DEV Community: Renaldi The latest articles on DEV Community by Renaldi (@rengond). https://dev.to/rengond https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1152783%2F3f1b3ae1-987c-4daf-ac65-9d70e45a36aa.jpg DEV Community: Renaldi https://dev.to/rengond en Cost-Aware Serverless Architecture Reviews: A Practical Framework Renaldi Sun, 12 Apr 2026 23:00:00 +0000 https://dev.to/aws-builders/cost-aware-serverless-architecture-reviews-a-practical-framework-5agl https://dev.to/aws-builders/cost-aware-serverless-architecture-reviews-a-practical-framework-5agl <p>Cost optimization in serverless is often discussed as a pricing exercise. In practice, I have found it is much more effective when treated as an <strong>architecture review discipline</strong>.</p> <p>That is the lens I use in this post.</p> <p>This is a practical framework I use to review serverless systems for cost efficiency <strong>without weakening reliability, operability, or delivery speed</strong>. It is designed for engineers, architects, and technical leads who want to go beyond “reduce Lambda memory” and make better design decisions across services.</p> <p>I will focus on AWS serverless building blocks and the tradeoffs between:</p> <ul> <li><strong>AWS Lambda</strong></li> <li><strong>AWS Step Functions</strong></li> <li><strong>Amazon EventBridge Pipes</strong></li> <li> <strong>Direct service integrations</strong> (for example, Step Functions SDK/service integrations)</li> <li>Supporting services like <strong>SQS, EventBridge, CloudWatch Logs, DynamoDB, and S3</strong> </li> </ul> <p>I will cover:</p> <ul> <li>Cost hotspots in serverless (invocations, state transitions, logs, data transfer)</li> <li>Architecture changes that reduce cost without harming reliability</li> <li>Tradeoffs: Lambda vs Pipes vs service integrations vs Step Functions</li> <li>Workload profiling and right-sizing patterns</li> <li>End-to-end walkthrough and implementation discussion</li> <li>Architecture and code examples you can adapt</li> </ul> <h2> Why this topic stands out </h2> <p>I like this topic because it is senior-level but immediately useful.</p> <p>Almost every serverless system starts cost-efficient, then gradually accumulates “cost drag” as features are added:</p> <ul> <li>Extra orchestration steps</li> <li>Helper Lambdas that only transform payloads</li> <li>Verbose logging left on in production</li> <li>Duplicate event fan-out and reprocessing</li> <li>Cross-AZ / cross-region / internet egress paths that nobody revisits</li> <li>Overbuilt retries and polling loops</li> </ul> <p>None of these are necessarily “wrong.” In many cases they are the fastest way to ship.</p> <p>But once traffic grows, it becomes worth doing a structured review.</p> <p>The goal is not to squeeze every cent out of the system. The goal is to <strong>spend intentionally</strong>, with a clear understanding of where cost comes from and what reliability/maintainability benefits we are buying with that spend.</p> <h2> What I mean by a cost-aware serverless architecture review </h2> <p>A cost-aware review is a design review that asks four questions for each path in the workload:</p> <ol> <li> <p><strong>What is the unit of work?</strong></p> <ul> <li>One event, one request, one file, one state transition, one batch, one customer action</li> </ul> </li> <li> <p><strong>What services does that unit of work touch?</strong></p> <ul> <li>Lambda, Step Functions, EventBridge, SQS, DynamoDB, logs, storage, network paths</li> </ul> </li> <li> <p><strong>Which of those touches scales linearly with traffic, and which scales with payload size, duration, or retries?</strong></p> <ul> <li>This is where the real hotspots show up</li> </ul> </li> <li> <p><strong>Can I reduce cost by changing the architecture instead of only tuning a single service?</strong></p> <ul> <li>Example: removing three “glue Lambdas” with native integrations</li> </ul> </li> </ol> <p>That last question is the most important one.</p> <h2> Framework Overview </h2> <p>This is the practical framework I use in reviews:</p> <h3> Phase 1: Profile the workload </h3> <p>Understand <strong>traffic shape</strong> and <strong>execution shape</strong>:</p> <ul> <li>request rate, concurrency, burstiness</li> <li>payload sizes</li> <li>durations</li> <li>retries</li> <li>fan-out counts</li> <li>error rates</li> <li>cold-start sensitivity</li> <li>async vs sync paths</li> </ul> <h3> Phase 2: Map the cost path </h3> <p>Trace the cost of one unit of work across services:</p> <ul> <li>invocations</li> <li>transitions</li> <li>messages</li> <li>logs ingested/stored</li> <li>storage reads/writes</li> <li>data transfer</li> <li>optional downstream analytics/monitoring copies</li> </ul> <h3> Phase 3: Identify hotspots </h3> <p>Rank cost drivers by:</p> <ul> <li>total monthly impact</li> <li>growth rate with scale</li> <li>ease of remediation</li> <li>risk of change</li> </ul> <h3> Phase 4: Apply architecture changes </h3> <p>Prefer changes that:</p> <ul> <li>remove unnecessary compute hops</li> <li>reduce chatty orchestration</li> <li>batch operations safely</li> <li>right-size compute from measured data</li> <li>preserve observability and failure isolation</li> </ul> <h3> Phase 5: Re-measure </h3> <p>I treat cost optimization as an engineering loop:</p> <ul> <li>baseline</li> <li>change</li> <li>compare</li> <li>document tradeoffs</li> <li>repeat</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F29621dle73xl2tqxdq9f.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F29621dle73xl2tqxdq9f.png" alt=" " width="800" height="430"></a></p> <h2> End-to-End Walkthrough </h2> <p>To make this concrete, I will walk through a realistic example I often see:</p> <h3> Example workload: Event-driven order processing pipeline </h3> <p>A retail platform emits an <code>OrderCreated</code> event. The serverless pipeline:</p> <ol> <li>Validates the payload</li> <li>Enriches customer metadata</li> <li>Writes the order to DynamoDB</li> <li>Sends a fulfillment request to an internal API</li> <li>Publishes notifications</li> <li>Updates operational dashboards</li> <li>Triggers async follow-up workflows</li> </ol> <h3> Baseline architecture (common version) </h3> <p>A common initial design looks like this:</p> <ul> <li>EventBridge rule receives <code>OrderCreated</code> </li> <li>Step Functions orchestrates the flow</li> <li>Multiple Lambda functions perform: <ul> <li>input validation</li> <li>JSON transformation</li> <li>service API calls</li> <li>retries / status polling</li> <li>notification dispatch</li> </ul> </li> <li>Every function logs full payloads</li> <li>Step Functions uses many small states to represent each transformation</li> <li>Synchronous calls are used where async could work</li> <li>Duplicate events are emitted for multiple downstream consumers</li> </ul> <p>This is usually functional and maintainable, but over time I see four cost hotspots appear.</p> <h2> Cost hotspots in serverless (what I look for first) </h2> <h2> 1) Invocation-driven hotspots (Lambda, messaging, API calls) </h2> <p>This is the most obvious one, but not always where the biggest savings are.</p> <p>I look for:</p> <ul> <li>High-frequency helper Lambdas that do only simple mapping/filtering</li> <li>Repeated invocations caused by retries at multiple layers (client, service, workflow)</li> <li>Tiny per-item processing when batching is safe</li> <li>Polling loops implemented in Lambda instead of orchestration or event callbacks</li> </ul> <h3> Common anti-pattern </h3> <p>A Lambda is invoked just to:</p> <ul> <li>rename fields</li> <li>add a constant</li> <li>route based on one attribute</li> <li>pass the payload to another service</li> </ul> <p>In many cases this can be replaced with:</p> <ul> <li>EventBridge input transformation</li> <li>EventBridge Pipes filtering/enrichment</li> <li>Step Functions <code>Parameters</code> / <code>ResultSelector</code> </li> <li>Step Functions direct service integrations</li> </ul> <p>That removes both compute cost and operational surface area.</p> <h2> 2) State transition hotspots (Step Functions) </h2> <p>I see this frequently in mature systems.</p> <p>Step Functions is excellent, but cost can grow when workflows become overly chatty:</p> <ul> <li>One state per trivial transformation</li> <li>Frequent polling loops with short waits</li> <li>Repetitive branching for small decisions</li> <li>Using Standard workflows for high-volume, very short paths without reviewing fit</li> <li>Nested workflows for steps that could be in one integration</li> </ul> <h3> What I optimize carefully </h3> <p>I do <strong>not</strong> optimize by blindly collapsing everything into one Lambda. That usually hurts observability and retry control.</p> <p>Instead, I look for:</p> <ul> <li>eliminating trivial pass/transform states</li> <li>replacing glue Lambdas with direct integrations</li> <li>increasing polling intervals or switching to callback/event-driven completions</li> <li>splitting hot short-lived paths from long-running orchestration</li> </ul> <h2> 3) Logging hotspots (CloudWatch Logs) </h2> <p>This one is often underestimated because logging is “cheap enough” until scale increases.</p> <p>Cost growth comes from:</p> <ul> <li>Logging full request/response payloads for every invocation</li> <li>Debug-level logs enabled permanently</li> <li>Duplicate logs across Lambda, workflow, and application layers</li> <li>Large structured objects written multiple times</li> <li>High-cardinality logs that are rarely queried</li> </ul> <h3> Practical rule I use </h3> <p>I keep logs <strong>useful and minimal</strong> in production:</p> <ul> <li>log identifiers, not entire payloads</li> <li>sample verbose payload logs</li> <li>gate debug logs by environment/feature flag</li> <li>separate audit records from debug logs</li> <li>set explicit retention periods</li> </ul> <p>In serverless, “just logging more” can become a real cost driver.</p> <h2> 4) Data transfer hotspots (often missed in reviews) </h2> <p>Data transfer is easy to miss because the architecture diagram looks “serverless,” but network paths still matter.</p> <p>I review:</p> <ul> <li>Cross-region calls between Lambda and downstream services</li> <li>Internet egress to SaaS APIs</li> <li>Repeated large payload movement between services</li> <li>Download/re-upload patterns (for example, pulling S3 objects through Lambda when direct processing is possible)</li> <li>VPC-attached Lambda traffic patterns if applicable (including NAT-related patterns)</li> <li>Sending oversized event payloads when a pointer (S3 key/object reference) would work</li> </ul> <h3> Pattern I prefer </h3> <p>Move <strong>references</strong> more often than <strong>full payloads</strong>:</p> <ul> <li>Put large content in S3</li> <li>Pass object keys / IDs in events</li> <li>Fetch only where necessary</li> <li>Trim event payloads to fields required for the next step</li> </ul> <p>This reduces both transfer and execution overhead.</p> <h1> A Practical Review Framework I Use in Real Projects </h1> <p>Below is the review structure I use during architecture reviews. It is intentionally simple so teams can repeat it.</p> <h2> Step 1: Define the unit economics </h2> <p>I start with a unit of work, for example:</p> <ul> <li>“One <code>OrderCreated</code> event processed successfully”</li> <li>“One failed event retried and sent to DLQ”</li> <li>“One batch of 100 events processed”</li> </ul> <p>Then I estimate or measure the service touches for that unit.</p> <h3> Example (baseline, illustrative) </h3> <p>For one order:</p> <ul> <li>EventBridge ingress: 1 event</li> <li>Step Functions states: 22 transitions</li> <li>Lambda invocations: 8</li> <li>DynamoDB writes: 2</li> <li>CloudWatch log lines: ~120</li> <li>One external API call</li> <li>One notification event</li> <li>Occasional retries on fulfillment call</li> </ul> <p>The exact numbers vary, but this gives me a concrete path to improve.</p> <h2> Step 2: Build a cost-path table (without overcomplicating it) </h2> <p>I do not start with exact pricing spreadsheets. I start with a ranked table:</p> <ul> <li> <strong>Driver</strong> (Lambda, Step Functions, logs, transfer, etc.)</li> <li> <strong>Scaling factor</strong> (requests, duration, payload size, retries)</li> <li><strong>Observed value</strong></li> <li><strong>Risk/benefit if changed</strong></li> <li><strong>Optimization candidate</strong></li> </ul> <p>This quickly identifies which optimizations are architectural vs micro-tuning.</p> <h2> Step 3: Profile the workload (shape matters more than averages) </h2> <p>Averages hide the truth in serverless systems.</p> <p>I profile:</p> <ul> <li><strong>p50/p95/p99 duration</strong></li> <li><strong>payload size distribution</strong></li> <li><strong>retry rate by dependency</strong></li> <li><strong>burst concurrency</strong></li> <li><strong>fan-out ratio</strong></li> <li> <strong>failure modes</strong> (timeouts, throttles, validation errors)</li> <li> <strong>cold-start frequency</strong> (only when relevant to SLOs)</li> </ul> <h3> Why this matters </h3> <p>A system with the same monthly volume can have very different costs if:</p> <ul> <li>one workload is smooth and small-payload</li> <li>the other is spiky, retry-heavy, and large-payload</li> </ul> <p>Architecture decisions should follow the shape, not just total count.</p> <h2> Step 4: Apply architecture changes in this order </h2> <p>This is the sequence I use because it usually yields high value with lower risk:</p> <ol> <li><strong>Remove unnecessary service hops</strong></li> <li><strong>Replace glue compute with native integrations</strong></li> <li><strong>Batch where safe</strong></li> <li><strong>Right-size Lambda from measured duration/memory</strong></li> <li><strong>Tune logs and retention</strong></li> <li><strong>Revisit orchestration granularity</strong></li> <li><strong>Optimize transfer/payload strategy</strong></li> <li><strong>Only then consider deeper redesigns</strong></li> </ol> <h1> Architecture Changes That Reduce Cost Without Harming Reliability </h1> <p>Here are the changes I most commonly recommend, with the tradeoffs explained.</p> <h2> 1) Replace glue Lambdas with service integrations </h2> <h3> Before </h3> <p>A Lambda receives a payload and only:</p> <ul> <li>transforms JSON</li> <li>calls DynamoDB / SQS / EventBridge</li> <li>returns a small result</li> </ul> <h3> After </h3> <p>Use:</p> <ul> <li>Step Functions AWS SDK/service integrations</li> <li>EventBridge input transformers</li> <li>EventBridge Pipes filter/enrichment steps (where appropriate)</li> </ul> <h3> Why this helps </h3> <ul> <li>Removes invocation and duration cost</li> <li>Reduces operational burden (fewer deployments, alarms, IAM roles)</li> <li>Improves determinism for simple operations</li> </ul> <h3> Reliability note </h3> <p>This can <strong>improve</strong> reliability because fewer components means fewer failure points. The key is preserving observability and explicit error handling.</p> <h2> 2) Use Pipes for simple event movement and filtering </h2> <p>EventBridge Pipes is a strong fit when the path is mostly:</p> <ul> <li>source -&gt; filter -&gt; optional transform/enrichment -&gt; target</li> </ul> <h3> Good fit examples </h3> <ul> <li>SQS -&gt; target Lambda (with filtering)</li> <li>DynamoDB stream -&gt; EventBridge bus</li> <li>Kinesis -&gt; SQS</li> <li>SQS -&gt; Step Functions (selective forwarding)</li> </ul> <h3> When I do not force Pipes </h3> <p>If the workflow needs:</p> <ul> <li>complex branching</li> <li>human approvals</li> <li>multi-step retries with business semantics</li> <li>long waits</li> <li>compensation logic</li> </ul> <p>then Step Functions is usually the better fit, even if the raw “per event movement” cost might not be the lowest.</p> <h2> 3) Reduce Step Functions chatty orchestration </h2> <h3> What I change </h3> <ul> <li>Collapse trivial transform-only states</li> <li>Use <code>Parameters</code>, <code>ResultSelector</code>, and JSONPath/JSONata features instead of helper Lambdas</li> <li>Shift from polling to callback/event completion where feasible</li> <li>Split short high-volume flows from long-running exception flows</li> </ul> <h3> What I keep </h3> <ul> <li>Distinct states for failure boundaries</li> <li>States that need targeted retries/catches</li> <li>Business-visible milestones (auditability)</li> <li>Human review / approval checkpoints</li> </ul> <p>The goal is not “fewer states at any cost.” The goal is <strong>intentional state design</strong>.</p> <h2> 4) Batch small units where the business semantics allow it </h2> <p>Batching can reduce cost significantly across:</p> <ul> <li>Lambda invocations</li> <li>downstream API calls</li> <li>logs</li> <li>orchestration overhead</li> </ul> <h3> Examples </h3> <ul> <li>Process 10 records per Lambda invocation instead of 1</li> <li>Aggregate notifications</li> <li>Batch writes to DynamoDB when access patterns permit</li> <li>Buffer events briefly for downstream efficiency</li> </ul> <h3> Caution </h3> <p>Batching changes failure semantics. I only use it when I can answer:</p> <ul> <li>What happens if item 7 of 10 fails?</li> <li>Do I need partial success reporting?</li> <li>Can the downstream system handle duplicates on retries?</li> </ul> <p>Reliability comes first. Cost savings that break recovery are not real savings.</p> <h2> 5) Right-size Lambda with measured data, not guesswork </h2> <p>Right-sizing is more than memory reduction. Since Lambda allocates CPU proportionally to memory, a lower-memory function can become slower and more expensive overall.</p> <h3> What I measure </h3> <ul> <li>p50/p95 duration</li> <li>memory usage</li> <li>init duration (where relevant)</li> <li>timeout headroom</li> <li>downstream latency contribution</li> <li>retry behavior after timeouts/throttles</li> </ul> <h3> What I look for </h3> <ul> <li>Functions with high duration and low memory usage (often downstream-bound)</li> <li>Functions with CPU-bound work that benefit from more memory</li> <li>Functions with large package sizes causing slower init</li> <li>Functions using <code>/tmp</code> heavily (may benefit from memory/storage review)</li> </ul> <p>I optimize for <strong>cost per successful unit of work</strong>, not cost per invocation in isolation.</p> <h2> 6) Tune logging intentionally (not minimally) </h2> <p>I do not recommend “turn off logs.” I recommend <strong>structured, useful, cost-conscious logging</strong>.</p> <p>Practical changes:</p> <ul> <li>Move full payload dumps behind a sampled debug flag</li> <li>Log IDs and metrics by default</li> <li>Use explicit log retention (for example, shorter for noisy operational logs)</li> <li>Avoid duplicate payload logging at every layer</li> <li>Emit metrics for counts/latency instead of reconstructing them from logs</li> </ul> <p>This usually reduces cost while improving signal-to-noise.</p> <h2> 7) Pass references, not large payloads </h2> <p>Instead of pushing large documents or objects through multiple services:</p> <ul> <li>Store payloads in S3</li> <li>Pass a pointer in the event/workflow</li> <li>Fetch on demand</li> </ul> <p>Benefits:</p> <ul> <li>lower transfer volume</li> <li>smaller event payloads</li> <li>faster orchestration payload handling</li> <li>cleaner replayability</li> </ul> <p>This pattern is especially helpful in document, media, and analytics workflows.</p> <h1> Tradeoffs: Lambda vs Pipes vs Service Integrations vs Step Functions </h1> <p>This is the part teams usually want summarized, so here is the practical version I use in reviews.</p> <h2> Lambda is best when: </h2> <ul> <li>I need custom code/business logic</li> <li>I need third-party SDKs or protocols</li> <li>I need non-trivial validation/transformation</li> <li>I need specialized retry behavior inside the function</li> <li>I need to encapsulate logic reused across multiple flows</li> </ul> <h2> Lambda is overkill when: </h2> <ul> <li>I am only mapping fields</li> <li>I am just forwarding to another AWS service</li> <li>I can use native service integration safely and clearly</li> </ul> <h2> EventBridge Pipes is best when: </h2> <ul> <li>The path is primarily source-to-target movement</li> <li>I need filtering and simple enrichment</li> <li>I want low operational overhead for plumbing</li> <li>I want to avoid writing a “routing Lambda”</li> </ul> <h2> Pipes is not the best fit when: </h2> <ul> <li>I need complex multi-step orchestration</li> <li>I need long waits or human callbacks</li> <li>I need rich compensation logic across steps</li> </ul> <h2> Step Functions is best when: </h2> <ul> <li>I need explicit orchestration and auditability</li> <li>I need retries/catches at step boundaries</li> <li>I need long-running workflows</li> <li>I need human-in-the-loop or callback patterns</li> <li>I need clear operational visualization for a business process</li> </ul> <h2> Step Functions can become costly when: </h2> <ul> <li>I model every trivial transform as a state</li> <li>I use frequent polling instead of event-driven completion</li> <li>I keep hot paths in Standard without reviewing alternatives</li> <li>I use nested workflows where direct integrations would do</li> </ul> <h2> Direct service integrations are best when: </h2> <ul> <li>The step is simple and deterministic</li> <li>I can express the call declaratively</li> <li>I want fewer moving parts</li> <li>I want to remove glue code and reduce operational burden</li> </ul> <h2> Direct integrations may be a poor fit when: </h2> <ul> <li>I need complex custom serialization/validation</li> <li>I need cross-service custom logic not represented well declaratively</li> <li>The readability of the workflow would suffer too much</li> </ul> <h1> End-to-End Optimization Walkthrough (Baseline -&gt; Improved) </h1> <p>Now I will apply the framework to the example order pipeline.</p> <h2> Baseline (illustrative) </h2> <ul> <li>8 Lambda invocations per order</li> <li>22 Step Functions transitions</li> <li>verbose logs in every function</li> <li>large payload passed between multiple steps</li> <li>polling Lambda for fulfillment status</li> <li>duplicate notification paths</li> </ul> <h2> Review findings </h2> <p>Top cost hotspots:</p> <ol> <li> <strong>Step Functions state transitions</strong> from chatty orchestration</li> <li> <strong>Lambda invocations</strong> for glue transforms and simple service calls</li> <li> <strong>CloudWatch Logs ingestion</strong> due to payload dumps</li> <li> <strong>Data transfer/execution overhead</strong> from oversized payloads</li> <li> <strong>Retries</strong> multiplying costs during downstream API flakiness</li> </ol> <h2> Improved architecture (same reliability goals) </h2> <h3> Changes I make </h3> <ol> <li>Replace 3 glue Lambdas with: <ul> <li>Step Functions <code>Parameters</code> / <code>ResultSelector</code> </li> <li>direct DynamoDB/EventBridge integrations</li> </ul> </li> <li>Replace one routing Lambda with <strong>EventBridge Pipes</strong> </li> <li>Move large enrichment blobs to S3 and pass object references</li> <li>Replace polling Lambda loop with callback/event-driven completion</li> <li>Keep Step Functions states at clear failure boundaries only</li> <li>Reduce default log verbosity and set retention explicitly</li> <li>Batch non-critical notifications</li> </ol> <h3> What I do <strong>not</strong> change </h3> <ul> <li>Idempotency controls</li> <li>DLQs and retry policies</li> <li>Key audit checkpoints</li> <li>Alarms and traces for critical dependencies</li> </ul> <p>This is important. I want lower cost <strong>without</strong> creating an opaque, fragile pipeline.</p> <h2> Architecture pattern (review-ready version) </h2> <p>The optimized pattern I recommend for many teams looks like this:</p> <ul> <li> <strong>Ingress:</strong> EventBridge</li> <li> <strong>Plumbing/filtering:</strong> EventBridge Pipes (where simple)</li> <li> <strong>Orchestration:</strong> Step Functions for business process + callbacks</li> <li> <strong>Compute:</strong> Lambda only for genuine custom logic</li> <li> <strong>Storage:</strong> S3 for large payloads, DynamoDB for metadata/state</li> <li> <strong>Observability:</strong> metrics first, targeted logs, traces on critical paths</li> </ul> <p>This is cost-aware because each service is doing the kind of work it is best suited for.</p> <h1> Implementation Discussion </h1> <p>Below are code examples that demonstrate how I apply the framework in practice.</p> <h2> 1) Step Functions workflow using service integrations instead of glue Lambdas (ASL fragment) </h2> <p>This fragment shows a flow that:</p> <ul> <li>validates and prepares payload once</li> <li>writes to DynamoDB via a direct integration</li> <li>emits an event via EventBridge integration</li> <li>keeps Lambda only for actual custom logic </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Cost-aware serverless orchestration example"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ValidateAndEnrich"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ValidateAndEnrich"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${ValidateAndEnrichFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PutOrderMetadata"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Retry"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Lambda.ServiceException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Lambda.TooManyRequestsException"</span><span class="p">],</span><span class="w"> </span><span class="nl">"IntervalSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"BackoffRate"</span><span class="p">:</span><span class="w"> </span><span class="mf">2.0</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxAttempts"</span><span class="p">:</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PutOrderMetadata"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::aws-sdk:dynamodb:putItem"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"TableName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${OrdersTable}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Item"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"pk"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"States.Format('ORDER#{}', $.orderId)"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"sk"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S"</span><span class="p">:</span><span class="w"> </span><span class="s2">"META"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S"</span><span class="p">:</span><span class="w"> </span><span class="s2">"RECEIVED"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"customerId"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.customerId"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"payloadRef"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.payloadRef.s3Uri"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.timestamps.receivedAt"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ConditionExpression"</span><span class="p">:</span><span class="w"> </span><span class="s2">"attribute_not_exists(pk)"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishOrderReceived"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishOrderReceived"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::events:putEvents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Entries"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"com.example.orders"</span><span class="p">,</span><span class="w"> </span><span class="nl">"DetailType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"order.received"</span><span class="p">,</span><span class="w"> </span><span class="nl">"EventBusName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${EventBusName}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Detail"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"orderId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.orderId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"customerId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.customerId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"payloadRef.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.payloadRef"</span><span class="p">,</span><span class="w"> </span><span class="nl">"correlationId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.correlationId"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"WaitForFulfillmentCallback"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"WaitForFulfillmentCallback"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke.waitForTaskToken"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${CreateFulfillmentRequestFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"taskToken.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Task.Token"</span><span class="p">,</span><span class="w"> </span><span class="nl">"orderId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.orderId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"payloadRef.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.payloadRef"</span><span class="p">,</span><span class="w"> </span><span class="nl">"correlationId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.correlationId"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"TimeoutSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">900</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.fulfillment"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FinalizeOrder"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"FinalizeOrder"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::aws-sdk:dynamodb:updateItem"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"TableName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${OrdersTable}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"pk"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"States.Format('ORDER#{}', $.orderId)"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"sk"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S"</span><span class="p">:</span><span class="w"> </span><span class="s2">"META"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"UpdateExpression"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SET #s = :s, fulfillmentId = :f, fulfilledAt = :t"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ExpressionAttributeNames"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"#s"</span><span class="p">:</span><span class="w"> </span><span class="s2">"status"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ExpressionAttributeValues"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">":s"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FULFILLED"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">":f"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.fulfillment.fulfillmentId"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">":t"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.fulfillment.completedAt"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Why this is cost-aware </h3> <ul> <li>I removed two common glue Lambdas (<code>put item</code>, <code>publish event</code>)</li> <li>I use callback instead of chatty polling</li> <li>I keep orchestration only where it adds reliability/visibility</li> </ul> <h2> 2) EventBridge Pipes (CDK TypeScript) for low-overhead routing/filtering </h2> <p>This example shows a common “plumbing” path I do not want to solve with a custom Lambda.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">pipes</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-pipes</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">iam</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-iam</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">pipeRole</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">iam</span><span class="p">.</span><span class="nc">Role</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">OrdersPipeRole</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">assumedBy</span><span class="p">:</span> <span class="k">new</span> <span class="nx">iam</span><span class="p">.</span><span class="nc">ServicePrincipal</span><span class="p">(</span><span class="dl">'</span><span class="s1">pipes.amazonaws.com</span><span class="dl">'</span><span class="p">),</span> <span class="p">});</span> <span class="nx">pipeRole</span><span class="p">.</span><span class="nf">addToPolicy</span><span class="p">(</span><span class="k">new</span> <span class="nx">iam</span><span class="p">.</span><span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">sqs:ReceiveMessage</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">sqs:DeleteMessage</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">sqs:GetQueueAttributes</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">sqs:ChangeMessageVisibility</span><span class="dl">'</span><span class="p">,</span> <span class="p">],</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="nx">ordersQueue</span><span class="p">.</span><span class="nx">queueArn</span><span class="p">],</span> <span class="p">}));</span> <span class="nx">pipeRole</span><span class="p">.</span><span class="nf">addToPolicy</span><span class="p">(</span><span class="k">new</span> <span class="nx">iam</span><span class="p">.</span><span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">states:StartExecution</span><span class="dl">'</span><span class="p">],</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="nx">orderWorkflow</span><span class="p">.</span><span class="nx">stateMachineArn</span><span class="p">],</span> <span class="p">}));</span> <span class="k">new</span> <span class="nx">pipes</span><span class="p">.</span><span class="nc">CfnPipe</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">FilteredOrdersPipe</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">roleArn</span><span class="p">:</span> <span class="nx">pipeRole</span><span class="p">.</span><span class="nx">roleArn</span><span class="p">,</span> <span class="na">source</span><span class="p">:</span> <span class="nx">ordersQueue</span><span class="p">.</span><span class="nx">queueArn</span><span class="p">,</span> <span class="na">target</span><span class="p">:</span> <span class="nx">orderWorkflow</span><span class="p">.</span><span class="nx">stateMachineArn</span><span class="p">,</span> <span class="na">sourceParameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">sqsQueueParameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">batchSize</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="na">maximumBatchingWindowInSeconds</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="p">},</span> <span class="na">filterCriteria</span><span class="p">:</span> <span class="p">{</span> <span class="na">filters</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">pattern</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">eventType</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">OrderCreated</span><span class="dl">'</span><span class="p">],</span> <span class="na">priority</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">standard</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">],</span> <span class="p">},</span> <span class="p">}),</span> <span class="p">},</span> <span class="p">],</span> <span class="p">},</span> <span class="p">},</span> <span class="na">targetParameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">stepFunctionStateMachineParameters</span><span class="p">:</span> <span class="p">{</span> <span class="na">invocationType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">FIRE_AND_FORGET</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">inputTemplate</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">orderId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">&lt;$.body.orderId&gt;</span><span class="dl">'</span><span class="p">,</span> <span class="na">customerId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">&lt;$.body.customerId&gt;</span><span class="dl">'</span><span class="p">,</span> <span class="na">priority</span><span class="p">:</span> <span class="dl">'</span><span class="s1">&lt;$.body.priority&gt;</span><span class="dl">'</span><span class="p">,</span> <span class="na">payloadRef</span><span class="p">:</span> <span class="p">{</span> <span class="na">s3Uri</span><span class="p">:</span> <span class="dl">'</span><span class="s1">&lt;$.body.payloadRef.s3Uri&gt;</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">correlationId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">&lt;$.body.correlationId&gt;</span><span class="dl">'</span><span class="p">,</span> <span class="p">}),</span> <span class="p">},</span> <span class="p">});</span> </code></pre> </div> <h3> Why this is cost-aware </h3> <ul> <li>No routing Lambda to maintain</li> <li>Built-in filtering avoids unnecessary workflow starts</li> <li>Batching reduces per-message overhead while preserving throughput</li> </ul> <h2> 3) Lambda right-sizing profiling helper (Python) </h2> <p>I use a simple embedded metric approach to log what matters for right-sizing reviews. This is not a full observability solution, but it is enough to drive architecture decisions.