="mi">1</span><span class="n">f</span><span class="si">}</span><span class="s">s (attempt </span><span class="si">{</span><span class="n">attempt</span> <span class="o">+</span> <span class="mi">1</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">max_retries</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="n">time</span><span class="p">.</span><span class="nf">sleep</span><span class="p">(</span><span class="n">wait_time</span><span class="p">)</span> <span class="k">else</span><span class="p">:</span> <span class="k">raise</span> <span class="k">raise</span> <span class="nc">Exception</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Max retries exceeded for </span><span class="si">{</span><span class="n">function_name</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> </code></pre> </div> <h2> Production Scaling Patterns </h2> <h3> Pattern 1: Protect Downstream Services with Reserved Concurrency </h3> <p>The most common production issue: Lambda scales to 500 concurrent executions, each opening a database connection, overwhelming your RDS instance (which supports ~100 connections).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Bad: Lambda scales freely, destroys your database </span><span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">conn</span> <span class="o">=</span> <span class="n">psycopg2</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="n">DATABASE_URL</span><span class="p">)</span> <span class="c1"># new connection every invocation! </span> <span class="c1"># ... </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Good: Use connection pooling + reserved concurrency cap </span><span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools</span> <span class="kn">import</span> <span class="n">Logger</span> <span class="n">logger</span> <span class="o">=</span> <span class="nc">Logger</span><span class="p">()</span> <span class="c1"># RDS Proxy handles connection pooling — Lambda connects to proxy </span><span class="n">DB_PROXY_ENDPOINT</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">DB_PROXY_ENDPOINT</span><span class="sh">'</span><span class="p">]</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># RDS Proxy multiplexes Lambda's connections to RDS </span> <span class="n">conn</span> <span class="o">=</span> <span class="nf">get_db_connection</span><span class="p">(</span><span class="n">DB_PROXY_ENDPOINT</span><span class="p">)</span> <span class="c1"># ... </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — cap Lambda concurrency to match RDS Proxy pool</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandDataProcessor</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">reservedConcurrency</span><span class="pi">:</span> <span class="m">100</span> <span class="c1"># RDS Proxy supports 100 connections</span> </code></pre> </div> <h3> Pattern 2: Use SQS as a Concurrency Buffer </h3> <p>For high-volume async workloads, put SQS between your event source and Lambda. SQS absorbs traffic spikes; Lambda processes at a controlled rate.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>High-volume events → SQS Queue → Lambda (controlled concurrency) [buffer] [max 50 concurrent] </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">processBrandAsset</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">reservedConcurrency</span><span class="pi">:</span> <span class="m">50</span> <span class="c1"># never more than 50 concurrent</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">sqs</span><span class="pi">:</span> <span class="na">arn</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">BrandAssetQueue.Arn</span> <span class="na">batchSize</span><span class="pi">:</span> <span class="m">5</span> <span class="na">maximumBatchingWindow</span><span class="pi">:</span> <span class="m">10</span> </code></pre> </div> <h3> Pattern 3: Scheduled Scaling with Provisioned Concurrency </h3> <p>For predictable traffic patterns (business hours spike), pre-scale with Provisioned Concurrency on a schedule.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># scale_provisioned.py — run this as a scheduled Lambda or local script </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">lambda_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">)</span> <span class="n">aas_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">application-autoscaling</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Register the function alias as a scalable target </span><span class="n">aas_client</span><span class="p">.</span><span class="nf">register_scalable_target</span><span class="p">(</span> <span class="n">ServiceNamespace</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">,</span> <span class="n">ResourceId</span><span class="o">=</span><span class="sh">'</span><span class="s">function:brand-api:prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScalableDimension</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda:function:ProvisionedConcurrency</span><span class="sh">'</span><span class="p">,</span> <span class="n">MinCapacity</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span> <span class="n">MaxCapacity</span><span class="o">=</span><span class="mi">100</span> <span class="p">)</span> <span class="c1"># Scale up at 8 AM UTC (business hours start) </span><span class="n">aas_client</span><span class="p">.</span><span class="nf">put_scheduled_action</span><span class="p">(</span> <span class="n">ServiceNamespace</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">,</span> <span class="n">ResourceId</span><span class="o">=</span><span class="sh">'</span><span class="s">function:brand-api:prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScheduledActionName</span><span class="o">=</span><span class="sh">'</span><span class="s">scale-up-morning</span><span class="sh">'</span><span class="p">,</span> <span class="n">Schedule</span><span class="o">=</span><span class="sh">'</span><span class="s">cron(0 8 * * ? *)</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScalableDimension</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda:function:ProvisionedConcurrency</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScalableTargetAction</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">MinCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">50</span><span class="p">,</span> <span class="sh">'</span><span class="s">MaxCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">50</span><span class="p">}</span> <span class="p">)</span> <span class="c1"># Scale down at 8 PM UTC </span><span class="n">aas_client</span><span class="p">.</span><span class="nf">put_scheduled_action</span><span class="p">(</span> <span class="n">ServiceNamespace</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">,</span> <span class="n">ResourceId</span><span class="o">=</span><span class="sh">'</span><span class="s">function:brand-api:prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScheduledActionName</span><span class="o">=</span><span class="sh">'</span><span class="s">scale-down-evening</span><span class="sh">'</span><span class="p">,</span> <span class="n">Schedule</span><span class="o">=</span><span class="sh">'</span><span class="s">cron(0 20 * * ? *)</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScalableDimension</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda:function:ProvisionedConcurrency</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScalableTargetAction</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">MinCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="sh">'</span><span class="s">MaxCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">5</span><span class="p">}</span> <span class="p">)</span> </code></pre> </div> <h3> Pattern 4: Monitor and Alert on Throttling </h3> <p>Never let throttling go unnoticed in production.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># CloudFormation / serverless.yml — throttle alarm</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">LambdaThrottleAlarm</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::CloudWatch::Alarm</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">AlarmName</span><span class="pi">:</span> <span class="s">brand-api-throttles</span> <span class="na">AlarmDescription</span><span class="pi">:</span> <span class="s">Lambda throttling detected</span> <span class="na">MetricName</span><span class="pi">:</span> <span class="s">Throttles</span> <span class="na">Namespace</span><span class="pi">:</span> <span class="s">AWS/Lambda</span> <span class="na">Dimensions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">FunctionName</span> <span class="na">Value</span><span class="pi">:</span> <span class="s">brand-api</span> <span class="na">Statistic</span><span class="pi">:</span> <span class="s">Sum</span> <span class="na">Period</span><span class="pi">:</span> <span class="m">60</span> <span class="na">EvaluationPeriods</span><span class="pi">:</span> <span class="m">1</span> <span class="na">Threshold</span><span class="pi">:</span> <span class="m">10</span> <span class="c1"># alert if &gt;10 throttles per minute</span> <span class="na">ComparisonOperator</span><span class="pi">:</span> <span class="s">GreaterThanThreshold</span> <span class="na">AlarmActions</span><span class="pi">:</span> <span class="pi">-</span> <span class="kt">!Ref</span> <span class="s">AlertSNSTopic</span> </code></pre> </div> <h2> Scaling Limits Reference </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Limit</th> <th>Default</th> <th>Adjustable</th> </tr> </thead> <tbody> <tr> <td>Account concurrency (per region)</td> <td>1,000</td> <td>✅ Yes (via Support)</td> </tr> <tr> <td>Burst concurrency (us-east-1)</td> <td>3,000 initial</td> <td>❌ No</td> </tr> <tr> <td>Scale rate after burst</td> <td>+500/minute</td> <td>❌ No</td> </tr> <tr> <td>Reserved concurrency (per function)</td> <td>Up to account limit</td> <td>✅ Yes</td> </tr> <tr> <td>Provisioned concurrency (per function)</td> <td>Up to reserved limit</td> <td>✅ Yes</td> </tr> <tr> <td>Max execution duration</td> <td>15 minutes</td> <td>❌ No</td> </tr> </tbody> </table></div> <h2> Summary </h2> <p>Lambda's auto-scaling model is powerful but not magic. Here's what to internalize:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Concept</th> <th>Key Point</th> </tr> </thead> <tbody> <tr> <td><strong>Concurrency = RPS × Duration</strong></td> <td>Slow functions consume more concurrency at the same traffic level</td> </tr> <tr> <td><strong>Burst limit</strong></td> <td>Lambda can't go from 0 to 10,000 instantly — plan for gradual scale-out</td> </tr> <tr> <td><strong>Scale-to-zero</strong></td> <td>Unlike Kubernetes HPA, Lambda scales all the way to zero</td> </tr> <tr> <td><strong>Reserved concurrency</strong></td> <td>Both a guarantee AND a cap — use it to protect downstream systems</td> </tr> <tr> <td><strong>Throttling</strong></td> <td>Sync = immediate 429; Async = retried for up to 6 hours</td> </tr> <tr> <td><strong>SQS as buffer</strong></td> <td>Absorbs traffic spikes, lets Lambda process at a controlled rate</td> </tr> </tbody> </table></div> <p>The teams that run Lambda smoothly in production aren't the ones who trust "infinite scale" — they're the ones who set reserved concurrency, configure DLQs, monitor throttle rates, and design their downstream systems to handle Lambda's scaling behavior.</p> <p><em>Next in this series: **Part 4 — Traffic Routing in Serverless: Canary Deployments, Weighted Aliases &amp; Blue/Green with Lambda</em>**</p> architecture aws performance serverless James Lee Tue, 26 May 2026 07:50:19 +0000 https://dev.to/jamesli/lambda-triggers-explained-s3-eventbridge-api-gateway-sqs-2hac https://dev.to/jamesli/lambda-triggers-explained-s3-eventbridge-api-gateway-sqs-2hac <p>A Lambda function sitting idle does nothing. What makes it useful is what <em>triggers</em> it.</p> <p>Triggers are the connective tissue of serverless architectures. They define how your function integrates with the rest of your system — whether that's responding to an HTTP request, reacting to a file upload, processing a message queue, or running on a schedule.</p> <p>In this article, we'll break down the most important Lambda trigger types, explain the critical difference between synchronous and asynchronous invocation, and show you real-world patterns for each.</p> <h2> Synchronous vs Asynchronous Invocation </h2> <p>Before diving into specific triggers, you need to understand the most fundamental distinction in Lambda invocation models.</p> <h3> Synchronous Invocation </h3> <p>The caller waits. Lambda executes your function immediately and returns the result directly to the caller.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client → API Gateway → Lambda → (executes) → returns response → API Gateway → Client [waits..................................] </code></pre> </div> <p><strong>Behavior on error</strong>: Lambda returns the error immediately to the caller. <strong>No automatic retry</strong>. The caller is responsible for retry logic.</p> <p><strong>AWS triggers that use synchronous invocation</strong>:</p> <ul> <li>API Gateway (REST API &amp; HTTP API)</li> <li>Application Load Balancer</li> <li>Lambda Function URLs</li> <li>Cognito (custom auth triggers)</li> <li>CloudFront (Lambda@Edge)</li> </ul> <h3> Asynchronous Invocation </h3> <p>The caller doesn't wait. Lambda places the event in an internal queue and immediately returns a <code>202 Accepted</code>. A separate process picks up the event and executes your function.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client → S3 Event → Lambda Queue → (executes eventually) → [no response to caller] [returns 202 immediately] </code></pre> </div> <p><strong>Behavior on error</strong>: Lambda <strong>automatically retries up to 2 times</strong> with exponential backoff. If all retries fail, the event can be routed to a Dead Letter Queue (DLQ) or an EventBridge Pipes destination for custom failure handling.</p> <p><strong>AWS triggers that use asynchronous invocation</strong>:</p> <ul> <li>S3 (object events)</li> <li>SNS</li> <li>EventBridge (scheduled rules &amp; event bus)</li> <li>SES</li> <li>CloudWatch Logs (subscription filters)</li> </ul> <blockquote> <p><strong>Why this matters</strong>: Choosing the wrong invocation model leads to silent data loss (no DLQ on async failures) or poor user experience (blocking calls that should be async). Know your model before you build.</p> </blockquote> <h2> Trigger Type 1: Scheduled Triggers (EventBridge Rules) </h2> <p>The simplest trigger type. Run your function on a time-based schedule — like cron, but serverless.</p> <p><strong>Common use cases</strong>:</p> <ul> <li>Hourly batch data collection and report generation</li> <li>Daily cleanup jobs (purge expired records at midnight)</li> <li>Periodic health checks and monitoring</li> <li>Sending scheduled notifications </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timedelta</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brand_metrics</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Triggered by EventBridge every hour. Aggregates brand API usage metrics and writes a summary record. </span><span class="sh">"""</span> <span class="n">now</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">()</span> <span class="n">one_hour_ago</span> <span class="o">=</span> <span class="n">now</span> <span class="o">-</span> <span class="nf">timedelta</span><span class="p">(</span><span class="n">hours</span><span class="o">=</span><span class="mi">1</span><span class="p">)</span> <span class="c1"># Query last hour's invocations </span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">query</span><span class="p">(</span> <span class="n">IndexName</span><span class="o">=</span><span class="sh">'</span><span class="s">timestamp-index</span><span class="sh">'</span><span class="p">,</span> <span class="n">KeyConditionExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">#ts BETWEEN :start AND :end</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeNames</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">#ts</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">timestamp</span><span class="sh">'</span><span class="p">},</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">:start</span><span class="sh">'</span><span class="p">:</span> <span class="n">one_hour_ago</span><span class="p">.</span><span class="nf">isoformat</span><span class="p">(),</span> <span class="sh">'</span><span class="s">:end</span><span class="sh">'</span><span class="p">:</span> <span class="n">now</span><span class="p">.</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}</span> <span class="p">)</span> <span class="n">total_calls</span> <span class="o">=</span> <span class="nf">len</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Items</span><span class="sh">'</span><span class="p">])</span> <span class="c1"># Write hourly summary </span> <span class="n">table</span><span class="p">.