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">time</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timezone</span> <span class="k">def</span> <span class="nf">emit_emf</span><span class="p">(</span><span class="n">namespace</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">metrics</span><span class="p">:</span> <span class="nb">dict</span><span class="p">,</span> <span class="n">dimensions</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="n">emf</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">_aws</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">Timestamp</span><span class="sh">"</span><span class="p">:</span> <span class="nf">int</span><span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">time</span><span class="p">()</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">),</span> <span class="sh">"</span><span class="s">CloudWatchMetrics</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="sh">"</span><span class="s">Namespace</span><span class="sh">"</span><span class="p">:</span> <span class="n">namespace</span><span class="p">,</span> <span class="sh">"</span><span class="s">Dimensions</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="nf">list</span><span class="p">(</span><span class="n">dimensions</span><span class="p">.</span><span class="nf">keys</span><span class="p">())],</span> <span class="sh">"</span><span class="s">Metrics</span><span class="sh">"</span><span class="p">:</span> <span class="p">[{</span><span class="sh">"</span><span class="s">Name</span><span class="sh">"</span><span class="p">:</span> <span class="n">k</span><span class="p">,</span> <span class="sh">"</span><span class="s">Unit</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">None</span><span class="sh">"</span><span class="p">}</span> <span class="k">for</span> <span class="n">k</span> <span class="ow">in</span> <span class="n">metrics</span><span class="p">.</span><span class="nf">keys</span><span class="p">()],</span> <span class="p">}</span> <span class="p">],</span> <span class="p">},</span> <span class="o">**</span><span class="n">dimensions</span><span class="p">,</span> <span class="o">**</span><span class="n">metrics</span><span class="p">,</span> <span class="p">}</span> <span class="nf">print</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">emf</span><span class="p">))</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">start</span> <span class="o">=</span> <span class="n">time</span><span class="p">.</span><span class="nf">perf_counter</span><span class="p">()</span> <span class="n">payload_size_bytes</span> <span class="o">=</span> <span class="nf">len</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">event</span><span class="p">).</span><span class="nf">encode</span><span class="p">(</span><span class="sh">"</span><span class="s">utf-8</span><span class="sh">"</span><span class="p">))</span> <span class="c1"># ... custom logic here ... </span> <span class="c1"># Keep this function for genuine business logic, not simple routing </span> <span class="n">duration_ms</span> <span class="o">=</span> <span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">perf_counter</span><span class="p">()</span> <span class="o">-</span> <span class="n">start</span><span class="p">)</span> <span class="o">*</span> <span class="mi">1000</span> <span class="n">configured_memory_mb</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">AWS_LAMBDA_FUNCTION_MEMORY_SIZE</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">128</span><span class="sh">"</span><span class="p">))</span> <span class="nf">emit_emf</span><span class="p">(</span> <span class="n">namespace</span><span class="o">=</span><span class="sh">"</span><span class="s">ServerlessReview</span><span class="sh">"</span><span class="p">,</span> <span class="n">dimensions</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">FunctionName</span><span class="sh">"</span><span class="p">:</span> <span class="n">context</span><span class="p">.</span><span class="n">function_name</span><span class="p">,</span> <span class="sh">"</span><span class="s">Environment</span><span class="sh">"</span><span class="p">:</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">STAGE</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">prod</span><span class="sh">"</span><span class="p">),</span> <span class="p">},</span> <span class="n">metrics</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">DurationMs</span><span class="sh">"</span><span class="p">:</span> <span class="nf">round</span><span class="p">(</span><span class="n">duration_ms</span><span class="p">,</span> <span class="mi">2</span><span class="p">),</span> <span class="sh">"</span><span class="s">PayloadSizeBytes</span><span class="sh">"</span><span class="p">:</span> <span class="n">payload_size_bytes</span><span class="p">,</span> <span class="sh">"</span><span class="s">ConfiguredMemoryMB</span><span class="sh">"</span><span class="p">:</span> <span class="n">configured_memory_mb</span><span class="p">,</span> <span class="p">},</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">ok</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">processedAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">).</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}</span> </code></pre> </div> <h3> How I use this data in reviews </h3> <p>I compare:</p> <ul> <li>duration by memory setting</li> <li>duration by payload size bucket</li> <li>timeout proximity</li> <li>retry rates correlated with duration</li> </ul> <p>Then I decide whether to:</p> <ul> <li>increase memory (reduce duration and total cost)</li> <li>decrease memory (if clearly overprovisioned)</li> <li>batch inputs</li> <li>move logic out of Lambda entirely</li> </ul> <h2> 4) Production-safe logging pattern (Python) </h2> <p>This pattern reduces log cost without sacrificing debuggability.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">random</span> <span class="n">LOG_LEVEL</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">LOG_LEVEL</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">INFO</span><span class="sh">"</span><span class="p">).</span><span class="nf">upper</span><span class="p">()</span> <span class="n">DEBUG_SAMPLE_RATE</span> <span class="o">=</span> <span class="nf">float</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">DEBUG_SAMPLE_RATE</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">0.01</span><span class="sh">"</span><span class="p">))</span> <span class="c1"># 1% default </span> <span class="k">def</span> <span class="nf">should_log_debug_payload</span><span class="p">()</span> <span class="o">-&gt;</span> <span class="nb">bool</span><span class="p">:</span> <span class="k">if</span> <span class="n">LOG_LEVEL</span> <span class="o">==</span> <span class="sh">"</span><span class="s">DEBUG</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="bp">True</span> <span class="k">return</span> <span class="n">random</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">&lt;</span> <span class="n">DEBUG_SAMPLE_RATE</span> <span class="k">def</span> <span class="nf">log_info</span><span class="p">(</span><span class="n">message</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span> <span class="nf">print</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">level</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">INFO</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="n">message</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">}))</span> <span class="k">def</span> <span class="nf">log_debug</span><span class="p">(</span><span class="n">message</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span> <span class="k">if</span> <span class="n">LOG_LEVEL</span> <span class="o">==</span> <span class="sh">"</span><span class="s">DEBUG</span><span class="sh">"</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">level</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">DEBUG</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="n">message</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">}))</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">correlation_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">correlationId</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">unknown</span><span class="sh">"</span><span class="p">)</span> <span class="n">order_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">unknown</span><span class="sh">"</span><span class="p">)</span> <span class="nf">log_info</span><span class="p">(</span> <span class="sh">"</span><span class="s">processing_order</span><span class="sh">"</span><span class="p">,</span> <span class="n">correlationId</span><span class="o">=</span><span class="n">correlation_id</span><span class="p">,</span> <span class="n">orderId</span><span class="o">=</span><span class="n">order_id</span> <span class="p">)</span> <span class="k">if</span> <span class="nf">should_log_debug_payload</span><span class="p">():</span> <span class="nf">print</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">level</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">DEBUG_SAMPLED</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">event_payload_sample</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">correlationId</span><span class="sh">"</span><span class="p">:</span> <span class="n">correlation_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">:</span> <span class="n">order_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">payload</span><span class="sh">"</span><span class="p">:</span> <span class="n">event</span> <span class="p">}))</span> <span class="c1"># ... business logic ... </span> <span class="nf">log_info</span><span class="p">(</span> <span class="sh">"</span><span class="s">order_processed</span><span class="sh">"</span><span class="p">,</span> <span class="n">correlationId</span><span class="o">=</span><span class="n">correlation_id</span><span class="p">,</span> <span class="n">orderId</span><span class="o">=</span><span class="n">order_id</span><span class="p">,</span> <span class="n">status</span><span class="o">=</span><span class="sh">"</span><span class="s">success</span><span class="sh">"</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">ok</span><span class="sh">"</span><span class="p">}</span> </code></pre> </div> <h3> Why I like this pattern </h3> <ul> <li>Production logs stay useful and cheaper</li> <li>I still have sampled payload visibility for troubleshooting</li> <li>It works well with structured log queries and metrics extraction</li> </ul> <h1> Workload Profiling and Right-Sizing Patterns </h1> <p>This is the part that makes the review credible. I do not want architecture recommendations based on intuition alone.</p> <h2> 1) Profile by workload class, not just service </h2> <p>I segment workloads into classes, for example:</p> <ul> <li><strong>Latency-sensitive sync API path</strong></li> <li><strong>Async event processing path</strong></li> <li><strong>Burst batch path</strong></li> <li><strong>Low-frequency admin path</strong></li> </ul> <p>Each class has different priorities and cost levers.</p> <p>Example:</p> <ul> <li>Sync API path may justify higher Lambda memory for lower latency</li> <li>Async batch path may prioritize batching and reduced transitions</li> <li>Admin path may not be worth heavy optimization effort</li> </ul> <h2> 2) Build a “cost to reliability” tradeoff table </h2> <p>For each proposed change, I document:</p> <ul> <li><strong>Change</strong></li> <li><strong>Expected cost impact</strong></li> <li><strong>Reliability impact</strong></li> <li><strong>Operability impact</strong></li> <li><strong>Rollback plan</strong></li> <li><strong>Measurement plan</strong></li> </ul> <p>This keeps reviews grounded and avoids “optimize everything” behavior.</p> <h3> Example entries </h3> <ul> <li>Replace routing Lambda with Pipe -&gt; lower cost, lower ops burden, neutral reliability, easy rollback</li> <li>Collapse 5 workflow states into 2 -&gt; moderate cost savings, possible loss of debug granularity, test carefully</li> <li>Batch writes by 25 -&gt; potentially high savings, changes failure semantics, requires idempotency validation</li> </ul> <h2> 3) Right-size from p95 and timeout headroom, not p50 alone </h2> <p>A function that looks fine at p50 may:</p> <ul> <li>time out at p99</li> <li>retry frequently during bursts</li> <li>create downstream contention that increases total cost</li> </ul> <p>I tune using:</p> <ul> <li>p95/p99 duration</li> <li>timeout headroom</li> <li>retry counts</li> <li>dependency latency distribution</li> </ul> <p>This avoids false savings that increase retries and operational incidents.</p> <h2> 4) Profile payload size and serialization overhead </h2> <p>In event-driven systems, large payloads can create hidden costs:</p> <ul> <li>more transfer</li> <li>longer execution time</li> <li>larger logs</li> <li>larger Step Functions state payloads</li> <li>more memory pressure in Lambda</li> </ul> <p>I explicitly bucket payload sizes and look for outliers.</p> <p>A common improvement is:</p> <ul> <li>move large optional fields to S3</li> <li>pass references</li> <li>fetch lazily only in the steps that need them</li> </ul> <h2> 5) Profile retries as a cost multiplier </h2> <p>Retries are often the hidden multiplier in “unexpected” serverless cost growth.</p> <p>I measure:</p> <ul> <li>retry rate per dependency</li> <li>retry amplification across layers (SDK retry + Lambda retry + workflow retry)</li> <li>cost of failed attempts vs successful attempts</li> <li>DLQ rate and replay volume</li> </ul> <p>Then I redesign retry placement:</p> <ul> <li>retry at the layer with the best context</li> <li>avoid stacking retries unnecessarily</li> <li>use backoff and circuit-breaking patterns where appropriate</li> </ul> <p>This improves both cost and stability.</p> <h1> Review Checklist I Actually Use </h1> <p>Here is the short version of the checklist I use in architecture reviews.</p> <h2> Hotspots </h2> <ul> <li>[ ] Which cost components scale with request count?</li> <li>[ ] Which scale with duration, payload size, retries, or fan-out?</li> <li>[ ] Where are we logging too much?</li> <li>[ ] Where are we moving data unnecessarily?</li> </ul> <h2> Architecture fit </h2> <ul> <li>[ ] Is Lambda only used where custom logic is truly needed?</li> <li>[ ] Can any glue Lambda be replaced with Pipes or direct integration?</li> <li>[ ] Is Step Functions state granularity intentional?</li> <li>[ ] Are polling loops justified, or can callbacks/events replace them?</li> </ul> <h2> Profiling </h2> <ul> <li>[ ] Do we have p95/p99 duration data?</li> <li>[ ] Do we know payload size distribution?</li> <li>[ ] Do we know retry rate by dependency?</li> <li>[ ] Do we know burst concurrency patterns?</li> </ul> <h2> Reliability guardrails </h2> <ul> <li>[ ] Will the optimization change failure semantics?</li> <li>[ ] Is idempotency preserved?</li> <li>[ ] Are DLQ/replay paths intact?</li> <li>[ ] Is observability still sufficient?</li> </ul> <h2> Rollout </h2> <ul> <li>[ ] Can we canary or phase the change?</li> <li>[ ] Do we have before/after metrics defined?</li> <li>[ ] Do we have a rollback path?</li> </ul> <h1> Common Mistakes in Cost Reviews </h1> <p>I see these often, so I call them out explicitly.</p> <h2> Mistake 1: Only tuning Lambda memory </h2> <p>Useful, but incomplete. The biggest cost issue may be:</p> <ul> <li>Step Functions transitions</li> <li>logs</li> <li>retries</li> <li>data movement</li> <li>unnecessary service hops</li> </ul> <h2> Mistake 2: Replacing orchestration with one “mega Lambda” </h2> <p>This can reduce one visible cost but create:</p> <ul> <li>worse reliability</li> <li>harder retries</li> <li>worse observability</li> <li>slower delivery velocity</li> </ul> <h2> Mistake 3: Optimizing by averages </h2> <p>p50 hides burst pain and retry amplification.</p> <h2> Mistake 4: Ignoring developer productivity </h2> <p>A design that is slightly cheaper but much harder to maintain may cost more overall.</p> <h2> Mistake 5: Removing logs indiscriminately </h2> <p>The right answer is better logging design, not blind log suppression.</p> <h1> Closing Thoughts </h1> <p>A strong cost-aware serverless review is not about chasing the cheapest architecture on paper. It is about making architecture choices that fit the workload, preserve reliability, and keep operating costs proportional to business value.</p> <p>The framework I use is simple:</p> <ul> <li><strong>Profile the workload</strong></li> <li><strong>Map the cost path</strong></li> <li><strong>Find hotspots</strong></li> <li><strong>Apply architecture changes first</strong></li> <li><strong>Right-size from measurements</strong></li> <li><strong>Re-measure and document tradeoffs</strong></li> </ul> <p>If I am reviewing a production serverless system, I want the outcome to be more than a list of tips. I want a clear plan that the team can implement safely, measure, and iterate on.</p> <p>That is what makes the review practical.</p> <h1> References </h1> <p>(Consolidated at the end per request)</p> <ul> <li>AWS Lambda pricing, performance tuning guidance, and memory/CPU behavior documentation</li> <li>AWS Step Functions pricing and workflow design guidance (Standard vs Express)</li> <li>AWS Step Functions service integrations and callback/task token patterns</li> <li>Amazon EventBridge and EventBridge Pipes documentation (filtering, enrichment, targets)</li> <li>Amazon SQS retry, DLQ, and batching guidance</li> <li>Amazon DynamoDB write/read patterns and idempotency design guidance</li> <li>Amazon CloudWatch Logs pricing, retention, and observability best practices</li> <li>AWS Well-Architected Framework (Cost Optimization and Reliability pillars)</li> <li>Serverless Lens and workload-specific architecture review guidance</li> </ul> webdev aws architecture cloud My Study Guide for the Microsoft Certified SQL AI Developer Associate Beta Exam Renaldi Fri, 10 Apr 2026 23:00:00 +0000 https://dev.to/rengond/my-study-guide-for-the-microsoft-certified-sql-ai-developer-associate-beta-exam-447o https://dev.to/rengond/my-study-guide-for-the-microsoft-certified-sql-ai-developer-associate-beta-exam-447o <p>I put this guide together for people who want something more useful than a recycled checklist. When a certification is still in beta, the most valuable preparation is not memorizing fragments. It is understanding how Microsoft is defining the role, what real skills sit underneath the blueprint, and how those skills connect to actual work. For this exam, that means designing and developing AI enabled database solutions across Microsoft SQL Server, Azure SQL, and SQL database in Microsoft Fabric, while also being comfortable with T-SQL, CI/CD, security, performance, and modern AI integration patterns.</p> <p>What makes this beta especially interesting to me is that it does not treat the database as a passive storage layer. The role itself is framed around building AI enabled database solutions. That is a very different mindset from traditional database development. It means the exam is really about whether you can treat the database as an active part of an intelligent application architecture rather than just the place where rows happen to live.</p> <h2> Why this exam needs a different kind of preparation </h2> <p>Beta exams are different from mature exams in a very practical way. The public prep ecosystem is usually thinner, the patterns are less familiar, and the most useful clue is often the study guide itself. That matters here because the official certification page says the practice assessment is not currently available while the exam is in beta, and beta exams are not scored immediately. In other words, this is not the kind of exam where you can rely on a polished prep routine and coast through it.</p> <p>My approach would be simple. Study this as a role, not as a quiz. If you approach it like a collection of disconnected SQL facts, you will miss what makes it valuable. If you approach it like a role centered on application design, database engineering, delivery discipline, and AI capability, the blueprint starts to make a lot more sense.</p> <h2> Who this guide is for </h2> <p>This guide is for you if you already know basic T SQL and database development, but you want a more structured way to prepare for a beta that blends modern SQL engineering with AI features. It is especially useful if any of these feel true for you.</p> <ul> <li>You are comfortable with databases but less comfortable with AI features in SQL platforms</li> <li>You know SQL development but want a clearer CI CD and deployment mindset</li> <li>You are strong in Azure SQL or SQL Server but have not yet thought deeply about how AI changes database design choices</li> <li>You want a study plan that is grounded in the official exam scope without being dry and mechanical</li> </ul> <p>If you are already experienced in SQL development, application data design, and delivery automation, this exam should feel relevant. If your experience is mostly limited to writing ad hoc queries, you will likely need to spend more time on lifecycle thinking, deployment practices, and AI integration patterns.</p> <h2> What the exam is really testing </h2> <p>The current study guide breaks the exam into three major skill areas.</p> <ul> <li>Design and develop database solutions with a weight of 35 to 40 percent</li> <li>Secure, optimize, and deploy database solutions with a weight of 35 to 40 percent</li> <li>Implement AI capabilities in database solutions with a weight of 25 to 30 percent</li> </ul> <p>That distribution tells you a lot. This is not an AI first exam that only lightly touches databases. It is still a database developer exam at its core. The AI section matters, but it sits on top of strong expectations around schema design, query logic, programmability, security, deployment, and performance engineering.</p> <p>That is why I would prepare for this in layers.</p> <p>First, make sure your database engineering fundamentals are genuinely strong.</p> <p>Second, make sure you can think about database delivery as code, not just as changes made manually in a tool.</p> <p>Third, add the AI layer on top so that you can reason clearly about vector search, embeddings, RAG style scenarios, and model integration without losing your grounding in database design.</p> <h2> My study philosophy for this beta </h2> <p>My rule for this exam would be to study every objective from four angles.</p> <ul> <li>What the feature does</li> <li>Why a team would choose it in a real application</li> <li>What tradeoffs it introduces</li> <li>What can go wrong in production</li> </ul> <p>That last point is where a lot of real understanding lives. Many candidates can explain what a feature is. Fewer can explain when it is a good choice, when it is a risky choice, or how it changes operational behavior after deployment. This exam feels much more valuable when you prepare for that deeper level.</p> <h2> Domain one </h2> <h2> Design and develop database solutions </h2> <p>This domain carries the heaviest weight and sets the foundation for everything else. The study guide includes database objects, specialized tables, JSON columns and indexes, constraints, sequences, stored procedures, functions, triggers, views, transactions, query logic, window functions, common table expressions, error handling, and support for semi structured data.</p> <h3> What this domain really means </h3> <p>This domain is about whether you can design a database that supports application behavior cleanly, predictably, and at scale. It is not just about knowing syntax. It is about choosing the right structures and patterns so the data model works for real workloads.</p> <p>The more I look at this blueprint, the more I think this section rewards engineers who can connect schema design with application behavior. A table definition is not just a table definition. It affects performance, maintainability, integrity, and how easy it is to add AI driven features later.</p> <h3> What I would make sure I can do </h3> <ul> <li>Design tables with sensible keys, data types, defaults, and constraints</li> <li>Explain when specialized table types such as temporal, graph, ledger, in memory, or external tables make sense</li> <li>Work confidently with JSON data and know how it affects design and querying</li> <li>Write solid stored procedures, functions, and views without relying on fragile shortcuts</li> <li>Use transactions intentionally and know when isolation and consistency matter most</li> <li>Read complex query logic without getting lost when joins, window functions, and common table expressions are involved</li> <li>Think of schema design as application design, not just as data storage</li> </ul> <h3> Hands on tasks I would actually practice </h3> <ul> <li>Create a small schema from scratch for a realistic application and justify each table and constraint</li> <li>Add JSON based attributes to one part of the design and compare the tradeoffs against full normalization</li> <li>Write queries that use window functions for ranking, running totals, and partitioned logic</li> <li>Build a stored procedure that includes error handling and transaction control</li> <li>Review a design and ask where future AI style features such as semantic search or hybrid structured and unstructured access might fit</li> </ul> <h3> Traps I would avoid </h3> <ul> <li>Treating schema design as a memorization exercise</li> <li>Ignoring JSON and semi structured data because it feels secondary</li> <li>Overfocusing on rare features before mastering the core objects and query patterns</li> <li>Studying stored procedures and functions only as syntax rather than as maintainable application building blocks</li> </ul> <h3> My view on this domain </h3> <p>This domain is exactly why I think the exam has substance. It still expects you to be a real database developer. That is a good thing. Without strong fundamentals here, the AI portions become superficial very quickly.</p> <h2> Domain two </h2> <h2> Secure, optimize, and deploy database solutions </h2> <p>The study guide includes authentication and authorization, roles and permissions, data protection, monitoring, performance tuning, indexing, query plan awareness, deployment using SQL database projects, Git based workflows, schema drift, and CI CD practices.</p> <h3> What this domain really means </h3> <p>This domain is about whether you can treat database work as part of a modern engineering workflow rather than a one off administrative activity. To me, this is one of the most important parts of the exam because it separates people who can build something from people who can maintain and ship something responsibly.</p> <p>The database is often where teams become inconsistent with engineering discipline. Application code gets source control, pipelines, reviews, and repeatable releases. Database changes too often get handled manually or as an afterthought. This domain pushes in the right direction by expecting proper delivery discipline.</p> <h3> What I would make sure I can do </h3> <ul> <li>Explain core authentication and authorization choices in Azure SQL and related SQL platforms</li> <li>Understand how permissions should be scoped and why least privilege matters</li> <li>Read performance problems through the lens of indexing, plan quality, and workload behavior</li> <li>Use SQL database projects as a source of truth for schema</li> <li>Understand how CI CD pipelines apply to database changes</li> <li>Explain schema drift and why it becomes dangerous when teams skip disciplined deployment practices</li> <li>Think about deployment safety and repeatability rather than just whether the change works once</li> </ul> <h3> Hands on tasks I would actually practice </h3> <ul> <li>Create a simple SQL database project and put it under source control</li> <li>Build and validate a DACPAC based deployment flow</li> <li>Walk through a GitHub Actions or Azure DevOps example for database deployment</li> <li>Compare a safe controlled deployment process against a manual direct change process</li> <li>Review indexing choices on a small schema and explain how they support or hurt workload patterns</li> <li>Practice reading execution plans at a conceptual level, especially for common tuning scenarios</li> </ul> <h3> Traps I would avoid </h3> <ul> <li>Thinking that database CI CD is too operational to be important for the exam</li> <li>Treating security as a list of terms instead of a design decision</li> <li>Memorizing individual performance tips without understanding why they help</li> <li>Ignoring schema drift because it sounds niche</li> </ul> <h3> My view on this domain </h3> <p>I really like that this exam gives so much space to secure delivery and optimization. That makes it feel much more relevant to the actual role. Modern database development is not just about writing objects. It is about shipping them safely and keeping them fast.</p> <h2> Domain three </h2> <h3> Implement AI capabilities in database solutions </h3> <p>This is the part that makes the exam stand out. The study guide includes AI integration patterns, embeddings, vector search, retrieval augmented generation style design, intelligent search, and building AI aware data solutions directly on Microsoft SQL platforms.</p> <h4> What this domain really means </h4> <p>This domain asks whether you can connect database engineering with modern AI application patterns without losing rigor. That matters because there is a big difference between talking about AI in general and actually designing a database solution that supports intelligent retrieval, vector based matching, model integration, and reliable application behavior.</p> <p>What I find most interesting is that Microsoft is clearly positioning SQL platforms as active participants in AI architectures. This is not just a certification about wiring a model to an app. It is about understanding how the database itself can support embeddings, retrieval, structured filtering, hybrid search behavior, and data shaped for AI driven scenarios.</p> <h4> What I would make sure I can do </h4> <ul> <li>Explain what embeddings are at a practical level and why they matter for semantic similarity scenarios</li> <li>Understand where vector search fits and when it is appropriate</li> <li>Compare keyword style retrieval with semantic or hybrid approaches</li> <li>Understand how structured data and semi structured data can work together in intelligent applications</li> <li>Think clearly about where SQL based AI patterns are a good fit and where a dedicated search or AI service may still be the better choice</li> <li>Understand the role of T SQL in orchestrating AI aware retrieval patterns</li> <li>Be comfortable talking about RAG style design in database terms rather than only in model terms</li> </ul> <h4> Hands on tasks I would actually practice </h4> <ul> <li>Walk through an Azure SQL vector search sample and explain each step in plain language</li> <li>Store and query JSON based data alongside relational data and think about how that supports intelligent application scenarios</li> <li>Compare a full text or keyword style search approach against a vector similarity approach</li> <li>Read documentation on intelligent applications in Azure SQL and summarize when SQL centric AI design is strong and when it becomes limiting</li> <li>Sketch a simple RAG style flow where the database plays an intentional retrieval role</li> </ul> <h4> Traps I would avoid </h4> <ul> <li>Studying AI buzzwords without grounding them in actual SQL platform behavior</li> <li>Assuming vector search replaces all other search patterns</li> <li>Ignoring the importance of structured filters in intelligent applications</li> <li>Treating AI features as magic instead of as design choices with cost, performance, and complexity tradeoffs</li> </ul> <h4> My view on this domain </h4> <p>This domain is the reason I think the certification is genuinely interesting. It reflects a shift that is happening in the industry right now. Databases are no longer just passive systems underneath AI applications. They are becoming active parts of how those systems retrieve, filter, ground, and serve information.</p> <h2> The study resources I would actually use </h2> <p>I would start with the official Microsoft resources and then move into hands on documentation that maps directly to the objectives. Here is the stack I would use.</p> <h3> Start here </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/credentials/certifications/developing-ai-enabled-database-solutions/" rel="noopener noreferrer">Microsoft Certified SQL AI Developer Associate beta</a></li> <li><a href="https://learn.microsoft.com/en-us/credentials/certifications/resources/study-guides/dp-800" rel="noopener noreferrer">Study guide for Exam DP 800</a></li> <li><a href="https://learn.microsoft.com/en-us/training/courses/dp-800t00" rel="noopener noreferrer">Course DP 800T00 Develop AI enabled database solutions</a></li> </ul> <h3> Core database development and delivery </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/training/paths/develop-data-driven-app-sql-db/" rel="noopener noreferrer">Develop data driven applications by using Azure SQL Database</a></li> <li><a href="https://learn.microsoft.com/en-us/training/paths/secure-optimize-deploy-database-solutions/" rel="noopener noreferrer">Secure optimize and deploy database solutions</a></li> <li><a href="https://learn.microsoft.com/en-us/training/modules/develop-azure-sql-database/" rel="noopener noreferrer">Develop for Azure SQL Database</a></li> <li><a href="https://learn.microsoft.com/en-us/training/modules/implement-cicd-sql-database-projects/" rel="noopener noreferrer">Implement CI-CD by using SQL Database Projects</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/tools/sql-database-projects/sql-database-projects?view=sql-server-ver17" rel="noopener noreferrer">What are SQL Database Projects</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/tools/sql-database-projects/tutorials/create-deploy-sql-project?view=sql-server-ver17" rel="noopener noreferrer">Tutorial create and deploy a SQL project</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/tools/sql-database-projects/sql-projects-automation?view=sql-server-ver17" rel="noopener noreferrer">SQL projects automation</a></li> </ul> <h3> T SQL and query depth </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/training/courses/dp-080t00" rel="noopener noreferrer">Query and modify data with Transact SQL</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/relational-databases/query-processing-architecture-guide?view=sql-server-ver17" rel="noopener noreferrer">Query processing architecture guide</a></li> </ul> <h3> JSON and semi structured data </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/azure/azure-sql/database/json-features?view=azuresql" rel="noopener noreferrer">Work with JSON data in Azure SQL</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/relational-databases/json/json-data-sql-server?view=sql-server-ver17" rel="noopener noreferrer">Work with JSON data in SQL Server</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/relational-databases/json/index-json-data?view=sql-server-ver17" rel="noopener noreferrer">Index JSON data</a></li> </ul> <h3> AI features in SQL platforms </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/training/paths/implement-ai-capabilities-database-solutions/" rel="noopener noreferrer">Implement AI capabilities in database solutions</a></li> <li><a href="https://learn.microsoft.com/en-us/azure/azure-sql/database/ai-artificial-intelligence-intelligent-applications?view=azuresql" rel="noopener noreferrer">Intelligent applications and AI in Azure SQL Database</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/sql-server/ai/artificial-intelligence-intelligent-applications?view=sql-server-ver17" rel="noopener noreferrer">Intelligent applications and AI in SQL Server</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/sql-server/ai/vectors?view=sql-server-ver17" rel="noopener noreferrer">Vector search and vector index</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/t-sql/data-types/vector-data-type?view=sql-server-ver17" rel="noopener noreferrer">Vector data type</a></li> <li><a href="https://learn.microsoft.com/en-us/sql/t-sql/functions/vector-functions-transact-sql?view=sql-server-ver17" rel="noopener noreferrer">Vector functions in Transact SQL</a></li> <li><a href="https://learn.microsoft.com/en-us/samples/azure-samples/azure-sql-db-openai/azure-sql-db-openai/" rel="noopener noreferrer">Vector similarity search with Azure SQL and Azure OpenAI sample</a></li> </ul> <h3> Platform context that helps </h3> <ul> <li><a href="https://learn.microsoft.com/en-us/fabric/database/sql/overview" rel="noopener noreferrer">SQL database in Microsoft Fabric overview</a></li> <li><a href="https://learn.microsoft.com/en-us/azure/azure-sql/database/features-comparison?view=azuresql" rel="noopener noreferrer">Compare Azure SQL Database and Azure SQL Managed Instance features</a></li> <li><a href="https://learn.microsoft.com/en-us/azure/azure-sql/database/failover-group-sql-db?view=azuresql" rel="noopener noreferrer">Failover groups overview and best practices</a></li> </ul> <h2> A four week study plan that I think actually works </h2> <h2> Week one </h2> <h3> Build the map </h3> <p>Read the official study guide closely and create your own notes under the three domains. Mark each topic as strong, medium, or weak. Do not study everything with equal intensity. This exam has a very clear weighting, so your time should follow it.</p> <p>Your goal in week one is not mastery. Your goal is clarity.</p> <p>You should finish the week knowing exactly where your risk areas are.</p> <h2> Week two </h2> <h3> Go deep on database design and programmability </h3> <p>Spend the week on schema design, specialized tables, JSON, views, procedures, functions, transactions, and query logic. Build one small realistic schema and keep improving it as you learn.