</span><span class="nf">put_item</span><span class="p">(</span><span class="n">Item</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">summary-</span><span class="si">{</span><span class="n">now</span><span class="p">.</span><span class="nf">strftime</span><span class="p">(</span><span class="sh">"</span><span class="s">%Y%m%d-%H</span><span class="sh">"</span><span class="p">)</span><span class="si">}</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">timestamp</span><span class="sh">'</span><span class="p">:</span> <span class="n">now</span><span class="p">.</span><span class="nf">isoformat</span><span class="p">(),</span> <span class="sh">'</span><span class="s">total_calls</span><span class="sh">'</span><span class="p">:</span> <span class="n">total_calls</span><span class="p">,</span> <span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">hourly_summary</span><span class="sh">'</span> <span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Hourly summary written: </span><span class="si">{</span><span class="n">total_calls</span><span class="si">}</span><span class="s"> calls in the last hour</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">processed</span><span class="sh">'</span><span class="p">:</span> <span class="n">total_calls</span><span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">hourlyMetrics</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">rate</span><span class="pi">:</span> <span class="s">rate(1 hour)</span> <span class="c1"># every hour</span> <span class="c1"># Or use cron syntax:</span> <span class="c1"># - schedule:</span> <span class="c1"># rate: cron(0 0 * * ? *) # midnight UTC daily</span> </code></pre> </div> <p><strong>Key behaviors</strong>:</p> <ul> <li>EventBridge scheduled rules use <strong>asynchronous invocation</strong> </li> <li>If your function fails, Lambda retries up to 2 times</li> <li>Always configure a DLQ for scheduled jobs — silent failures in batch jobs are dangerous </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># Add a DLQ for failure handling</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">hourlyMetrics</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">destinations</span><span class="pi">:</span> <span class="na">onFailure</span><span class="pi">:</span> <span class="s">arn:aws:sqs:us-east-1:123456789:hourly-metrics-dlq</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">rate</span><span class="pi">:</span> <span class="s">rate(1 hour)</span> </code></pre> </div> <h2> Trigger Type 2: S3 Object Triggers </h2> <p>S3 triggers fire when objects are created, modified, or deleted in a bucket. This is one of the most powerful async trigger patterns in AWS.</p> <p><strong>Common use cases</strong>:</p> <ul> <li>Image/video transcoding when a file is uploaded</li> <li>Automatic data pipeline ingestion (CSV → DynamoDB)</li> <li>Log file processing</li> <li>Thumbnail generation </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">urllib.parse</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">)</span> <span class="n">rekognition</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">rekognition</span><span class="sh">'</span><span class="p">)</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brand_logos</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Triggered when a new logo image is uploaded to S3. Runs Rekognition label detection and stores results in DynamoDB. </span><span class="sh">"""</span> <span class="k">for</span> <span class="n">record</span> <span class="ow">in</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">]:</span> <span class="n">bucket</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">bucket</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">name</span><span class="sh">'</span><span class="p">]</span> <span class="n">key</span> <span class="o">=</span> <span class="n">urllib</span><span class="p">.</span><span class="n">parse</span><span class="p">.</span><span class="nf">unquote_plus</span><span class="p">(</span><span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">object</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">key</span><span class="sh">'</span><span class="p">])</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Processing: s3://</span><span class="si">{</span><span class="n">bucket</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">key</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Run Rekognition label detection </span> <span class="n">response</span> <span class="o">=</span> <span class="n">rekognition</span><span class="p">.</span><span class="nf">detect_labels</span><span class="p">(</span> <span class="n">Image</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">S3Object</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span><span class="sh">'</span><span class="s">Bucket</span><span class="sh">'</span><span class="p">:</span> <span class="n">bucket</span><span class="p">,</span> <span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">:</span> <span class="n">key</span><span class="p">}},</span> <span class="n">MaxLabels</span><span class="o">=</span><span class="mi">10</span><span class="p">,</span> <span class="n">MinConfidence</span><span class="o">=</span><span class="mi">80</span> <span class="p">)</span> <span class="n">labels</span> <span class="o">=</span> <span class="p">[</span><span class="n">label</span><span class="p">[</span><span class="sh">'</span><span class="s">Name</span><span class="sh">'</span><span class="p">]</span> <span class="k">for</span> <span class="n">label</span> <span class="ow">in</span> <span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Labels</span><span class="sh">'</span><span class="p">]]</span> <span class="c1"># Store results in DynamoDB </span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="sh">'</span><span class="s">/</span><span class="sh">'</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span> <span class="c1"># e.g., "nike/logo.png" → "nike" </span> <span class="n">table</span><span class="p">.</span><span class="nf">put_item</span><span class="p">(</span><span class="n">Item</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">imageKey</span><span class="sh">'</span><span class="p">:</span> <span class="n">key</span><span class="p">,</span> <span class="sh">'</span><span class="s">labels</span><span class="sh">'</span><span class="p">:</span> <span class="n">labels</span><span class="p">,</span> <span class="sh">'</span><span class="s">processedAt</span><span class="sh">'</span><span class="p">:</span> <span class="n">context</span><span class="p">.</span><span class="n">aws_request_id</span> <span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Stored </span><span class="si">{</span><span class="nf">len</span><span class="p">(</span><span class="n">labels</span><span class="p">)</span><span class="si">}</span><span class="s"> labels for brand: </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">processed</span><span class="sh">'</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">])}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">processLogo</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">s3</span><span class="pi">:</span> <span class="na">bucket</span><span class="pi">:</span> <span class="s">brand-assets-bucket</span> <span class="na">event</span><span class="pi">:</span> <span class="s">s3:ObjectCreated:*</span> <span class="c1"># fires on any upload</span> <span class="na">rules</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">prefix</span><span class="pi">:</span> <span class="s">logos/</span> <span class="c1"># only files in logos/ folder</span> <span class="pi">-</span> <span class="na">suffix</span><span class="pi">:</span> <span class="s">.png</span> <span class="c1"># only PNG files</span> </code></pre> </div> <p><strong>S3 event filter rules</strong> — this is where S3 triggers get powerful:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Filter</th> <th>Example</th> <th>Effect</th> </tr> </thead> <tbody> <tr> <td><code>prefix</code></td> <td><code>logos/</code></td> <td>Only trigger for objects in the <code>logos/</code> folder</td> </tr> <tr> <td><code>suffix</code></td> <td><code>.mp4</code></td> <td>Only trigger for MP4 files</td> </tr> <tr> <td>Combined</td> <td> <code>prefix: raw/</code> + <code>suffix: .csv</code> </td> <td>Only raw CSV uploads</td> </tr> </tbody> </table></div> <p><strong>Key behaviors</strong>:</p> <ul> <li>S3 triggers use <strong>asynchronous invocation</strong> </li> <li>S3 guarantees <strong>at-least-once delivery</strong> — your function may receive duplicate events for the same object</li> <li>Always make your S3 handlers <strong>idempotent</strong> (safe to run twice on the same object) </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Idempotent pattern: check if already processed </span><span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">for</span> <span class="n">record</span> <span class="ow">in</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">]:</span> <span class="n">key</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">object</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">key</span><span class="sh">'</span><span class="p">]</span> <span class="n">etag</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">s3</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">object</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">eTag</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># Check if this exact version was already processed </span> <span class="n">existing</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">imageKey</span><span class="sh">'</span><span class="p">:</span> <span class="n">key</span><span class="p">})</span> <span class="k">if</span> <span class="n">existing</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">Item</span><span class="sh">'</span><span class="p">,</span> <span class="p">{}).</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">etag</span><span class="sh">'</span><span class="p">)</span> <span class="o">==</span> <span class="n">etag</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Already processed </span><span class="si">{</span><span class="n">key</span><span class="si">}</span><span class="s"> (etag: </span><span class="si">{</span><span class="n">etag</span><span class="si">}</span><span class="s">), skipping</span><span class="sh">'</span><span class="p">)</span> <span class="k">continue</span> <span class="c1"># Process... </span></code></pre> </div> <h2> Trigger Type 3: API Gateway (Synchronous HTTP Triggers) </h2> <p>API Gateway + Lambda is the most common serverless pattern — over 70% of serverless applications use this combination. It's how you build HTTP APIs without managing servers.</p> <p><strong>Two options in AWS</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th>REST API (v1)</th> <th>HTTP API (v2)</th> </tr> </thead> <tbody> <tr> <td>Latency</td> <td>~6ms added</td> <td>~1ms added</td> </tr> <tr> <td>Cost</td> <td>Higher</td> <td>~70% cheaper</td> </tr> <tr> <td>Features</td> <td>Full (WAF, caching, usage plans)</td> <td>Simplified</td> </tr> <tr> <td>Payload format</td> <td>v1</td> <td>v2</td> </tr> <tr> <td>Best for</td> <td>Enterprise APIs needing advanced features</td> <td>Most modern APIs</td> </tr> </tbody> </table></div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py — HTTP API (v2 payload format) </span><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brands</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> GET /brand/{brandId} Returns brand metadata from DynamoDB. </span><span class="sh">"""</span> <span class="c1"># HTTP API v2 event structure </span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">pathParameters</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="n">http_method</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">requestContext</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">http</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">method</span><span class="sh">'</span><span class="p">]</span> <span class="k">if</span> <span class="n">http_method</span> <span class="o">!=</span> <span class="sh">'</span><span class="s">GET</span><span class="sh">'</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">405</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">Method not allowed</span><span class="sh">'</span><span class="p">})</span> <span class="p">}</span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">})</span> <span class="k">if</span> <span class="sh">'</span><span class="s">Item</span><span class="sh">'</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">response</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">404</span><span class="p">,</span> <span class="sh">'</span><span class="s">headers</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span><span class="sh">'</span><span class="s">Content-Type</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">application/json</span><span class="sh">'</span><span class="p">},</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">Brand </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s"> not found</span><span class="sh">'</span><span class="p">})</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">headers</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span> <span class="sh">'</span><span class="s">Content-Type</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">application/json</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Cache-Control</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">max-age=300</span><span class="sh">'</span> <span class="c1"># 5-minute client cache </span> <span class="p">},</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Item</span><span class="sh">'</span><span class="p">])</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">getBrand</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">httpApi</span><span class="pi">:</span> <span class="c1"># HTTP API v2 (recommended)</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/brand/{brandId}</span> <span class="na">method</span><span class="pi">:</span> <span class="s">GET</span> <span class="c1"># For REST API v1:</span> <span class="c1"># - http:</span> <span class="c1"># path: /brand/{brandId}</span> <span class="c1"># method: GET</span> <span class="c1"># cors: true</span> </code></pre> </div> <p><strong>Key behaviors</strong>:</p> <ul> <li>API Gateway uses <strong>synchronous invocation</strong> </li> <li>Lambda must respond within <strong>29 seconds</strong> (API Gateway hard timeout)</li> <li>On Lambda error, API Gateway returns a <code>502 Bad Gateway</code> to the client</li> <li>The client is responsible for retry logic</li> </ul> <p><strong>Lambda Function URLs</strong> — a simpler alternative for single-function APIs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># No API Gateway needed — Lambda gets a direct HTTPS endpoint</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">getBrand</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">url</span><span class="pi">:</span> <span class="na">cors</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">authorizer</span><span class="pi">:</span> <span class="s">aws_iam</span> <span class="c1"># or 'none' for public</span> </code></pre> </div> <h2> Trigger Type 4: SQS (Message Queue Triggers) </h2> <p>SQS triggers are the backbone of reliable async processing. Lambda polls your SQS queue and invokes your function in batches.</p> <p><strong>Common use cases</strong>:</p> <ul> <li>Decoupling microservices</li> <li>Processing webhook payloads</li> <li>Fan-out patterns (SNS → multiple SQS queues → multiple Lambda functions)</li> <li>Rate-limiting downstream API calls </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py </span><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="kn">from</span> <span class="n">typing</span> <span class="kn">import</span> <span class="n">Any</span> <span class="n">ses</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ses</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Processes brand notification messages from SQS. Sends email notifications for brand update events. </span><span class="sh">"""</span> <span class="c1"># SQS delivers messages in batches </span> <span class="n">successful</span> <span class="o">=</span> <span class="p">[]</span> <span class="n">failed</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">for</span> <span class="n">record</span> <span class="ow">in</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">Records</span><span class="sh">'</span><span class="p">]:</span> <span class="n">message_id</span> <span class="o">=</span> <span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">messageId</span><span class="sh">'</span><span class="p">]</span> <span class="k">try</span><span class="p">:</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">record</span><span class="p">[</span><span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">])</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="n">event_type</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">eventType</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># e.g., 'logo_updated' </span> <span class="n">recipient</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">'</span><span class="s">notifyEmail</span><span class="sh">'</span><span class="p">]</span> <span class="c1"># Send notification email </span> <span class="n">ses</span><span class="p">.