</p> <p>Ask yourself practical questions such as these.</p> <ul> <li>Is this design flexible enough for application change</li> <li>Where would semi structured data belong here</li> <li>Which constraints actually protect integrity</li> <li>What query patterns will this application need most often</li> </ul> <h2> Week three </h2> <h3> Go deep on delivery security and performance </h3> <p>Focus on SQL database projects, CI CD, source control, schema drift, permissions, authentication, indexing, and plan awareness. This is the week where you move from being someone who can write database code to someone who can ship it well.</p> <p>If you skip this part, you risk underestimating a huge portion of the exam.</p> <h2> Week four </h2> <h3> Add the AI layer and consolidate </h3> <p>Now focus on embeddings, vector search, intelligent application patterns, RAG style thinking, and hybrid retrieval logic. Connect these back to the database fundamentals you already studied.</p> <p>The key question for this final week is not simply how an AI feature works. It is why that feature belongs in this database design and what tradeoffs come with it.</p> <h2> A practical weekend sprint if you are short on time </h2> <p>If all you have is a weekend, I would still avoid random study.</p> <h3> Day one </h3> <ul> <li>Read the certification page and study guide end to end</li> <li>Focus first on domain one and domain two</li> <li>Review schema design, SQL projects, CI CD, permissions, indexing, and deployment flow</li> <li>Build one page notes for design, one page notes for deployment, and one page notes for tuning</li> </ul> <h3> Day two </h3> <ul> <li>Focus on domain three</li> <li>Review intelligent applications, embeddings, vector search, and SQL centric AI patterns</li> <li>Walk through at least one official sample and one or two docs pages in detail</li> <li>End by explaining each domain out loud in your own words</li> </ul> <p>That last step sounds simple, but it is one of the best checks of whether you understand the role or are just recognizing keywords.</p> <h2> The notes format I would use </h2> <p>I would keep notes in a format that forces decision making.</p> <h3> Feature or concept </h3> <ul> <li>What it is</li> <li>Why it exists</li> <li>When I would choose it</li> <li>What tradeoffs it creates</li> <li>What could go wrong in production</li> </ul> <p>That format is much more useful than copying definitions into a document you never read again.</p> <h2> What I would not waste time on </h2> <ul> <li>Blind memorization of isolated syntax without application context</li> <li>Treating AI features as separate from core database design</li> <li>Ignoring CI CD because it feels less technical than query writing</li> <li>Overfocusing on rare edge features before mastering the heavily weighted fundamentals</li> <li>Reading only summaries without opening the real documentation and samples</li> </ul> <h2> Final 48 hours </h2> <p>In the last two days, I would stop collecting new material and start tightening judgment.</p> <ul> <li>Review the three domains and their weightings again</li> <li>Revisit schema design, query logic, deployment, permissions, and performance tuning</li> <li>Revisit embeddings, vector search, and intelligent application patterns</li> <li>Review where SQL is the right home for AI style retrieval and where another service may be stronger</li> <li>Sleep properly and keep your thinking sharp</li> </ul> <p>Because the practice assessment is not currently available in beta, your ability to explain decisions clearly becomes even more important. This is one of those exams where maturity of reasoning is likely to matter more than pattern memorization.</p> <h2> My closing take </h2> <p>If I had to summarize this beta in one sentence, I would say it is testing whether you can think like a modern SQL application engineer whose database is part of the intelligence layer, not just the persistence layer.</p> <p>That is why I think this certification is worth paying attention to. It still respects strong database fundamentals, but it also points toward where the role is heading. For me, that is what makes a beta worth studying. It is not just an exam. It is an early signal.</p> <p>If you are preparing for this one, I would study it like a role that sits at the intersection of database engineering, delivery discipline, and AI aware application design. That is the mindset this guide is built to support.</p> ai azure sql webdev Building a Document Processing Pipeline with S3, Textract, Step Functions and EventBridge Renaldi Sun, 05 Apr 2026 23:00:00 +0000 https://dev.to/aws-builders/building-a-document-processing-pipeline-with-s3-textract-step-functions-and-eventbridge-3m3l https://dev.to/aws-builders/building-a-document-processing-pipeline-with-s3-textract-step-functions-and-eventbridge-3m3l <p>This is one of my favorite AWS patterns to demo because it is both visually compelling and production-relevant. It shows event-driven architecture, orchestration, asynchronous AI/ML service integration, scale-out processing, human-in-the-loop review, and operational discipline in one workflow.</p> <p>In this post, I will walk through an end-to-end implementation of a document processing pipeline built with:</p> <ul> <li> <strong>Amazon S3</strong> for document ingress and result storage</li> <li> <strong>Amazon Textract</strong> for OCR and structured extraction</li> <li> <strong>AWS Step Functions</strong> for orchestration (including <strong>Distributed Map</strong> for batch scale)</li> <li> <strong>Amazon EventBridge</strong> for event routing and downstream integration</li> </ul> <p>I will also cover:</p> <ul> <li>Async Textract orchestration</li> <li>Batch scaling with Distributed Map</li> <li>Result storage and audit trail</li> <li>Human review step</li> <li>Cost and throughput tuning</li> <li>Architecture and code walkthrough</li> </ul> <h2> Why this pattern is so effective </h2> <p>In real teams, document processing is rarely just “OCR a file and store JSON.” We usually need to handle:</p> <ul> <li>Multi-page PDFs and asynchronous processing</li> <li>Bursty uploads (for example, end-of-day batch drops)</li> <li>Traceability for compliance and audits</li> <li>Human review for low-confidence or ambiguous fields</li> <li>Clean integration points for downstream systems</li> </ul> <p>This architecture solves those concerns in a way that is easy to demonstrate and scale.</p> <h2> What we are building </h2> <p>I am designing the pipeline around two operating modes:</p> <ol> <li> <p><strong>Single-document event-driven processing</strong></p> <ul> <li>A file lands in S3</li> <li>EventBridge triggers the workflow</li> <li>The workflow runs end-to-end for that document</li> </ul> </li> <li> <p><strong>Batch processing mode</strong></p> <ul> <li>A manifest (JSON/CSV/list of document keys) is provided</li> <li>Step Functions uses <strong>Distributed Map</strong> to fan out child workflows</li> <li>Each child workflow processes one document independently</li> </ul> </li> </ol> <p>This keeps the core processing logic consistent while letting me scale from demos to production.</p> <h2> Architecture Overview </h2> <p>At a high level, the flow is:</p> <ol> <li>A document is uploaded to an S3 input bucket</li> <li>S3 emits an event to EventBridge</li> <li>EventBridge starts a Step Functions <strong>parent workflow</strong> </li> <li>The parent workflow prepares a manifest (single item or batch list)</li> <li>A <strong>Distributed Map</strong> launches child workflows for each document</li> <li>Each child workflow: <ul> <li>validates input</li> <li>starts async Textract</li> <li>waits/polls for completion</li> <li>retrieves and normalizes results</li> <li>stores raw + normalized outputs</li> <li>writes audit records</li> <li>routes low-confidence cases to human review</li> <li>emits a processed event to EventBridge</li> </ul> </li> <li>Downstream systems consume the processed event</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz3glhl3ub0p6gaw3cu3j.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz3glhl3ub0p6gaw3cu3j.png" alt=" " width="800" height="1190"></a></p> <h2> End-to-End Walkthrough </h2> <h2> 1) Document ingress with S3 + EventBridge </h2> <p>I use S3 as the system of record for inbound documents. The upload path usually looks like:</p> <ul> <li><code>s3://my-docs-incoming/raw/YYYY/MM/DD/&lt;tenant&gt;/&lt;document&gt;.pdf</code></li> </ul> <p>I prefer a structured key naming convention because it helps with:</p> <ul> <li>lifecycle policies</li> <li>tenant scoping</li> <li>troubleshooting</li> <li>cost attribution</li> <li>replay operations</li> </ul> <p>S3 can publish object events to EventBridge, and I use an EventBridge rule to filter only the prefixes and file types that should trigger processing (for example, PDFs in <code>raw/</code>).</p> <h3> Example EventBridge rule pattern (S3 object created) </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"source"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"aws.s3"</span><span class="p">],</span><span class="w"> </span><span class="nl">"detail-type"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Object Created"</span><span class="p">],</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"bucket"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"my-docs-incoming"</span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"object"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="p">[{</span><span class="w"> </span><span class="nl">"prefix"</span><span class="p">:</span><span class="w"> </span><span class="s2">"raw/"</span><span class="w"> </span><span class="p">}]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>From there, EventBridge starts the Step Functions parent state machine.</p> <h2> 2) Parent orchestration with Step Functions </h2> <p>I use a <strong>Standard workflow</strong> for the parent because:</p> <ul> <li>document jobs can run for a while</li> <li>I may have retries and waits</li> <li>I may pause for human review (callback pattern)</li> <li>I want richer execution history</li> </ul> <p>The parent workflow does a few things:</p> <ul> <li>Parses the incoming event (or batch request)</li> <li>Creates a manifest for processing (even if only one document)</li> <li>Sets concurrency controls (important for Textract/Lambda quotas)</li> <li>Launches a <strong>Distributed Map</strong> </li> </ul> <h3> Why Distributed Map matters </h3> <p>For real batches, a normal Map state can become limiting because of concurrency and history size. Distributed Map gives me child workflow executions, better scaling, and cleaner observability for each document.</p> <h2> 3) Child workflow per document (core pipeline) </h2> <p>Each child workflow processes a single document from start to finish.</p> <h3> Core steps in the child workflow </h3> <ol> <li> <p><strong>Validate input</strong></p> <ul> <li>file type</li> <li>bucket/key exists</li> <li>metadata (tenant, doc type, correlation ID)</li> <li>idempotency key check</li> </ul> </li> <li> <p><strong>Start Textract asynchronously</strong></p> <ul> <li>call <code>StartDocumentAnalysis</code> </li> <li>capture <code>JobId</code> </li> <li>store correlation in audit trail</li> </ul> </li> <li> <p><strong>Wait for completion</strong></p> <ul> <li>polling loop (simple and explicit for Step Functions)</li> <li>or callback/SNS-based completion (production optimization)</li> </ul> </li> <li> <p><strong>Retrieve paginated results</strong></p> <ul> <li>call <code>GetDocumentAnalysis</code> until <code>NextToken</code> is exhausted</li> </ul> </li> <li> <p><strong>Normalize + enrich</strong></p> <ul> <li>convert Textract blocks into domain JSON</li> <li>score confidence thresholds</li> <li>apply business rules</li> </ul> </li> <li> <p><strong>Store outputs</strong></p> <ul> <li>raw output</li> <li>normalized output</li> <li>processing summary</li> <li>audit entries</li> </ul> </li> <li> <p><strong>Human review (if needed)</strong></p> <ul> <li>pause with task token callback</li> <li>reviewer approves/edits/rejects</li> </ul> </li> <li> <p><strong>Emit completion event</strong></p> <ul> <li>publish a custom EventBridge event</li> <li>downstream systems subscribe independently</li> </ul> </li> </ol> <h2> 4) Async Textract orchestration (practical implementation) </h2> <p>Textract async processing is the correct choice for multi-page documents and larger workloads. The key point is that I do <strong>not</strong> try to synchronously block a Lambda while waiting for Textract.</p> <p>Instead, I let Step Functions own the waiting and retry logic.</p> <h3> Two patterns I use in practice </h3> <h4> Pattern A (implemented in this post): Step Functions polling loop </h4> <p>This is the simplest pattern to explain and demo.</p> <ul> <li><code>StartDocumentAnalysis</code></li> <li><code>Wait</code></li> <li> <code>GetDocumentAnalysis</code> (status check)</li> <li>loop until <code>SUCCEEDED</code> / <code>FAILED</code> </li> </ul> <p>Pros:</p> <ul> <li>Easy to understand</li> <li>No extra callback plumbing</li> <li>Great for demos and many production cases</li> </ul> <p>Cons:</p> <ul> <li>More state transitions</li> <li>Not the most efficient if jobs are very long</li> </ul> <h4> Pattern B (production optimization): SNS/SQS + callback </h4> <p>Textract async operations notify completion via SNS. I can correlate <code>JobId</code>, then call <code>SendTaskSuccess</code> to resume the Step Functions execution.</p> <p>Pros:</p> <ul> <li>Fewer polling transitions</li> <li>More event-driven</li> </ul> <p>Cons:</p> <ul> <li>More moving parts (SNS/SQS/Lambda/token correlation)</li> </ul> <p>For this article, I am implementing <strong>Pattern A</strong> for clarity, and I will still preserve auditability and scalability.</p> <h2> 5) Result storage and audit trail (what I store and why) </h2> <p>This is where many demos stop too early. I do not want a pipeline that only prints extraction results to logs.</p> <p>I store <strong>four classes of artifacts</strong>:</p> <h3> A. Raw input (immutable) </h3> <ul> <li>Original document in S3 (<code>raw/</code>)</li> </ul> <h3> B. Raw Textract result snapshot </h3> <ul> <li>Either Textract output JSON (if using <code>OutputConfig</code>)</li> <li>Or consolidated raw blocks written by my retrieval Lambda</li> </ul> <h3> C. Normalized business result </h3> <p>A clean JSON model that downstream systems can actually use, for example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"documentId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INV-2026-000123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"documentType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invoice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"vendorName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Acme Pty Ltd"</span><span class="p">,</span><span class="w"> </span><span class="nl">"invoiceDate"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25"</span><span class="p">,</span><span class="w"> </span><span class="nl">"totalAmount"</span><span class="p">:</span><span class="w"> </span><span class="mf">1285.40</span><span class="p">,</span><span class="w"> </span><span class="nl">"currency"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AUD"</span><span class="p">,</span><span class="w"> </span><span class="nl">"fields"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invoice_number"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INV-2026-000123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"confidence"</span><span class="p">:</span><span class="w"> </span><span class="mf">98.7</span><span class="p">,</span><span class="w"> </span><span class="nl">"source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"textract"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"review"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"required"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="kc">null</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> D. Audit trail (DynamoDB + events) </h3> <p>I keep an audit table with entries like:</p> <ul> <li>correlation ID</li> <li>S3 bucket/key/version</li> <li>execution ARN</li> <li>Textract JobId</li> <li>timestamps (started/completed)</li> <li>status transitions</li> <li>retry count</li> <li>reviewer ID + decision (if reviewed)</li> </ul> <p>This makes troubleshooting and compliance conversations much easier.</p> <h2> 6) Human review step (callback pattern) </h2> <p>I like to add a human review step because it turns the demo into a real workflow.</p> <h3> When I trigger human review </h3> <p>I send documents for human review if:</p> <ul> <li>confidence is below threshold for required fields</li> <li>required fields are missing</li> <li>document type classification is ambiguous</li> <li>business validations fail (for example, total does not match line items)</li> </ul> <h3> How the callback works </h3> <ol> <li>Step Functions reaches <code>HumanReviewRequired</code> </li> <li>It invokes a Lambda using <code>waitForTaskToken</code> </li> <li>That Lambda stores a review task (with the task token) in DynamoDB and optionally emits a notification event</li> <li>A reviewer UI or ops tool loads the pending task</li> <li>Reviewer approves/edits/rejects</li> <li>API Gateway + Lambda calls: <ul> <li> <code>SendTaskSuccess</code> (approve / approved edits)</li> <li> <code>SendTaskFailure</code> (reject / unrecoverable issue)</li> </ul> </li> </ol> <p>This lets me keep the workflow paused cleanly without polling the UI.</p> <h2> 7) EventBridge for decoupled downstream integration </h2> <p>I use EventBridge in two places:</p> <h3> Ingress routing </h3> <ul> <li>S3 object-created events trigger the parent workflow</li> </ul> <h3> Egress publishing </h3> <ul> <li>The child workflow publishes custom events like: <ul> <li><code>document.processed</code></li> <li><code>document.review.required</code></li> <li><code>document.failed</code></li> </ul> </li> </ul> <p>This is a huge win because downstream systems can subscribe independently:</p> <ul> <li>search indexing</li> <li>analytics pipelines</li> <li>case management</li> <li>notifications</li> <li>data quality dashboards</li> </ul> <p>No tight coupling to the core document processing workflow.</p> <h1> Implementation Discussion </h1> <p>Below is a concrete implementation outline with code.</p> <h2> State machine design (parent + child) </h2> <p>I prefer splitting the logic into:</p> <ul> <li> <strong>Parent workflow</strong>: batching and fan-out</li> <li> <strong>Child workflow</strong>: per-document processing</li> </ul> <p>This keeps each workflow easier to reason about and test.</p> <h2> Parent workflow (ASL fragment with Distributed Map) </h2> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Parent workflow for document batch orchestration"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"BuildManifest"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"BuildManifest"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${BuildManifestFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ProcessDocumentsDistributed"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ProcessDocumentsDistributed"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Map"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Label"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ProcessDocuments"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ItemsPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.documents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxConcurrencyPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.maxConcurrency"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ItemProcessor"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ProcessorConfig"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Mode"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DISTRIBUTED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ExecutionType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"STANDARD"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"StartChildExecution"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"StartChildExecution"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::states:startExecution.sync:2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"StateMachineArn"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${ChildStateMachineArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Input"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"document.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Map.Item.Value"</span><span class="p">,</span><span class="w"> </span><span class="nl">"batchContext.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.batchContext"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"BatchSummary"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"BatchSummary"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${BatchSummaryFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Notes on this design </h3> <ul> <li> <code>MaxConcurrencyPath</code> lets me tune concurrency dynamically per batch.</li> <li>I can set lower concurrency for production if Textract quotas are tighter than my desired fan-out.</li> <li>Child executions give me better isolation and clearer failure analysis.</li> </ul> <h2> Child workflow (ASL fragment for async Textract + human review + EventBridge) </h2> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Child workflow for processing one document"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ValidateDocument"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ValidateDocument"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${ValidateDocumentFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"StartTextract"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"StartTextract"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::aws-sdk:textract:startDocumentAnalysis"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"DocumentLocation"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"S3Object"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Bucket.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document.bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Name.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document.key"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"FeatureTypes"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"FORMS"</span><span class="p">,</span><span class="w"> </span><span class="s2">"TABLES"</span><span class="p">],</span><span class="w"> </span><span class="nl">"ClientRequestToken.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.idempotencyKey"</span><span class="p">,</span><span class="w"> </span><span class="nl">"JobTag.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.jobTag"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStart"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"WaitBeforeStatusCheck"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Retry"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"Textract.ThrottlingException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Textract.ProvisionedThroughputExceededException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"States.TaskFailed"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"IntervalSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"BackoffRate"</span><span class="p">:</span><span class="w"> </span><span class="mf">2.0</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxAttempts"</span><span class="p">:</span><span class="w"> </span><span class="mi">5</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"WaitBeforeStatusCheck"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Wait"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Seconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">10</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CheckTextractStatus"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"CheckTextractStatus"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::aws-sdk:textract:getDocumentAnalysis"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"JobId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStart.JobId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxResults"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStatus"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TextractComplete?"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"TextractComplete?"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Choice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Choices"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStatus.JobStatus"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StringEquals"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SUCCEEDED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CollectTextractPages"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStatus.JobStatus"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StringEquals"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FAILED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"MarkFailed"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStatus.JobStatus"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StringEquals"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PARTIAL_SUCCESS"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CollectTextractPages"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Default"</span><span class="p">:</span><span class="w"> </span><span class="s2">"WaitBeforeStatusCheck"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"CollectTextractPages"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${CollectTextractPagesFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"jobId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.textractStart.JobId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"document.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document"</span><span class="p">,</span><span class="w"> </span><span class="nl">"executionArn.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Execution.Id"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"NormalizeAndScore"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"NormalizeAndScore"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${NormalizeAndScoreFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"NeedsHumanReview?"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"NeedsHumanReview?"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Choice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Choices"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.review.required"</span><span class="p">,</span><span class="w"> </span><span class="nl">"BooleanEquals"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CreateHumanReviewTask"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Default"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishProcessedEvent"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"CreateHumanReviewTask"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke.waitForTaskToken"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${CreateHumanReviewTaskFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"taskToken.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Task.Token"</span><span class="p">,</span><span class="w"> </span><span class="nl">"document.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document"</span><span class="p">,</span><span class="w"> </span><span class="nl">"result.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="p">,</span><span class="w"> </span><span class="nl">"executionArn.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Execution.Id"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"TimeoutSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">604800</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.humanReviewDecision"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ApplyHumanReviewDecision"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ApplyHumanReviewDecision"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${ApplyHumanReviewDecisionFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"pipelineResult.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reviewDecision.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.humanReviewDecision.Payload"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishProcessedEvent"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishProcessedEvent"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::events:putEvents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Entries"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"com.example.documents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"DetailType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"document.processed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"EventBusName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${EventBusName}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Detail"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"documentId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document.id"</span><span class="p">,</span><span class="w"> </span><span class="nl">"bucket.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document.bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"key.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.document.key"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PROCESSED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"review.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.review"</span><span class="p">,</span><span class="w"> </span><span class="nl">"output.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.output"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FinalizeAudit"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"FinalizeAudit"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${FinalizeAuditFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"MarkFailed"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${MarkFailedFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Lambda: Collect paginated Textract results and store raw output (Python) </h2> <p>This Lambda consolidates paginated <code>GetDocumentAnalysis</code> responses, writes a raw artifact to S3, and returns a pointer for downstream normalization.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timezone</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">textract</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">textract</span><span class="sh">"</span><span class="p">)</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">)</span> <span class="n">RAW_RESULTS_BUCKET</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">RAW_RESULTS_BUCKET</span><span class="sh">"</span><span class="p">]</span> <span class="n">RAW_RESULTS_PREFIX</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">RAW_RESULTS_PREFIX</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">textract-raw</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">job_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">jobId</span><span class="sh">"</span><span class="p">]</span> <span class="n">document</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">]</span> <span class="n">execution_arn</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">executionArn</span><span class="sh">"</span><span class="p">]</span> <span class="n">blocks</span> <span class="o">=</span> <span class="p">[]</span> <span class="n">next_token</span> <span class="o">=</span> <span class="bp">None</span> <span class="n">first_page_metadata</span> <span class="o">=</span> <span class="bp">None</span> <span class="n">final_status</span> <span class="o">=</span> <span class="bp">None</span> <span class="n">warnings</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">while</span> <span class="bp">True</span><span class="p">:</span> <span class="n">kwargs</span> <span class="o">=</span> <span class="p">{</span><span class="sh">"</span><span class="s">JobId</span><span class="sh">"</span><span class="p">:</span> <span class="n">job_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">MaxResults</span><span class="sh">"</span><span class="p">:</span> <span class="mi">1000</span><span class="p">}</span> <span class="k">if</span> <span class="n">next_token</span><span class="p">:</span> <span class="n">kwargs</span><span class="p">[</span><span class="sh">"</span><span class="s">NextToken</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="n">next_token</span> <span class="n">resp</span> <span class="o">=</span> <span class="n">textract</span><span class="p">.</span><span class="nf">get_document_analysis</span><span class="p">(</span><span class="o">**</span><span class="n">kwargs</span><span class="p">)</span> <span class="n">final_status</span> <span class="o">=</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">JobStatus</span><span class="sh">"</span><span class="p">,</span> <span class="n">final_status</span><span class="p">)</span> <span class="k">if</span> <span class="n">first_page_metadata</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span> <span class="n">first_page_metadata</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">DocumentMetadata</span><span class="sh">"</span><span class="p">:</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">DocumentMetadata</span><span class="sh">"</span><span class="p">,</span> <span class="p">{}),</span> <span class="sh">"</span><span class="s">AnalyzeDocumentModelVersion</span><span class="sh">"</span><span class="p">:</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">AnalyzeDocumentModelVersion</span><span class="sh">"</span><span class="p">),</span> <span class="p">}</span> <span class="n">blocks</span><span class="p">.</span><span class="nf">extend</span><span class="p">(</span><span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Blocks</span><span class="sh">"</span><span class="p">,</span> <span class="p">[]))</span> <span class="n">warnings</span><span class="p">.</span><span class="nf">extend</span><span class="p">(</span><span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Warnings</span><span class="sh">"</span><span class="p">,</span> <span class="p">[]))</span> <span class="n">next_token</span> <span class="o">=</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">NextToken</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">next_token</span><span class="p">:</span> <span class="k">break</span> <span class="n">now</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">).</span><span class="nf">isoformat</span><span class="p">()</span> <span class="n">raw_key</span> <span class="o">=</span> <span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">RAW_RESULTS_PREFIX</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">document</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">tenant</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">unknown</span><span class="sh">'</span><span class="p">)</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">document</span><span class="p">[</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">job_id</span><span class="si">}</span><span class="s">.json</span><span class="sh">"</span> <span class="p">)</span> <span class="n">payload</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">jobId</span><span class="sh">"</span><span class="p">:</span> <span class="n">job_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">,</span> <span class="sh">"</span><span class="s">executionArn</span><span class="sh">"</span><span class="p">:</span> <span class="n">execution_arn</span><span class="p">,</span> <span class="sh">"</span><span class="s">collectedAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span><span class="p">,</span> <span class="sh">"</span><span class="s">jobStatus</span><span class="sh">"</span><span class="p">:</span> <span class="n">final_status</span><span class="p">,</span> <span class="sh">"</span><span class="s">metadata</span><span class="sh">"</span><span class="p">:</span> <span class="n">first_page_metadata</span><span class="p">,</span> <span class="sh">"</span><span class="s">warnings</span><span class="sh">"</span><span class="p">:</span> <span class="n">warnings</span><span class="p">,</span> <span class="sh">"</span><span class="s">blocks</span><span class="sh">"</span><span class="p">:</span> <span class="n">blocks</span><span class="p">,</span> <span class="p">}</span> <span class="n">s3</span><span class="p">.</span><span class="nf">put_object</span><span class="p">(</span> <span class="n">Bucket</span><span class="o">=</span><span class="n">RAW_RESULTS_BUCKET</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">raw_key</span><span class="p">,</span> <span class="n">Body</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">payload</span><span class="p">).