</span><span class="nf">send_email</span><span class="p">(</span> <span class="n">Source</span><span class="o">=</span><span class="sh">'</span><span class="s">noreply@yourdomain.com</span><span class="sh">'</span><span class="p">,</span> <span class="n">Destination</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">ToAddresses</span><span class="sh">'</span><span class="p">:</span> <span class="p">[</span><span class="n">recipient</span><span class="p">]},</span> <span class="n">Message</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">Subject</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span><span class="sh">'</span><span class="s">Data</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">Brand Update: </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="sh">'</span><span class="p">},</span> <span class="sh">'</span><span class="s">Body</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span><span class="sh">'</span><span class="s">Text</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span><span class="sh">'</span><span class="s">Data</span><span class="sh">'</span><span class="p">:</span> <span class="sa">f</span><span class="sh">'</span><span class="s">Event: </span><span class="si">{</span><span class="n">event_type</span><span class="si">}</span><span class="s"> for brand </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="sh">'</span><span class="p">}}</span> <span class="p">}</span> <span class="p">)</span> <span class="n">successful</span><span class="p">.</span><span class="nf">append</span><span class="p">(</span><span class="n">message_id</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Notification sent for </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s"> (</span><span class="si">{</span><span class="n">event_type</span><span class="si">}</span><span class="s">)</span><span class="sh">'</span><span class="p">)</span> <span class="k">except</span> <span class="nb">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Failed to process message </span><span class="si">{</span><span class="n">message_id</span><span class="si">}</span><span class="s">: </span><span class="si">{</span><span class="n">e</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="n">failed</span><span class="p">.</span><span class="nf">append</span><span class="p">({</span><span class="sh">'</span><span class="s">itemIdentifier</span><span class="sh">'</span><span class="p">:</span> <span class="n">message_id</span><span class="p">})</span> <span class="c1"># Partial batch failure response — only failed messages go back to queue </span> <span class="c1"># Requires "functionResponseTypes: [ReportBatchItemFailures]" in config </span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">batchItemFailures</span><span class="sh">'</span><span class="p">:</span> <span class="n">failed</span><span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">processBrandNotifications</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">sqs</span><span class="pi">:</span> <span class="na">arn</span><span class="pi">:</span> <span class="s">arn:aws:sqs:us-east-1:123456789:brand-notifications</span> <span class="na">batchSize</span><span class="pi">:</span> <span class="m">10</span> <span class="c1"># process up to 10 messages at once</span> <span class="na">maximumBatchingWindow</span><span class="pi">:</span> <span class="m">5</span> <span class="c1"># wait up to 5s to fill the batch</span> <span class="na">functionResponseType</span><span class="pi">:</span> <span class="s">ReportBatchItemFailures</span> <span class="c1"># partial batch failure support</span> </code></pre> </div> <p><strong>SQS + Lambda retry behavior</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Message arrives in SQS │ ▼ Lambda polls &amp; invokes function │ SUCCESS → message deleted from queue ✅ │ FAILURE → message becomes visible again after visibility timeout │ ▼ Retry (up to maxReceiveCount, e.g., 3 times) │ Still failing → message moved to Dead Letter Queue (DLQ) ⚠️ </code></pre> </div> <p><strong>Always configure a DLQ for SQS</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml — SQS queue with DLQ</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">BrandNotificationsQueue</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::SQS::Queue</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">QueueName</span><span class="pi">:</span> <span class="s">brand-notifications</span> <span class="na">VisibilityTimeout</span><span class="pi">:</span> <span class="m">60</span> <span class="na">RedrivePolicy</span><span class="pi">:</span> <span class="na">deadLetterTargetArn</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">BrandNotificationsDLQ.Arn</span> <span class="na">maxReceiveCount</span><span class="pi">:</span> <span class="m">3</span> <span class="c1"># move to DLQ after 3 failures</span> <span class="na">BrandNotificationsDLQ</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::SQS::Queue</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">QueueName</span><span class="pi">:</span> <span class="s">brand-notifications-dlq</span> <span class="na">MessageRetentionPeriod</span><span class="pi">:</span> <span class="m">1209600</span> <span class="c1"># keep failed messages for 14 days</span> </code></pre> </div> <h2> Trigger Type 5: EventBridge Event Bus (Event-Driven Architecture) </h2> <p>EventBridge is the most powerful trigger type for building loosely coupled, event-driven systems. It acts as a central event router — services publish events, and EventBridge routes them to the right Lambda functions based on rules.</p> <p><strong>Common use cases</strong>:</p> <ul> <li>Microservice decoupling (services communicate via events, not direct calls)</li> <li>State change tracking across services</li> <li>SaaS integrations (Stripe, GitHub webhooks → EventBridge → Lambda)</li> <li>Fan-out to multiple consumers </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># publisher.py — any service can publish events </span><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span> <span class="n">events</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">events</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">publish_brand_updated</span><span class="p">(</span><span class="n">brand_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">changes</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="sh">"""</span><span class="s">Publish a brand update event to EventBridge</span><span class="sh">"""</span> <span class="n">events</span><span class="p">.</span><span class="nf">put_events</span><span class="p">(</span> <span class="n">Entries</span><span class="o">=</span><span class="p">[{</span> <span class="sh">'</span><span class="s">Source</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">com.yourdomain.brand-service</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">DetailType</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">BrandUpdated</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Detail</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">:</span> <span class="n">brand_id</span><span class="p">,</span> <span class="sh">'</span><span class="s">changes</span><span class="sh">'</span><span class="p">:</span> <span class="n">changes</span><span class="p">,</span> <span class="sh">'</span><span class="s">updatedAt</span><span class="sh">'</span><span class="p">:</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">utcnow</span><span class="p">().</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}),</span> <span class="sh">'</span><span class="s">EventBusName</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">brand-platform-bus</span><span class="sh">'</span> <span class="p">}]</span> <span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># consumer.py — Lambda function triggered by EventBridge rule </span><span class="kn">import</span> <span class="n">json</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Triggered when a BrandUpdated event is published. Invalidates CDN cache for the updated brand</span><span class="sh">'</span><span class="s">s assets. </span><span class="sh">"""</span> <span class="n">detail</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">detail</span><span class="sh">'</span><span class="p">]</span> <span class="n">brand_id</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]</span> <span class="n">changes</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">'</span><span class="s">changes</span><span class="sh">'</span><span class="p">]</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">'</span><span class="s">Brand </span><span class="si">{</span><span class="n">brand_id</span><span class="si">}</span><span class="s"> updated: </span><span class="si">{</span><span class="n">changes</span><span class="si">}</span><span class="sh">'</span><span class="p">)</span> <span class="k">if</span> <span class="sh">'</span><span class="s">logoUrl</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">changes</span><span class="p">:</span> <span class="c1"># Logo changed — invalidate CDN cache </span> <span class="nf">invalidate_cdn_cache</span><span class="p">(</span><span class="n">brand_id</span><span class="p">)</span> <span class="k">if</span> <span class="sh">'</span><span class="s">colors</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">changes</span><span class="p">:</span> <span class="c1"># Color palette changed — regenerate color variants </span> <span class="nf">trigger_color_regeneration</span><span class="p">(</span><span class="n">brand_id</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">handled</span><span class="sh">'</span><span class="p">:</span> <span class="bp">True</span><span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">handleBrandUpdated</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">consumer.handler</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">eventBridge</span><span class="pi">:</span> <span class="na">eventBus</span><span class="pi">:</span> <span class="s">brand-platform-bus</span> <span class="na">pattern</span><span class="pi">:</span> <span class="na">source</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">com.yourdomain.brand-service</span> <span class="na">detail-type</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">BrandUpdated</span> <span class="c1"># Optional: filter to specific brands</span> <span class="na">detail</span><span class="pi">:</span> <span class="na">brandId</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">prefix</span><span class="pi">:</span> <span class="s">enterprise-</span> </code></pre> </div> <p><strong>EventBridge vs SQS — when to use which</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Scenario</th> <th>Use</th> </tr> </thead> <tbody> <tr> <td>One producer, one consumer</td> <td>SQS</td> </tr> <tr> <td>One event, multiple consumers</td> <td>EventBridge (fan-out)</td> </tr> <tr> <td>Need message ordering</td> <td>SQS FIFO</td> </tr> <tr> <td>Need content-based routing</td> <td>EventBridge (filter rules)</td> </tr> <tr> <td>Cross-account event delivery</td> <td>EventBridge</td> </tr> <tr> <td>Rate-limiting / throttling</td> <td>SQS</td> </tr> </tbody> </table></div> <h2> Choosing the Right Trigger: A Decision Guide </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>What initiates your Lambda function? │ ├── HTTP request from client/browser │ └── → API Gateway HTTP API or Function URL │ ├── File uploaded / object changed in S3 │ └── → S3 Event Notification (async) │ ├── Run on a schedule (cron) │ └── → EventBridge Scheduled Rule (async) │ ├── Message in a queue (reliable processing) │ └── → SQS Trigger (polling, batched) │ ├── Event from another service (decoupled) │ └── → EventBridge Event Bus (async, fan-out) │ └── Stream of records (Kinesis / DynamoDB Streams) └── → Kinesis / DynamoDB Streams Trigger (polling) </code></pre> </div> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Trigger</th> <th>Invocation</th> <th>Retry</th> <th>Best For</th> </tr> </thead> <tbody> <tr> <td>API Gateway</td> <td>Synchronous</td> <td>❌ Caller handles</td> <td>HTTP APIs, web apps</td> </tr> <tr> <td>S3</td> <td>Asynchronous</td> <td>✅ 2 auto retries</td> <td>File processing pipelines</td> </tr> <tr> <td>EventBridge Schedule</td> <td>Asynchronous</td> <td>✅ 2 auto retries</td> <td>Cron jobs, batch tasks</td> </tr> <tr> <td>SQS</td> <td>Polling (async)</td> <td>✅ Queue visibility + DLQ</td> <td>Reliable message processing</td> </tr> <tr> <td>EventBridge Event Bus</td> <td>Asynchronous</td> <td>✅ 2 auto retries</td> <td>Event-driven microservices</td> </tr> </tbody> </table></div> <p>The trigger you choose determines your invocation model, retry behavior, and error handling strategy. Getting this right is the difference between a resilient serverless system and one that silently drops data under failure.</p> <p><strong>Always configure a DLQ or failure destination for async triggers. Silent failures are the #1 operational issue in serverless production systems.</strong></p> <p><em>Next in this series: **Part 3 — Auto Scaling in AWS Lambda: Concurrency, Throttling &amp; Scale-to-Zero</em>**</p> architecture aws serverless tutorial James Lee Tue, 26 May 2026 07:49:30 +0000 https://dev.to/jamesli/cold-start-in-aws-lambda-causes-phases-how-to-fix-it-3cel https://dev.to/jamesli/cold-start-in-aws-lambda-causes-phases-how-to-fix-it-3cel <p>If you've ever noticed occasional spikes in your Lambda function's response time — especially after a period of inactivity — you've already met the cold start.</p> <p>Cold starts are one of the most discussed pain points in serverless architectures. In this article, we'll break down exactly what happens during a cold start, what makes it worse, and — most importantly — how to fix it in production.</p> <h2> Warm Start vs Cold Start </h2> <p>When a Lambda function is invoked, AWS needs to find an execution environment to run your code. Two scenarios can happen:</p> <p><strong>Warm Start</strong>: An idle execution environment already exists from a previous invocation. AWS reuses it directly. Your code runs immediately. This is fast — typically under 10ms overhead.</p> <p><strong>Cold Start</strong>: No idle environment is available. AWS must provision a brand new execution environment from scratch before your code can run. This takes time — anywhere from 100ms to several seconds depending on your configuration.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Invocation arrives │ ▼ Idle environment available? │ YES │ NO │ │ ▼ ▼ Warm Start Cold Start (reuse env) (provision new env) │ │ └────────┬───────────┘ ▼ Execute handler </code></pre> </div> <p>Cold starts are triggered in three main situations:</p> <ol> <li> <strong>First invocation</strong>: The function has never been called, or all previous environments have been recycled.</li> <li> <strong>Scaling out</strong>: Concurrent requests exceed the number of available warm environments, forcing Lambda to spin up new ones.</li> <li> <strong>After idle timeout</strong>: AWS recycles environments that haven't been used for a period of time (typically 5–15 minutes, though this is not officially documented).</li> </ol> <h2> The 6 Internal Phases of a Cold Start </h2> <p>A Lambda cold start is not a single operation — it's a pipeline of 6 sequential phases. Understanding each phase tells you exactly where time is being spent.</p> <h3> Phase 1: Execution Environment Provisioning </h3> <p>AWS Lambda runs on <a href="https://firecracker-microvm.github.io/" rel="noopener noreferrer">Firecracker</a> microVMs. When a cold start is triggered, AWS must allocate a new microVM slot from its fleet, apply your function's resource configuration (memory, CPU, timeout), and prepare the isolated sandbox.</p> <blockquote> <p><strong>Typical duration</strong>: 50–200ms<br><br> <strong>AWS optimization</strong>: Lambda maintains a pool of pre-initialized Firecracker slots to reduce this overhead.</p> </blockquote> <h3> Phase 2: Code &amp; Layer Download </h3> <p>Lambda does not keep your deployment package permanently mounted. During a cold start, it downloads your code package and any attached Lambda Layers from S3 into the execution environment.</p> <blockquote> <p><strong>Typical duration</strong>: 10ms–2s (depends on package size)<br><br> <strong>Key insight</strong>: A 50MB zipped package takes significantly longer to download and extract than a 1MB package. This is one of the most controllable factors.