</span><span class="nf">encode</span><span class="p">(</span><span class="sh">"</span><span class="s">utf-8</span><span class="sh">"</span><span class="p">),</span> <span class="n">ContentType</span><span class="o">=</span><span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span><span class="p">,</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">,</span> <span class="sh">"</span><span class="s">textract</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">jobId</span><span class="sh">"</span><span class="p">:</span> <span class="n">job_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">jobStatus</span><span class="sh">"</span><span class="p">:</span> <span class="n">final_status</span><span class="p">,</span> <span class="sh">"</span><span class="s">rawResultsS3</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">RAW_RESULTS_BUCKET</span><span class="p">,</span> <span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="n">raw_key</span><span class="p">,</span> <span class="p">},</span> <span class="sh">"</span><span class="s">blockCount</span><span class="sh">"</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">blocks</span><span class="p">),</span> <span class="sh">"</span><span class="s">warningsCount</span><span class="sh">"</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">warnings</span><span class="p">),</span> <span class="p">},</span> <span class="p">}</span> </code></pre> </div> <h2> Lambda: Normalize and score extracted data (Python) </h2> <p>This is where I transform Textract’s generic block model into a domain result that downstream systems can consume.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">decimal</span> <span class="kn">import</span> <span class="n">Decimal</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">)</span> <span class="n">NORMALIZED_BUCKET</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">NORMALIZED_BUCKET</span><span class="sh">"</span><span class="p">]</span> <span class="n">NORMALIZED_PREFIX</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">NORMALIZED_PREFIX</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">normalized</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">_load_json_from_s3</span><span class="p">(</span><span class="n">bucket</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">key</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="n">obj</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">get_object</span><span class="p">(</span><span class="n">Bucket</span><span class="o">=</span><span class="n">bucket</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">key</span><span class="p">)</span> <span class="k">return</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">obj</span><span class="p">[</span><span class="sh">"</span><span class="s">Body</span><span class="sh">"</span><span class="p">].</span><span class="nf">read</span><span class="p">())</span> <span class="k">def</span> <span class="nf">_extract_lines_and_words</span><span class="p">(</span><span class="n">blocks</span><span class="p">):</span> <span class="c1"># Minimal example; in production I usually build maps by block Id and relationships. </span> <span class="n">lines</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">for</span> <span class="n">b</span> <span class="ow">in</span> <span class="n">blocks</span><span class="p">:</span> <span class="k">if</span> <span class="n">b</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">BlockType</span><span class="sh">"</span><span class="p">)</span> <span class="o">==</span> <span class="sh">"</span><span class="s">LINE</span><span class="sh">"</span><span class="p">:</span> <span class="n">lines</span><span class="p">.</span><span class="nf">append</span><span class="p">({</span> <span class="sh">"</span><span class="s">text</span><span class="sh">"</span><span class="p">:</span> <span class="n">b</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Text</span><span class="sh">"</span><span class="p">,</span> <span class="sh">""</span><span class="p">),</span> <span class="sh">"</span><span class="s">confidence</span><span class="sh">"</span><span class="p">:</span> <span class="n">b</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Confidence</span><span class="sh">"</span><span class="p">,</span> <span class="mf">0.0</span><span class="p">)</span> <span class="p">})</span> <span class="k">return</span> <span class="n">lines</span> <span class="k">def</span> <span class="nf">_simple_invoice_heuristics</span><span class="p">(</span><span class="n">lines</span><span class="p">):</span> <span class="c1"># Demo heuristics only. Replace with rule engine / ML classifier as needed. </span> <span class="n">text_blob</span> <span class="o">=</span> <span class="sh">"</span><span class="se">\n</span><span class="sh">"</span><span class="p">.</span><span class="nf">join</span><span class="p">([</span><span class="n">l</span><span class="p">[</span><span class="sh">"</span><span class="s">text</span><span class="sh">"</span><span class="p">]</span> <span class="k">for</span> <span class="n">l</span> <span class="ow">in</span> <span class="n">lines</span><span class="p">])</span> <span class="n">avg_conf</span> <span class="o">=</span> <span class="nf">sum</span><span class="p">(</span><span class="n">l</span><span class="p">[</span><span class="sh">"</span><span class="s">confidence</span><span class="sh">"</span><span class="p">]</span> <span class="k">for</span> <span class="n">l</span> <span class="ow">in</span> <span class="n">lines</span><span class="p">)</span> <span class="o">/</span> <span class="nf">max</span><span class="p">(</span><span class="nf">len</span><span class="p">(</span><span class="n">lines</span><span class="p">),</span> <span class="mi">1</span><span class="p">)</span> <span class="n">result</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">unknown</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">fields</span><span class="sh">"</span><span class="p">:</span> <span class="p">[],</span> <span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">required</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="bp">None</span> <span class="p">}</span> <span class="p">}</span> <span class="k">if</span> <span class="sh">"</span><span class="s">invoice</span><span class="sh">"</span> <span class="ow">in</span> <span class="n">text_blob</span><span class="p">.</span><span class="nf">lower</span><span class="p">():</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="sh">"</span><span class="s">invoice</span><span class="sh">"</span> <span class="c1"># Example field extraction heuristic placeholder </span> <span class="c1"># In production, I'd parse key-value pairs and tables from FORM/TABLE blocks </span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">fields</span><span class="sh">"</span><span class="p">].</span><span class="nf">append</span><span class="p">({</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">avg_line_confidence</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">value</span><span class="sh">"</span><span class="p">:</span> <span class="nf">round</span><span class="p">(</span><span class="n">avg_conf</span><span class="p">,</span> <span class="mi">2</span><span class="p">),</span> <span class="sh">"</span><span class="s">confidence</span><span class="sh">"</span><span class="p">:</span> <span class="nf">round</span><span class="p">(</span><span class="n">avg_conf</span><span class="p">,</span> <span class="mi">2</span><span class="p">),</span> <span class="sh">"</span><span class="s">source</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">textract</span><span class="sh">"</span> <span class="p">})</span> <span class="c1"># Review policy example </span> <span class="k">if</span> <span class="n">avg_conf</span> <span class="o">&lt;</span> <span class="mi">90</span><span class="p">:</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">required</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="bp">True</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="sh">"</span><span class="s">Average OCR confidence below threshold</span><span class="sh">"</span> <span class="k">return</span> <span class="n">result</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">document</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">]</span> <span class="n">textract_ptr</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">textract</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">rawResultsS3</span><span class="sh">"</span><span class="p">]</span> <span class="n">raw</span> <span class="o">=</span> <span class="nf">_load_json_from_s3</span><span class="p">(</span><span class="n">textract_ptr</span><span class="p">[</span><span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">],</span> <span class="n">textract_ptr</span><span class="p">[</span><span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">])</span> <span class="n">blocks</span> <span class="o">=</span> <span class="n">raw</span><span class="p">[</span><span class="sh">"</span><span class="s">blocks</span><span class="sh">"</span><span class="p">]</span> <span class="n">lines</span> <span class="o">=</span> <span class="nf">_extract_lines_and_words</span><span class="p">(</span><span class="n">blocks</span><span class="p">)</span> <span class="n">derived</span> <span class="o">=</span> <span class="nf">_simple_invoice_heuristics</span><span class="p">(</span><span class="n">lines</span><span class="p">)</span> <span class="n">normalized</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">,</span> <span class="sh">"</span><span class="s">textract</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">jobId</span><span class="sh">"</span><span class="p">:</span> <span class="n">raw</span><span class="p">[</span><span class="sh">"</span><span class="s">jobId</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">jobStatus</span><span class="sh">"</span><span class="p">:</span> <span class="n">raw</span><span class="p">[</span><span class="sh">"</span><span class="s">jobStatus</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">warnings</span><span class="sh">"</span><span class="p">:</span> <span class="n">raw</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">warnings</span><span class="sh">"</span><span class="p">,</span> <span class="p">[]),</span> <span class="sh">"</span><span class="s">blockCount</span><span class="sh">"</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">blocks</span><span class="p">)</span> <span class="p">},</span> <span class="sh">"</span><span class="s">classification</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">:</span> <span class="n">derived</span><span class="p">[</span><span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">]</span> <span class="p">},</span> <span class="sh">"</span><span class="s">fields</span><span class="sh">"</span><span class="p">:</span> <span class="n">derived</span><span class="p">[</span><span class="sh">"</span><span class="s">fields</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">:</span> <span class="n">derived</span><span class="p">[</span><span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">output</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">rawResultsS3</span><span class="sh">"</span><span class="p">:</span> <span class="n">textract_ptr</span> <span class="p">}</span> <span class="p">}</span> <span class="n">out_key</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">NORMALIZED_PREFIX</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">document</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">'</span><span class="s">tenant</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">unknown</span><span class="sh">'</span><span class="p">)</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">document</span><span class="p">[</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">.json</span><span class="sh">"</span> <span class="n">s3</span><span class="p">.</span><span class="nf">put_object</span><span class="p">(</span> <span class="n">Bucket</span><span class="o">=</span><span class="n">NORMALIZED_BUCKET</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">out_key</span><span class="p">,</span> <span class="n">Body</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">normalized</span><span class="p">).</span><span class="nf">encode</span><span class="p">(</span><span class="sh">"</span><span class="s">utf-8</span><span class="sh">"</span><span class="p">),</span> <span class="n">ContentType</span><span class="o">=</span><span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span> <span class="p">)</span> <span class="n">normalized</span><span class="p">[</span><span class="sh">"</span><span class="s">output</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">normalizedS3</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">NORMALIZED_BUCKET</span><span class="p">,</span> <span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="n">out_key</span> <span class="p">}</span> <span class="k">return</span> <span class="n">normalized</span> </code></pre> </div> <h2> Lambda: Create human review task (callback token storage) (Python) </h2> <p>This Lambda stores the task token so a reviewer can resume the workflow later.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">time</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timezone</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">ddb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">"</span><span class="s">dynamodb</span><span class="sh">"</span><span class="p">)</span> <span class="n">events</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">events</span><span class="sh">"</span><span class="p">)</span> <span class="n">REVIEW_TABLE</span> <span class="o">=</span> <span class="n">ddb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">REVIEW_TABLE</span><span class="sh">"</span><span class="p">])</span> <span class="n">EVENT_BUS_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">EVENT_BUS_NAME</span><span class="sh">"</span><span class="p">]</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">task_token</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">taskToken</span><span class="sh">"</span><span class="p">]</span> <span class="n">document</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">]</span> <span class="n">result</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">result</span><span class="sh">"</span><span class="p">]</span> <span class="n">execution_arn</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">executionArn</span><span class="sh">"</span><span class="p">]</span> <span class="n">review_id</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">document</span><span class="p">[</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">#</span><span class="si">{</span><span class="nf">int</span><span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">time</span><span class="p">())</span><span class="si">}</span><span class="sh">"</span> <span class="n">now</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">).</span><span class="nf">isoformat</span><span class="p">()</span> <span class="n">item</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">PENDING</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">createdAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span><span class="p">,</span> <span class="sh">"</span><span class="s">documentId</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">[</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">executionArn</span><span class="sh">"</span><span class="p">:</span> <span class="n">execution_arn</span><span class="p">,</span> <span class="sh">"</span><span class="s">taskToken</span><span class="sh">"</span><span class="p">:</span> <span class="n">task_token</span><span class="p">,</span> <span class="sh">"</span><span class="s">document</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">,</span> <span class="sh">"</span><span class="s">resultSummary</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">:</span> <span class="n">result</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">classification</span><span class="sh">"</span><span class="p">,</span> <span class="p">{}).</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">documentType</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">unknown</span><span class="sh">"</span><span class="p">),</span> <span class="sh">"</span><span class="s">normalizedOutput</span><span class="sh">"</span><span class="p">:</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">output</span><span class="sh">"</span><span class="p">].</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">normalizedS3</span><span class="sh">"</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="n">REVIEW_TABLE</span><span class="p">.</span><span class="nf">put_item</span><span class="p">(</span><span class="n">Item</span><span class="o">=</span><span class="n">item</span><span class="p">)</span> <span class="n">events</span><span class="p">.</span><span class="nf">put_events</span><span class="p">(</span> <span class="n">Entries</span><span class="o">=</span><span class="p">[</span> <span class="p">{</span> <span class="sh">"</span><span class="s">Source</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">com.example.documents</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">DetailType</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">document.review.required</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">EventBusName</span><span class="sh">"</span><span class="p">:</span> <span class="n">EVENT_BUS_NAME</span><span class="p">,</span> <span class="sh">"</span><span class="s">Detail</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">documentId</span><span class="sh">"</span><span class="p">:</span> <span class="n">document</span><span class="p">[</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="n">result</span><span class="p">[</span><span class="sh">"</span><span class="s">review</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">]</span> <span class="p">})</span> <span class="p">}</span> <span class="p">]</span> <span class="p">)</span> <span class="c1"># For waitForTaskToken, Lambda can return immediately after storing task metadata. </span> <span class="c1"># The workflow stays paused until SendTaskSuccess/SendTaskFailure is called. </span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">PENDING</span><span class="sh">"</span> <span class="p">}</span> </code></pre> </div> <h2> Lambda: Reviewer callback endpoint (API Gateway -&gt; Lambda -&gt; Step Functions) (Python) </h2> <p>This Lambda receives the human decision and resumes the waiting execution.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timezone</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="kn">from</span> <span class="n">botocore.exceptions</span> <span class="kn">import</span> <span class="n">ClientError</span> <span class="n">ddb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">"</span><span class="s">dynamodb</span><span class="sh">"</span><span class="p">)</span> <span class="n">sfn</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">stepfunctions</span><span class="sh">"</span><span class="p">)</span> <span class="n">REVIEW_TABLE</span> <span class="o">=</span> <span class="n">ddb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">REVIEW_TABLE</span><span class="sh">"</span><span class="p">])</span> <span class="k">def</span> <span class="nf">_response</span><span class="p">(</span><span class="n">status_code</span><span class="p">,</span> <span class="n">body</span><span class="p">):</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="n">status_code</span><span class="p">,</span> <span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">Content-Type</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span><span class="p">},</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="p">}</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">try</span><span class="p">:</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">)</span> <span class="ow">or</span> <span class="sh">"</span><span class="s">{}</span><span class="sh">"</span><span class="p">)</span> <span class="n">review_id</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">]</span> <span class="n">action</span> <span class="o">=</span> <span class="n">body</span><span class="p">[</span><span class="sh">"</span><span class="s">action</span><span class="sh">"</span><span class="p">]</span> <span class="c1"># approve | reject </span> <span class="n">reviewer</span> <span class="o">=</span> <span class="n">body</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">reviewer</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">unknown</span><span class="sh">"</span><span class="p">)</span> <span class="n">corrected_fields</span> <span class="o">=</span> <span class="n">body</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">correctedFields</span><span class="sh">"</span><span class="p">,</span> <span class="p">{})</span> <span class="n">item_resp</span> <span class="o">=</span> <span class="n">REVIEW_TABLE</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span><span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">})</span> <span class="n">item</span> <span class="o">=</span> <span class="n">item_resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Item</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">item</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">404</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Review task not found</span><span class="sh">"</span><span class="p">})</span> <span class="k">if</span> <span class="n">item</span><span class="p">[</span><span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">]</span> <span class="o">!=</span> <span class="sh">"</span><span class="s">PENDING</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">409</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Review task already </span><span class="si">{</span><span class="n">item</span><span class="p">[</span><span class="sh">'</span><span class="s">status</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span><span class="p">})</span> <span class="n">task_token</span> <span class="o">=</span> <span class="n">item</span><span class="p">[</span><span class="sh">"</span><span class="s">taskToken</span><span class="sh">"</span><span class="p">]</span> <span class="n">now</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">).</span><span class="nf">isoformat</span><span class="p">()</span> <span class="k">if</span> <span class="n">action</span> <span class="o">==</span> <span class="sh">"</span><span class="s">approve</span><span class="sh">"</span><span class="p">:</span> <span class="n">sfn</span><span class="p">.</span><span class="nf">send_task_success</span><span class="p">(</span> <span class="n">taskToken</span><span class="o">=</span><span class="n">task_token</span><span class="p">,</span> <span class="n">output</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">decision</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">APPROVED</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">reviewer</span><span class="sh">"</span><span class="p">:</span> <span class="n">reviewer</span><span class="p">,</span> <span class="sh">"</span><span class="s">reviewedAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span><span class="p">,</span> <span class="sh">"</span><span class="s">correctedFields</span><span class="sh">"</span><span class="p">:</span> <span class="n">corrected_fields</span> <span class="p">})</span> <span class="p">)</span> <span class="n">new_status</span> <span class="o">=</span> <span class="sh">"</span><span class="s">APPROVED</span><span class="sh">"</span> <span class="k">elif</span> <span class="n">action</span> <span class="o">==</span> <span class="sh">"</span><span class="s">reject</span><span class="sh">"</span><span class="p">:</span> <span class="n">sfn</span><span class="p">.</span><span class="nf">send_task_failure</span><span class="p">(</span> <span class="n">taskToken</span><span class="o">=</span><span class="n">task_token</span><span class="p">,</span> <span class="n">error</span><span class="o">=</span><span class="sh">"</span><span class="s">HumanReviewRejected</span><span class="sh">"</span><span class="p">,</span> <span class="n">cause</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">reviewer</span><span class="sh">"</span><span class="p">:</span> <span class="n">reviewer</span><span class="p">,</span> <span class="sh">"</span><span class="s">reviewedAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span> <span class="p">})</span> <span class="p">)</span> <span class="n">new_status</span> <span class="o">=</span> <span class="sh">"</span><span class="s">REJECTED</span><span class="sh">"</span> <span class="k">else</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Invalid action</span><span class="sh">"</span><span class="p">})</span> <span class="n">REVIEW_TABLE</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">reviewId</span><span class="sh">"</span><span class="p">:</span> <span class="n">review_id</span><span class="p">},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">"</span><span class="s">SET #s = :s, reviewer = :r, reviewedAt = :t</span><span class="sh">"</span><span class="p">,</span> <span class="n">ExpressionAttributeNames</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">#s</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">},</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">:s</span><span class="sh">"</span><span class="p">:</span> <span class="n">new_status</span><span class="p">,</span> <span class="sh">"</span><span class="s">:r</span><span class="sh">"</span><span class="p">:</span> <span class="n">reviewer</span><span class="p">,</span> <span class="sh">"</span><span class="s">:t</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span> <span class="p">}</span> <span class="p">)</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">200</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Review decision recorded</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="n">new_status</span><span class="p">})</span> <span class="k">except</span> <span class="nb">KeyError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Missing field: </span><span class="si">{</span><span class="n">e</span><span class="p">.</span><span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span><span class="p">})</span> <span class="k">except</span> <span class="n">ClientError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">500</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">AWS error</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">e</span><span class="p">)})</span> <span class="k">except</span> <span class="nb">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">return</span> <span class="nf">_response</span><span class="p">(</span><span class="mi">500</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Unexpected error</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">e</span><span class="p">)})</span> </code></pre> </div> <h2> CDK example (Python) for S3 -&gt; EventBridge -&gt; Step Functions start </h2> <p>This is a simplified snippet to show the core wiring. In a production stack, I would break this into constructs (ingress, orchestration, review, storage, observability).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">aws_cdk</span> <span class="kn">import</span> <span class="p">(</span> <span class="n">Stack</span><span class="p">,</span> <span class="n">aws_s3</span> <span class="k">as</span> <span class="n">s3</span><span class="p">,</span> <span class="n">aws_events</span> <span class="k">as</span> <span class="n">events</span><span class="p">,</span> <span class="n">aws_events_targets</span> <span class="k">as</span> <span class="n">targets</span><span class="p">,</span> <span class="n">aws_stepfunctions</span> <span class="k">as</span> <span class="n">sfn</span><span class="p">,</span> <span class="n">aws_iam</span> <span class="k">as</span> <span class="n">iam</span><span class="p">,</span> <span class="p">)</span> <span class="kn">from</span> <span class="n">constructs</span> <span class="kn">import</span> <span class="n">Construct</span> <span class="k">class</span> <span class="nc">DocumentPipelineIngressStack</span><span class="p">(</span><span class="n">Stack</span><span class="p">):</span> <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">scope</span><span class="p">:</span> <span class="n">Construct</span><span class="p">,</span> <span class="n">construct_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span> <span class="nf">super</span><span class="p">().</span><span class="nf">__init__</span><span class="p">(</span><span class="n">scope</span><span class="p">,</span> <span class="n">construct_id</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span> <span class="n">input_bucket</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nc">Bucket</span><span class="p">(</span> <span class="n">self</span><span class="p">,</span> <span class="sh">"</span><span class="s">InputBucket</span><span class="sh">"</span><span class="p">,</span> <span class="n">event_bridge_enabled</span><span class="o">=</span><span class="bp">True</span> <span class="p">)</span> <span class="n">parent_state_machine</span> <span class="o">=</span> <span class="n">sfn</span><span class="p">.</span><span class="n">StateMachine</span><span class="p">.</span><span class="nf">from_state_machine_arn</span><span class="p">(</span> <span class="n">self</span><span class="p">,</span> <span class="sh">"</span><span class="s">ParentStateMachine</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">arn:aws:states:ap-southeast-2:123456789012:stateMachine:doc-parent</span><span class="sh">"</span> <span class="p">)</span> <span class="n">rule</span> <span class="o">=</span> <span class="n">events</span><span class="p">.</span><span class="nc">Rule</span><span class="p">(</span> <span class="n">self</span><span class="p">,</span> <span class="sh">"</span><span class="s">S3ObjectCreatedRule</span><span class="sh">"</span><span class="p">,</span> <span class="n">event_pattern</span><span class="o">=</span><span class="n">events</span><span class="p">.</span><span class="nc">EventPattern</span><span class="p">(</span> <span class="n">source</span><span class="o">=</span><span class="p">[</span><span class="sh">"</span><span class="s">aws.s3</span><span class="sh">"</span><span class="p">],</span> <span class="n">detail_type</span><span class="o">=</span><span class="p">[</span><span class="sh">"</span><span class="s">Object Created</span><span class="sh">"</span><span class="p">],</span> <span class="n">detail</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">input_bucket</span><span class="p">.</span><span class="n">bucket_name</span><span class="p">]},</span> <span class="sh">"</span><span class="s">object</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="p">[{</span><span class="sh">"</span><span class="s">prefix</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">raw/</span><span class="sh">"</span><span class="p">}]}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">)</span> <span class="c1"># Start execution on matching events </span> <span class="n">rule</span><span class="p">.</span><span class="nf">add_target</span><span class="p">(</span><span class="n">targets</span><span class="p">.</span><span class="nc">SfnStateMachine</span><span class="p">(</span><span class="n">parent_state_machine</span><span class="p">))</span> </code></pre> </div> <blockquote> <p>In a real deployment, I also add:</p> <ul> <li>explicit execution input transformation</li> <li>IAM least privilege policies</li> <li>DLQs / retry policies on targets where appropriate</li> <li>environment-based prefix filtering (dev/test/prod)</li> </ul> </blockquote> <h2> Data model and audit design (recommended) </h2> <p>I strongly recommend treating auditability as a first-class feature.</p> <h2> DynamoDB audit table (example keys) </h2> <p><strong>PK</strong>: <code>DOC#&lt;documentId&gt;</code><br><br> <strong>SK</strong>: <code>EVENT#&lt;timestamp&gt;#&lt;eventType&gt;</code></p> <h3> Example audit events </h3> <ul> <li><code>INGESTED</code></li> <li><code>WORKFLOW_STARTED</code></li> <li><code>TEXTRACT_STARTED</code></li> <li><code>TEXTRACT_SUCCEEDED</code></li> <li><code>NORMALIZED</code></li> <li><code>HUMAN_REVIEW_REQUIRED</code></li> <li><code>HUMAN_REVIEW_APPROVED</code></li> <li><code>PUBLISHED</code></li> <li><code>FAILED</code></li> </ul> <p>This pattern gives me an append-only lineage timeline per document.</p> <h2> Error handling and retries (what I do on purpose) </h2> <p>This pipeline is asynchronous and distributed, so failures are normal. I design for them.</p> <h3> Where I retry </h3> <ul> <li>Textract throttling / throughput exceptions</li> <li>transient Lambda errors</li> <li>EventBridge <code>PutEvents</code> partial failures (Step Functions can fail the task and retry)</li> <li>downstream S3 write failures</li> </ul> <h3> Where I do <em>not</em> blindly retry </h3> <ul> <li>invalid file format</li> <li>missing required metadata</li> <li>corrupted documents</li> <li>deterministic business-rule violations</li> </ul> <h3> Failure routing </h3> <p>I emit a <code>document.failed</code> event and write a terminal audit entry with:</p> <ul> <li>failure type</li> <li>step name</li> <li>error code</li> <li>correlation IDs</li> </ul> <p>That makes operations and replay much easier.</p> <h1> Cost and Throughput Tuning </h1> <p>This is where the architecture becomes production-grade.</p> <h2> 1) Choose Step Functions workflow type intentionally </h2> <p>I use <strong>Standard</strong> for the main orchestration because:</p> <ul> <li>async waits</li> <li>human callback pauses</li> <li>richer history and control</li> </ul> <p>If I want to optimize cost for very high-volume short preprocessing tasks, I may split out a lightweight Express workflow in front, but I keep the long-running document path in Standard.</p> <h2> 2) Tune Distributed Map concurrency to downstream capacity </h2> <p>Distributed Map can scale very high, but the bottleneck is usually downstream service quotas (Textract, Lambda concurrency, DynamoDB write capacity, etc.).</p> <p>What I do:</p> <ul> <li>make concurrency configurable (<code>MaxConcurrencyPath</code>)</li> <li>start conservatively in production</li> <li>load test with realistic document sizes and page counts</li> <li>request quota increases before large launches</li> </ul> <h2> 3) Reduce unnecessary state transitions </h2> <p>Polling is simple, but excessive polling increases state transitions and cost.</p> <p>Practical tuning:</p> <ul> <li>increase wait interval after the first few polls (progressive backoff)</li> <li>use doc-size-aware polling intervals (longer waits for large PDFs)</li> <li>consider SNS/SQS callback for long-running jobs</li> </ul> <h2> 4) Store outputs once, reuse many times </h2> <p>I avoid re-running Textract when:</p> <ul> <li>a replay is only needed for normalization logic changes</li> <li>a downstream consumer fails</li> <li>a human review needs to re-open a prior result</li> </ul> <p>By storing raw output + normalized output + audit events, I can replay downstream steps without paying for re-extraction.</p> <h2> 5) Separate hot path and review path </h2> <p>I do not force all documents through human review.<br> Most documents should:</p> <ul> <li>extract</li> <li>validate</li> <li>publish</li> <li>finish</li> </ul> <p>Only low-confidence or exception cases enter the review path. This keeps cost and latency predictable.</p> <h2> 6) Add lifecycle policies </h2> <p>For S3 cost management, I usually apply different retention windows:</p> <ul> <li>raw uploads: longer retention (compliance dependent)</li> <li>raw Textract artifacts: medium retention</li> <li>normalized results: longer (business value)</li> <li>debug-only artifacts: shorter</li> </ul> <h1> Security, Compliance, and Operational Notes </h1> <h2> IAM least privilege </h2> <p>Give each component only what it needs:</p> <ul> <li>Step Functions can call specific Lambdas / Textract / EventBridge</li> <li>Lambdas can read/write only the intended buckets/prefixes</li> <li>Reviewer API can only access review table + Step Functions callback APIs</li> </ul> <h2> Encryption </h2> <p>I enable encryption at rest for:</p> <ul> <li>S3 buckets</li> <li>DynamoDB tables</li> <li>logs (when applicable)</li> </ul> <p>If needed, I also use KMS for tighter key control and auditability.</p> <h2> PII considerations </h2> <p>Document pipelines often contain sensitive data. I plan for:</p> <ul> <li>access controls by tenant</li> <li>minimal logging (no full document contents in logs)</li> <li>review UI redaction where needed</li> <li>retention policies aligned to policy/legal requirements</li> </ul> <h2> Observability </h2> <p>I instrument:</p> <ul> <li>Step Functions execution failure alarms</li> <li>Lambda error/throttle alarms</li> <li>custom metrics (documents processed, review rate, average pages/doc, latency)</li> <li>audit events for business-level tracing</li> </ul> <h1> Demo Tips (if you are presenting this live) </h1> <p>This pattern demos extremely well if you show all three views:</p> <ol> <li> <p><strong>Upload a document</strong></p> <ul> <li>drag-and-drop into S3 (or app UI)</li> </ul> </li> <li> <p><strong>Workflow progress</strong></p> <ul> <li>Step Functions execution graph</li> <li>Distributed Map child runs for batches</li> </ul> </li> <li> <p><strong>Outputs</strong></p> <ul> <li>raw Textract JSON pointer</li> <li>normalized JSON in S3</li> <li>audit trail item(s)</li> <li>human review queue (triggered by a low-confidence sample)</li> </ul> </li> </ol> <p>If I want a smooth live demo, I prepare:</p> <ul> <li>one “clean” invoice (no review needed)</li> <li>one noisy/scanned doc (human review path)</li> <li>one small batch manifest (3 to 10 docs) to show Distributed Map fan-out</li> </ul> <h1> Extensions I would add next </h1> <p>Once this base pipeline is running, it becomes a great platform for extensions:</p> <ul> <li> <strong>Document classification</strong> before extraction (route to different extraction templates)</li> <li> <strong>Schema validation</strong> per document type</li> <li> <strong>OpenSearch indexing</strong> for searchable archives</li> <li> <strong>Comprehend / Bedrock post-processing</strong> for summaries and entity normalization</li> <li> <strong>Tenant-specific extraction configs</strong> (thresholds, required fields, routing)</li> <li> <strong>Replay tooling</strong> for partial reprocessing from audit trail checkpoints</li> </ul> <h1> Closing Thoughts </h1> <p>I like this architecture because it is not just a toy OCR demo. It demonstrates a proper event-driven, auditable, scalable workflow that teams can actually build on.