</p> </blockquote> <h3> Phase 3: Environment Variables &amp; Config Injection </h3> <p>Lambda injects your configured environment variables, function metadata, and any AWS-managed credentials (via IAM role) into the execution environment.</p> <blockquote> <p><strong>Typical duration</strong>: ~10ms<br><br> <strong>Note</strong>: Secrets Manager or Parameter Store lookups in your init code happen here — and they add latency.</p> </blockquote> <h3> Phase 4: VPC Network Attachment (if applicable) </h3> <p>If your function is configured to run inside a VPC, AWS must attach an Elastic Network Interface (ENI) to your execution environment. This involves:</p> <ul> <li>Allocating an ENI from the Hyperplane ENI pool</li> <li>Configuring routing and security group rules</li> <li>Establishing connectivity to your VPC subnets</li> </ul> <blockquote> <p><strong>Typical duration</strong>: historically 10–30s (the old ENI model), now <strong>under 1s</strong> thanks to AWS Hyperplane (launched 2019)<br><br> <strong>Key insight</strong>: Avoid VPC unless you actually need to access private resources. Many teams add VPC "just in case" and pay the cold start penalty unnecessarily.</p> </blockquote> <h3> Phase 5: Runtime Initialization </h3> <p>The language runtime starts up inside the execution environment. This is where the JVM boots for Java, the Node.js event loop initializes, or the Python interpreter loads.</p> <blockquote> <p><strong>Typical duration by runtime</strong>:</p> </blockquote> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Runtime</th> <th>Typical Cold Start Overhead</th> </tr> </thead> <tbody> <tr> <td>Python 3.12</td> <td>~50ms</td> </tr> <tr> <td>Node.js 20.x</td> <td>~50ms</td> </tr> <tr> <td>Java 21 (standard)</td> <td>~500ms–1s</td> </tr> <tr> <td>Java 21 (SnapStart)</td> <td>~100ms</td> </tr> <tr> <td>Go 1.x</td> <td>~20ms</td> </tr> <tr> <td>.NET 8</td> <td>~200ms</td> </tr> </tbody> </table></div> <h3> Phase 6: User Code Initialization </h3> <p>This is the code outside your handler function — the "init" phase. Everything at module level runs here:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">json</span> <span class="c1"># This runs ONCE during cold start (init phase) </span><span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">brands</span><span class="sh">'</span><span class="p">)</span> <span class="n">ssm</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">ssm</span><span class="sh">'</span><span class="p">)</span> <span class="n">config</span> <span class="o">=</span> <span class="n">ssm</span><span class="p">.</span><span class="nf">get_parameter</span><span class="p">(</span><span class="n">Name</span><span class="o">=</span><span class="sh">'</span><span class="s">/app/config</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># ← adds cold start latency! </span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="c1"># This runs on EVERY invocation (warm or cold) </span> <span class="n">result</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">:</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">brandId</span><span class="sh">'</span><span class="p">]})</span> <span class="k">return</span> <span class="n">result</span><span class="p">[</span><span class="sh">'</span><span class="s">Item</span><span class="sh">'</span><span class="p">]</span> </code></pre> </div> <blockquote> <p><strong>Key insight</strong>: Initializing clients outside the handler is good practice (they get reused on warm starts). But avoid heavy operations like fetching large configs or establishing multiple DB connections — these directly add to your cold start time.</p> </blockquote> <h2> What Makes Cold Starts Worse </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Factor</th> <th>Impact</th> <th>Notes</th> </tr> </thead> <tbody> <tr> <td>Large deployment package</td> <td>🔴 High</td> <td>Every MB adds download + extract time</td> </tr> <tr> <td>Many Lambda Layers</td> <td>🟠 Medium</td> <td>Each layer is downloaded separately</td> </tr> <tr> <td>VPC attachment</td> <td>🟠 Medium</td> <td>Now mitigated by Hyperplane, but still adds ~100–500ms</td> </tr> <tr> <td>Java / .NET runtime</td> <td>🔴 High</td> <td>JVM startup is inherently slow</td> </tr> <tr> <td>Heavy init code</td> <td>🔴 High</td> <td>SDK clients, DB connections, config fetches</td> </tr> <tr> <td>Low memory allocation</td> <td>🟡 Low-Medium</td> <td>More memory = more CPU = faster init</td> </tr> <tr> <td>Infrequent invocations</td> <td>🔴 High</td> <td>Environments get recycled, every call is cold</td> </tr> </tbody> </table></div> <h2> 6 Strategies to Reduce Cold Start Latency </h2> <h3> Strategy 1: Provisioned Concurrency (The Nuclear Option) </h3> <p>Provisioned Concurrency keeps a specified number of execution environments initialized and ready at all times. These environments never experience a cold start.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandLookup</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.main</span> <span class="na">provisionedConcurrency</span><span class="pi">:</span> <span class="m">5</span> <span class="c1"># 5 environments always warm</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">http</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/brand/{id}</span> <span class="na">method</span><span class="pi">:</span> <span class="s">get</span> </code></pre> </div> <p><strong>When to use</strong>: Latency-sensitive APIs (e.g., your brand lookup endpoint needs to respond in &lt;50ms P99).<br><br> <strong>Cost</strong>: You pay for provisioned concurrency even when idle. Use Application Auto Scaling to schedule it only during peak hours.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Auto Scaling Provisioned Concurrency with boto3 </span><span class="kn">import</span> <span class="n">boto3</span> <span class="n">client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">application-autoscaling</span><span class="sh">'</span><span class="p">)</span> <span class="n">client</span><span class="p">.</span><span class="nf">put_scheduled_action</span><span class="p">(</span> <span class="n">ServiceNamespace</span><span class="o">=</span><span class="sh">'</span><span class="s">lambda</span><span class="sh">'</span><span class="p">,</span> <span class="n">ResourceId</span><span class="o">=</span><span class="sh">'</span><span class="s">function:brandLookup:prod</span><span class="sh">'</span><span class="p">,</span> <span class="n">ScheduledActionName</span><span class="o">=</span><span class="sh">'</span><span class="s">scale-up-business-hours</span><span class="sh">'</span><span class="p">,</span> <span class="n">Schedule</span><span class="o">=</span><span class="sh">'</span><span class="s">cron(0 8 * * ? *)</span><span class="sh">'</span><span class="p">,</span> <span class="c1"># 8 AM UTC daily </span> <span class="n">ScalableTargetAction</span><span class="o">=</span><span class="p">{</span> <span class="sh">'</span><span class="s">MinCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="sh">'</span><span class="s">MaxCapacity</span><span class="sh">'</span><span class="p">:</span> <span class="mi">10</span> <span class="p">}</span> <span class="p">)</span> </code></pre> </div> <h3> Strategy 2: Scheduled Warm-Up with EventBridge (The Budget Option) </h3> <p>If Provisioned Concurrency is too expensive, you can use EventBridge to ping your function every few minutes, keeping environments alive.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># handler.py — handle warm-up pings gracefully </span><span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">if</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">source</span><span class="sh">'</span><span class="p">)</span> <span class="o">==</span> <span class="sh">'</span><span class="s">warmup</span><span class="sh">'</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sh">'</span><span class="s">Warm-up ping received, skipping business logic</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">warm</span><span class="sh">'</span><span class="p">}</span> <span class="k">return</span> <span class="nf">process_brand_request</span><span class="p">(</span><span class="n">event</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandLookup</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">handler.main</span> <span class="na">events</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">schedule</span><span class="pi">:</span> <span class="na">rate</span><span class="pi">:</span> <span class="s">rate(5 minutes)</span> <span class="na">input</span><span class="pi">:</span> <span class="na">source</span><span class="pi">:</span> <span class="s">warmup</span> </code></pre> </div> <p><strong>Limitation</strong>: This only keeps a small number of environments warm. Under sudden traffic spikes, you'll still see cold starts on the new instances that scale out.</p> <h3> Strategy 3: Minimize Your Deployment Package </h3> <p>This is the highest ROI optimization — it costs nothing and directly reduces Phase 2 duration.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Bad: shipping everything</span> pip <span class="nb">install</span> <span class="nt">-r</span> requirements.txt <span class="nt">-t</span> ./package <span class="c"># Result: 45MB package including boto3, botocore, etc.</span> <span class="c"># Good: boto3 and botocore are pre-installed in the Lambda runtime</span> pip <span class="nb">install</span> <span class="nt">-r</span> requirements.txt <span class="nt">-t</span> ./package <span class="nt">--no-deps</span> <span class="c"># serverless.yml — exclude unnecessary files</span> package: patterns: - <span class="s1">'!node_modules/aws-sdk/**'</span> - <span class="s1">'!**/__pycache__/**'</span> - <span class="s1">'!**/*.pyc'</span> - <span class="s1">'!tests/**'</span> - <span class="s1">'!*.md'</span> </code></pre> </div> <p><strong>Target</strong>: Keep your zipped package under 5MB for Python/Node.js. Under 1MB is ideal.</p> <h3> Strategy 4: Avoid Unnecessary VPC Configuration </h3> <p>Only put your Lambda in a VPC if it needs to access genuinely VPC-private resources.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Do you need to access: ├── DynamoDB? → NO VPC needed ├── S3? → NO VPC needed ├── SQS/SNS? → NO VPC needed ├── RDS/Aurora? → YES, VPC required ├── ElastiCache? → YES, VPC required └── Internal ALB? → YES, VPC required </code></pre> </div> <p>DynamoDB and S3 — the primary data stores in most Serverless architectures — do not require VPC. Use VPC Endpoints if you need private connectivity without the cold start penalty.</p> <h3> Strategy 5: Choose the Right Runtime (and Use SnapStart for Java) </h3> <p>AWS Lambda SnapStart (Java 21) takes a snapshot of the initialized execution environment and restores from it on cold start — reducing Java cold starts from ~1s to ~100ms.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># serverless.yml</span> <span class="na">functions</span><span class="pi">:</span> <span class="na">brandProcessor</span><span class="pi">:</span> <span class="na">handler</span><span class="pi">:</span> <span class="s">com.brandfetch.Handler</span> <span class="na">runtime</span><span class="pi">:</span> <span class="s">java21</span> <span class="na">snapStart</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <p>For new functions, <strong>Python and Node.js</strong> are the best choices for cold-start-sensitive workloads.</p> <h3> Strategy 6: Lazy Load Heavy Dependencies </h3> <p>Don't initialize everything at module load time. Defer expensive operations until they're actually needed.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">os</span> <span class="n">_rekognition_client</span> <span class="o">=</span> <span class="bp">None</span> <span class="n">_opensearch_client</span> <span class="o">=</span> <span class="bp">None</span> <span class="k">def</span> <span class="nf">get_rekognition</span><span class="p">():</span> <span class="k">global</span> <span class="n">_rekognition_client</span> <span class="k">if</span> <span class="n">_rekognition_client</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="n">_rekognition_client</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">'</span><span class="s">rekognition</span><span class="sh">'</span><span class="p">)</span> <span class="k">return</span> <span class="n">_rekognition_client</span> <span class="k">def</span> <span class="nf">get_opensearch</span><span class="p">():</span> <span class="k">global</span> <span class="n">_opensearch_client</span> <span class="k">if</span> <span class="n">_opensearch_client</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="kn">from</span> <span class="n">opensearchpy</span> <span class="kn">import</span> <span class="n">OpenSearch</span> <span class="n">_opensearch_client</span> <span class="o">=</span> <span class="nc">OpenSearch</span><span class="p">(</span> <span class="n">hosts</span><span class="o">=</span><span class="p">[{</span><span class="sh">'</span><span class="s">host</span><span class="sh">'</span><span class="p">:</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">'</span><span class="s">OPENSEARCH_HOST</span><span class="sh">'</span><span class="p">],</span> <span class="sh">'</span><span class="s">port</span><span class="sh">'</span><span class="p">:</span> <span class="mi">443</span><span class="p">}],</span> <span class="n">use_ssl</span><span class="o">=</span><span class="bp">True</span> <span class="p">)</span> <span class="k">return</span> <span class="n">_opensearch_client</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">if</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">]</span> <span class="o">==</span> <span class="sh">'</span><span class="s">image_analysis</span><span class="sh">'</span><span class="p">:</span> <span class="k">return</span> <span class="nf">analyze_logo</span><span class="p">(</span><span class="nf">get_rekognition</span><span class="p">(),</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">imageUrl</span><span class="sh">'</span><span class="p">])</span> <span class="k">if</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">type</span><span class="sh">'</span><span class="p">]</span> <span class="o">==</span> <span class="sh">'</span><span class="s">vector_search</span><span class="sh">'</span><span class="p">:</span> <span class="k">return</span> <span class="nf">search_similar_logos</span><span class="p">(</span><span class="nf">get_opensearch</span><span class="p">(),</span> <span class="n">event</span><span class="p">[</span><span class="sh">'</span><span class="s">embedding</span><span class="sh">'</span><span class="p">])</span> </code></pre> </div> <h2> Real-World Cold Start Numbers </h2> <p>Based on production measurements and community benchmarks (2024):</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Runtime</th> <th>Package Size</th> <th>VPC</th> <th>P50 Cold Start</th> <th>P99 Cold Start</th> </tr> </thead> <tbody> <tr> <td>Python 3.12</td> <td>1MB</td> <td>No</td> <td>180ms</td> <td>420ms</td> </tr> <tr> <td>Python 3.12</td> <td>50MB</td> <td>No</td> <td>890ms</td> <td>1,800ms</td> </tr> <tr> <td>Python 3.12</td> <td>1MB</td> <td>Yes</td> <td>280ms</td> <td>650ms</td> </tr> <tr> <td>Node.js 20.x</td> <td>1MB</td> <td>No</td> <td>150ms</td> <td>380ms</td> </tr> <tr> <td>Java 21</td> <td>10MB</td> <td>No</td> <td>800ms</td> <td>1,500ms</td> </tr> <tr> <td>Java 21 (SnapStart)</td> <td>10MB</td> <td>No</td> <td>90ms</td> <td>200ms</td> </tr> <tr> <td>Go 1.x</td> <td>5MB</td> <td>No</td> <td>80ms</td> <td>180ms</td> </tr> </tbody> </table></div> <blockquote> <p><strong>Key takeaway</strong>: Package size has a bigger impact than most engineers expect. A Python function with a 50MB package has a P50 cold start <strong>5x worse</strong> than the same function with a 1MB package.</p> </blockquote> <h2> Decision Framework: Do You Actually Need to Optimize? </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Is cold start latency causing user-visible issues? │ ├── NO → Don't optimize. Cold starts are &lt;1% of invocations │ for most functions with moderate traffic. │ └── YES → What's your traffic pattern? │ ├── Steady traffic (&gt;1 req/min) │ → Environments stay warm naturally. │ Focus on package size + init code. │ ├── Bursty traffic (sudden spikes) │ → Provisioned Concurrency + Auto Scaling │ └── Infrequent / scheduled jobs → EventBridge warm-up, or just accept it </code></pre> </div> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Phase</th> <th>Your Control</th> <th>Best Action</th> </tr> </thead> <tbody> <tr> <td>Environment provisioning</td> <td>❌ None</td> <td>Use Provisioned Concurrency</td> </tr> <tr> <td>Code download</td> <td>✅ High</td> <td>Minimize package size</td> </tr> <tr> <td>Config injection</td> <td>✅ Medium</td> <td>Avoid SSM calls in init</td> </tr> <tr> <td>VPC attachment</td> <td>✅ High</td> <td>Avoid VPC unless necessary</td> </tr> <tr> <td>Runtime init</td> <td>✅ Medium</td> <td>Choose Python/Node/Go; use SnapStart for Java</td> </tr> <tr> <td>User code init</td> <td>✅ High</td> <td>Lazy load, keep init lightweight</td> </tr> </tbody> </table></div> <p>Cold starts are a real challenge in serverless production systems — but they're also highly addressable. The engineers who struggle most with cold starts are usually the ones who haven't measured which phase is actually costing them time.