</p> <p>The combination of:</p> <ul> <li><strong>S3 for durable ingress</strong></li> <li><strong>Textract for extraction</strong></li> <li><strong>Step Functions for orchestration</strong></li> <li><strong>Distributed Map for batch scale</strong></li> <li><strong>EventBridge for decoupling</strong></li> <li><strong>callback-based human review for exceptions</strong></li> </ul> <p>gives a strong foundation for production document intelligence systems.</p> <p>If I were publishing this as a developer advocacy post, I would also include a sample repository with:</p> <ul> <li>CDK deployment</li> <li>test documents</li> <li>reviewer UI mock</li> <li>load test script</li> <li>dashboards/alarms</li> </ul> <p>That turns the article into something readers can run and evolve.</p> <h1> References </h1> <ul> <li>Amazon Textract async APIs and async processing overview (start/get patterns, async job model, supported file types, SNS notification model for async operations)</li> <li> <code>GetDocumentAnalysis</code> pagination (<code>MaxResults</code>, <code>NextToken</code>) and paginated retrieval behavior</li> <li>Textract output storage and <code>OutputConfig</code> (custom S3 output and optional KMS for output)</li> <li>Textract quotas and Service Quotas guidance</li> <li>S3 -&gt; EventBridge integration and S3 EventBridge event structure</li> <li>Step Functions Distributed Map (when to use it, high concurrency, child workflows, map runs, input/history limits)</li> <li>Step Functions callback/task token pattern and long waits for external/human steps</li> <li>Step Functions optimized EventBridge integration (<code>events:putEvents</code>) and failure handling behavior</li> <li>Step Functions pricing model (state transitions for Standard workflows)</li> </ul> webdev aws python programming My Study Guide for the Microsoft Certified Machine Learning Operations MLOps Engineer Associate Beta Exam Renaldi Fri, 03 Apr 2026 22:00:00 +0000 https://dev.to/rengond/my-study-guide-for-the-microsoft-certified-machine-learning-operations-mlops-engineer-associate-beta-31g3 https://dev.to/rengond/my-study-guide-for-the-microsoft-certified-machine-learning-operations-mlops-engineer-associate-beta-31g3 <p>When I study beta exams, I do not treat them like ordinary certification exams; I treat them like signals. They usually show where Microsoft thinks the role is heading next, what skills are becoming core, and which responsibilities are moving from specialist territory into mainstream expectations. That is exactly how I approached this one.</p> <p>What stood out to me most is that this exam is not only about shipping a model. It is about owning the full operational system around machine learning and generative AI on Azure. That means infrastructure, repeatability, deployment, monitoring, observability, evaluation, safety, retrieval quality, versioning, and optimization. If you study this as a narrow model training exam, I think you will undershoot what the role is really asking for.</p> <h2> Who I think this exam is really for </h2> <p>I think this beta makes the most sense for people who already have some machine learning familiarity and now want to prove they can think operationally. If you have trained models before but have not spent enough time on automation, deployment, rollout strategy, monitoring, or generative AI quality assurance, this exam will probably stretch you in exactly the right areas.</p> <p>I would also say this guide is useful for people who sit somewhere between data science and platform engineering. That feels like the real audience. Not purely academic machine learning practitioners. Not purely infrastructure engineers. People who want to understand how AI systems actually become production systems.</p> <h2> What I believe the exam is really testing </h2> <p>The current official study guide breaks the exam into five major domains. I would not memorize the domain names only. I would translate them into practical questions.</p> <h3> Domain 1 </h3> <h4> Design and implement an MLOps infrastructure </h4> <p>This is really asking whether you can build the operational foundation for machine learning on Azure in a way that a team could actually reuse.</p> <h3> Domain 2 </h3> <h4> Implement machine learning model lifecycle and operations </h4> <p>This is really asking whether you understand that the model is only one piece of the job, and that lifecycle discipline matters just as much as model quality.</p> <h3> Domain 3 </h3> <h4> Design and implement a GenAIOps infrastructure </h4> <p>This is really asking whether you can treat generative AI systems with the same seriousness that strong teams already apply to software delivery and MLOps.</p> <h3> Domain 4 </h3> <h4> Implement generative AI quality assurance and observability </h4> <p>This is really asking whether you know how to judge if a generative AI system is good, safe, stable, and supportable after release.</p> <h3> Domain 5 </h3> <h4> Optimize generative AI systems and model performance </h4> <p>This is really asking whether you know how to improve a system after the first version works.</p> <h2> My overall study philosophy </h2> <p>My rule for this beta is simple. Study every topic from three different angles.</p> <ul> <li>What the service or capability does</li> <li>Why a team would choose it in real production work</li> <li>What can go wrong after deployment</li> </ul> <p>That third point is where I think a lot of people fall short. It is easy to say you know how to create a workspace, deploy a model, or run an evaluation. It is much harder to explain how you would operate that system safely over time, what you would monitor, what you would version, what you would lock down, and how you would know that something is getting worse.</p> <h2> Domain 1 in depth </h2> <h3> Design and implement an MLOps infrastructure </h3> <p>This domain covers the platform foundations for traditional machine learning on Azure. I see it as the domain that separates casual Azure Machine Learning usage from real MLOps thinking.</p> <h3> What I would focus on </h3> <ul> <li>Azure Machine Learning workspace design</li> <li>Datastores and data assets</li> <li>Compute targets and their purpose</li> <li>Environments and reusable components</li> <li>Registries and cross workspace reuse</li> <li>Identity and access control</li> <li>Private networking and secure access</li> <li>Git integration</li> <li>Azure CLI and Bicep for repeatable setup</li> <li>GitHub Actions for automation</li> </ul> <h3> What I think matters most here </h3> <p>The most important mindset shift is to stop thinking about a workspace as a place where you click around in the portal and start thinking about it as a controlled platform foundation. The exam focus here feels relevant because this is where operational maturity begins. A lot of AI teams still treat infrastructure as something they sort out later. This exam clearly does not.</p> <h3> What I would actually practice </h3> <ul> <li>Create a workspace and understand the role of related resources</li> <li>Compare different compute options and know why you would choose each one</li> <li>Create data assets and environments that can be reused</li> <li>Understand when a registry helps with scale and team collaboration</li> <li>Read Bicep and Azure CLI examples until they stop feeling unfamiliar</li> <li>Set up a simple GitHub Actions workflow that touches the machine learning lifecycle</li> <li>Review a secure networking setup and be able to explain why it matters</li> </ul> <h3> Red flags during study </h3> <ul> <li>Only learning portal steps</li> <li>Ignoring identity and networking</li> <li>Treating source control as optional</li> <li>Memorizing syntax without understanding the operational reason behind it</li> </ul> <h2> Domain 2 in depth </h2> <h3> Implement machine learning model lifecycle and operations </h3> <p>This is the domain I would spend the most time on. It is also the one that feels closest to the day to day reality of MLOps work.</p> <h3> What I would focus on </h3> <ul> <li>Experiment tracking with MLflow</li> <li>Automated machine learning</li> <li>Notebooks and jobs</li> <li>Hyperparameter tuning</li> <li>Distributed training</li> <li>Training pipelines</li> <li>Model registration and lifecycle management</li> <li>Responsible AI checks</li> <li>Batch inference and real time inference</li> <li>Rollout strategy and rollback strategy</li> <li>Drift detection and response</li> <li>Monitoring and retraining triggers</li> </ul> <h3> What I think matters most here </h3> <p>To me, this domain tests whether you understand that training a model is just the beginning. Strong candidates should be able to think in versions, runs, promotion paths, failure handling, deployment strategy, and operational feedback loops.</p> <p>I also think this is where many people who call themselves familiar with MLOps get exposed. A lot of people really mean that they have deployed a model once. That is not the same as managing the lifecycle of a model in production. This domain seems much more aligned with the real role.</p> <h3> What I would actually practice </h3> <ul> <li>Track experiments in MLflow and compare runs with intention</li> <li>Run a simple sweep job and understand what problem it solves</li> <li>Register a model and think carefully about version control</li> <li>Compare batch inference and online inference through real scenarios</li> <li>Study what safe rollout and rollback mean for business risk</li> <li>Review how drift shows up and what an operational response should look like</li> <li>Think through what should trigger retraining and when retraining should not be automatic</li> </ul> <h3> Questions I would ask myself </h3> <ul> <li>How do I know which model version is live</li> <li>What would I monitor after deployment</li> <li>When would I prefer batch over online</li> <li>What would make me roll back quickly</li> <li>What signals tell me performance is degrading</li> </ul> <h2> Domain 3 in depth </h2> <h2> Design and implement a GenAIOps infrastructure </h2> <p>This domain is one of the clearest signs that Microsoft is treating generative AI operations as a first class engineering discipline, not just an experimental side topic.</p> <h3> What I would focus on </h3> <ul> <li>Microsoft Foundry setup and project structure</li> <li>Managed identity and access control</li> <li>Network security</li> <li>Azure CLI and Bicep for deployment</li> <li>Model selection strategy</li> <li>Serverless deployment options</li> <li>Managed compute options</li> <li>Prompt design as an engineering asset</li> <li>Prompt variants and versioning</li> <li>Source control for prompts and application logic</li> <li>Capacity and throughput planning</li> </ul> <h3> What I think matters most here </h3> <p>I really like that this domain does not reduce generative AI work to clever prompting. That would have made the exam feel shallow. Instead, the domain focus suggests that Microsoft wants candidates to think about generative AI as an operational system with infrastructure, security, versioning, and delivery discipline.</p> <p>That feels much more useful and much closer to what strong teams are actually trying to build.</p> <h3> What I would actually practice </h3> <ul> <li>Create a small Foundry project and inspect how it is organized</li> <li>Compare serverless access with managed compute and explain the tradeoff</li> <li>Practice thinking through model choice based on latency, cost, scale, and task fit</li> <li>Store prompt variants in Git and treat them as production assets</li> <li>Compare prompt versions with a repeatable test set instead of instinct alone</li> <li>Review how access, networking, and deployment decisions affect operational safety</li> </ul> <h3> Common mistake I would avoid </h3> <p>Do not study generative AI operations as if it is just prompt engineering plus model selection. The exam focus appears broader than that. I would expect the stronger candidates to understand the surrounding engineering system as well.</p> <h2> Domain 4 in depth </h2> <h3> Implement generative AI quality assurance and observability </h3> <p>This domain is smaller by weighting but huge in practical value. In real production work, this is where weak systems often reveal themselves.</p> <h4> What I would focus on </h4> <ul> <li>Test datasets for evaluation</li> <li>Quality metrics such as groundedness relevance coherence and fluency</li> <li>Safety evaluation</li> <li>Harmful content monitoring</li> <li>Automated evaluations</li> <li>Continuous monitoring in Foundry</li> <li>Latency and throughput tracking</li> <li>Token and cost visibility</li> <li>Logging tracing and debugging</li> </ul> <h4> What I think matters most here </h4> <p>Generative AI systems do not fail in only one way. They can become ungrounded, irrelevant, too expensive, too slow, inconsistent, or unsafe. That means quality assurance for generative AI has to be broader than a simple accuracy mindset.</p> <p>This domain feels very relevant because it pushes candidates toward that broader view. I would not treat it as a side topic just because the weighting is lower. In real projects, a surprising amount of pain starts here.</p> <h4> What I would actually practice </h4> <ul> <li>Build a small evaluation set for a realistic use case</li> <li>Compare outputs against several quality dimensions</li> <li>Think about safety and harmful output as operational concerns</li> <li>Review token consumption and latency as first class engineering metrics</li> <li>Explore tracing and debugging ideas for multi step AI application flows</li> <li>Practice describing what good monitoring should actually tell you</li> </ul> <h4> A practical mindset that helps here </h4> <p>When I study this domain, I try to move beyond asking whether an answer looks good. I ask whether the system is measurable, debuggable, supportable, and safe enough to own over time.</p> <h2> Domain 5 in depth </h2> <h3> Optimize generative AI systems and model performance </h3> <p>This domain is about moving from a working prototype to a stronger production system.</p> <h4> What I would focus on </h4> <ul> <li>Retrieval augmented generation tuning</li> <li>Chunking strategy</li> <li>Similarity thresholds</li> <li>Embedding model choice</li> <li>Hybrid retrieval</li> <li>Relevance evaluation</li> <li>A B style testing</li> <li>Fine tuning strategy</li> <li>Synthetic data management</li> <li>Monitoring customized models in production</li> </ul> <h4> What I think matters most here </h4> <p>I find this domain especially realistic because the hard part of generative AI is often not making something work once. The hard part is making it work better in a controlled and measurable way.</p> <p>The focus here suggests that Microsoft expects candidates to understand optimization as an ongoing engineering process. That feels right to me.</p> <h4> What I would actually practice </h4> <ul> <li>Compare different chunk sizes and review how retrieval quality changes</li> <li>Think about what happens when similarity thresholds are too strict or too loose</li> <li>Compare semantic retrieval and hybrid retrieval for a realistic use case</li> <li>Practice explaining when fine tuning is justified and when retrieval or prompt work is enough</li> <li>Think about how you would promote a customized model into production safely</li> <li>Review relevance tradeoffs alongside latency and cost tradeoffs</li> </ul> <h3> The resources I would use first </h3> <p>I would not study from random blogs first. I would start with the Microsoft material that best matches the beta and then layer my own hands on practice on top.</p> <h3> Official exam page </h3> <p>Use this first to confirm the role focus and linked preparation material.</p> <p>learn.microsoft.com/en-us/credentials/certifications/operationalizing-machine-learning-and-generative-ai-solutions/</p> <h3> Official study guide for AI 300 </h3> <p>This is the single most important resource for mapping your preparation. I would keep coming back to it while studying.</p> <p>learn.microsoft.com/en-us/credentials/certifications/resources/study-guides/ai-300</p> <h3> Official course for operationalizing machine learning and generative AI solutions </h3> <p>This is a very good structured backbone if you want guided preparation.</p> <p>learn.microsoft.com/en-us/training/courses/ai-300t00</p> <h3> Learning path for operationalize machine learning models </h3> <p>This is especially useful for the traditional MLOps parts of the exam such as Azure Machine Learning workflows, pipelines, GitHub Actions, environments, and deployment.</p> <p>learn.microsoft.com/en-us/training/paths/build-first-machine-operations-workflow/</p> <h3> GitHub Actions for Azure Machine Learning </h3> <p>I would study this if CI and CD for machine learning still feels a bit fuzzy.</p> <p>learn.microsoft.com/en-us/azure/machine-learning/how-to-github-actions-machine-learning</p> <h3> Set up MLOps with GitHub and Azure Machine Learning </h3> <p>This is useful if you want a more end to end sample oriented view.</p> <p>learn.microsoft.com/en-us/azure/machine-learning/how-to-setup-mlops-github-azure-ml</p> <h3> Deploy machine learning models to online endpoints </h3> <p>A key resource for real time inference preparation.</p> <p>learn.microsoft.com/en-us/azure/machine-learning/how-to-deploy-online-endpoints</p> <h3> Deploy MLflow models to online endpoints </h3> <p>Important if you want your MLflow understanding to connect directly to Azure deployment patterns.</p> <p>learn.microsoft.com/en-us/azure/machine-learning/how-to-deploy-mlflow-models-online-endpoints</p> <h3> Deploy MLflow models in batch deployments </h3> <p>Helpful for understanding batch inference patterns and where they fit.</p> <p>learn.microsoft.com/en-us/azure/machine-learning/how-to-mlflow-batch</p> <h3> Microsoft Foundry documentation </h3> <p>This is the starting point for the generative AI side of the exam.</p> <p>learn.microsoft.com/en-us/azure/foundry/</p> <h3> Foundry observability </h3> <p>Very important for the quality assurance and monitoring domains.</p> <p>learn.microsoft.com/en-us/azure/foundry/concepts/observability</p> <h3> Evaluate generative AI applications in Foundry </h3> <p>A strong resource for learning how evaluations actually work in practice.</p> <p>learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app</p> <h3> Evaluate AI agents in Foundry </h3> <p>Worth reviewing if you want to understand how Microsoft is framing agent evaluation in operational terms.</p> <p>learn.microsoft.com/en-us/azure/foundry/observability/how-to/evaluate-agent</p> <h2> My recommended study sequence </h2> <p>If I were starting from scratch, this is the order I would follow.</p> <h3> Step 1 </h3> <h4> Build the map </h4> <p>Read the official study guide carefully and create your own notes under the five domains. Mark every topic as strong medium or weak.</p> <h3> Step 2 </h3> <h4> Go deep on core MLOps </h4> <p>Spend focused time on experiments pipelines MLflow model registration endpoints rollout rollback and drift. This is where I think the exam has the most practical depth.</p> <h3> Step 3 </h3> <h4> Add the GenAIOps layer </h4> <p>Move into Foundry setup model choice prompt versioning evaluations observability and optimization. Do not treat this as a separate world. Connect it back to operational discipline.</p> <h3> Step 4 </h3> <h4> Practice decision making </h4> <p>The exam is likely to reward people who can choose between approaches, not just define features. Practice reasoning through tradeoffs.</p> <h3> Step 5 </h3> <h4> Revisit weak areas with hands on reinforcement </h4> <p>When a topic feels vague, do not just reread it. Build a tiny example, sketch a workflow, or explain it aloud.</p> <h2> A four week plan that I think is realistic </h2> <h2> Week 1 </h2> <h3> Build your domain map </h3> <ul> <li>Read the exam page and study guide slowly</li> <li>Build notes for all five domains</li> <li>Mark weak areas honestly</li> <li>Start with the official course or learning path</li> </ul> <h2> Week 2 </h2> <h3> Go deep on machine learning lifecycle work </h3> <ul> <li>Focus on experiments MLflow sweeps pipelines registration deployment and monitoring</li> <li>Practice thinking through real scenarios</li> <li>Learn to describe rollout rollback and drift clearly</li> </ul> <h2> Week 3 </h2> <h3> Go deep on generative AI operations </h3> <ul> <li>Focus on Foundry setup model choice prompt versioning evaluations observability and optimization</li> <li>Build a small comparison mindset for prompts and models</li> <li>Think in terms of quality safety latency and cost together</li> </ul> <h2> Week 4 </h2> <h3> Consolidate and rehearse </h3> <ul> <li>Revisit all weak areas</li> <li>Rebuild key workflows from memory</li> <li>Review official resources again</li> <li>Practice explaining why one approach is better than another</li> </ul> <h2> If you only have a weekend </h2> <p>If time is short, I would not try to cover everything equally.</p> <h3> Day 1 </h3> <ul> <li>Read the study guide carefully</li> <li>Focus first on Domain 2 and Domain 3</li> <li>Build one page notes for traditional MLOps and GenAIOps</li> <li>Review lifecycle thinking more than portal details</li> </ul> <h3> Day 2 </h3> <ul> <li>Cover Domain 1 Domain 4 and Domain 5</li> <li>Review security automation observability evaluation and optimization</li> <li>End by testing whether you can explain each domain in your own words</li> </ul> <h2> What I would avoid during preparation </h2> <ul> <li>Passive reading without building a domain map</li> <li>Studying only portal click paths</li> <li>Ignoring GitHub Actions and infrastructure setup</li> <li>Treating prompt work as separate from engineering discipline</li> <li>Overfocusing on one familiar area and neglecting the rest</li> <li>Memorizing terms without understanding why they matter in production</li> </ul> <h2> My final take </h2> <p>If I had to sum up the beta in one sentence, I would say this exam is trying to validate whether you can think like an operator of AI systems on Azure, not just a user of AI tools.</p> <p>That is why I find it interesting. It feels like a certification for people who want to move from experimentation into ownership.</p> <p>If you are preparing for it, I would study it like a role, not like a quiz. That mindset alone will make your preparation much stronger.</p> ai azure machinelearning programming Serverless ETL/ELT Architecture with S3, EventBridge, Lambda, Step Functions, and Glue Renaldi Sun, 29 Mar 2026 22:00:00 +0000 https://dev.to/aws-builders/serverless-etlelt-architecture-with-s3-eventbridge-lambda-step-functions-and-glue-31l1 https://dev.to/aws-builders/serverless-etlelt-architecture-with-s3-eventbridge-lambda-step-functions-and-glue-31l1 <p>In this post, I will walk through a production-style <strong>serverless ETL/ELT architecture</strong> on AWS using <strong>Amazon S3, Amazon EventBridge, AWS Lambda, AWS Step Functions, and AWS Glue</strong>. I will cover the full flow from event-driven ingestion to validation, quarantine handling, orchestration, schema drift handling, data quality checks, and replay.</p> <p>I am intentionally designing this as a pattern that can support both <strong>ETL</strong> and <strong>ELT</strong>:</p> <ul> <li> <strong>ETL</strong> when I perform transformations in Glue before landing curated outputs</li> <li> <strong>ELT</strong> when I land validated/raw data first and defer transformation to downstream query engines or warehouse jobs</li> </ul> <p>This architecture is a strong fit for data lake ingestion pipelines where I want:</p> <ul> <li>event-driven automation</li> <li>low operational overhead</li> <li>clear failure handling</li> <li>replayability</li> <li>observability</li> <li>and enough flexibility to survive real-world data messiness</li> </ul> <p>A few implementation choices in this post are deliberate:</p> <ul> <li>I use <strong>Step Functions Standard</strong> (not Express) because I want durable, auditable executions and because the common Glue <code>.sync</code> integration pattern is not supported in Express workflows. AWS documents the Standard vs Express execution semantics and notes that Express does not support <code>.sync</code> job-run service integration patterns. (<a href="https://docs.aws.amazon.com/step-functions/latest/dg/choosing-workflow-type.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>I use <strong>S3 Event Notifications via EventBridge</strong> for flexible routing and filtering. AWS also notes that after enabling EventBridge delivery on an S3 bucket, it can take around five minutes for changes to take effect, which is worth remembering during testing. (<a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-event-notifications-eventbridge.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> </ul> <h2> Why this architecture works well in practice </h2> <p>When I build data ingestion pipelines, the biggest problems are usually not the happy path. They are:</p> <ul> <li>malformed files</li> <li>duplicate deliveries</li> <li>late files</li> <li>schema drift</li> <li>partial failures</li> <li>silently bad data</li> <li>and the inability to replay safely</li> </ul> <p>This pattern addresses those operational concerns directly:</p> <ul> <li> <strong>S3 + EventBridge</strong> gives me flexible event routing</li> <li> <strong>Lambda</strong> handles fast validation/classification</li> <li> <strong>Step Functions</strong> gives me explicit orchestration, branching, retries, and auditability</li> <li> <strong>Glue</strong> handles scalable transformation and schema normalization</li> <li> <strong>Glue Data Quality (or equivalent checks)</strong> enforces quality gates before data becomes trusted</li> </ul> <p>AWS Glue Data Quality is a managed, serverless capability built on DeeQu and uses DQDL (Data Quality Definition Language), which is useful when I want rules-as-code for quality checks. (<a href="https://docs.aws.amazon.com/glue/latest/dg/glue-data-quality.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h2> Architecture Overview </h2> <p>At a high level, I split the data lake into zones and make each stage explicit:</p> <ul> <li> <strong>raw-ingest bucket</strong>: original landing location (immutable input)</li> <li> <strong>validated bucket</strong>: files that passed lightweight ingest validation</li> <li> <strong>quarantine bucket</strong>: invalid files, bad schema changes, or failed quality checks</li> <li> <strong>curated bucket</strong>: transformed and query-ready outputs</li> <li> <strong>dq-results bucket</strong>: data quality evaluation outputs and reports</li> <li> <strong>replay-manifest bucket</strong>: manifests used to reprocess files safely</li> </ul> <p>The flow is:</p> <ol> <li>A producer drops a file in <code>raw-ingest</code> </li> <li>S3 emits an event to EventBridge</li> <li>EventBridge triggers a validation Lambda</li> <li>Lambda validates and stages valid files into <code>validated</code> </li> <li>Lambda starts Step Functions with a normalized payload</li> <li>Step Functions runs Glue transformation</li> <li>Step Functions runs data quality checks</li> <li>Pass -&gt; publish success / expose curated data</li> <li>Fail -&gt; quarantine and notify</li> <li>Replay can be triggered later using replay manifests</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkhfnncaroa2x6gqwu6rn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkhfnncaroa2x6gqwu6rn.png" alt=" " width="800" height="242"></a></p> <h2> End-to-End Walkthrough </h2> <h3> 1) Event-driven ingest (S3 -&gt; EventBridge) </h3> <p>I start by enabling <strong>EventBridge notifications</strong> on the raw ingest bucket. This gives me centralized event filtering/routing in EventBridge rather than hardwiring everything as direct S3 notifications.</p> <p>AWS documents S3 EventBridge integration and bucket-level enablement for EventBridge event delivery. (<a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-event-notifications-eventbridge.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h4> Example: enable EventBridge on the raw ingest bucket </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>aws s3api put-bucket-notification-configuration <span class="se">\</span> <span class="nt">--bucket</span> my-raw-ingest-bucket <span class="se">\</span> <span class="nt">--notification-configuration</span> <span class="s1">'{ "EventBridgeConfiguration": {} }'</span> </code></pre> </div> <h3> 2) Event filtering in EventBridge </h3> <p>I usually create one or more EventBridge rules to target datasets by path prefix and file type. This lets me route different datasets into different workflows without changing the producers.</p> <h4> Example EventBridge rule pattern (illustrative) </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"source"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"aws.s3"</span><span class="p">],</span><span class="w"> </span><span class="nl">"detail-type"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Object Created"</span><span class="p">],</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"bucket"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"my-raw-ingest-bucket"</span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"object"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"prefix"</span><span class="p">:</span><span class="w"> </span><span class="s2">"landing/orders/"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>From here, I send the event to a <strong>Validation Lambda</strong> (or directly to Step Functions if I want validation inside the state machine).</p> <h3> 3) Validation and quarantine buckets </h3> <p>I like to separate <strong>lightweight ingest validation</strong> from heavy transforms:</p> <ul> <li>file naming / suffix checks</li> <li>minimum size checks</li> <li>header checks (CSV/JSON)</li> <li>partition key extraction from path</li> <li>duplicate detection / idempotency signal generation</li> <li>metadata enrichment (dataset, source, arrival timestamp, run ID)</li> </ul> <p>If validation passes, I stage the object into a <strong>validated bucket</strong>.<br> If it fails, I route it to <strong>quarantine</strong> with a reason code.</p> <p>This gives me two important benefits:</p> <ol> <li>I preserve the original raw object for traceability</li> <li>I avoid sending obviously bad data into expensive Glue runs</li> </ol> <h4> Example validation Lambda (Python) </h4> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">uuid</span> <span class="kn">import</span> <span class="n">urllib.parse</span> <span class="kn">from</span> <span class="n">datetime</span> <span class="kn">import</span> <span class="n">datetime</span><span class="p">,</span> <span class="n">timezone</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">)</span> <span class="n">sfn</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">stepfunctions</span><span class="sh">"</span><span class="p">)</span> <span class="n">VALIDATED_BUCKET</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">VALIDATED_BUCKET</span><span class="sh">"</span><span class="p">]</span> <span class="n">STATE_MACHINE_ARN</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">STATE_MACHINE_ARN</span><span class="sh">"</span><span class="p">]</span> <span class="n">ALLOWED_SUFFIXES</span> <span class="o">=</span> <span class="p">(</span><span class="sh">"</span><span class="s">.csv</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">.json</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">.jsonl</span><span class="sh">"</span><span class="p">)</span> <span class="n">MIN_BYTES</span> <span class="o">=</span> <span class="mi">10</span> <span class="c1"># example threshold </span> <span class="k">def</span> <span class="nf">_extract_dataset</span><span class="p">(</span><span class="n">key</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="c1"># Example key: landing/orders/2026/02/25/orders_001.csv </span> <span class="n">parts</span> <span class="o">=</span> <span class="n">key</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="sh">"</span><span class="s">/</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="nf">len</span><span class="p">(</span><span class="n">parts</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">2</span> <span class="ow">or</span> <span class="n">parts</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">!=</span> <span class="sh">"</span><span class="s">landing</span><span class="sh">"</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">invalid_key_prefix</span><span class="sh">"</span><span class="p">)</span> <span class="k">return</span> <span class="n">parts</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="k">def</span> <span class="nf">_validate_object</span><span class="p">(</span><span class="n">bucket</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">key</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">dict</span><span class="p">:</span> <span class="n">head</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">head_object</span><span class="p">(</span><span class="n">Bucket</span><span class="o">=</span><span class="n">bucket</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">key</span><span class="p">)</span> <span class="n">size</span> <span class="o">=</span> <span class="n">head</span><span class="p">[</span><span class="sh">"</span><span class="s">ContentLength</span><span class="sh">"</span><span class="p">]</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">key</span><span class="p">.</span><span class="nf">lower</span><span class="p">().</span><span class="nf">endswith</span><span class="p">(</span><span class="n">ALLOWED_SUFFIXES</span><span class="p">):</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">unsupported_extension</span><span class="sh">"</span><span class="p">}</span> <span class="k">if</span> <span class="n">size</span> <span class="o">&lt;</span> <span class="n">MIN_BYTES</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">file_too_small</span><span class="sh">"</span><span class="p">}</span> <span class="n">dataset</span> <span class="o">=</span> <span class="nf">_extract_dataset</span><span class="p">(</span><span class="n">key</span><span class="p">)</span> <span class="c1"># Optional: inspect a small header/sample for CSV/JSON sanity </span> <span class="n">sample</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">get_object</span><span class="p">(</span><span class="n">Bucket</span><span class="o">=</span><span class="n">bucket</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">key</span><span class="p">,</span> <span class="n">Range</span><span class="o">=</span><span class="sh">"</span><span class="s">bytes=0-1023</span><span class="sh">"</span><span class="p">)[</span><span class="sh">"</span><span class="s">Body</span><span class="sh">"</span><span class="p">].</span><span class="nf">read</span><span class="p">()</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">sample</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">empty_sample</span><span class="sh">"</span><span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">dataset</span><span class="sh">"</span><span class="p">:</span> <span class="n">dataset</span><span class="p">,</span> <span class="sh">"</span><span class="s">size_bytes</span><span class="sh">"</span><span class="p">:</span> <span class="n">size</span><span class="p">,</span> <span class="sh">"</span><span class="s">content_type</span><span class="sh">"</span><span class="p">:</span> <span class="n">head</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">ContentType</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">application/octet-stream</span><span class="sh">"</span><span class="p">),</span> <span class="sh">"</span><span class="s">etag</span><span class="sh">"</span><span class="p">:</span> <span class="n">head</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">ETag</span><span class="sh">"</span><span class="p">,</span> <span class="sh">""</span><span class="p">).</span><span class="nf">strip</span><span class="p">(</span><span class="sh">'"'</span><span class="p">),</span> <span class="p">}</span> <span class="k">def</span> <span class="nf">_stage_validated_copy</span><span class="p">(</span><span class="n">src_bucket</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">src_key</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">dataset</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">run_id</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="c1"># I usually add a run/date prefix for traceability </span> <span class="n">now</span> <span class="o">=</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">)</span> <span class="n">dst_key</span> <span class="o">=</span> <span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="s">validated/</span><span class="si">{</span><span class="n">dataset</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="s">ingest_date=</span><span class="si">{</span><span class="n">now</span><span class="si">:</span><span class="o">%</span><span class="n">Y</span><span class="o">-%</span><span class="n">m</span><span class="o">-%</span><span class="n">d</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="s">run_id=</span><span class="si">{</span><span class="n">run_id</span><span class="si">}</span><span class="s">/</span><span class="sh">"</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">src_key</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="sh">'</span><span class="s">/</span><span class="sh">'</span><span class="p">)[</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span> <span class="p">)</span> <span class="n">s3</span><span class="p">.</span><span class="nf">copy_object</span><span class="p">(</span> <span class="n">Bucket</span><span class="o">=</span><span class="n">VALIDATED_BUCKET</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">dst_key</span><span class="p">,</span> <span class="n">CopySource</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">Bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_bucket</span><span class="p">,</span> <span class="sh">"</span><span class="s">Key</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_key</span><span class="p">},</span> <span class="n">MetadataDirective</span><span class="o">=</span><span class="sh">"</span><span class="s">REPLACE</span><span class="sh">"</span><span class="p">,</span> <span class="n">Metadata</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">source_bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_bucket</span><span class="p">,</span> <span class="sh">"</span><span class="s">source_key</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_key</span><span class="p">,</span> <span class="sh">"</span><span class="s">run_id</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">dataset</span><span class="sh">"</span><span class="p">:</span> <span class="n">dataset</span><span class="p">,</span> <span class="sh">"</span><span class="s">validated_at</span><span class="sh">"</span><span class="p">:</span> <span class="n">now</span><span class="p">.</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}</span> <span class="p">)</span> <span class="k">return</span> <span class="n">dst_key</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Supports direct EventBridge S3 events. </span><span class="sh">"""</span> <span class="n">detail</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">]</span> <span class="n">src_bucket</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">]</span> <span class="n">src_key</span> <span class="o">=</span> <span class="n">urllib</span><span class="p">.</span><span class="n">parse</span><span class="p">.</span><span class="nf">unquote_plus</span><span class="p">(</span><span class="n">detail</span><span class="p">[</span><span class="sh">"</span><span class="s">object</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">])</span> <span class="n">run_id</span> <span class="o">=</span> <span class="nf">str</span><span class="p">(</span><span class="n">uuid</span><span class="p">.</span><span class="nf">uuid4</span><span class="p">())</span> <span class="n">validation</span> <span class="o">=</span> <span class="nf">_validate_object</span><span class="p">(</span><span class="n">src_bucket</span><span class="p">,</span> <span class="n">src_key</span><span class="p">)</span> <span class="n">payload</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">source</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_bucket</span><span class="p">,</span> <span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="n">src_key</span> <span class="p">},</span> <span class="sh">"</span><span class="s">validation</span><span class="sh">"</span><span class="p">:</span> <span class="n">validation</span><span class="p">,</span> <span class="sh">"</span><span class="s">receivedAt</span><span class="sh">"</span><span class="p">:</span> <span class="n">datetime</span><span class="p">.</span><span class="nf">now</span><span class="p">(</span><span class="n">timezone</span><span class="p">.</span><span class="n">utc</span><span class="p">).</span><span class="nf">isoformat</span><span class="p">()</span> <span class="p">}</span> <span class="k">if</span> <span class="n">validation</span><span class="p">[</span><span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">]:</span> <span class="n">dst_key</span> <span class="o">=</span> <span class="nf">_stage_validated_copy</span><span class="p">(</span><span class="n">src_bucket</span><span class="p">,</span> <span class="n">src_key</span><span class="p">,</span> <span class="n">validation</span><span class="p">[</span><span class="sh">"</span><span class="s">dataset</span><span class="sh">"</span><span class="p">],</span> <span class="n">run_id</span><span class="p">)</span> <span class="n">payload</span><span class="p">[</span><span class="sh">"</span><span class="s">validated</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">VALIDATED_BUCKET</span><span class="p">,</span> <span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="n">dst_key</span><span class="p">,</span> <span class="sh">"</span><span class="s">s3Uri</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">s3://</span><span class="si">{</span><span class="n">VALIDATED_BUCKET</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">dst_key</span><span class="si">}</span><span class="sh">"</span> <span class="p">}</span> <span class="c1"># Start orchestration (Step Functions Standard) </span> <span class="n">sfn</span><span class="p">.</span><span class="nf">start_execution</span><span class="p">(</span> <span class="n">stateMachineArn</span><span class="o">=</span><span class="n">STATE_MACHINE_ARN</span><span class="p">,</span> <span class="n">name</span><span class="o">=</span><span class="n">run_id</span><span class="p">,</span> <span class="nb">input</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">payload</span><span class="p">)</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">202</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">})}</span> </code></pre> </div> <h3> Implementation notes for validation </h3> <p>A few things I recommend in production:</p> <ul> <li> <strong>Do not rely on ETag as a universal checksum</strong> for multipart uploads</li> <li>Keep validation Lambda <strong>fast</strong> and <strong>deterministic</strong> </li> <li>Record a consistent <strong>run ID</strong> and propagate it through every stage</li> <li>Treat the raw bucket as immutable evidence</li> <li>Add bucket lifecycle policies for quarantine and intermediate zones</li> </ul> <h3> 4) Orchestration for transforms (Step Functions) </h3> <p>This is where the pipeline becomes operationally manageable.</p> <p>I use Step Functions to:</p> <ul> <li>branch on validation status</li> <li>invoke quarantine logic on failure</li> <li>invoke Glue for transform</li> <li>run data quality checks</li> <li>branch on DQ result</li> <li>emit success/failure events/notifications</li> <li>maintain an auditable execution trail</li> </ul> <p>AWS documents the Step Functions Glue integration for starting Glue jobs, which is exactly what I use here. (<a href="https://docs.aws.amazon.com/step-functions/latest/dg/connect-glue.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h4> Example Step Functions state machine (ASL JSON, simplified) </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Serverless ETL/ELT pipeline with validation, transform, DQ, and quarantine"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ValidationPassed?"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ValidationPassed?"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Choice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Choices"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.validation.valid"</span><span class="p">,</span><span class="w"> </span><span class="nl">"BooleanEquals"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PersistMetadata"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Default"</span><span class="p">:</span><span class="w"> </span><span class="s2">"QuarantineInvalidInput"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PersistMetadata"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Pass"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"runId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"source.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.source"</span><span class="p">,</span><span class="w"> </span><span class="nl">"validated.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.validated"</span><span class="p">,</span><span class="w"> </span><span class="nl">"validation.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.validation"</span><span class="p">,</span><span class="w"> </span><span class="nl">"receivedAt.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.receivedAt"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"RunGlueTransform"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"RunGlueTransform"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::glue:startJobRun.sync"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"JobName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders-curation-job"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arguments"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"--run_id.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"--input_s3_uri.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.validated.s3Uri"</span><span class="p">,</span><span class="w"> </span><span class="nl">"--output_s3_uri"</span><span class="p">:</span><span class="w"> </span><span class="s2">"s3://my-curated-bucket/curated/orders/"</span><span class="p">,</span><span class="w"> </span><span class="nl">"--dataset"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Retry"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Glue.ConcurrentRunsExceededException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"States.TaskFailed"</span><span class="p">],</span><span class="w"> </span><span class="nl">"IntervalSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">10</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxAttempts"</span><span class="p">:</span><span class="w"> </span><span class="mi">3</span><span class="p">,</span><span class="w"> </span><span class="nl">"BackoffRate"</span><span class="p">:</span><span class="w"> </span><span class="mf">2.0</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Catch"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"States.ALL"</span><span class="p">],</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"QuarantineTransformFailure"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"RunDataQualityChecks"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"RunDataQualityChecks"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"dq-evaluator-lambda"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"runId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"dataset"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders"</span><span class="p">,</span><span class="w"> </span><span class="nl">"curatedS3Prefix"</span><span class="p">:</span><span class="w"> </span><span class="s2">"s3://my-curated-bucket/curated/orders/"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.dqInvoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Catch"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"States.ALL"</span><span class="p">],</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"QuarantineDQFailure"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DQPassed?"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"DQPassed?"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Choice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Choices"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.dqInvoke.Payload.pass"</span><span class="p">,</span><span class="w"> </span><span class="nl">"BooleanEquals"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishSuccess"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Default"</span><span class="p">:</span><span class="w"> </span><span class="s2">"QuarantineDQFailure"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishSuccess"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Pass"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Result"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SUCCEEDED"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"QuarantineInvalidInput"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"quarantine-lambda"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"runId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"source.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.source"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.validation.reason"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stage"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INGEST_VALIDATION"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"QuarantineTransformFailure"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"quarantine-lambda"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"runId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"source.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.source"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GLUE_TRANSFORM_FAILURE"</span><span class="p">,</span><span class="w"> </span><span class="nl">"error.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stage"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TRANSFORM"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"QuarantineDQFailure"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"quarantine-lambda"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"runId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.runId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"source.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.source"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DATA_QUALITY_FAILURE"</span><span class="p">,</span><span class="w"> </span><span class="nl">"dqResult.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.dqInvoke.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stage"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DATA_QUALITY"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Why I prefer Standard over Express here </h3> <p>This pattern tends to include:</p> <ul> <li>Glue jobs</li> <li>multiple branches</li> <li>retries</li> <li>audit needs</li> <li>potential human investigation/replay</li> </ul> <p>Step Functions Standard gives me durability and auditability, and AWS documents that Standard and Express have different execution semantics, durations, and integration pattern support (including the <code>.sync</code> limitation in Express). (<a href="https://docs.aws.amazon.com/step-functions/latest/dg/choosing-workflow-type.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h2> Glue transformation implementation (ETL core) </h2> <p>For the transformation layer, I use <strong>AWS Glue</strong> because it scales well and integrates naturally with S3 and the Data Catalog.</p> <p>AWS Glue’s <code>DynamicFrame</code> is especially useful when incoming schemas are not cleanly stable because records are self-describing and schema inconsistencies can be represented as choice/union types. AWS also documents <code>resolveChoice()</code> as a recommended approach to handle multi-typed fields. (<a href="https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-pyspark-extensions-dynamic-frame.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h3> Example Glue job script (PySpark, simplified) </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">sys</span> <span class="kn">from</span> <span class="n">awsglue.transforms</span> <span class="kn">import</span> <span class="o">*</span> <span class="kn">from</span> <span class="n">awsglue.utils</span> <span class="kn">import</span> <span class="n">getResolvedOptions</span> <span class="kn">from</span> <span class="n">pyspark.context</span> <span class="kn">import</span> <span class="n">SparkContext</span> <span class="kn">from</span> <span class="n">awsglue.context</span> <span class="kn">import</span> <span class="n">GlueContext</span> <span class="kn">from</span> <span class="n">awsglue.job</span> <span class="kn">import</span> <span class="n">Job</span> <span class="kn">from</span> <span class="n">awsglue.dynamicframe</span> <span class="kn">import</span> <span class="n">DynamicFrame</span> <span class="kn">from</span> <span class="n">pyspark.sql</span> <span class="kn">import</span> <span class="n">functions</span> <span class="k">as</span> <span class="n">F</span> <span class="n">args</span> <span class="o">=</span> <span class="nf">getResolvedOptions</span><span class="p">(</span><span class="n">sys</span><span class="p">.</span><span class="n">argv</span><span class="p">,</span> <span class="p">[</span> <span class="sh">"</span><span class="s">JOB_NAME</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">run_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">input_s3_uri</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">output_s3_uri</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">dataset</span><span class="sh">"</span> <span class="p">])</span> <span class="n">sc</span> <span class="o">=</span> <span class="nc">SparkContext</span><span class="p">()</span> <span class="n">glue_context</span> <span class="o">=</span> <span class="nc">GlueContext</span><span class="p">(</span><span class="n">sc</span><span class="p">)</span> <span class="n">spark</span> <span class="o">=</span> <span class="n">glue_context</span><span class="p">.</span><span class="n">spark_session</span> <span class="n">job</span> <span class="o">=</span> <span class="nc">Job</span><span class="p">(</span><span class="n">glue_context</span><span class="p">)</span> <span class="n">job</span><span class="p">.</span><span class="nf">init</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="sh">"</span><span class="s">JOB_NAME</span><span class="sh">"</span><span class="p">],</span> <span class="n">args</span><span class="p">)</span> <span class="n">run_id</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="sh">"</span><span class="s">run_id</span><span class="sh">"</span><span class="p">]</span> <span class="n">input_s3_uri</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="sh">"</span><span class="s">input_s3_uri</span><span class="sh">"</span><span class="p">]</span> <span class="n">output_s3_uri</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="sh">"</span><span class="s">output_s3_uri</span><span class="sh">"</span><span class="p">]</span> <span class="n">dataset</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="sh">"</span><span class="s">dataset</span><span class="sh">"</span><span class="p">]</span> <span class="c1"># Example assumes CSV; in production I usually parameterize format/options </span><span class="n">raw_dyf</span> <span class="o">=</span> <span class="n">glue_context</span><span class="p">.</span><span class="n">create_dynamic_frame</span><span class="p">.</span><span class="nf">from_options</span><span class="p">(</span> <span class="n">connection_type</span><span class="o">=</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">,</span> <span class="n">connection_options</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">paths</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">input_s3_uri</span><span class="p">],</span> <span class="sh">"</span><span class="s">recurse</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">},</span> <span class="nb">format</span><span class="o">=</span><span class="sh">"</span><span class="s">csv</span><span class="sh">"</span><span class="p">,</span> <span class="n">format_options</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">withHeader</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">separator</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">,</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">quoteChar</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="se">\"</span><span class="sh">"</span> <span class="p">},</span> <span class="n">transformation_ctx</span><span class="o">=</span><span class="sh">"</span><span class="s">raw_dyf</span><span class="sh">"</span> <span class="p">)</span> <span class="c1"># Handle schema drift / ambiguous types # Example: amount might arrive as string in some files and numeric in others </span><span class="n">resolved_dyf</span> <span class="o">=</span> <span class="n">raw_dyf</span><span class="p">.</span><span class="nf">resolveChoice</span><span class="p">(</span><span class="n">specs</span><span class="o">=</span><span class="p">[</span> <span class="p">(</span><span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">cast:double</span><span class="sh">"</span><span class="p">),</span> <span class="p">(</span><span class="sh">"</span><span class="s">order_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">cast:string</span><span class="sh">"</span><span class="p">),</span> <span class="p">(</span><span class="sh">"</span><span class="s">customer_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">cast:string</span><span class="sh">"</span><span class="p">)</span> <span class="p">])</span> <span class="c1"># Convert to Spark DataFrame for richer transforms </span><span class="n">df</span> <span class="o">=</span> <span class="n">resolved_dyf</span><span class="p">.</span><span class="nf">toDF</span><span class="p">()</span> <span class="c1"># Add operational metadata </span><span class="n">df</span> <span class="o">=</span> <span class="p">(</span> <span class="n">df</span> <span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">pipeline_run_id</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">lit</span><span class="p">(</span><span class="n">run_id</span><span class="p">))</span> <span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">dataset_name</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">lit</span><span class="p">(</span><span class="n">dataset</span><span class="p">))</span> <span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">processed_at_utc</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">current_timestamp</span><span class="p">())</span> <span class="p">)</span> <span class="c1"># Example normalization </span><span class="k">if</span> <span class="sh">"</span><span class="s">currency</span><span class="sh">"</span> <span class="ow">in</span> <span class="n">df</span><span class="p">.</span><span class="n">columns</span><span class="p">:</span> <span class="n">df</span> <span class="o">=</span> <span class="n">df</span><span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">upper</span><span class="p">(</span><span class="n">F</span><span class="p">.</span><span class="nf">col</span><span class="p">(</span><span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">)))</span> <span class="k">if</span> <span class="sh">"</span><span class="s">event_ts</span><span class="sh">"</span> <span class="ow">in</span> <span class="n">df</span><span class="p">.</span><span class="n">columns</span><span class="p">:</span> <span class="n">df</span> <span class="o">=</span> <span class="n">df</span><span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">event_ts</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">to_timestamp</span><span class="p">(</span><span class="sh">"</span><span class="s">event_ts</span><span class="sh">"</span><span class="p">))</span> <span class="c1"># Example partition column </span><span class="n">df</span> <span class="o">=</span> <span class="n">df</span><span class="p">.</span><span class="nf">withColumn</span><span class="p">(</span><span class="sh">"</span><span class="s">ingest_date</span><span class="sh">"</span><span class="p">,</span> <span class="n">F</span><span class="p">.</span><span class="nf">to_date</span><span class="p">(</span><span class="n">F</span><span class="p">.</span><span class="nf">col</span><span class="p">(</span><span class="sh">"</span><span class="s">processed_at_utc</span><span class="sh">"</span><span class="p">)))</span> <span class="c1"># Optional: enforce target schema / select only known columns (ELT-friendly alternative is to keep extras) </span><span class="n">target_columns</span> <span class="o">=</span> <span class="p">[</span><span class="n">c</span> <span class="k">for</span> <span class="n">c</span> <span class="ow">in</span> <span class="p">[</span> <span class="sh">"</span><span class="s">order_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">customer_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">event_ts</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">pipeline_run_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">dataset_name</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">processed_at_utc</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">ingest_date</span><span class="sh">"</span> <span class="p">]</span> <span class="k">if</span> <span class="n">c</span> <span class="ow">in</span> <span class="n">df</span><span class="p">.</span><span class="n">columns</span><span class="p">]</span> <span class="n">df_out</span> <span class="o">=</span> <span class="n">df</span><span class="p">.</span><span class="nf">select</span><span class="p">(</span><span class="o">*</span><span class="n">target_columns</span><span class="p">)</span> <span class="c1"># Write curated data </span><span class="p">(</span> <span class="n">df_out</span><span class="p">.</span><span class="n">write</span> <span class="p">.</span><span class="nf">mode</span><span class="p">(</span><span class="sh">"</span><span class="s">append</span><span class="sh">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">format</span><span class="p">(</span><span class="sh">"</span><span class="s">parquet</span><span class="sh">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">partitionBy</span><span class="p">(</span><span class="sh">"</span><span class="s">ingest_date</span><span class="sh">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="n">output_s3_uri</span><span class="p">)</span> <span class="p">)</span> <span class="n">job</span><span class="p">.</span><span class="nf">commit</span><span class="p">()</span> </code></pre> </div> <h2> Schema drift handling (the part that usually breaks first) </h2> <p>Schema drift is not one problem. It is several different problems:</p> <ul> <li> <strong>additive drift</strong> (new columns appear)</li> <li> <strong>type drift</strong> (same column changes type)</li> <li> <strong>structural drift</strong> (nested shape changes)</li> <li> <strong>semantic drift</strong> (same field name, different meaning)</li> <li> <strong>contract drift</strong> (breaking changes without notice)</li> </ul> <p>I recommend treating them differently.</p> <h3> My practical schema drift policy </h3> <h4> 1) Additive columns (usually safe) </h4> <p>If a producer adds a new column and my downstream consumers can tolerate it, I usually:</p> <ul> <li>allow the file</li> <li>retain the new column in a bronze/validated or semi-curated layer</li> <li>update downstream mappings later</li> </ul> <h4> 2) Type drift (common and dangerous) </h4> <p>Example:</p> <ul> <li> <code>amount</code> was numeric yesterday</li> <li>today it arrives as <code>"12.34"</code> string</li> <li>next week it arrives as <code>"N/A"</code> </li> </ul> <p>This is where Glue <code>DynamicFrame</code> + <code>resolveChoice()</code> helps because I can explicitly coerce or split logic for ambiguous types. AWS documents <code>DynamicFrame</code> and <code>resolveChoice()</code> for schema inconsistencies and choice types. (<a href="https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-pyspark-extensions-dynamic-frame.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <p>My preference:</p> <ul> <li>cast when safe</li> <li>preserve raw/original field if coercion may lose information</li> <li>quarantine only when the drift breaks contractual expectations for trusted datasets</li> </ul> <h4> 3) Breaking structural changes (often quarantine-worthy) </h4> <p>If a file violates the expected envelope (for example, missing required keys, wrong delimiter, broken nesting), I quarantine it and emit an alert.</p> <h4> 4) Catalog and schema tracking </h4> <p>I typically track schema evolution using one or both:</p> <ul> <li><strong>Glue Data Catalog + crawler/table versioning</strong></li> <li>a <strong>dataset contract file</strong> (JSON/YAML) in a config repo or S3</li> </ul> <p>For higher maturity pipelines, I define a per-dataset schema policy:</p> <ul> <li><code>allow_additive_columns: true</code></li> <li><code>allow_type_coercion: limited</code></li> <li><code>strict_required_columns: ["order_id", "event_ts"]</code></li> <li><code>quarantine_on_breaking_change: true</code></li> </ul> <h2> Data quality checks (quality gates before trust) </h2> <p>Schema validity is not data quality.</p> <p>A file can be structurally valid and still be unusable:</p> <ul> <li>duplicate IDs</li> <li>null business keys</li> <li>stale data</li> <li>impossible values</li> <li>code list mismatches</li> <li>row counts far outside expected ranges</li> </ul> <p>I usually place data quality checks <strong>after transformation</strong> and before I publish the data as trusted/curated.</p> <p>AWS Glue Data Quality supports rules via DQDL and can be used in Glue ETL jobs or against Data Catalog datasets. (<a href="https://docs.aws.amazon.com/glue/latest/dg/glue-data-quality.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</p> <h3> Example DQDL ruleset (illustrative) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Rules = [ RowCount &gt; 0, IsComplete "order_id", IsUnique "order_id", ColumnExists "event_ts", ColumnValues "currency" in ["AUD","USD","EUR"], ColumnDataType "amount" = "DOUBLE" ] </code></pre> </div> <h3> Example DQ evaluator Lambda (simple custom approach) </h3> <p>In some environments, I start with a lightweight custom Lambda check before moving to full Glue DQ. This is especially useful for small curated datasets or when I want fast control over business-specific rules.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">re</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="kn">import</span> <span class="n">pyarrow.parquet</span> <span class="k">as</span> <span class="n">pq</span> <span class="kn">import</span> <span class="n">s3fs</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">_parse_s3_uri</span><span class="p">(</span><span class="n">uri</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="n">m</span> <span class="o">=</span> <span class="n">re</span><span class="p">.</span><span class="nf">match</span><span class="p">(</span><span class="sa">r</span><span class="sh">"</span><span class="s">^s3://([^/]+)/?(.*)$</span><span class="sh">"</span><span class="p">,</span> <span class="n">uri</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">m</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Invalid S3 URI</span><span class="sh">"</span><span class="p">)</span> <span class="k">return</span> <span class="n">m</span><span class="p">.</span><span class="nf">group</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="n">m</span><span class="p">.</span><span class="nf">group</span><span class="p">(</span><span class="mi">2</span><span class="p">)</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">run_id</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">]</span> <span class="n">curated_prefix</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">curatedS3Prefix</span><span class="sh">"</span><span class="p">]</span> <span class="n">bucket</span><span class="p">,</span> <span class="n">prefix</span> <span class="o">=</span> <span class="nf">_parse_s3_uri</span><span class="p">(</span><span class="n">curated_prefix</span><span class="p">)</span> <span class="n">resp</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">list_objects_v2</span><span class="p">(</span><span class="n">Bucket</span><span class="o">=</span><span class="n">bucket</span><span class="p">,</span> <span class="n">Prefix</span><span class="o">=</span><span class="n">prefix</span><span class="p">,</span> <span class="n">MaxKeys</span><span class="o">=</span><span class="mi">1000</span><span class="p">)</span> <span class="n">objects</span> <span class="o">=</span> <span class="p">[</span><span class="n">o</span><span class="p">[</span><span class="sh">"</span><span class="s">Key</span><span class="sh">"</span><span class="p">]</span> <span class="k">for</span> <span class="n">o</span> <span class="ow">in</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Contents</span><span class="sh">"</span><span class="p">,</span> <span class="p">[])</span> <span class="k">if</span> <span class="n">o</span><span class="p">[</span><span class="sh">"</span><span class="s">Key</span><span class="sh">"</span><span class="p">].</span><span class="nf">endswith</span><span class="p">(</span><span class="sh">"</span><span class="s">.parquet</span><span class="sh">"</span><span class="p">)]</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">objects</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">pass</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">NO_PARQUET_OUTPUT</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">}</span> <span class="c1"># Example: check first file quickly (for large jobs, use Glue DQ or Athena-based checks) </span> <span class="n">fs</span> <span class="o">=</span> <span class="n">s3fs</span><span class="p">.</span><span class="nc">S3FileSystem</span><span class="p">()</span> <span class="n">first_uri</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">bucket</span><span class="si">}</span><span class="s">/</span><span class="si">{</span><span class="n">objects</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span> <span class="n">table</span> <span class="o">=</span> <span class="n">pq</span><span class="p">.</span><span class="nf">read_table</span><span class="p">(</span><span class="n">first_uri</span><span class="p">,</span> <span class="n">filesystem</span><span class="o">=</span><span class="n">fs</span><span class="p">)</span> <span class="n">df</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">to_pandas</span><span class="p">()</span> <span class="n">required_cols</span> <span class="o">=</span> <span class="p">[</span><span class="sh">"</span><span class="s">order_id</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">]</span> <span class="n">missing</span> <span class="o">=</span> <span class="p">[</span><span class="n">c</span> <span class="k">for</span> <span class="n">c</span> <span class="ow">in</span> <span class="n">required_cols</span> <span class="k">if</span> <span class="n">c</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">df</span><span class="p">.</span><span class="n">columns</span><span class="p">]</span> <span class="k">if</span> <span class="n">missing</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">pass</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">MISSING_COLUMNS</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">missing</span><span class="sh">"</span><span class="p">:</span> <span class="n">missing</span><span class="p">,</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">}</span> <span class="k">if</span> <span class="n">df</span><span class="p">[</span><span class="sh">"</span><span class="s">order_id</span><span class="sh">"</span><span class="p">].</span><span class="nf">isnull</span><span class="p">().</span><span class="nf">any</span><span class="p">():</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">pass</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">NULL_ORDER_ID</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">}</span> <span class="nf">if </span><span class="p">(</span><span class="n">df</span><span class="p">[</span><span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">].</span><span class="nf">astype</span><span class="p">(</span><span class="nb">float</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">0</span><span class="p">).</span><span class="nf">any</span><span class="p">():</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">pass</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">NEGATIVE_AMOUNT</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">}</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">pass</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">checkedFiles</span><span class="sh">"</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">objects</span><span class="p">)}</span> </code></pre> </div> <h3> My recommendation in production </h3> <ul> <li>Start with <strong>a small ruleset</strong> that reflects actual business criticality</li> <li>Separate <strong>hard-fail rules</strong> (must quarantine) from <strong>warn rules</strong> (monitor only)</li> <li>Persist DQ results to an S3 prefix and emit metrics (pass rate, failed rules, affected rows)</li> </ul> <h2> Replay design (safe reprocessing without chaos) </h2> <p>Replay is one of the most under-designed parts of data pipelines.