</p> <p><strong>Measure first. Optimize the right thing.</strong></p> <p><em>Next in this series: **Part 2 — Lambda Triggers Deep Dive: S3, EventBridge, API Gateway &amp; SQS</em>**</p> architecture aws performance serverless James Lee Fri, 22 May 2026 10:16:22 +0000 https://dev.to/jamesli/full-observability-in-istio-metrics-with-prometheusgrafana-distributed-tracing-with-jaeger-3b8g https://dev.to/jamesli/full-observability-in-istio-metrics-with-prometheusgrafana-distributed-tracing-with-jaeger-3b8g <p>Observability is the ability to understand the internal state of a system from its external outputs. In a microservices architecture — where a single API call may fan out to dozens of services and hundreds of DB queries — observability is not optional. It's survival.</p> <p>Istio provides three pillars of observability out of the box:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Pillar</th> <th>Tool</th> <th>Best For</th> </tr> </thead> <tbody> <tr> <td><strong>Metrics</strong></td> <td>Prometheus + Grafana</td> <td>Trend analysis, QPS, latency, error rate</td> </tr> <tr> <td><strong>Distributed Tracing</strong></td> <td>Jaeger</td> <td>Root cause analysis of slow/failed requests</td> </tr> <tr> <td><strong>Logging</strong></td> <td>ELK Stack</td> <td>Detailed per-request log investigation</td> </tr> </tbody> </table></div> <p>This article covers the first two in depth.</p> <h2> Part 1: Metrics with Prometheus + Grafana </h2> <h3> Why Prometheus Over StatsD or InfluxDB? </h3> <p>Three metrics systems are commonly used in modern infrastructure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>StatsD + Graphite → UDP push model, lightweight, limited ecosystem InfluxDB + Telegraf → Rich system-level plugins, custom app metrics need manual work Prometheus → Pull model, native K8s/Consul service discovery, full alerting stack </code></pre> </div> <p>Prometheus wins in cloud-native environments for two reasons:</p> <ol> <li> <strong>Pull model</strong> — Prometheus scrapes targets over HTTP. This simplifies client code and makes debugging trivial (just <code>curl</code> the <code>/metrics</code> endpoint).</li> <li> <strong>Native service discovery</strong> — No static IP lists. Prometheus discovers targets from Kubernetes, Consul, or DNS automatically.</li> </ol> <h3> Prometheus Architecture </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────────────────────┐ │ Prometheus Server │ │ ┌──────────────┐ ┌──────────────┐ ┌─────────────┐ │ │ │ Scraper │ │ TSDB │ │ Rule Engine │ │ │ │ (pull HTTP) │ │ (storage) │ │ (alerts) │ │ │ └──────┬───────┘ └──────────────┘ └──────┬──────┘ │ └──────────┼────────────────────────────────────────┼─────────┘ │ scrape /metrics │ fire alerts ▼ ▼ ┌─────────────────────┐ ┌──────────────────────┐ │ Service Discovery │ │ Alertmanager │ │ (K8s / Consul/DNS) │ │ (dedup, group, │ └─────────────────────┘ │ notify: DingTalk / │ │ WeCom / Email) │ ┌─────────────────────┐ └──────────────────────┘ │ PushGateway │ ← for short-lived jobs (batch, PHP scripts) └─────────────────────┘ ┌─────────────────────┐ │ Exporters │ ← Node Exporter, Blackbox Exporter, etc. └─────────────────────┘ </code></pre> </div> <blockquote> <p><strong>PushGateway</strong> exists specifically for short-lived processes (batch jobs, PHP scripts) that won't survive long enough to be scraped.</p> </blockquote> <h3> Prometheus Data Model </h3> <p>Every metric is a combination of a <strong>name</strong> + <strong>labels</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight prometheus"><code><span class="n">negri_http_request_total</span><span class="p">{</span><span class="na">client</span><span class="o">=</span><span class="s2">"serviceA"</span><span class="p">,</span> <span class="na">code</span><span class="o">=</span><span class="s2">"200"</span><span class="p">,</span> <span class="na">exported_service</span><span class="o">=</span><span class="s2">"serviceB"</span><span class="p">,</span> <span class="na">path</span><span class="o">=</span><span class="s2">"/ping"</span><span class="p">}</span> </code></pre> </div> <ul> <li> <code>negri_http_request_total</code> — metric name (describes what it measures)</li> <li> <code>{client, code, exported_service, path}</code> — labels (dimensions for filtering/aggregation)</li> </ul> <h3> The Four Metric Types </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Type</th> <th>Computed By</th> <th>Best For</th> <th>Example</th> </tr> </thead> <tbody> <tr> <td><strong>Counter</strong></td> <td>Server-side</td> <td>QPS, total requests (monotonically increasing)</td> <td><code>negri_http_request_total</code></td> </tr> <tr> <td><strong>Gauge</strong></td> <td>Client-side</td> <td>Instantaneous values, event flags (circuit breaker open/closed)</td> <td><code>degrade_events{event="eventBreakerOpenStatus"}</code></td> </tr> <tr> <td><strong>Histogram</strong></td> <td>Server-side</td> <td>Latency percentiles (p90/p95/p99), response size distribution</td> <td><code>negri_http_response_time_us_bucket{le="0.5"}</code></td> </tr> <tr> <td><strong>Summary</strong></td> <td>Client-side</td> <td>Precise percentiles, but less flexible at query time</td> <td>Similar to Histogram</td> </tr> </tbody> </table></div> <blockquote> <p><strong>Counter vs Gauge:</strong> If your value only goes up → use Counter (cheaper, server-side). If it goes up and down → use Gauge.</p> <p><strong>Histogram vs Summary:</strong> Histogram is more flexible (percentiles calculated at query time in Grafana). Summary is more precise but percentiles are fixed at instrumentation time.</p> </blockquote> <h3> Grafana Dashboard: What to Look At </h3> <p>Istio ships with pre-built Grafana dashboards. Here's how to navigate them effectively.</p> <h4> Services Dashboard </h4> <p>Key filter parameters:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Parameter</th> <th>What It Means</th> </tr> </thead> <tbody> <tr> <td><code>Service</code></td> <td>The Kubernetes service name (e.g. <code>details.default.svc.cluster.local</code>)</td> </tr> <tr> <td><code>Client Workload Namespace</code></td> <td>The K8s namespace where the client lives</td> </tr> <tr> <td><code>Client Workload</code></td> <td>The upstream caller — e.g. <code>productpage-v1</code> calling <code>details</code> </td> </tr> <tr> <td><code>Service Workload</code></td> <td>The specific version of the service — e.g. <code>reviews-v1</code>, <code>reviews-v2</code>, <code>reviews-v3</code> </td> </tr> </tbody> </table></div> <blockquote> <p><strong>Why <code>Client Workload</code> matters:</strong> Traditional microservice SDKs often struggle to reliably inject the caller's service name into metrics. Developers might hardcode the wrong name or copy-paste from another service. Istio eliminates this entirely — the control plane injects the caller identity automatically via the sidecar. No human error possible.</p> </blockquote> <p>Key panels in the dashboard:</p> <ul> <li> <strong>QPS</strong> (client-side vs server-side) — client-side is more accurate as it includes network latency</li> <li> <strong>Success Rate</strong> — percentage of non-5xx responses</li> <li> <strong>Latency</strong> — p50/p90/p99 breakdown</li> </ul> <h4> Workload Dashboard </h4> <p>The Workload dashboard adds a critical dimension: <strong>inbound vs outbound traffic</strong>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>reviews-v3 Workload ├── INBOUND ← traffic FROM productpage-v1 └── OUTBOUND ← traffic TO ratings.default.svc.cluster.local </code></pre> </div> <p>This dual-direction view is invaluable for root cause analysis. When <code>reviews-v3</code> is slow, you can immediately see:</p> <ul> <li>Is it slow because <em>incoming</em> traffic is high? (upstream pressure)</li> <li>Or is it slow because <em>outgoing</em> calls to <code>ratings</code> are slow? (downstream dependency)</li> </ul> <h2> Part 2: Distributed Tracing with Jaeger </h2> <h3> The Three Pillars of Observability — Compared </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Metrics → "Something is wrong with reviews-v3 (p99 latency spiked to 2s)" Tracing → "The spike is caused by the ratings service call at step 4 of this specific request" Logging → "Here's the exact SQL query and stack trace that caused it" </code></pre> </div> <p>Each tool answers a different question. Tracing is the bridge between "something is wrong" and "here's exactly why."</p> <h3> How Distributed Tracing Works (Dapper Model) </h3> <p>Tracing originates from Google's <strong>Dapper</strong> paper. The core concepts:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>TraceId: 5f1db306ef459b2f (unique per request, generated at the gateway) │ ├── Span A (SpanId: aaa, ParentSpanId: null) ← root span (productpage) │ │ │ ├── Span B (SpanId: bbb, ParentSpanId: aaa) ← details service call │ │ │ └── Span C (SpanId: ccc, ParentSpanId: aaa) ← reviews service call │ │ │ └── Span D (SpanId: ddd, ParentSpanId: ccc) ← ratings service call </code></pre> </div> <p>Trace context is propagated via <strong>HTTP headers</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Header</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><code>x-request-id</code></td> <td>Unique request ID for log correlation</td> </tr> <tr> <td><code>x-b3-traceid</code></td> <td>64-bit global trace identifier</td> </tr> <tr> <td><code>x-b3-spanid</code></td> <td>Current span position in the trace tree</td> </tr> <tr> <td><code>x-b3-parentspanid</code></td> <td>Parent span (absent = root node)</td> </tr> <tr> <td><code>x-b3-sampled</code></td> <td>Sampling flag (<code>1</code> = record this trace)</td> </tr> </tbody> </table></div> <h3> A Real Trace Record </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"traceID"</span><span class="p">:</span><span class="w"> </span><span class="s2">"5f1db306ef459b2f"</span><span class="p">,</span><span class="w"> </span><span class="nl">"spanID"</span><span class="p">:</span><span class="w"> </span><span class="s2">"5f1db306ef459b2f"</span><span class="p">,</span><span class="w"> </span><span class="nl">"parentSpanID"</span><span class="p">:</span><span class="w"> </span><span class="s2">"0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"operationName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/ping"</span><span class="p">,</span><span class="w"> </span><span class="nl">"duration"</span><span class="p">:</span><span class="w"> </span><span class="mi">2065</span><span class="p">,</span><span class="w"> </span><span class="nl">"startTime"</span><span class="p">:</span><span class="w"> </span><span class="mi">1609241265147010</span><span class="p">,</span><span class="w"> </span><span class="nl">"process"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"serviceName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"negri.sidecarserverlistener.myapp"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tags"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"hostname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"MacBook-Pro-3.local"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ip"</span><span class="p">:</span><span class="w"> </span><span class="s2">"192.168.1.88"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"tags"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"http.method"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GET"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http.status_code"</span><span class="p">:</span><span class="w"> </span><span class="s2">"200"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http.url"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/ping"</span><span class="p">,</span><span class="w"> </span><span class="nl">"peer.address"</span><span class="p">:</span><span class="w"> </span><span class="s2">"http://127.0.0.1:8888"</span><span class="p">,</span><span class="w"> </span><span class="nl">"span.kind"</span><span class="p">:</span><span class="w"> </span><span class="s2">"server"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Jaeger Architecture </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Application Code │ UDP ▼ ┌──────────────┐ ┌──────────────────┐ ┌──────────────┐ │ jaeger-client│────▶│ jaeger-agent │────▶│jaeger- │ │ (SDK) │ │ (per-host │ │collector │ └──────────────┘ │ daemon) │ │(validate + │ └──────────────────┘ │ process) │ └──────┬───────┘ │ ▼ ┌──────────────┐ │ jaeger-db │ │ (Cassandra / │ │ Elasticsearch│ └──────┬───────┘ │ ▼ ┌──────────────┐ │ jaeger-query │ │ (UI + API) │ └──────────────┘ </code></pre> </div> <blockquote> <p><strong>Why jaeger-agent?</strong> Same philosophy as Istio's sidecar — it offloads service discovery and routing complexity from the client SDK. The app just sends UDP to localhost and forgets about it.</p> </blockquote> <h3> The One Thing Your Code Must Do </h3> <p>Envoy automatically generates spans and propagates B3 headers to upstream services. <strong>But</strong> — it cannot read the incoming headers and pass them downstream on your behalf. Your application code must forward the trace headers manually.</p> <p>Here's the pattern from the Bookinfo sample app (Python):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="nd">@app.route</span><span class="p">(</span><span class="sh">'</span><span class="s">/productpage</span><span class="sh">'</span><span class="p">)</span> <span class="nd">@trace</span><span class="p">()</span> <span class="k">def</span> <span class="nf">front</span><span class="p">():</span> <span class="n">headers</span> <span class="o">=</span> <span class="nf">getForwardHeaders</span><span class="p">(</span><span class="n">request</span><span class="p">)</span> <span class="c1"># extract + forward trace headers </span> <span class="n">details</span> <span class="o">=</span> <span class="nf">getProductDetails</span><span class="p">(</span><span class="n">product_id</span><span class="p">,</span> <span class="n">headers</span><span class="p">)</span> <span class="c1"># pass them downstream </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">getForwardHeaders</span><span class="p">(</span><span class="n">request</span><span class="p">):</span> <span class="n">headers</span> <span class="o">=</span> <span class="p">{}</span> <span class="c1"># B3 headers — extracted automatically via OpenTracing library </span> <span class="n">span</span> <span class="o">=</span> <span class="nf">get_current_span</span><span class="p">()</span> <span class="n">carrier</span> <span class="o">=</span> <span class="p">{}</span> <span class="n">tracer</span><span class="p">.</span><span class="nf">inject</span><span class="p">(</span><span class="n">span_context</span><span class="o">=</span><span class="n">span</span><span class="p">.</span><span class="n">context</span><span class="p">,</span> <span class="nb">format</span><span class="o">=</span><span class="n">Format</span><span class="p">.</span><span class="n">HTTP_HEADERS</span><span class="p">,</span> <span class="n">carrier</span><span class="o">=</span><span class="n">carrier</span><span class="p">)</span> <span class="n">headers</span><span class="p">.</span><span class="nf">update</span><span class="p">(</span><span class="n">carrier</span><span class="p">)</span> <span class="c1"># Other headers that must be forwarded manually </span> <span class="n">incoming_headers</span> <span class="o">=</span> <span class="p">[</span> <span class="sh">'</span><span class="s">x-request-id</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">x-ot-span-context</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">traceparent</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">tracestate</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">x-cloud-trace-context</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">grpc-trace-bin</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">user-agent</span><span class="sh">'</span><span class="p">,</span> <span class="p">]</span> <span class="k">for</span> <span class="n">h</span> <span class="ow">in</span> <span class="n">incoming_headers</span><span class="p">:</span> <span class="n">val</span> <span class="o">=</span> <span class="n">request</span><span class="p">.</span><span class="n">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="n">h</span><span class="p">)</span> <span class="k">if</span> <span class="n">val</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> <span class="n">headers</span><span class="p">[</span><span class="n">h</span><span class="p">]</span> <span class="o">=</span> <span class="n">val</span> <span class="k">return</span> <span class="n">headers</span> </code></pre> </div> <blockquote> <p><strong>Key insight:</strong> Envoy handles span <em>creation</em> and <em>injection</em> automatically. Your app only needs to <em>forward</em> the headers it receives. This is a much lighter instrumentation burden than traditional APM agents.