</p> <p>If I cannot replay safely, operations become manual and risky very quickly.</p> <h3> What I want from replay </h3> <ul> <li>deterministic input selection</li> <li>idempotent processing</li> <li>clear audit trail</li> <li>no accidental duplicate publishing</li> <li>support for single-file and bulk replays</li> </ul> <h3> Replay pattern used here </h3> <p>I use a <strong>replay manifest</strong> dropped into a replay bucket. That manifest triggers the replay dispatcher Lambda (via EventBridge), which then starts the same Step Functions state machine with replay metadata.</p> <p>This gives me:</p> <ul> <li>a consistent path for normal and replay runs</li> <li>a clear replay artifact I can review/version</li> <li>easy automation from scripts or ops tooling</li> </ul> <h3> Example replay manifest </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"replayId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"replay-2026-02-25-orders-fix-01"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Reprocess files after schema mapping fix"</span><span class="p">,</span><span class="w"> </span><span class="nl">"dataset"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders"</span><span class="p">,</span><span class="w"> </span><span class="nl">"files"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"bucket"</span><span class="p">:</span><span class="w"> </span><span class="s2">"my-raw-ingest-bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="s2">"landing/orders/2026/02/24/orders_001.csv"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"bucket"</span><span class="p">:</span><span class="w"> </span><span class="s2">"my-raw-ingest-bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"key"</span><span class="p">:</span><span class="w"> </span><span class="s2">"landing/orders/2026/02/24/orders_002.csv"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"options"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"force"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"dryRun"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Example replay dispatcher Lambda (conceptual) </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">import</span> <span class="n">uuid</span> <span class="kn">import</span> <span class="n">urllib.parse</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">s3</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">s3</span><span class="sh">"</span><span class="p">)</span> <span class="n">sfn</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">stepfunctions</span><span class="sh">"</span><span class="p">)</span> <span class="n">STATE_MACHINE_ARN</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">STATE_MACHINE_ARN</span><span class="sh">"</span><span class="p">]</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">detail</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">]</span> <span class="n">bucket</span> <span class="o">=</span> <span class="n">detail</span><span class="p">[</span><span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">]</span> <span class="n">key</span> <span class="o">=</span> <span class="n">urllib</span><span class="p">.</span><span class="n">parse</span><span class="p">.</span><span class="nf">unquote_plus</span><span class="p">(</span><span class="n">detail</span><span class="p">[</span><span class="sh">"</span><span class="s">object</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">])</span> <span class="n">obj</span> <span class="o">=</span> <span class="n">s3</span><span class="p">.</span><span class="nf">get_object</span><span class="p">(</span><span class="n">Bucket</span><span class="o">=</span><span class="n">bucket</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="n">key</span><span class="p">)</span> <span class="n">manifest</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">obj</span><span class="p">[</span><span class="sh">"</span><span class="s">Body</span><span class="sh">"</span><span class="p">].</span><span class="nf">read</span><span class="p">())</span> <span class="n">replay_id</span> <span class="o">=</span> <span class="n">manifest</span><span class="p">[</span><span class="sh">"</span><span class="s">replayId</span><span class="sh">"</span><span class="p">]</span> <span class="k">for</span> <span class="n">i</span><span class="p">,</span> <span class="n">f</span> <span class="ow">in</span> <span class="nf">enumerate</span><span class="p">(</span><span class="n">manifest</span><span class="p">[</span><span class="sh">"</span><span class="s">files</span><span class="sh">"</span><span class="p">]):</span> <span class="n">run_id</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">replay_id</span><span class="si">}</span><span class="s">-</span><span class="si">{</span><span class="n">i</span><span class="si">:</span><span class="mi">04</span><span class="n">d</span><span class="si">}</span><span class="sh">"</span> <span class="n">payload</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">runId</span><span class="sh">"</span><span class="p">:</span> <span class="n">run_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">source</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">:</span> <span class="n">f</span><span class="p">[</span><span class="sh">"</span><span class="s">bucket</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">:</span> <span class="n">f</span><span class="p">[</span><span class="sh">"</span><span class="s">key</span><span class="sh">"</span><span class="p">]</span> <span class="p">},</span> <span class="sh">"</span><span class="s">replay</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">replayId</span><span class="sh">"</span><span class="p">:</span> <span class="n">replay_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="n">manifest</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">,</span> <span class="sh">""</span><span class="p">),</span> <span class="sh">"</span><span class="s">options</span><span class="sh">"</span><span class="p">:</span> <span class="n">manifest</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">options</span><span class="sh">"</span><span class="p">,</span> <span class="p">{})</span> <span class="p">},</span> <span class="sh">"</span><span class="s">validation</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span> <span class="sh">"</span><span class="s">valid</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">reason</span><span class="sh">"</span><span class="p">:</span> <span class="bp">None</span> <span class="p">}</span> <span class="c1"># In a fuller implementation, I would re-run validation or call the same validator Lambda </span> <span class="p">}</span> <span class="n">sfn</span><span class="p">.</span><span class="nf">start_execution</span><span class="p">(</span> <span class="n">stateMachineArn</span><span class="o">=</span><span class="n">STATE_MACHINE_ARN</span><span class="p">,</span> <span class="n">name</span><span class="o">=</span><span class="nf">str</span><span class="p">(</span><span class="n">uuid</span><span class="p">.</span><span class="nf">uuid4</span><span class="p">()),</span> <span class="nb">input</span><span class="o">=</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">payload</span><span class="p">)</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">202</span><span class="p">,</span> <span class="sh">"</span><span class="s">started</span><span class="sh">"</span><span class="p">:</span> <span class="nf">len</span><span class="p">(</span><span class="n">manifest</span><span class="p">[</span><span class="sh">"</span><span class="s">files</span><span class="sh">"</span><span class="p">])}</span> </code></pre> </div> <h3> Replay best practices I strongly recommend </h3> <ul> <li>Use a <strong>business idempotency key</strong> (for example, source file URI + dataset + version)</li> <li>Tag replay outputs with replay metadata</li> <li>Keep replay behavior explicit (<code>force</code>, <code>dryRun</code>, <code>skipIfPublished</code>)</li> <li>Never mutate raw inputs during replay</li> <li>Record replay requests and outcomes in a durable audit log (DynamoDB or S3 append logs)</li> </ul> <h2> ETL vs ELT: how I support both in the same architecture </h2> <p>This pattern is intentionally hybrid.</p> <h3> ETL mode (transform before publish) </h3> <p>I use this when:</p> <ul> <li>downstream consumers need consistent schema fast</li> <li>I want centralized transformation logic</li> <li>I need quality gates before data is widely consumed</li> </ul> <p>Flow:<br> <code>validated -&gt; Glue transform -&gt; DQ -&gt; curated</code></p> <h3> ELT mode (load first, transform later) </h3> <p>I use this when:</p> <ul> <li>I need rapid ingestion of many datasets</li> <li>transforms are evolving quickly</li> <li>downstream teams own transformations (Athena/warehouse/dbt/etc.)</li> </ul> <p>Flow:<br> <code>validated -&gt; catalog/register -&gt; downstream SQL transforms</code><br> with the same validation/quarantine/replay capabilities still in place.</p> <p>I can even run both:</p> <ul> <li>land curated “v1” in Glue</li> <li>also preserve validated data for future ELT workloads</li> </ul> <h2> Implementation discussion (what matters beyond the happy path) </h2> <h2> 1) Idempotency and duplicates </h2> <p>At-least-once delivery can show up in many places (producer retries, EventBridge fan-out, replays, manual operations). I assume duplicates can happen.</p> <p>My approach:</p> <ul> <li>derive a stable <code>source_object_id</code> (bucket + key + versionId if enabled)</li> <li>persist processing status (optional DynamoDB table)</li> <li>make publishing steps idempotent</li> <li>partition outputs carefully to avoid duplicate row amplification</li> </ul> <p>If your producers can overwrite keys, enable <strong>S3 versioning</strong> and include <code>versionId</code> in your identity model.</p> <h2> 2) Observability </h2> <p>I treat observability as part of the pipeline design, not an add-on.</p> <p>I emit:</p> <ul> <li> <code>ValidationPassed</code>, <code>ValidationFailed</code> </li> <li> <code>GlueJobSucceeded</code>, <code>GlueJobFailed</code> </li> <li> <code>DQPassed</code>, <code>DQFailed</code> </li> <li><code>Quarantined</code></li> <li> <code>ReplayStarted</code>, <code>ReplayCompleted</code> </li> </ul> <p>I also propagate:</p> <ul> <li><code>runId</code></li> <li><code>dataset</code></li> <li><code>source bucket/key</code></li> <li> <code>replayId</code> (if applicable)</li> </ul> <p>This makes CloudWatch Logs searches and alarms much more useful.</p> <h2> 3) Security and access control </h2> <p>At minimum, I lock down:</p> <ul> <li>S3 bucket policies to only the required principals</li> <li>KMS encryption for all buckets (SSE-KMS)</li> <li>Least-privilege IAM roles for Lambda, Step Functions, and Glue</li> <li>Explicit separation between raw, validated, curated, and quarantine write permissions</li> </ul> <p>I also recommend:</p> <ul> <li>object ownership settings to avoid ACL surprises</li> <li>S3 lifecycle policies for quarantine retention</li> <li>VPC configuration for Glue/Lambda only when needed (avoid unnecessary complexity)</li> </ul> <h2> 4) Cost and performance tuning </h2> <p>This serverless pattern scales well, but costs can drift if I do not tune it.</p> <h3> Where I watch cost first </h3> <ul> <li>too many tiny files causing too many executions</li> <li>over-frequent Glue job runs for tiny payloads</li> <li>verbose DQ checks on every micro-batch</li> <li>repeated replay runs without dedupe</li> </ul> <h3> Practical optimizations </h3> <ul> <li>batch small files by dataset/time window before heavy transforms</li> <li>use prefix routing to isolate noisy datasets</li> <li>right-size Glue workers and concurrency</li> <li>use Step Functions Express only for truly short, idempotent, high-volume orchestration (not this <code>.sync</code> Glue-driven path)</li> </ul> <h2> 5) Deployment strategy </h2> <p>I normally deploy this stack with <strong>AWS CDK</strong>, <strong>SAM</strong>, or <strong>Terraform</strong>.</p> <p>A clean decomposition is:</p> <ul> <li> <strong>Foundation stack</strong> <ul> <li>S3 buckets</li> <li>KMS keys</li> <li>IAM roles</li> <li>EventBridge bus/rules</li> </ul> </li> <li> <strong>Compute stack</strong> <ul> <li>Lambda functions</li> <li>Glue jobs</li> <li>Step Functions</li> </ul> </li> <li> <strong>Data contracts stack/config</strong> <ul> <li>dataset configs</li> <li>DQ rulesets</li> <li>schema policies</li> </ul> </li> </ul> <p>This reduces blast radius when I update Glue scripts or state machine logic.</p> <h2> 6) Testing strategy (worth doing early) </h2> <p>I test this pipeline at three levels:</p> <h3> Unit tests </h3> <ul> <li>Lambda validation logic</li> <li>path parsing</li> <li>schema policy decisions</li> <li>quarantine payload generation</li> </ul> <h3> Integration tests </h3> <ul> <li>sample files dropped into raw bucket</li> <li>expected state machine transitions</li> <li>curated output creation</li> <li>quarantine routing and reason codes</li> </ul> <h3> Replay tests </h3> <ul> <li>replay one file</li> <li>replay a batch</li> <li>replay a previously quarantined file after a code fix</li> <li>verify no duplicate publish side effects</li> </ul> <p>I strongly recommend keeping a small set of <strong>golden input files</strong>:</p> <ul> <li>valid file</li> <li>missing required column</li> <li>type drift file</li> <li>malformed file</li> <li>duplicate file</li> <li>late-arriving file</li> </ul> <h2> Common failure modes and how I handle them </h2> <h3> Failure mode: “Pipeline is green but data is wrong” </h3> <p>This usually means schema validation exists but business DQ does not.<br> <strong>Fix:</strong> add DQ gates and track DQ outcomes as first-class metrics.</p> <h3> Failure mode: “Replays create duplicate records” </h3> <p>This is almost always an idempotency design issue.<br> <strong>Fix:</strong> make output writes and publish steps idempotent using stable keys and checkpointing.</p> <h3> Failure mode: “Glue job keeps failing after producer change” </h3> <p>This is often schema drift or delimiter/header changes.<br> <strong>Fix:</strong> detect earlier in validation, classify drift type, and quarantine with explicit reason.</p> <h3> Failure mode: “Debugging is painful” </h3> <p>This happens when correlation IDs are not propagated.<br> <strong>Fix:</strong> carry <code>runId</code> across EventBridge -&gt; Lambda -&gt; Step Functions -&gt; Glue -&gt; DQ -&gt; Notifications.</p> <h2> Closing thoughts </h2> <p>This architecture works well because it is not just a data flow. It is an <strong>operational flow</strong>.</p> <p>The key idea is simple: I do not let “data landed in S3” mean “data is trusted.” I explicitly separate:</p> <ul> <li>landing</li> <li>validation</li> <li>transformation</li> <li>quality enforcement</li> <li>quarantine</li> <li>replay</li> </ul> <p>That separation gives me reliability, observability, and a much better developer experience when the inevitable producer-side surprises happen.</p> <p>If I were extending this next, I would add:</p> <ul> <li>a dataset contract registry (versioned)</li> <li>a metadata/status table (DynamoDB)</li> <li>automated replay tooling for quarantined objects</li> <li>a producer scorecard (quality and schema stability over time)</li> </ul> <h2> References </h2> <ul> <li>Amazon S3 EventBridge integration and enablement (S3 User Guide) (<a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-event-notifications-eventbridge.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>Step Functions workflow type selection (Standard vs Express semantics, durations, integration pattern differences) (<a href="https://docs.aws.amazon.com/step-functions/latest/dg/choosing-workflow-type.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>Step Functions integration with AWS Glue (<code>startJobRun</code> / Glue service integration) (<a href="https://docs.aws.amazon.com/step-functions/latest/dg/connect-glue.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>AWS Glue Data Quality (DQDL, DeeQu-based managed service) (<a href="https://docs.aws.amazon.com/glue/latest/dg/glue-data-quality.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>AWS Glue <code>DynamicFrame</code> and schema inconsistency handling (<a href="https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-pyspark-extensions-dynamic-frame.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> <li>AWS Glue <code>resolveChoice()</code> guidance for ambiguous types in <code>DynamicFrame</code> (<a href="https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-crawler-pyspark-transforms-ResolveChoice.html" rel="noopener noreferrer">docs.aws.amazon.com</a>)</li> </ul> serverless webdev programming aws Idempotency Architecture for Lambda-Driven Systems on AWS Renaldi Sun, 22 Mar 2026 22:00:00 +0000 https://dev.to/aws-builders/idempotency-architecture-for-lambda-driven-systems-on-aws-3hp4 https://dev.to/aws-builders/idempotency-architecture-for-lambda-driven-systems-on-aws-3hp4 <p>Duplicate processing is one of those problems that looks small in a diagram and very expensive in production.</p> <p>I have seen teams build clean event-driven and Lambda-based systems, only to run into duplicate charges, duplicated emails, repeated downstream writes, or inconsistent state once retries and redrives start happening. The tricky part is that the system is often behaving <em>as designed</em>. AWS services are doing what they should do: retrying, buffering, redriving, and favoring delivery durability.</p> <p>This is exactly why I consider idempotency architecture one of the most important and most underexplained topics in serverless engineering.</p> <p>In this post, I will walk through how I design idempotency for Lambda-driven systems on AWS, including:</p> <ul> <li>the <strong>exactly-once myth</strong> vs the <strong>at-least-once reality</strong> </li> <li>how to choose <strong>idempotency keys</strong> and <strong>dedupe windows</strong> </li> <li>a <strong>DynamoDB-based idempotency store</strong> design</li> <li>using <strong>AWS Lambda Powertools idempotency utility</strong> </li> <li>handling retries from <strong>API Gateway</strong>, <strong>SQS</strong>, and <strong>EventBridge</strong> </li> <li>an <strong>end-to-end implementation walkthrough</strong> with code</li> </ul> <p>I will keep this practical and architecture-heavy, so you can adapt it to real workloads instead of only toy examples.</p> <h2> The core idea in one sentence </h2> <p><strong>Idempotency means I can safely process the same logical request more than once and still end up with the same intended outcome.</strong></p> <p>That does <strong>not</strong> mean the system only receives the request once. It means my system is resilient when it receives it multiple times.</p> <h2> Exactly-once is usually not the right mental model </h2> <p>A lot of production mistakes start with the assumption that a serverless flow will process each request exactly once.</p> <p>In practice, in distributed systems, what I usually get is:</p> <ul> <li> <strong>at-least-once delivery</strong> (common with queues/events)</li> <li> <strong>retries</strong> at multiple layers (client SDKs, AWS services, Lambda, Step Functions, etc.)</li> <li> <strong>timeouts and ambiguous outcomes</strong> (did the function finish but the caller timed out?)</li> <li> <strong>redrives / replay</strong> (DLQ reprocessing, archive replay, manual reruns)</li> <li> <strong>duplicate submissions</strong> from clients (double-click, refresh, mobile reconnect)</li> </ul> <p>So instead of trying to force an “exactly-once” guarantee everywhere, I design for:</p> <ol> <li><strong>at-least-once delivery</strong></li> <li><strong>idempotent handlers</strong></li> <li><strong>safe retries</strong></li> <li><strong>observability around duplicates</strong></li> </ol> <p>That mental shift makes the architecture much more robust.</p> <h2> Where duplicates come from in AWS Lambda-driven systems </h2> <p>Before I show the solution, I like to make the duplicate paths explicit.</p> <h3> API Gateway -&gt; Lambda </h3> <p>Duplicates can happen when:</p> <ul> <li>the client retries after a timeout</li> <li>the network drops after the backend succeeded</li> <li>the user taps “Submit” multiple times</li> <li>an upstream reverse proxy retries</li> </ul> <h3> SQS -&gt; Lambda </h3> <p>Duplicates can happen when:</p> <ul> <li>Lambda fails and the message becomes visible again</li> <li>processing exceeds visibility timeout</li> <li>partial batch failures cause some records to be retried</li> <li>DLQ redrive sends records back later</li> <li>standard queues deliver the same message more than once</li> </ul> <h3> EventBridge -&gt; Lambda </h3> <p>Duplicates can happen when:</p> <ul> <li>target invocation is retried</li> <li>a publisher emits semantically duplicate events</li> <li>archive/replay is used</li> <li>consumers reprocess historical events intentionally</li> </ul> <p>That is why I architect idempotency at the <strong>business operation</strong> level, not at just one transport layer.</p> <h2> What a good idempotency architecture looks like </h2> <p>At a high level, I want:</p> <ul> <li>a <strong>stable idempotency key</strong> for each logical operation</li> <li>a <strong>dedupe window</strong> (TTL) appropriate for the business</li> <li>a <strong>persistence store</strong> to track processing status and cached results</li> <li> <strong>conditional writes</strong> to prevent concurrent duplicate execution</li> <li> <strong>response replay</strong> for safe duplicate requests when appropriate</li> <li> <strong>clear behavior</strong> for mismatched payloads using the same key</li> </ul> <h2> Architecture at a glance </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn4lcms01s4mj7ge8rxh8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn4lcms01s4mj7ge8rxh8.png" alt=" " width="800" height="242"></a></p> <h2> End-to-end walkthrough (the scenario I will implement) </h2> <p>To make this concrete, I will use a common example:</p> <p><strong>“Create payment intent / order processing”</strong> style operation.</p> <h3> Flow </h3> <ol> <li>A client sends <code>POST /payments</code> with an <code>Idempotency-Key</code> header.</li> <li>API Gateway invokes Lambda.</li> <li>Lambda checks DynamoDB idempotency table.</li> <li>If the key is new, Lambda acquires an <strong>IN_PROGRESS lock</strong> and processes the request.</li> <li>Lambda writes the business result (for example, a payment record) and stores the response in the idempotency table with status <strong>COMPLETED</strong>.</li> <li>If the same request is retried, Lambda returns the cached response instead of processing again.</li> </ol> <p>Then I will extend the same pattern to:</p> <ul> <li><strong>SQS worker retries</strong></li> <li><strong>EventBridge consumer retries/replay</strong></li> </ul> <h2> Designing the idempotency key </h2> <p>This is where a lot of teams accidentally introduce bugs.</p> <p>A good idempotency key should identify the <strong>logical operation</strong>, not just the transport envelope.</p> <h3> Good key examples </h3> <ul> <li><code>payment:{merchant_id}:{client_request_id}</code></li> <li><code>order-create:{tenant_id}:{cart_checkout_id}</code></li> <li><code>invoice-email:{invoice_id}:{template_version}</code></li> <li> <code>event:{event_id}</code> (if the publisher guarantees a stable event ID)</li> </ul> <h3> Risky key choices </h3> <ul> <li>raw timestamp</li> <li>Lambda <code>aws_request_id</code> (changes every invocation)</li> <li>SQS <code>receiptHandle</code> (changes on delivery)</li> <li>entire payload serialized without normalization (field order / formatting issues)</li> <li>keys that are too broad (cause false dedupe)</li> <li>keys that are too narrow (miss duplicates)</li> </ul> <h3> My rule of thumb </h3> <p>I choose a key from <strong>business identity + operation intent</strong>, and I define it explicitly in the contract.</p> <p>For APIs, that often means:</p> <ul> <li>require an <code>Idempotency-Key</code> header from the client, and</li> <li>validate that it maps to a stable request intent.</li> </ul> <p>For asynchronous consumers, that often means:</p> <ul> <li>use the publisher’s stable <code>eventId</code>, or</li> <li>derive a deterministic business key (for example <code>order_id + action</code>).</li> </ul> <h2> Dedupe windows (TTL): how long should I remember a key? </h2> <p>There is no universal value. I set the dedupe window based on business and retry patterns.</p> <h3> What affects the dedupe window </h3> <ul> <li>expected client retry duration</li> <li>SQS redrive timing and replay operations</li> <li>EventBridge replay windows / operational reruns</li> <li>whether duplicates after long periods are still harmful</li> <li>cost of storing idempotency records</li> </ul> <h3> Practical examples </h3> <ul> <li> <strong>API payment creation</strong>: 24 hours to 7 days</li> <li> <strong>Webhook ingestion</strong>: 1 to 7 days (depends on provider retry policy)</li> <li> <strong>Batch event processing</strong>: hours to days</li> <li> <strong>high-volume telemetry</strong>: maybe minutes to hours (if duplicate impact is low)</li> </ul> <h3> Important nuance </h3> <p>TTL in DynamoDB is <strong>eventually applied</strong>, not immediate deletion. I design my logic so:</p> <ul> <li> <code>expiry_timestamp</code> is authoritative in code, and</li> <li>TTL is the cleanup mechanism.</li> </ul> <p>In other words, I do not depend on the item disappearing exactly at expiry time.</p> <h2> DynamoDB-based idempotency store design (recommended pattern) </h2> <p>I prefer DynamoDB for idempotency state in Lambda workloads because it gives me:</p> <ul> <li>low-latency key lookups</li> <li>conditional writes</li> <li>TTL support</li> <li>simple scaling</li> <li>good fit for stateless Lambda functions</li> </ul> <h3> Table design (single-purpose table) </h3> <p>A dedicated table keeps the pattern easy to reason about.</p> <p><strong>Partition key</strong></p> <ul> <li> <code>id</code> (string): the idempotency key</li> </ul> <p><strong>Recommended attributes</strong></p> <ul> <li> <code>status</code> (<code>IN_PROGRESS</code>, <code>COMPLETED</code>, optionally <code>EXPIRED</code>)</li> <li> <code>expiryTimestamp</code> (epoch seconds for dedupe window)</li> <li> <code>inProgressExpiryTimestamp</code> (shorter lock expiry to recover from crashed executions)</li> <li> <code>payloadHash</code> (optional but highly recommended)</li> <li> <code>responseData</code> (optional, cached result or safe response envelope)</li> <li><code>createdAt</code></li> <li><code>updatedAt</code></li> <li> <code>source</code> (api / sqs / eventbridge)</li> <li> <code>functionName</code> (optional for ops visibility)</li> </ul> <h3> Why <code>payloadHash</code> matters </h3> <p>If a client reuses the same idempotency key with a <strong>different payload</strong>, I want to detect that and reject it. Otherwise I can accidentally return a cached response for the wrong request.</p> <p>This is a subtle but critical best practice.</p> <h2> State transitions I use </h2> <p>Here is the lifecycle I generally implement:</p> <ol> <li> <strong>No record exists</strong> <ul> <li>Try conditional write -&gt; create <code>IN_PROGRESS</code> </li> </ul> </li> <li> <strong><code>IN_PROGRESS</code> exists</strong> <ul> <li>Another invocation is already processing (or crashed recently)</li> <li>Return a retryable outcome or fail fast depending on source</li> </ul> </li> <li> <strong><code>COMPLETED</code> exists and not expired</strong> <ul> <li>Return cached result (or safe ack)</li> </ul> </li> <li> <strong>Expired</strong> <ul> <li>Treat as a new request (depending on business policy)</li> </ul> </li> </ol> <p>That gives me concurrency safety <em>and</em> retry safety.</p> <h2> Infrastructure example (SAM / CloudFormation snippets) </h2> <p>Below is a minimal setup for:</p> <ul> <li>Lambda function</li> <li>DynamoDB idempotency table</li> <li>IAM permissions</li> <li>env vars for configuration </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">AWSTemplateFormatVersion</span><span class="pi">:</span> <span class="s1">'</span><span class="s">2010-09-09'</span> <span class="na">Transform</span><span class="pi">:</span> <span class="s">AWS::Serverless-2016-10-31</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Idempotent Lambda API example</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">PaymentsFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Runtime</span><span class="pi">:</span> <span class="s">python3.12</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">app.lambda_handler</span> <span class="na">CodeUri</span><span class="pi">:</span> <span class="s">src/</span> <span class="na">MemorySize</span><span class="pi">:</span> <span class="m">512</span> <span class="na">Timeout</span><span class="pi">:</span> <span class="m">29</span> <span class="na">Policies</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Statement</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Effect</span><span class="pi">:</span> <span class="s">Allow</span> <span class="na">Action</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">dynamodb:GetItem</span> <span class="pi">-</span> <span class="s">dynamodb:PutItem</span> <span class="pi">-</span> <span class="s">dynamodb:UpdateItem</span> <span class="pi">-</span> <span class="s">dynamodb:DeleteItem</span> <span class="na">Resource</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">IdempotencyTable.Arn</span> <span class="na">Environment</span><span class="pi">:</span> <span class="na">Variables</span><span class="pi">:</span> <span class="na">IDEMPOTENCY_TABLE_NAME</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">IdempotencyTable</span> <span class="na">IDEMPOTENCY_EXPIRES_SECONDS</span><span class="pi">:</span> <span class="s2">"</span><span class="s">86400"</span> <span class="c1"># 24h</span> <span class="na">Events</span><span class="pi">:</span> <span class="na">CreatePaymentApi</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">Api</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Path</span><span class="pi">:</span> <span class="s">/payments</span> <span class="na">Method</span><span class="pi">:</span> <span class="s">post</span> <span class="na">IdempotencyTable</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::DynamoDB::Table</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">BillingMode</span><span class="pi">:</span> <span class="s">PAY_PER_REQUEST</span> <span class="na">AttributeDefinitions</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">AttributeName</span><span class="pi">:</span> <span class="s">id</span> <span class="na">AttributeType</span><span class="pi">:</span> <span class="s">S</span> <span class="na">KeySchema</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">AttributeName</span><span class="pi">:</span> <span class="s">id</span> <span class="na">KeyType</span><span class="pi">:</span> <span class="s">HASH</span> <span class="na">TimeToLiveSpecification</span><span class="pi">:</span> <span class="na">AttributeName</span><span class="pi">:</span> <span class="s">expiration</span> <span class="na">Enabled</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">PointInTimeRecoverySpecification</span><span class="pi">:</span> <span class="na">PointInTimeRecoveryEnabled</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">SSESpecification</span><span class="pi">:</span> <span class="na">SSEEnabled</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">Outputs</span><span class="pi">:</span> <span class="na">ApiUrl</span><span class="pi">:</span> <span class="na">Value</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s2">"</span><span class="s">https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/payments"</span> </code></pre> </div> <h3> Notes on the table schema vs Powertools </h3> <p>AWS Lambda Powertools idempotency utility has its own default attribute names and record model. If I use the library, I usually let it manage the item shape and only customize when I truly need to.</p> <p>That said, I still think through the conceptual schema above so the team understands what is being stored and why.</p> <h2> Implementation option 1 (recommended): AWS Lambda Powertools idempotency utility </h2> <p>If I am using Python Lambda functions, AWS Lambda Powertools is my default choice. It saves me from reimplementing concurrency locks, conditional checks, and record state transitions from scratch.</p> <h3> Install </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>aws-lambda-powertools[boto3] </code></pre> </div> <h2> API Gateway example with idempotency (Python) </h2> <p>This example assumes the client sends:</p> <ul> <li> <code>Idempotency-Key</code> header</li> <li>JSON body containing payment details</li> </ul> <p>I use:</p> <ul> <li> <code>event_key_jmespath</code> to extract the idempotency key from headers</li> <li> <code>payload_validation_jmespath</code> to validate that key reuse with different payloads is detected</li> <li>a DynamoDB persistence layer </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">typing</span> <span class="kn">import</span> <span class="n">Any</span><span class="p">,</span> <span class="n">Dict</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools</span> <span class="kn">import</span> <span class="n">Logger</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.idempotency</span> <span class="kn">import</span> <span class="p">(</span> <span class="n">DynamoDBPersistenceLayer</span><span class="p">,</span> <span class="n">IdempotencyConfig</span><span class="p">,</span> <span class="n">idempotent</span><span class="p">,</span> <span class="p">)</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.idempotency.exceptions</span> <span class="kn">import</span> <span class="p">(</span> <span class="n">IdempotencyValidationError</span><span class="p">,</span> <span class="p">)</span> <span class="n">logger</span> <span class="o">=</span> <span class="nc">Logger</span><span class="p">(</span><span class="n">service</span><span class="o">=</span><span class="sh">"</span><span class="s">payments-api</span><span class="sh">"</span><span class="p">)</span> <span class="n">TABLE_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">IDEMPOTENCY_TABLE_NAME</span><span class="sh">"</span><span class="p">]</span> <span class="n">EXPIRES_SECONDS</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">IDEMPOTENCY_EXPIRES_SECONDS</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">86400</span><span class="sh">"</span><span class="p">))</span> <span class="n">persistence_layer</span> <span class="o">=</span> <span class="nc">DynamoDBPersistenceLayer</span><span class="p">(</span><span class="n">table_name</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">)</span> <span class="n">config</span> <span class="o">=</span> <span class="nc">IdempotencyConfig</span><span class="p">(</span> <span class="c1"># API Gateway/Lambda proxy event header lookup (normalize to lower-case in code if needed) </span> <span class="n">event_key_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">headers.idempotency-key</span><span class="sh">"</span><span class="p">,</span> <span class="c1"># Payload fields that should remain consistent when reusing the same key </span> <span class="n">payload_validation_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">powertools_json(body).