</p> </blockquote> <h3> What Jaeger Shows You </h3> <p><strong>Trace List View</strong> — All traces for a service, sortable by duration. Immediately surfaces the slowest requests.</p> <p><strong>Trace Detail View</strong> — Full waterfall of every span in a single request:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>productpage ────────────────────────────── 450ms details ─── 45ms reviews ────────────────── 380ms ratings ──────────── 310ms ← bottleneck identified </code></pre> </div> <p><strong>System Architecture View</strong> — Auto-generated service dependency graph derived from trace data. No manual diagram maintenance needed.</p> <h2> Summary: Metrics vs Tracing — When to Use Which </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Scenario</th> <th>Use</th> </tr> </thead> <tbody> <tr> <td>"Is the service healthy right now?"</td> <td>Metrics (Grafana dashboard)</td> </tr> <tr> <td>"Has latency been trending up this week?"</td> <td>Metrics (Prometheus query)</td> </tr> <tr> <td>"Why did <em>this specific request</em> take 3 seconds?"</td> <td>Tracing (Jaeger)</td> </tr> <tr> <td>"Which service is the bottleneck in my call chain?"</td> <td>Tracing (Jaeger waterfall)</td> </tr> <tr> <td>"What exact error did service X return at 14:32?"</td> <td>Logging (ELK)</td> </tr> </tbody> </table></div> <p>The power of Istio is that <strong>you get all of this without modifying your application</strong> — except for the minimal header forwarding shown above. The sidecar handles metric collection, span generation, and header injection automatically.</p> <blockquote> <p>💻 Explore the full implementation:<br> <a href="https://github.com/muzinan123/servicemesh" rel="noopener noreferrer">github.com/muzinan123/servicemesh</a></p> </blockquote> devops kubernetes microservices monitoring James Lee Fri, 22 May 2026 10:15:40 +0000 https://dev.to/jamesli/traffic-management-in-istio-circuit-breaking-rate-limiting-with-destinationrule-1oim https://dev.to/jamesli/traffic-management-in-istio-circuit-breaking-rate-limiting-with-destinationrule-1oim <p>One of Istio's most powerful features is the ability to configure <strong>circuit breaking</strong> and <strong>rate limiting</strong> declaratively — without touching a single line of application code. Everything is controlled through a single CRD: <code>DestinationRule</code>.</p> <p>In this article, I'll break down exactly how <code>connectionPool</code> (rate limiting) and <code>outlierDetection</code> (circuit breaking) work, with real YAML examples.</p> <h2> The Entry Point: TrafficPolicy in DestinationRule </h2> <p>Both circuit breaking and rate limiting are configured under the <code>trafficPolicy</code> field of a <code>DestinationRule</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">networking.istio.io/v1alpha3</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">DestinationRule</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">my-service-dr</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">host</span><span class="pi">:</span> <span class="s">my-service</span> <span class="na">trafficPolicy</span><span class="pi">:</span> <span class="na">connectionPool</span><span class="pi">:</span> <span class="c1"># ← Rate limiting config</span> <span class="na">tcp</span><span class="pi">:</span> <span class="na">maxConnections</span><span class="pi">:</span> <span class="m">100</span> <span class="na">http</span><span class="pi">:</span> <span class="na">http1MaxPendingRequests</span><span class="pi">:</span> <span class="m">100</span> <span class="na">http2MaxRequests</span><span class="pi">:</span> <span class="m">1000</span> <span class="na">outlierDetection</span><span class="pi">:</span> <span class="c1"># ← Circuit breaking config</span> <span class="na">consecutiveErrors</span><span class="pi">:</span> <span class="m">5</span> <span class="na">interval</span><span class="pi">:</span> <span class="s">10s</span> <span class="na">baseEjectionTime</span><span class="pi">:</span> <span class="s">30s</span> <span class="na">maxEjectionPercent</span><span class="pi">:</span> <span class="m">10</span> </code></pre> </div> <h2> Part 1: Rate Limiting with <code>connectionPool</code> </h2> <p><code>connectionPool</code> controls <strong>how many concurrent connections and requests</strong> are allowed to reach an upstream service. It has two sub-sections: <code>tcp</code> and <code>http</code>.</p> <h3> TCP Settings </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Field</th> <th>Description</th> <th>Default</th> </tr> </thead> <tbody> <tr> <td><code>maxConnections</code></td> <td>Max number of HTTP1/TCP connections to the destination</td> <td>unlimited</td> </tr> <tr> <td><code>connectTimeout</code></td> <td>TCP connection timeout</td> <td>10s</td> </tr> </tbody> </table></div> <blockquote> <p>⚠️ <strong>Important:</strong> <code>maxConnections</code> only limits <strong>HTTP/1.1 and TCP</strong> connections. It does <strong>not</strong> affect HTTP/2, because HTTP/2 multiplexes all requests over a single connection.</p> </blockquote> <h3> HTTP Settings </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Field</th> <th>Description</th> <th>Default</th> </tr> </thead> <tbody> <tr> <td><code>http1MaxPendingRequests</code></td> <td>Max queued HTTP/1.1 requests waiting to be processed</td> <td>1024</td> </tr> <tr> <td><code>http2MaxRequests</code></td> <td>Max concurrent HTTP/2 requests</td> <td>1024</td> </tr> <tr> <td><code>maxRequestsPerConnection</code></td> <td>How many requests can reuse one TCP connection. Set to <code>1</code> to disable keepalive</td> <td>unlimited</td> </tr> </tbody> </table></div> <h3> Full connectionPool Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">trafficPolicy</span><span class="pi">:</span> <span class="na">connectionPool</span><span class="pi">:</span> <span class="na">tcp</span><span class="pi">:</span> <span class="na">maxConnections</span><span class="pi">:</span> <span class="m">100</span> <span class="na">connectTimeout</span><span class="pi">:</span> <span class="s">3s</span> <span class="na">http</span><span class="pi">:</span> <span class="na">http1MaxPendingRequests</span><span class="pi">:</span> <span class="m">100</span> <span class="na">http2MaxRequests</span><span class="pi">:</span> <span class="m">1000</span> <span class="na">maxRequestsPerConnection</span><span class="pi">:</span> <span class="m">10</span> </code></pre> </div> <p><strong>What this does:</strong> Limits the service to 100 concurrent TCP connections, queues at most 100 pending HTTP/1.1 requests, and allows up to 1000 concurrent HTTP/2 requests. Each TCP connection can serve up to 10 requests before being recycled.</p> <h2> Part 2: Circuit Breaking with <code>outlierDetection</code> </h2> <p><code>outlierDetection</code> implements the <strong>circuit breaker pattern</strong> at the Envoy level. When a service instance starts returning errors, Istio automatically ejects it from the load balancing pool.</p> <h3> How It Works </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Request → Envoy → Load Balancer Pool ├── Instance A (healthy) ✅ ├── Instance B (healthy) ✅ └── Instance C (5xx × 5) ❌ → Ejected for 30s </code></pre> </div> <p>When Instance C is ejected, traffic is only routed to A and B. After <code>baseEjectionTime</code>, Instance C gets a chance to re-enter the pool.</p> <h3> Configuration Fields </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Field</th> <th>Description</th> <th>Default</th> </tr> </thead> <tbody> <tr> <td><code>consecutiveErrors</code></td> <td>Number of consecutive 5xx errors (502/503/504) before ejection</td> <td>5</td> </tr> <tr> <td><code>interval</code></td> <td>Time window for counting errors</td> <td>10s</td> </tr> <tr> <td><code>baseEjectionTime</code></td> <td>Minimum ejection duration. Actual time = <code>baseEjectionTime × ejection count</code> </td> <td>30s</td> </tr> <tr> <td><code>maxEjectionPercent</code></td> <td>Max % of instances that can be ejected at once</td> <td>10%</td> </tr> <tr> <td><code>minHealthPercent</code></td> <td>If healthy instances drop below this %, circuit breaking is <strong>disabled</strong> entirely</td> <td>50%</td> </tr> </tbody> </table></div> <h3> Full outlierDetection Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">trafficPolicy</span><span class="pi">:</span> <span class="na">outlierDetection</span><span class="pi">:</span> <span class="na">consecutiveErrors</span><span class="pi">:</span> <span class="m">5</span> <span class="na">interval</span><span class="pi">:</span> <span class="s">10s</span> <span class="na">baseEjectionTime</span><span class="pi">:</span> <span class="s">30s</span> <span class="na">maxEjectionPercent</span><span class="pi">:</span> <span class="m">10</span> <span class="na">minHealthPercent</span><span class="pi">:</span> <span class="m">50</span> </code></pre> </div> <h2> Key Design Decisions Worth Understanding </h2> <h3> 1. Progressive Ejection Time </h3> <p>The actual ejection time is not fixed — it grows with each ejection:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>1st ejection: 30s × 1 = 30s 2nd ejection: 30s × 2 = 60s 3rd ejection: 30s × 3 = 90s </code></pre> </div> <p>This is intentional: a repeatedly failing instance gets longer and longer timeouts, giving it more time to recover.</p> <h3> 2. The Safety Net: <code>maxEjectionPercent</code> + <code>minHealthPercent</code> </h3> <p>These two fields work together to prevent a cascade failure from taking down your entire service:</p> <ul> <li> <strong><code>maxEjectionPercent: 10</code></strong> — Even if 50 instances are all returning 5xx errors, only 10% will be ejected at any one time.</li> <li> <strong><code>minHealthPercent: 50</code></strong> — If healthy instances drop below 50%, Istio <strong>disables</strong> outlier detection entirely and allows all instances (including unhealthy ones) to receive traffic.</li> </ul> <blockquote> <p><strong>Why disable circuit breaking when too many instances are unhealthy?</strong><br> Because at that point, the problem is likely systemic (e.g., a bad deployment, downstream dependency failure). Ejecting more instances would only make things worse. It's better to let all instances handle traffic and surface the real error.</p> </blockquote> <h2> Putting It All Together </h2> <p>Here's a production-ready <code>DestinationRule</code> combining both features:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">networking.istio.io/v1alpha3</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">DestinationRule</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">reviews-dr</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">host</span><span class="pi">:</span> <span class="s">reviews</span> <span class="na">trafficPolicy</span><span class="pi">:</span> <span class="na">connectionPool</span><span class="pi">:</span> <span class="na">tcp</span><span class="pi">:</span> <span class="na">maxConnections</span><span class="pi">:</span> <span class="m">100</span> <span class="na">connectTimeout</span><span class="pi">:</span> <span class="s">3s</span> <span class="na">http</span><span class="pi">:</span> <span class="na">http1MaxPendingRequests</span><span class="pi">:</span> <span class="m">100</span> <span class="na">http2MaxRequests</span><span class="pi">:</span> <span class="m">1000</span> <span class="na">maxRequestsPerConnection</span><span class="pi">:</span> <span class="m">10</span> <span class="na">outlierDetection</span><span class="pi">:</span> <span class="na">consecutiveErrors</span><span class="pi">:</span> <span class="m">5</span> <span class="na">interval</span><span class="pi">:</span> <span class="s">10s</span> <span class="na">baseEjectionTime</span><span class="pi">:</span> <span class="s">30s</span> <span class="na">maxEjectionPercent</span><span class="pi">:</span> <span class="m">10</span> <span class="na">minHealthPercent</span><span class="pi">:</span> <span class="m">50</span> </code></pre> </div> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Feature</th> <th>Config Field</th> <th>Mechanism</th> </tr> </thead> <tbody> <tr> <td><strong>Rate Limiting</strong></td> <td><code>connectionPool.tcp</code></td> <td>Limit TCP connections</td> </tr> <tr> <td><strong>Rate Limiting</strong></td> <td><code>connectionPool.http</code></td> <td>Limit concurrent HTTP requests</td> </tr> <tr> <td><strong>Circuit Breaking</strong></td> <td><code>outlierDetection.consecutiveErrors</code></td> <td>Eject on N consecutive errors</td> </tr> <tr> <td><strong>Safety Net</strong></td> <td><code>outlierDetection.maxEjectionPercent</code></td> <td>Cap max ejected instances</td> </tr> <tr> <td><strong>Safety Net</strong></td> <td><code>outlierDetection.minHealthPercent</code></td> <td>Disable CB when cluster is too unhealthy</td> </tr> </tbody> </table></div> <p>The beauty of Istio's approach: <strong>all of this happens at the proxy layer</strong>. Your application code doesn't need to implement Hystrix, Resilience4j, or any circuit breaker library. The infrastructure handles it.</p> <blockquote> <p>💻 Explore the full implementation:<br> <a href="https://github.com/muzinan123/servicemesh" rel="noopener noreferrer">github.com/muzinan123/servicemesh</a></p> <p>📖 Next in this series: Full Observability in Istio: Metrics + Distributed Tracing</p> </blockquote> devops kubernetes microservices networking James Lee Fri, 22 May 2026 10:14:51 +0000 https://dev.to/jamesli/istio-envoy-service-mesh-architecture-how-the-control-plane-and-data-plane-work-together-2nd6 https://dev.to/jamesli/istio-envoy-service-mesh-architecture-how-the-control-plane-and-data-plane-work-together-2nd6 <p>If you've worked with Istio, you've probably heard terms like "control plane," "data plane," "Pilot," and "Envoy sidecar." But how do they actually fit together? In this article, I'll walk through the full architecture — from how Pilot discovers services to how a client request is processed inside Envoy.</p> <h2> Part 1: How Pilot and Envoy Work Together </h2> <p>The Istio control plane component <strong>Pilot</strong> is responsible for bridging Kubernetes and Envoy. Here's the three-step flow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────────────────────────────────────────────────┐ │ API Server │ └──────────────────────┬──────────────────────────────┘ │ 1. Service discovery │ (Services + Endpoints via client-go Informer) │ 2. Fetch Istio CRDs │ (VirtualService, DestinationRule, etc.) ▼ ┌─────────────────────────────────────────────────────┐ │ Istio Pilot │ │ │ │ Convert: Endpoints + governance policies │ │ → Envoy-compatible xDS format │ └──────────────────────┬──────────────────────────────┘ │ 3. Push via xDS ▼ ┌─────────────────────────────────────────────────────┐ │ Envoy Sidecar │ │ (Listener → Route → Cluster → Endpoint) │ └─────────────────────────────────────────────────────┘ </code></pre> </div> <p><strong>Step 1 — Service Discovery:</strong><br> Pilot uses the <code>client-go</code> Informer to watch the Kubernetes API Server, collecting all <code>Service</code> and <code>Endpoints</code> resources across the cluster.</p> <p><strong>Step 2 — Policy Discovery:</strong><br> Pilot also watches for user-defined Istio CRD objects: <code>VirtualService</code>, <code>DestinationRule</code>, <code>Gateway</code>, etc. These define the traffic governance policies.</p> <p><strong>Step 3 — xDS Push:</strong><br> Pilot converts the combined service topology and governance policies into Envoy's native xDS format, then pushes the config to each Envoy sidecar via gRPC streaming.</p> <h2> Part 2: The Four Core Resources in Envoy </h2> <p>Once config is pushed to Envoy, how does a client request actually get processed? It flows through four core resource types:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Client Request │ ▼ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌────────────┐ │ Listener │────▶│ Route │────▶│ Cluster │──LB▶│ Endpoint │ │ (LDS) │ │ (RDS) │ │ (CDS) │ │ (EDS) │ └──────────┘ └──────────┘ └──────────┘ └────────────┘ │ │ L3/L4 Filters Upstream Service </code></pre> </div> <h3> 1. Listener (LDS) </h3> <p>A <strong>Listener</strong> is a port that Envoy opens to accept incoming connections. Multiple Listeners are fully isolated from each other. Beyond port binding, each Listener is configured with L3/L4 filters.</p> <blockquote> <p>Config is managed via <strong>LDS</strong> (Listener Discovery Service).</p> </blockquote> <h3> 2. Cluster (CDS + EDS) </h3> <p>A <strong>Cluster</strong> is the abstraction for an upstream service. Every upstream service maps to exactly one Cluster. Cluster config includes:</p> <ul> <li>Connection timeout</li> <li>Connection pool settings</li> <li>Load balancing policy</li> <li>Health check config</li> <li>Endpoint list</li> </ul> <blockquote> <p>Config is managed via <strong>CDS</strong> (Cluster Discovery Service) + <strong>EDS</strong> (Endpoint Discovery Service).</p> </blockquote> <h3> 3. Route (RDS) </h3> <p><strong>Route</strong> is the bridge between Listeners and Clusters:</p> <ul> <li>Listener receives the request</li> <li>Route decides <em>which Cluster</em> to forward it to</li> <li>Route also handles: Virtual Host definitions, HTTP header manipulation (add/remove/modify), timeout &amp; retry policies</li> </ul> <blockquote> <p>Config is managed via <strong>RDS</strong> (Route Discovery Service).</p> </blockquote> <h3> 4. Filter (Envoy Filter) </h3> <p>Filters are Envoy's <strong>plugin mechanism</strong> — they allow powerful extensions without modifying source code. There are three layers:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Filter Layer</th> <th>Scope</th> <th>Examples</th> </tr> </thead> <tbody> <tr> <td><strong>Listener Filter</strong></td> <td>Pre-routing, L3/L4</td> <td>TLS Inspector, HTTP Inspector, Original Destination</td> </tr> <tr> <td><strong>Network Filter</strong></td> <td>L3/L4 connection handling</td> <td>Dubbo proxy, Kafka filter, MySQL proxy, Redis proxy, HTTP Connection Manager</td> </tr> <tr> <td><strong>HTTP Filter</strong></td> <td>L7 HTTP traffic</td> <td>Route matching, Health check, Lua, CSRF, VHDS</td> </tr> </tbody> </table></div> <blockquote> <p><strong>Key insight:</strong> The <strong>HTTP Connection Manager (HCM)</strong> is itself a special Network Filter that manages all HTTP Filters. This layered design is what gives Envoy the ability to support virtually any protocol — and even perform protocol conversion.</p> </blockquote> <h2> Full Architecture: Putting It All Together </h2> <p>Here's how the complete picture looks — from API Server down to upstream services:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌──────────────────────────────────────────────────────────────────┐ │ API Server │ └────────────────────────────┬─────────────────────────────────────┘ │ Services, Endpoints, Istio CRDs ▼ ┌──────────────────────────────────────────────────────────────────┐ │ Istio Pilot │ │ ① Service discovery ② Fetch CRDs ③ Convert &amp; push xDS │ └────────────────────────────┬─────────────────────────────────────┘ │ xDS (gRPC streaming) ▼ ┌──────────────────────────────────────────────────────────────────┐ │ Envoy │ │ │ │ Listener0 ┐ Cluster0 ┐ Endpoint0 │ │ Listener1 ├──Route──────────▶Cluster1 ├──LB────▶Endpoint1 │ │ Listener2 ┘ Cluster2 ┘ Endpoint2 │ │ Endpoint3 │ │ │ │ [Listener Filter] → [Network Filter] → [HTTP Filter] │ └──────────────────────────────────────────────────────────────────┘ │ ▼ Upstream Application Services </code></pre> </div> <h2> Why This Architecture Matters </h2> <p>This design gives Istio several powerful properties:</p> <ol> <li> <strong>Zero-touch config updates</strong> — Envoy never needs to restart. All config changes are pushed via xDS streaming.</li> <li> <strong>Protocol agnostic</strong> — Through Network Filters, Envoy natively supports HTTP, gRPC, Dubbo, Kafka, MySQL, Redis, and more.</li> <li> <strong>Policy separation</strong> — Traffic governance rules (VirtualService, DestinationRule) live in the control plane. The data plane (Envoy) just executes them.</li> <li> <strong>Extensibility</strong> — Custom Envoy Filters allow teams to add any behavior (auth, rate limiting, tracing) without touching application code.</li> </ol> <h2> Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Component</th> <th>Role</th> </tr> </thead> <tbody> <tr> <td><strong>Pilot</strong></td> <td>Discovers services + policies, converts to xDS, pushes to Envoy</td> </tr> <tr> <td><strong>Envoy Listener</strong></td> <td>Accepts client connections on configured ports</td> </tr> <tr> <td><strong>Envoy Route</strong></td> <td>Decides which Cluster handles each request</td> </tr> <tr> <td><strong>Envoy Cluster</strong></td> <td>Abstracts upstream services with LB + health check</td> </tr> <tr> <td><strong>Envoy Endpoint</strong></td> <td>The actual upstream instance IP:port</td> </tr> <tr> <td><strong>Envoy Filter</strong></td> <td>Plugin mechanism for L4/L7 traffic manipulation</td> </tr> </tbody> </table></div> <p>Understanding this architecture is the foundation for everything else in Istio — circuit breaking, canary releases, observability. They all build on top of these primitives.</p> <blockquote> <p>💻 Explore the full implementation:<br> <a href="https://github.com/muzinan123/servicemesh" rel="noopener noreferrer">github.com/muzinan123/servicemesh</a></p> <p>📖 Next in this series: Traffic Management in Istio: Circuit Breaking &amp; Rate Limiting</p> </blockquote> architecture kubernetes microservices networking James Lee Fri, 22 May 2026 10:13:12 +0000 https://dev.to/jamesli/xds-protocol-deep-dive-the-universal-control-plane-api-behind-envoy-and-istio-2de9 https://dev.to/jamesli/xds-protocol-deep-dive-the-universal-control-plane-api-behind-envoy-and-istio-2de9 <p>When we talk about Istio or Envoy, we often hear terms like "dynamic configuration" and "control plane push." But what exactly is the underlying protocol that makes all of this work? The answer is <strong>xDS</strong>.</p> <p>In this article, I'll do a deep dive into the xDS protocol — what it is, how it works, and why it matters beyond just Service Mesh.</p> <h2> What is xDS? </h2> <p>xDS is a family of <strong>discovery service APIs</strong> that allow a data plane proxy (like Envoy) to dynamically fetch configuration from a management server — without any restart or file reload.</p> <p>The "x" in xDS is a wildcard. It covers:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>API</th> <th>Full Name</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><strong>LDS</strong></td> <td>Listener Discovery Service</td> <td>Dynamically manage listeners (ports)</td> </tr> <tr> <td><strong>RDS</strong></td> <td>Route Discovery Service</td> <td>Dynamically manage routing rules</td> </tr> <tr> <td><strong>CDS</strong></td> <td>Cluster Discovery Service</td> <td>Dynamically manage upstream clusters</td> </tr> <tr> <td><strong>EDS</strong></td> <td>Endpoint Discovery Service</td> <td>Dynamically manage cluster endpoints</td> </tr> <tr> <td><strong>SDS</strong></td> <td>Secret Discovery Service</td> <td>Dynamically manage TLS certificates</td> </tr> </tbody> </table></div> <blockquote> <p><strong>Key insight:</strong> xDS is not just for Service Mesh. gRPC also uses xDS for service discovery. It defines a universal, extensible control API for microservices — any configuration can be resolved through discovery.</p> </blockquote> <h2> The Four Core Resources in Envoy </h2> <p>Each xDS type corresponds to a specific resource type. The type is stored in the <code>TypeUrl</code> field of every <code>DiscoveryRequest</code> and <code>DiscoveryResponse</code>, in the format:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>type.googleapis.com/&lt;resource type&gt; </code></pre> </div> <p>For example: <code>type.googleapis.com/envoy.api.v2.Cluster</code> means this is a CDS (Cluster) resource.</p> <h3> 1. LDS — Listener Discovery Service </h3> <p>A Listener is a port that Envoy opens to accept incoming connections. It can be configured with L3/L4 filters.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"address"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"filter_chains"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"listener_filters"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"traffic_direction"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"access_log"</span><span class="p">:</span><span class="w"> </span><span class="p">[]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 2. RDS — Route Discovery Service </h3> <p>Routes act as the bridge between Listeners and Clusters. They define traffic distribution rules, virtual hosts, header manipulation, timeouts, and retries.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"virtual_hosts"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"response_headers_to_add"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"request_headers_to_add"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"validate_clusters"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 3. CDS — Cluster Discovery Service </h3> <p>A Cluster is an abstraction of an upstream service. It includes load balancing policy, health checks, circuit breaker config, and TLS settings.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"eds_cluster_config"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"lb_policy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"health_checks"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"circuit_breakers"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"outlier_detection"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 4. EDS — Endpoint Discovery Service </h3> <p>EDS is the actual service discovery layer. It returns the live endpoints (IP + port) for a given cluster.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"cluster_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"endpoints"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"policy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 5. SDS — Secret Discovery Service </h3> <p>SDS enables <strong>dynamic TLS certificate rotation</strong> without restarting Envoy. In early Istio versions, certificate updates required a hot restart — SDS eliminated that entirely.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"tls_certificate"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"validation_context"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{...}"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> How xDS Works: gRPC Streaming Subscription </h2> <p>Early xDS used REST/JSON polling. Starting from v2, it switched to <strong>gRPC bidirectional streaming</strong>, which provides:</p> <ul> <li>Lower latency for config updates</li> <li>Better performance under high churn</li> <li>Native support for ACK/NACK flow control</li> </ul> <h3> Request Flow for a Typical HTTP Route </h3> <p>The API request order follows the dependency chain:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>LDS → RDS → CDS → EDS </code></pre> </div> <ol> <li>Envoy fetches <strong>Listeners</strong> (LDS) to know which ports to open</li> <li>From the Listener config, it gets the <strong>Route</strong> name → fetches Routes (RDS)</li> <li>Routes reference <strong>Clusters</strong> → fetches Clusters (CDS)</li> <li>Clusters need live <strong>Endpoints</strong> → fetches Endpoints (EDS)</li> </ol> <h3> Full Subscription vs. Delta (Incremental) Subscription </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Mode</th> <th>Behavior</th> </tr> </thead> <tbody> <tr> <td><strong>Full (SotW)</strong></td> <td>Management server returns all subscribed resources on every update</td> </tr> <tr> <td><strong>Delta (Incremental)</strong></td> <td>Only changed resources are sent — much more efficient at scale</td> </tr> </tbody> </table></div> <h2> xDS Protocol Deep Dive </h2> <h3> Request Message Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version_info</span><span class="pi">:</span> <span class="s2">"</span><span class="s">"</span> <span class="c1"># empty = first request</span> <span class="na">node</span><span class="pi">:</span> <span class="na">id</span><span class="pi">:</span> <span class="s">envoy</span> <span class="c1"># unique node identifier (e.g. hostname)</span> <span class="na">resource_names</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">foo</span> <span class="pi">-</span> <span class="s">bar</span> <span class="na">type_url</span><span class="pi">:</span> <span class="s">type.googleapis.com/envoy.api.v2.ClusterLoadAssignment</span> <span class="na">response_nonce</span><span class="pi">:</span> <span class="s2">"</span><span class="s">"</span> <span class="c1"># empty = first request</span> </code></pre> </div> <p>Key fields:</p> <ul> <li> <strong><code>version_info</code></strong>: empty on first request; subsequent requests echo the server's version</li> <li> <strong><code>node.id</code></strong>: only required on the first message per stream</li> <li> <strong><code>resource_names</code></strong>: the specific resources being subscribed to</li> <li> <strong><code>response_nonce</code></strong>: used to correlate ACK/NACK with a specific server push</li> </ul> <h3> Response Message Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">version_info</span><span class="pi">:</span> <span class="s">X</span> <span class="na">resources</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">foo ClusterLoadAssignment proto encoding</span> <span class="pi">-</span> <span class="s">bar ClusterLoadAssignment proto encoding</span> <span class="na">type_url</span><span class="pi">:</span> <span class="s">type.googleapis.com/envoy.api.v2.ClusterLoadAssignment</span> <span class="na">nonce</span><span class="pi">:</span> <span class="s">A</span> </code></pre> </div> <h2> ACK and NACK </h2> <p>After receiving a push from the management server, Envoy responds with either:</p> <ul> <li>✅ <strong>ACK</strong>: Config applied successfully → sends back the <strong>new</strong> <code>version_info</code> </li> <li>❌ <strong>NACK</strong>: Config failed to apply → sends back the <strong>old</strong> <code>version_info</code> with an error detail</li> </ul> <p>This gives the control plane full visibility into whether each Envoy instance has successfully adopted a new config.</p> <h2> Resource Update &amp; The Nonce Problem </h2> <p>Here's where it gets interesting. Consider this scenario:</p> <ol> <li>Envoy subscribes to cluster <code>foo</code> (version X, nonce A)</li> <li>Management server pushes a new version Y (nonce B) because <code>foo</code>'s endpoints changed</li> <li> <strong>At the same time</strong>, Envoy wants to add a new subscription to cluster <code>bar</code> </li> </ol> <p>If Envoy sends a new <code>DiscoveryRequest</code> with <code>version_info=X</code> and <code>resource_names=[foo, bar]</code>, the management server might misinterpret this as a <strong>NACK for version Y</strong>.</p> <p><strong>Solution: Nonce</strong></p> <p>The nonce uniquely identifies each push. Envoy's new subscription request carries <code>nonce=A</code> (from its last ACK), while the version Y push has <code>nonce=B</code>. The management server can distinguish between them unambiguously.</p> <blockquote> <p><strong>Istio's pragmatic approach:</strong> Istio's control plane (Pilot) doesn't strictly follow the nonce/version_info spec. Instead, it checks whether the <code>resource_names</code> (Clusters list) has actually changed. If yes, it treats the request as a resource update rather than ACK/NACK. Simpler and easier to reason about.</p> </blockquote> <h2> Summary </h2> <p>xDS is the backbone of Envoy's dynamic configuration system. Understanding it is essential for anyone working with Istio, Envoy-based gateways, or building custom control planes.</p> <p>Key takeaways:</p> <ul> <li> <strong>LDS → RDS → CDS → EDS</strong> is the standard dependency chain</li> <li> <strong>gRPC streaming</strong> replaced REST polling for real-time, low-latency updates</li> <li> <strong>Nonce</strong> solves the ACK/NACK ambiguity problem in concurrent update scenarios</li> <li> <strong>SDS</strong> enables zero-downtime certificate rotation</li> <li>xDS is <strong>not Istio-specific</strong> — gRPC and other frameworks use it too</li> </ul> <blockquote> <p>💻 Explore the full Istio + Envoy implementation:<br> <a href="https://github.com/muzinan123/servicemesh" rel="noopener noreferrer">github.com/muzinan123/servicemesh</a></p> <p>📖 Next in this series: Istio &amp; Envoy Service Mesh Architecture</p> </blockquote> api distributedsystems microservices networking James Lee Tue, 19 May 2026 10:10:38 +0000 https://dev.to/jamesli/client-go-deep-dive-operator-in-practice-building-a-canary-release-controller-1pia https://dev.to/jamesli/client-go-deep-dive-operator-in-practice-building-a-canary-release-controller-1pia <p>In the previous article we defined the Canary CRD. Now we build the <strong>Operator</strong>: the controller that watches Canary resources and drives the actual release process. This is the final article in the series — everything we've covered comes together here.</p> <h2> 1. What Is an Operator? </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Operator = CRD (schema) + Controller (reconciliation logic) ┌──────────────────────────────────────────────────────┐ │ Kubernetes Controller Manager │ │ manages built-in controllers: │ │ DeploymentController, ReplicaSetController, ... │ └──────────────────────────────────────────────────────┘ + ┌──────────────────────────────────────────────────────┐ │ Your Operator │ │ = CRD (Canary) + CanaryController │ │ encodes domain knowledge: │ │ "how to safely roll out a new version in batches" │ └──────────────────────────────────────────────────────┘ </code></pre> </div> <blockquote> <p><strong>Operator = a Kubernetes extension that solves domain-specific problems the platform itself doesn't know how to solve.</strong></p> </blockquote> <h2> 2. Project Structure </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>canary-controller/ ├── main.go ← controller entrypoint ├── go.mod ├── manifests/ │ └── crd-canary.yaml ← CRD definition (Part 8) └── pkg/ ├── apis/ │ └── canarycontroller/ │ ├── register.go ← GroupName constant │ └── v1alpha1/ │ ├── doc.go ← code-gen annotations │ ├── types.go ← Canary/CanarySpec/CanaryStatus │ └── register.go ← register types with runtime.Scheme ├── controllers/ │ └── canary_controller.go ← all reconciliation logic ├── generated/ ← auto-generated by code-generator │ ├── clientset/ ← typed Canary clientset │ ├── informers/ ← typed Canary informer │ └── listers/ ← typed Canary lister └── signals/ ← OS signal handling (SIGTERM/SIGINT) </code></pre> </div> <h2> 3. Generating the Typed Client Code </h2> <p>The built-in <code>kubernetes.Clientset</code> only supports built-in resources. For your CRD, you need a generated typed client:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/kubernetes/code-generator <span class="nv">$GOPATH</span>/src/k8s.io/code-generator <span class="nb">cd</span> <span class="nv">$GOPATH</span>/src/k8s.io/code-generator <span class="o">&amp;&amp;</span> ./generate-groups.sh all <span class="se">\</span> canary-controller/pkg/client <span class="se">\ </span> ← output canary-controller/pkg/apis <span class="se">\ </span> ← input: your types canarycontroller:v1alpha1 </code></pre> </div> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Generated output</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><code>zz_generated.deepcopy.go</code></td> <td> <code>DeepCopy()</code> for all types</td> </tr> <tr> <td><code>generated/clientset/</code></td> <td> <code>CanarycontrollerV1alpha1().Canaries(ns)</code> — typed CRUD</td> </tr> <tr> <td><code>generated/informers/</code></td> <td>Typed <code>CanaryInformer</code> with <code>Lister()</code> and <code>HasSynced()</code> </td> </tr> <tr> <td><code>generated/listers/</code></td> <td> <code>CanaryLister</code> — fast local cache queries</td> </tr> </tbody> </table></div> <h2> 4. Controller Struct &amp; Wiring </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Controller</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">kubeclientset</span> <span class="n">kubernetes</span><span class="o">.</span><span class="n">Interface</span> <span class="c">// for built-in resources (Deployment)</span> <span class="n">canaryclientset</span> <span class="n">clientset</span><span class="o">.</span><span class="n">Interface</span> <span class="c">// for Canary resources (generated)</span> <span class="n">deploymentsLister</span> <span class="n">appslisters</span><span class="o">.</span><span class="n">DeploymentLister</span> <span class="n">deploymentsSynced</span> <span class="n">cache</span><span class="o">.</span><span class="n">InformerSynced</span> <span class="n">canariesLister</span> <span class="n">listers</span><span class="o">.</span><span class="n">CanaryLister</span> <span class="n">canariesSynced</span> <span class="n">cache</span><span class="o">.</span><span class="n">InformerSynced</span> <span class="n">workqueue</span> <span class="n">workqueue</span><span class="o">.</span><span class="n">RateLimitingInterface</span> <span class="n">recorder</span> <span class="n">record</span><span class="o">.</span><span class="n">EventRecorder</span> <span class="p">}</span> </code></pre> </div> <p>In <code>NewController</code>, two event subscriptions are registered:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>① Canary Add/Update → enqueueCanary() → workqueue.Add(key) Direct: user changed Canary spec → reconcile immediately ② Deployment Add/Update/Delete → handleObject() → find owning Canary by name prefix → enqueueCanary() Indirect: managed Deployment changed state → re-check Canary </code></pre> </div> <h2> 5. Run → Worker → syncHandler </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>controller.Run(threadiness=2, stopCh) │ ├── cache.WaitForCacheSync() ← block until Indexer ready │ └── 2× goroutine: runWorker() └── processNextWorkItem() ├── workqueue.Get(key) ├── syncHandler(key) │ ├── OK → workqueue.Forget(key) │ └── ERR → workqueue.AddRateLimited(key) ← backoff retry └── workqueue.Done(key) </code></pre> </div> <p><code>syncHandler</code> is the reconciliation core — it reads the Canary spec and routes to the correct release strategy:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">c</span> <span class="o">*</span><span class="n">Controller</span><span class="p">)</span> <span class="n">syncHandler</span><span class="p">(</span><span class="n">key</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="c">// ① Fetch from local cache — no API Server call</span> <span class="n">canary</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">c</span><span class="o">.</span><span class="n">canariesLister</span><span class="o">.</span><span class="n">Canaries</span><span class="p">(</span><span class="n">namespace</span><span class="p">)</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="c">// ② Route to release strategy</span> <span class="k">switch</span> <span class="n">canary</span><span class="o">.</span><span class="n">Spec</span><span class="o">.</span><span class="n">Info</span><span class="p">[</span><span class="s">"type"</span><span class="p">]</span> <span class="p">{</span> <span class="k">case</span> <span class="s">"NormalDeploy"</span><span class="o">:</span> <span class="n">c</span><span class="o">.</span><span class="n">normalDeploy</span><span class="p">(</span><span class="o">...</span><span class="p">)</span> <span class="k">case</span> <span class="s">"CanaryDeploy"</span><span class="o">:</span> <span class="n">c</span><span class="o">.</span><span class="n">firstCanaryDeploy</span><span class="p">(</span><span class="o">...</span><span class="p">)</span> <span class="n">or</span> <span class="n">c</span><span class="o">.</span><span class="n">notFirstCanaryDeploy</span><span class="p">(</span><span class="o">...</span><span class="p">)</span> <span class="k">case</span> <span class="s">"CanaryRollback"</span><span class="o">:</span> <span class="n">c</span><span class="o">.</span><span class="n">canaryRollback</span><span class="p">(</span><span class="o">...</span><span class="p">)</span> <span class="p">}</span> <span class="c">// ③ Update status + emit Event</span> <span class="n">c</span><span class="o">.</span><span class="n">updateCanaryStatus</span><span class="p">(</span><span class="n">canary</span><span class="p">,</span> <span class="n">deployment</span><span class="p">)</span> <span class="n">c</span><span class="o">.</span><span class="n">recorder</span><span class="o">.</span><span class="n">Event</span><span class="p">(</span><span class="n">canary</span><span class="p">,</span> <span class="n">corev1</span><span class="o">.</span><span class="n">EventTypeNormal</span><span class="p">,</span> <span class="n">SuccessSynced</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> 6. The Three Release Strategies </h2> <h3> NormalDeploy — Rolling Update </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Deployment exists? ├── No → Create └── Yes → image / replicas / CPU / memory drifted? → Update </code></pre> </div> <p>Standard Kubernetes rolling update. No batching, no pause. The controller simply ensures the Deployment matches what's declared in the Canary spec.</p> <h3> CanaryDeploy — Batched Release </h3> <p>Splits the rollout into N batches. <strong>Batch 1 always pauses</strong> for human approval; subsequent batches auto-advance (when <code>pauseType=First</code>).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Example: 4 replicas, 2 batches, pauseType=First Start: [v1][v1][v1][v1] old=4, new=0 Batch 1: [v2][v1][v1][v1] old=3, new=1 │ └── PAUSE — wait for: kubectl patch canary ... currentBatch=2 Batch 2: [v2][v2][v2][v2] old=0, new=4 → old Deployment deleted ✅ </code></pre> </div> <p><strong>Replica calculation per batch:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>everyAddReplicas = round(totalReplicas / totalBatches) batch N target replicas = 1 + (N-1) × everyAddReplicas final batch = totalReplicas (full rollout) old replicas = totalReplicas - new.AvailableReplicas </code></pre> </div> <p>The controller continuously reconciles both Deployments — if anything drifts (pod crash, manual edit), the next reconcile loop corrects it automatically.</p> <h3> CanaryRollback — Reverse the Canary </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Rollback type? ├── NormalDeploy rollback: │ old.Name == new.Name → just update image back, no second Deployment │ └── CanaryDeploy rollback: Restore old version replicas while draining new version new.AvailableReplicas → 0 → delete new Deployment ✅ </code></pre> </div> <h2> 7. Status Reporting: updateCanaryStatus </h2> <p>After every reconcile, the controller updates the Canary's <code>status</code> subresource to reflect real-time progress:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>CanaryDeploy: batch N running → status.info["batchNStatus"] = "Ing" batch N complete → status.info["batchNStatus"] = "Finished" availableReplicas updated on every loop CanaryRollback: old Deployment still exists → status.info["rollbackStatus"] = "Ing" old Deployment deleted → status.info["rollbackStatus"] = "Finished" NormalDeploy: no status update needed </code></pre> </div> <blockquote> <p><strong>Always <code>DeepCopy()</code> before mutating</strong> — the object from Lister is a read-only reference to the Indexer cache. Modifying it directly corrupts the local cache.<br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">canaryCopy</span> <span class="o">:=</span> <span class="n">canary</span><span class="o">.</span><span class="n">DeepCopy</span><span class="p">()</span> <span class="c">// ✅ safe to mutate</span> <span class="n">canaryCopy</span><span class="o">.</span><span class="n">Status</span><span class="o">.</span><span class="n">Info</span><span class="p">[</span><span class="o">...</span><span class="p">]</span> <span class="o">=</span> <span class="s">"Finished"</span> <span class="n">c</span><span class="o">.</span><span class="n">canaryclientset</span><span class="o">.</span><span class="n">CanarycontrollerV1alpha1</span><span class="p">()</span><span class="o">.</span> <span class="n">Canaries</span><span class="p">(</span><span class="n">ns</span><span class="p">)</span><span class="o">.</span><span class="n">UpdateStatus</span><span class="p">(</span><span class="n">canaryCopy</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> </code></pre> </div> <h2> 8. Complete Execution Flow </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">main</span><span class="o">.</span><span class="k">go</span> <span class="err">└──</span> <span class="n">NewController</span><span class="p">(</span><span class="n">kubeclientset</span><span class="p">,</span> <span class="n">canaryclientset</span><span class="p">,</span> <span class="n">deployInformer</span><span class="p">,</span> <span class="n">canaryInformer</span><span class="p">)</span> <span class="err">├──</span> <span class="n">AddEventHandler</span><span class="p">(</span><span class="n">Canary</span><span class="p">)</span> <span class="err">→</span> <span class="n">enqueueCanary</span> <span class="err">└──</span> <span class="n">AddEventHandler</span><span class="p">(</span><span class="n">Deployment</span><span class="p">)</span> <span class="err">→</span> <span class="n">handleObject</span> <span class="err">→</span> <span class="n">enqueueCanary</span> <span class="n">factory</span><span class="o">.</span><span class="n">Start</span><span class="p">(</span><span class="n">stopCh</span><span class="p">)</span> <span class="err">→</span> <span class="n">Reflector</span> <span class="n">List</span><span class="o">/</span><span class="n">Watch</span> <span class="p">(</span><span class="n">Deployment</span> <span class="o">+</span> <span class="n">Canary</span><span class="p">)</span> <span class="n">cache</span><span class="o">.</span><span class="n">WaitForCacheSync</span><span class="p">(</span><span class="o">...</span><span class="p">)</span> <span class="err">→</span> <span class="n">wait</span> <span class="k">for</span> <span class="n">Indexer</span> <span class="n">fully</span> <span class="n">populated</span> <span class="n">controller</span><span class="o">.</span><span class="n">Run</span><span class="p">(</span><span class="m">2</span><span class="p">,</span> <span class="n">stopCh</span><span class="p">)</span> <span class="err">└──</span> <span class="n">syncHandler</span><span class="p">(</span><span class="s">"tech-prod/go-hello-canary"</span><span class="p">)</span> <span class="err">│</span> <span class="err">├──</span> <span class="n">canariesLister</span><span class="o">.</span><span class="n">Get</span><span class="p">()</span> <span class="err">←</span> <span class="n">Indexer</span> <span class="p">(</span><span class="n">no</span> <span class="n">API</span> <span class="n">call</span><span class="p">)</span> <span class="err">├──</span> <span class="k">switch</span> <span class="k">type</span><span class="o">:</span> <span class="err">│</span> <span class="n">NormalDeploy</span> <span class="err">→</span> <span class="n">Create</span> <span class="n">or</span> <span class="n">Update</span> <span class="n">Deployment</span> <span class="err">│</span> <span class="n">CanaryDeploy</span> <span class="err">→</span> <span class="n">Batch</span> <span class="m">1</span><span class="o">:</span> <span class="nb">new</span><span class="o">=</span><span class="m">1</span><span class="p">,</span> <span class="n">old</span><span class="o">=</span><span class="n">N</span><span class="o">-</span><span class="m">1</span><span class="p">,</span> <span class="n">PAUSE</span> <span class="err">│</span> <span class="n">Batch</span> <span class="n">N</span><span class="o">:</span> <span class="nb">new</span><span class="o">=</span><span class="n">total</span><span class="p">,</span> <span class="n">old</span><span class="o">=</span><span class="m">0</span><span class="p">,</span> <span class="n">DELETE</span> <span class="n">old</span> <span class="err">│</span> <span class="n">CanaryRollback</span> <span class="err">→</span> <span class="n">drain</span> <span class="nb">new</span><span class="p">,</span> <span class="n">restore</span> <span class="n">old</span> <span class="err">│</span> <span class="err">├──</span> <span class="n">updateCanaryStatus</span><span class="p">()</span> <span class="err">←</span> <span class="n">PATCH</span> <span class="o">/</span><span class="n">status</span> <span class="err">└──</span> <span class="n">recorder</span><span class="o">.</span><span class="n">Event</span><span class="p">(</span><span class="n">SuccessSynced</span><span class="p">)</span> </code></pre> </div> <h2> 9. Key Design Principles </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Principle</th> <th>How</th> </tr> </thead> <tbody> <tr> <td><strong>Never mutate cache objects</strong></td> <td>Always <code>DeepCopy()</code> before modifying</td> </tr> <tr> <td><strong>Read cache, write API</strong></td> <td> <code>Lister.Get()</code> for reads; <code>clientset.Update()</code> for writes</td> </tr> <tr> <td><strong>Idempotent reconciliation</strong></td> <td>Every loop checks actual vs desired — safe to re-run</td> </tr> <tr> <td><strong>Ownership</strong></td> <td> <code>OwnerReferences</code> ensures Deployments are GC'd with their Canary</td> </tr> <tr> <td><strong>Error → retry</strong></td> <td> <code>workqueue.AddRateLimited(key)</code> — exponential backoff on failure</td> </tr> </tbody> </table></div> <h2> Series Complete 🎉 </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>#</th> <th>Article</th> <th>Key concept</th> </tr> </thead> <tbody> <tr> <td>1</td> <td>Informer</td> <td>List/Watch, SharedInformerFactory</td> </tr> <tr> <td>2</td> <td>Reflector</td> <td>ListerWatcher, ListAndWatch, ResourceVersion</td> </tr> <tr> <td>3</td> <td>DeltaFIFO</td> <td>queue+items, produce/consume, HandleDeltas</td> </tr> <tr> <td>4</td> <td>Indexer</td> <td>ThreadSafeMap, IndexFunc, ByIndex</td> </tr> <tr> <td>5</td> <td>WorkQueue</td> <td>Deduplication, Exponential Backoff, Token Bucket</td> </tr> <tr> <td>6</td> <td>EventBroadcaster</td> <td>Event resource, Recorder, Sink</td> </tr> <tr> <td>7</td> <td>Controller (internal)</td> <td>Run, processLoop, WaitForCacheSync</td> </tr> <tr> <td>8</td> <td>CRD</td> <td>Schema, Go types, spec/status contract</td> </tr> <tr> <td>9</td> <td><strong>Operator in Practice</strong></td> <td><strong>Full canary release controller end-to-end</strong></td> </tr> </tbody> </table></div> <p><em>Thank you for following the series. If you found it useful, share it with your team!</em></p> <p>📦 Source Code: <a href="https://github.com/muzinan123/operator" rel="noopener noreferrer">github.com/muzinan123/operator</a></p> devops go kubernetes tutorial