[customerId, amount, currency]</span><span class="sh">"</span><span class="p">,</span> <span class="n">expires_after_seconds</span><span class="o">=</span><span class="n">EXPIRES_SECONDS</span><span class="p">,</span> <span class="n">use_local_cache</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="p">)</span> <span class="k">def</span> <span class="nf">create_payment_intent</span><span class="p">(</span><span class="n">request</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">])</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="c1"># Replace this with your real business logic / external payment call. </span> <span class="c1"># The critical point is that this function is wrapped with idempotency. </span> <span class="n">payment_id</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="s">pay_</span><span class="si">{</span><span class="n">request</span><span class="p">[</span><span class="sh">'</span><span class="s">customerId</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">_</span><span class="si">{</span><span class="n">request</span><span class="p">[</span><span class="sh">'</span><span class="s">amount</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="s">_</span><span class="si">{</span><span class="n">request</span><span class="p">[</span><span class="sh">'</span><span class="s">currency</span><span class="sh">'</span><span class="p">]</span><span class="si">}</span><span class="sh">"</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">paymentId</span><span class="sh">"</span><span class="p">:</span> <span class="n">payment_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">AUTHORIZED</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">:</span> <span class="n">request</span><span class="p">[</span><span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">:</span> <span class="n">request</span><span class="p">[</span><span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">],</span> <span class="p">}</span> <span class="nd">@idempotent</span><span class="p">(</span><span class="n">config</span><span class="o">=</span><span class="n">config</span><span class="p">,</span> <span class="n">persistence_store</span><span class="o">=</span><span class="n">persistence_layer</span><span class="p">)</span> <span class="k">def</span> <span class="nf">process_request</span><span class="p">(</span><span class="n">event</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">],</span> <span class="n">context</span><span class="p">:</span> <span class="n">Any</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">)</span> <span class="ow">or</span> <span class="sh">"</span><span class="s">{}</span><span class="sh">"</span><span class="p">)</span> <span class="n">required</span> <span class="o">=</span> <span class="p">[</span><span class="sh">"</span><span class="s">customerId</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">]</span> <span class="n">missing</span> <span class="o">=</span> <span class="p">[</span><span class="n">k</span> <span class="k">for</span> <span class="n">k</span> <span class="ow">in</span> <span class="n">required</span> <span class="k">if</span> <span class="n">k</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">body</span><span class="p">]</span> <span class="k">if</span> <span class="n">missing</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Missing required fields: </span><span class="si">{</span><span class="n">missing</span><span class="si">}</span><span class="sh">"</span><span class="p">})</span> <span class="p">}</span> <span class="n">result</span> <span class="o">=</span> <span class="nf">create_payment_intent</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="c1"># Powertools can persist and return this response for duplicate calls </span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">result</span><span class="p">),</span> <span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">Content-Type</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span><span class="p">},</span> <span class="p">}</span> <span class="nd">@logger.inject_lambda_context</span><span class="p">(</span><span class="n">log_event</span><span class="o">=</span><span class="bp">False</span><span class="p">)</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">],</span> <span class="n">context</span><span class="p">:</span> <span class="n">Any</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="c1"># Normalize headers so event_key_jmespath is predictable </span> <span class="n">headers</span> <span class="o">=</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">)</span> <span class="ow">or</span> <span class="p">{}</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="p">{</span><span class="nf">str</span><span class="p">(</span><span class="n">k</span><span class="p">).</span><span class="nf">lower</span><span class="p">():</span> <span class="n">v</span> <span class="k">for</span> <span class="n">k</span><span class="p">,</span> <span class="n">v</span> <span class="ow">in</span> <span class="n">headers</span><span class="p">.</span><span class="nf">items</span><span class="p">()}</span> <span class="k">try</span><span class="p">:</span> <span class="k">return</span> <span class="nf">process_request</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">)</span> <span class="k">except</span> <span class="n">IdempotencyValidationError</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">409</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Idempotency key was reused with a different request payload</span><span class="sh">"</span> <span class="p">}),</span> <span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">Content-Type</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span><span class="p">},</span> <span class="p">}</span> </code></pre> </div> <h3> Why this pattern works well </h3> <ul> <li>If the same request is retried, Powertools returns the stored response.</li> <li>If the same key is reused with a different body, I return <code>409 Conflict</code>.</li> <li>I avoid duplicate payment authorization for simple retries.</li> </ul> <h2> API client contract (important and often skipped) </h2> <p>Idempotency works much better when the contract is explicit.</p> <p>For API producers/clients, I document:</p> <ul> <li> <code>Idempotency-Key</code> is required for mutating operations (<code>POST</code>, sometimes <code>PATCH</code>)</li> <li>same key + same intent/payload -&gt; safe retry</li> <li>same key + different payload -&gt; <code>409 Conflict</code> </li> <li>dedupe window (for example, 24h)</li> <li>response replay behavior (cached result may be returned)</li> </ul> <p>That avoids ambiguity across frontend, mobile, and backend teams.</p> <h2> Handling retries from SQS (Lambda event source mapping) </h2> <p>SQS is one of the most common places where teams need idempotency but only discover it after duplicates happen.</p> <h3> What changes for SQS? </h3> <ul> <li>Lambda receives a <strong>batch</strong> of messages.</li> <li>Some messages may succeed while others fail.</li> <li>I should use <strong>partial batch response</strong> so only failed records are retried.</li> <li>Each message should still be processed idempotently.</li> </ul> <h3> Key design for SQS consumers </h3> <p>I avoid using transient delivery metadata. I prefer:</p> <ul> <li>a business key in the message body (for example <code>orderId</code>)</li> <li>or an upstream event ID included in the message</li> </ul> <p>Example key:</p> <ul> <li><code>order-paid:{orderId}</code></li> <li><code>inventory-reservation:{reservationId}</code></li> </ul> <h2> SQS consumer example (Powertools Batch + per-record idempotency) </h2> <p>Below is a simplified Python example using:</p> <ul> <li>Powertools Batch utility for partial batch handling</li> <li>Powertools idempotency on the per-record processing function </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">typing</span> <span class="kn">import</span> <span class="n">Any</span><span class="p">,</span> <span class="n">Dict</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools</span> <span class="kn">import</span> <span class="n">Logger</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.batch</span> <span class="kn">import</span> <span class="n">BatchProcessor</span><span class="p">,</span> <span class="n">EventType</span><span class="p">,</span> <span class="n">process_partial_response</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.batch.types</span> <span class="kn">import</span> <span class="n">PartialItemFailureResponse</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.data_classes.sqs_event</span> <span class="kn">import</span> <span class="n">SQSRecord</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.idempotency</span> <span class="kn">import</span> <span class="p">(</span> <span class="n">DynamoDBPersistenceLayer</span><span class="p">,</span> <span class="n">IdempotencyConfig</span><span class="p">,</span> <span class="n">idempotent_function</span><span class="p">,</span> <span class="p">)</span> <span class="n">logger</span> <span class="o">=</span> <span class="nc">Logger</span><span class="p">(</span><span class="n">service</span><span class="o">=</span><span class="sh">"</span><span class="s">orders-sqs-worker</span><span class="sh">"</span><span class="p">)</span> <span class="n">TABLE_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">IDEMPOTENCY_TABLE_NAME</span><span class="sh">"</span><span class="p">]</span> <span class="n">persistence_layer</span> <span class="o">=</span> <span class="nc">DynamoDBPersistenceLayer</span><span class="p">(</span><span class="n">table_name</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">)</span> <span class="c1"># Here we build the key from the function argument "data" # (Powertools hashes the configured subset to create an idempotency key) </span><span class="n">idempotency_config</span> <span class="o">=</span> <span class="nc">IdempotencyConfig</span><span class="p">(</span> <span class="n">event_key_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">,</span> <span class="n">payload_validation_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">[orderId, action, version]</span><span class="sh">"</span><span class="p">,</span> <span class="n">expires_after_seconds</span><span class="o">=</span><span class="mi">3</span> <span class="o">*</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">60</span><span class="p">,</span> <span class="c1"># 3 days </span><span class="p">)</span> <span class="n">processor</span> <span class="o">=</span> <span class="nc">BatchProcessor</span><span class="p">(</span><span class="n">event_type</span><span class="o">=</span><span class="n">EventType</span><span class="p">.</span><span class="n">SQS</span><span class="p">)</span> <span class="nd">@idempotent_function</span><span class="p">(</span><span class="n">data_keyword_argument</span><span class="o">=</span><span class="sh">"</span><span class="s">data</span><span class="sh">"</span><span class="p">,</span> <span class="n">config</span><span class="o">=</span><span class="n">idempotency_config</span><span class="p">,</span> <span class="n">persistence_store</span><span class="o">=</span><span class="n">persistence_layer</span><span class="p">)</span> <span class="k">def</span> <span class="nf">process_order_event</span><span class="p">(</span><span class="o">*</span><span class="p">,</span> <span class="n">data</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">])</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="c1"># Business logic here (must be safe to retry / replay via idempotency) </span> <span class="c1"># Example: reserve inventory, update status, publish follow-up event, etc. </span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sh">"</span><span class="s">Processing order event</span><span class="sh">"</span><span class="p">,</span> <span class="n">extra</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">:</span> <span class="n">data</span><span class="p">[</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">action</span><span class="sh">"</span><span class="p">:</span> <span class="n">data</span><span class="p">[</span><span class="sh">"</span><span class="s">action</span><span class="sh">"</span><span class="p">]})</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">ok</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">:</span> <span class="n">data</span><span class="p">[</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">action</span><span class="sh">"</span><span class="p">:</span> <span class="n">data</span><span class="p">[</span><span class="sh">"</span><span class="s">action</span><span class="sh">"</span><span class="p">]}</span> <span class="k">def</span> <span class="nf">record_handler</span><span class="p">(</span><span class="n">record</span><span class="p">:</span> <span class="n">SQSRecord</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="n">payload</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">record</span><span class="p">.</span><span class="n">body</span><span class="p">)</span> <span class="k">return</span> <span class="nf">process_order_event</span><span class="p">(</span><span class="n">data</span><span class="o">=</span><span class="n">payload</span><span class="p">)</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">PartialItemFailureResponse</span><span class="p">:</span> <span class="k">return</span> <span class="nf">process_partial_response</span><span class="p">(</span> <span class="n">event</span><span class="o">=</span><span class="n">event</span><span class="p">,</span> <span class="n">record_handler</span><span class="o">=</span><span class="n">record_handler</span><span class="p">,</span> <span class="n">processor</span><span class="o">=</span><span class="n">processor</span><span class="p">,</span> <span class="n">context</span><span class="o">=</span><span class="n">context</span><span class="p">,</span> <span class="p">)</span> </code></pre> </div> <h3> Best practices I apply with SQS + idempotency </h3> <ul> <li> <strong>Use partial batch response</strong> to avoid retrying already-successful records.</li> <li> <strong>Set visibility timeout</strong> longer than worst-case processing time (or heartbeat/extend strategy).</li> <li> <strong>Keep the idempotency key in the message payload</strong>, not delivery metadata.</li> <li> <strong>Use a dedupe window long enough</strong> to cover retries, DLQ redrive, and operational replay.</li> </ul> <h2> Handling retries from EventBridge targets </h2> <p>EventBridge makes event-driven architecture clean, but duplicate-safe consumers are still my responsibility.</p> <h3> EventBridge-specific considerations </h3> <ul> <li>EventBridge may retry target delivery.</li> <li>Archive/replay can intentionally re-send events.</li> <li>Different publishers may emit semantically duplicate events unless the contract is strict.</li> </ul> <h3> Key strategy for EventBridge consumers </h3> <p>If the event has a stable <code>id</code> or domain event ID, I use it. If not, I derive one from:</p> <ul> <li><code>detail-type</code></li> <li>source/domain identifier</li> <li>business entity ID</li> <li>action/version</li> </ul> <p>Example:</p> <ul> <li><code>eventbridge:{source}:{detailType}:{detail.orderId}:{detail.version}</code></li> </ul> <h2> EventBridge consumer example (Python Lambda + Powertools idempotency) </h2> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">typing</span> <span class="kn">import</span> <span class="n">Any</span><span class="p">,</span> <span class="n">Dict</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools</span> <span class="kn">import</span> <span class="n">Logger</span> <span class="kn">from</span> <span class="n">aws_lambda_powertools.utilities.idempotency</span> <span class="kn">import</span> <span class="p">(</span> <span class="n">DynamoDBPersistenceLayer</span><span class="p">,</span> <span class="n">IdempotencyConfig</span><span class="p">,</span> <span class="n">idempotent</span><span class="p">,</span> <span class="p">)</span> <span class="n">logger</span> <span class="o">=</span> <span class="nc">Logger</span><span class="p">(</span><span class="n">service</span><span class="o">=</span><span class="sh">"</span><span class="s">eventbridge-consumer</span><span class="sh">"</span><span class="p">)</span> <span class="n">TABLE_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">environ</span><span class="p">[</span><span class="sh">"</span><span class="s">IDEMPOTENCY_TABLE_NAME</span><span class="sh">"</span><span class="p">]</span> <span class="n">persistence_layer</span> <span class="o">=</span> <span class="nc">DynamoDBPersistenceLayer</span><span class="p">(</span><span class="n">table_name</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">)</span> <span class="n">config</span> <span class="o">=</span> <span class="nc">IdempotencyConfig</span><span class="p">(</span> <span class="c1"># Prefer a producer-defined unique event ID if available in detail </span> <span class="n">event_key_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">detail.eventId || id</span><span class="sh">"</span><span class="p">,</span> <span class="n">payload_validation_jmespath</span><span class="o">=</span><span class="sh">"</span><span class="s">[source, detail-type, detail.orderId, detail.version]</span><span class="sh">"</span><span class="p">,</span> <span class="n">expires_after_seconds</span><span class="o">=</span><span class="mi">7</span> <span class="o">*</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">60</span><span class="p">,</span> <span class="p">)</span> <span class="nd">@idempotent</span><span class="p">(</span><span class="n">config</span><span class="o">=</span><span class="n">config</span><span class="p">,</span> <span class="n">persistence_store</span><span class="o">=</span><span class="n">persistence_layer</span><span class="p">)</span> <span class="k">def</span> <span class="nf">handle_event</span><span class="p">(</span><span class="n">event</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">],</span> <span class="n">context</span><span class="p">:</span> <span class="n">Any</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="n">detail</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">]</span> <span class="n">logger</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span> <span class="sh">"</span><span class="s">Handling EventBridge event</span><span class="sh">"</span><span class="p">,</span> <span class="n">extra</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">eventId</span><span class="sh">"</span><span class="p">:</span> <span class="n">detail</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">eventId</span><span class="sh">"</span><span class="p">,</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">)),</span> <span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">:</span> <span class="n">detail</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">)}</span> <span class="p">)</span> <span class="c1"># Execute your domain logic here </span> <span class="c1"># Example: update read model, trigger notification, call downstream API, etc. </span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">handled</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">:</span> <span class="n">detail</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">orderId</span><span class="sh">"</span><span class="p">)}</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">return</span> <span class="nf">handle_event</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">)</span> </code></pre> </div> <h2> When I implement idempotency manually (without Powertools) </h2> <p>Powertools is my default, but sometimes I implement manually when:</p> <ul> <li>I need a custom record schema shared across services/languages</li> <li>I need custom conflict behavior beyond the library defaults</li> <li>I am in a language/runtime where I am standardizing a platform abstraction</li> <li>I want explicit control over lock and result update semantics</li> </ul> <p>The key principle stays the same: <strong>use DynamoDB conditional writes</strong>.</p> <h2> Manual DynamoDB idempotency pattern (Python + boto3) </h2> <p>The pattern below shows the core idea:</p> <ol> <li>Try to write <code>IN_PROGRESS</code> with <code>attribute_not_exists(id)</code> </li> <li>If successful, execute business logic</li> <li>Update item to <code>COMPLETED</code> and store result</li> <li>If conditional check fails, inspect existing item and decide </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">time</span> <span class="kn">import</span> <span class="n">hashlib</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="kn">from</span> <span class="n">botocore.exceptions</span> <span class="kn">import</span> <span class="n">ClientError</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">client</span><span class="p">(</span><span class="sh">"</span><span class="s">dynamodb</span><span class="sh">"</span><span class="p">)</span> <span class="n">TABLE_NAME</span> <span class="o">=</span> <span class="sh">"</span><span class="s">IdempotencyTable</span><span class="sh">"</span> <span class="k">def</span> <span class="nf">sha256_text</span><span class="p">(</span><span class="n">value</span><span class="p">:</span> <span class="nb">str</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="k">return</span> <span class="n">hashlib</span><span class="p">.</span><span class="nf">sha256</span><span class="p">(</span><span class="n">value</span><span class="p">.</span><span class="nf">encode</span><span class="p">(</span><span class="sh">"</span><span class="s">utf-8</span><span class="sh">"</span><span class="p">)).</span><span class="nf">hexdigest</span><span class="p">()</span> <span class="k">def</span> <span class="nf">acquire_lock</span><span class="p">(</span><span class="n">idempotency_key</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">payload_hash</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">ttl_seconds</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">86400</span><span class="p">,</span> <span class="n">lock_seconds</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">120</span><span class="p">):</span> <span class="n">now</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">time</span><span class="p">())</span> <span class="n">item</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="n">idempotency_key</span><span class="p">},</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">IN_PROGRESS</span><span class="sh">"</span><span class="p">},</span> <span class="sh">"</span><span class="s">payloadHash</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="n">payload_hash</span><span class="p">},</span> <span class="sh">"</span><span class="s">expiration</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">N</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">now</span> <span class="o">+</span> <span class="n">ttl_seconds</span><span class="p">)},</span> <span class="sh">"</span><span class="s">inProgressExpiryTimestamp</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">N</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">now</span> <span class="o">+</span> <span class="n">lock_seconds</span><span class="p">)},</span> <span class="sh">"</span><span class="s">createdAt</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">N</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">now</span><span class="p">)},</span> <span class="sh">"</span><span class="s">updatedAt</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">N</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">now</span><span class="p">)},</span> <span class="p">}</span> <span class="k">try</span><span class="p">:</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nf">put_item</span><span class="p">(</span> <span class="n">TableName</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">,</span> <span class="n">Item</span><span class="o">=</span><span class="n">item</span><span class="p">,</span> <span class="n">ConditionExpression</span><span class="o">=</span><span class="sh">"</span><span class="s">attribute_not_exists(id)</span><span class="sh">"</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">acquired</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">}</span> <span class="k">except</span> <span class="n">ClientError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">if</span> <span class="n">e</span><span class="p">.</span><span class="n">response</span><span class="p">[</span><span class="sh">"</span><span class="s">Error</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">Code</span><span class="sh">"</span><span class="p">]</span> <span class="o">!=</span> <span class="sh">"</span><span class="s">ConditionalCheckFailedException</span><span class="sh">"</span><span class="p">:</span> <span class="k">raise</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">acquired</span><span class="sh">"</span><span class="p">:</span> <span class="bp">False</span><span class="p">}</span> <span class="k">def</span> <span class="nf">get_record</span><span class="p">(</span><span class="n">idempotency_key</span><span class="p">:</span> <span class="nb">str</span><span class="p">):</span> <span class="n">resp</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nf">get_item</span><span class="p">(</span> <span class="n">TableName</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="n">idempotency_key</span><span class="p">}},</span> <span class="n">ConsistentRead</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="p">)</span> <span class="k">return</span> <span class="n">resp</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Item</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">mark_completed</span><span class="p">(</span><span class="n">idempotency_key</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">response_obj</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="n">now</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">time</span><span class="p">())</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">TableName</span><span class="o">=</span><span class="n">TABLE_NAME</span><span class="p">,</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="n">idempotency_key</span><span class="p">}},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">"</span><span class="s">SET #s = :completed, responseData = :resp, updatedAt = :now</span><span class="sh">"</span><span class="p">,</span> <span class="n">ExpressionAttributeNames</span><span class="o">=</span><span class="p">{</span><span class="sh">"</span><span class="s">#s</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">},</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span> <span class="sh">"</span><span class="s">:completed</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">COMPLETED</span><span class="sh">"</span><span class="p">},</span> <span class="sh">"</span><span class="s">:resp</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">response_obj</span><span class="p">)},</span> <span class="sh">"</span><span class="s">:now</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">N</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">now</span><span class="p">)},</span> <span class="p">},</span> <span class="p">)</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">body</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">loads</span><span class="p">(</span><span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">])</span> <span class="n">idem_key</span> <span class="o">=</span> <span class="n">event</span><span class="p">[</span><span class="sh">"</span><span class="s">headers</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">idempotency-key</span><span class="sh">"</span><span class="p">]</span> <span class="n">payload_hash</span> <span class="o">=</span> <span class="nf">sha256_text</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span> <span class="sh">"</span><span class="s">customerId</span><span class="sh">"</span><span class="p">:</span> <span class="n">body</span><span class="p">[</span><span class="sh">"</span><span class="s">customerId</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">:</span> <span class="n">body</span><span class="p">[</span><span class="sh">"</span><span class="s">amount</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">:</span> <span class="n">body</span><span class="p">[</span><span class="sh">"</span><span class="s">currency</span><span class="sh">"</span><span class="p">],</span> <span class="p">},</span> <span class="n">sort_keys</span><span class="o">=</span><span class="bp">True</span><span class="p">))</span> <span class="n">lock</span> <span class="o">=</span> <span class="nf">acquire_lock</span><span class="p">(</span><span class="n">idem_key</span><span class="p">,</span> <span class="n">payload_hash</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">lock</span><span class="p">[</span><span class="sh">"</span><span class="s">acquired</span><span class="sh">"</span><span class="p">]:</span> <span class="n">existing</span> <span class="o">=</span> <span class="nf">get_record</span><span class="p">(</span><span class="n">idem_key</span><span class="p">)</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">existing</span><span class="p">:</span> <span class="c1"># Rare race / eventual state issue; safe to retry </span> <span class="k">raise</span> <span class="nc">Exception</span><span class="p">(</span><span class="sh">"</span><span class="s">Retry request</span><span class="sh">"</span><span class="p">)</span> <span class="k">if</span> <span class="n">existing</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">payloadHash</span><span class="sh">"</span><span class="p">,</span> <span class="p">{}).</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">)</span> <span class="o">!=</span> <span class="n">payload_hash</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">409</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Idempotency key payload mismatch</span><span class="sh">"</span><span class="p">})}</span> <span class="n">status</span> <span class="o">=</span> <span class="n">existing</span><span class="p">[</span><span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">]</span> <span class="k">if</span> <span class="n">status</span> <span class="o">==</span> <span class="sh">"</span><span class="s">COMPLETED</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">existing</span><span class="p">[</span><span class="sh">"</span><span class="s">responseData</span><span class="sh">"</span><span class="p">][</span><span class="sh">"</span><span class="s">S</span><span class="sh">"</span><span class="p">]}</span> <span class="k">if</span> <span class="n">status</span> <span class="o">==</span> <span class="sh">"</span><span class="s">IN_PROGRESS</span><span class="sh">"</span><span class="p">:</span> <span class="c1"># For API workflows you might return 409 or 425-style retry signal (implementation-specific) </span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">409</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Request is already in progress</span><span class="sh">"</span><span class="p">})}</span> <span class="c1"># Execute business logic after lock acquired </span> <span class="n">result</span> <span class="o">=</span> <span class="p">{</span><span class="sh">"</span><span class="s">paymentId</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">pay_123</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">AUTHORIZED</span><span class="sh">"</span><span class="p">}</span> <span class="nf">mark_completed</span><span class="p">(</span><span class="n">idem_key</span><span class="p">,</span> <span class="n">result</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span><span class="sh">"</span><span class="s">statusCode</span><span class="sh">"</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">"</span><span class="s">body</span><span class="sh">"</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">result</span><span class="p">)}</span> </code></pre> </div> <h3> Manual pattern caveats </h3> <p>If I go manual, I also need to think about:</p> <ul> <li>expired <code>IN_PROGRESS</code> lock recovery</li> <li>exception handling and safe cleanup</li> <li>serialization of cached responses</li> <li>metrics for duplicate hits vs fresh requests</li> <li>consistent behavior across all event sources</li> </ul> <p>That is exactly why Powertools is usually the better default.</p> <h2> End-to-end implementation discussion (how I wire this in production) </h2> <p>This is the part I care about most in architecture reviews: not just the code, but where idempotency sits in the overall system.</p> <h3> 1) Idempotency belongs close to the handler boundary </h3> <p>I usually apply idempotency at the Lambda entry point (or record handler for batches), before business side effects occur.</p> <p>Why:</p> <ul> <li>it prevents duplicate external calls</li> <li>it keeps the protection broad</li> <li>it makes retries safe by default</li> </ul> <h3> 2) I still design downstream writes carefully </h3> <p>Idempotency at the Lambda layer is great, but if the function can partially succeed before crashing, I also check downstream safety:</p> <ul> <li>unique constraints in relational DBs</li> <li>conditional writes in DynamoDB</li> <li>provider-side idempotency support for payment APIs or webhooks</li> </ul> <p>Think in layers, not in a single magic switch.</p> <h3> 3) I define duplicate behavior per source </h3> <p>The response to a duplicate is not always the same.</p> <ul> <li> <strong>API Gateway</strong>: return cached success response (best UX)</li> <li> <strong>SQS</strong>: ack success for already-processed message, avoid poison-loop</li> <li> <strong>EventBridge</strong>: safely no-op or return success after dedupe</li> </ul> <h3> 4) I separate “idempotency key” and “correlation ID” </h3> <p>They are related but not identical.</p> <ul> <li> <strong>Correlation ID</strong> -&gt; tracing/observability</li> <li> <strong>Idempotency key</strong> -&gt; duplicate suppression for a specific operation</li> </ul> <p>Sometimes they can be the same, but I do not assume that.</p> <h2> Handling edge cases and failure modes </h2> <h3> Edge case 1: Same key, different payload </h3> <p>This should be treated as a contract violation.</p> <p><strong>Best practice:</strong> return <code>409 Conflict</code> (or equivalent domain error) and log it loudly.</p> <p>Why I do this:</p> <ul> <li>protects clients from accidental misuse</li> <li>prevents serving incorrect cached results</li> <li>surfaces integration bugs early</li> </ul> <h3> Edge case 2: Function times out after making a side effect </h3> <p>This is the classic ambiguous outcome problem.</p> <p>Idempotency helps, but only if:</p> <ul> <li>the side effect can be detected or safely repeated, and/or</li> <li>the result gets persisted before timeout</li> </ul> <p>Best practices:</p> <ul> <li>keep timeouts realistic</li> <li>use downstream idempotency where available</li> <li>break long operations into Step Functions when needed</li> <li>persist progress checkpoints for multi-step work</li> </ul> <h3> Edge case 3: <code>IN_PROGRESS</code> records stuck after crashes </h3> <p>If a function crashes after acquiring the lock, duplicates may keep seeing <code>IN_PROGRESS</code>.</p> <p>Best practices:</p> <ul> <li>use an <strong>in-progress lock expiry</strong> </li> <li>make retries back off</li> <li>alert on sustained <code>IN_PROGRESS</code> accumulation</li> <li>evaluate whether the operation is safe to re-attempt after lock expiry</li> </ul> <h3> Edge case 4: Replay and backfill </h3> <p>Operational replay is common and healthy. I design for it intentionally.</p> <p>Best practices:</p> <ul> <li>choose a dedupe window that matches replay expectations</li> <li>if replay should <em>re-run</em> effects, use a different idempotency namespace/version</li> <li>document replay semantics for ops teams</li> </ul> <p>Example:</p> <ul> <li>normal key: <code>invoice-email:{invoiceId}</code> </li> <li>forced replay key namespace: <code>invoice-email:replay:{jobId}:{invoiceId}</code> </li> </ul> <h2> Observability: what I monitor for idempotency </h2> <p>Idempotency is not just a code concern. I want to know how often it is being exercised and whether it is hiding a deeper issue.</p> <h3> Metrics I like to emit </h3> <ul> <li><code>IdempotencyFreshRequests</code></li> <li><code>IdempotencyDuplicateHits</code></li> <li><code>IdempotencyInProgressConflicts</code></li> <li> <code>IdempotencyValidationConflicts</code> (same key, different payload)</li> <li><code>IdempotencyStoreErrors</code></li> <li>handler latency split by fresh vs duplicate</li> </ul> <h3> Logs I always include </h3> <ul> <li>idempotency key (or redacted/hash if sensitive)</li> <li>source (<code>api</code>, <code>sqs</code>, <code>eventbridge</code>)</li> <li>dedupe outcome (<code>fresh</code>, <code>duplicate_completed</code>, <code>duplicate_in_progress</code>, <code>validation_mismatch</code>)</li> <li>business identifier (<code>orderId</code>, <code>paymentId</code>, etc.)</li> </ul> <p>This makes incident triage much faster.</p> <h2> Practical best practices checklist (the part I use in reviews) </h2> <h3> Key selection </h3> <ul> <li>[ ] Key represents a <strong>business operation</strong>, not transport metadata</li> <li>[ ] Key is stable across retries/replays</li> <li>[ ] Key cardinality is high enough to avoid false collisions</li> <li>[ ] Payload mismatch with same key is detected</li> </ul> <h3> Dedupe window </h3> <ul> <li>[ ] TTL matches retry + redrive + replay realities</li> <li>[ ] Expiry is checked in code (not only by DynamoDB TTL cleanup)</li> <li>[ ] Window is documented in API/event contract</li> </ul> <h3> Store design </h3> <ul> <li>[ ] DynamoDB conditional write used for first writer wins</li> <li>[ ] <code>IN_PROGRESS</code> and <code>COMPLETED</code> states are handled explicitly</li> <li>[ ] Cached response/ack strategy is defined</li> <li>[ ] Encryption, backups/PITR, and least privilege are configured</li> </ul> <h3> Source-specific behavior </h3> <ul> <li>[ ] API duplicates return deterministic response</li> <li>[ ] SQS uses partial batch response</li> <li>[ ] EventBridge consumer supports replay safely</li> <li>[ ] Redrive/replay semantics are documented for ops</li> </ul> <h3> Operations </h3> <ul> <li>[ ] Metrics and alarms exist for duplicate spikes and store failures</li> <li>[ ] Logs include dedupe outcomes and business IDs</li> <li>[ ] Runbooks cover stale <code>IN_PROGRESS</code> records and replay scenarios</li> </ul> <h2> Common mistakes I see (and how I avoid them) </h2> <h3> Mistake 1: Using Lambda <code>requestId</code> as the idempotency key </h3> <p>That only identifies the invocation, not the logical request.</p> <p><strong>Fix:</strong> use business operation identity or client-provided idempotency key.</p> <h3> Mistake 2: Assuming FIFO queue means I do not need idempotency </h3> <p>FIFO helps with ordering and deduplication windows, but it does not replace end-to-end idempotency for all side effects and replay paths.</p> <p><strong>Fix:</strong> still make the consumer idempotent.</p> <h3> Mistake 3: Dedupe only at the API layer </h3> <p>Then an async worker downstream duplicates the side effect anyway.</p> <p><strong>Fix:</strong> apply idempotency where side effects happen, especially in SQS/EventBridge consumers.</p> <h3> Mistake 4: No payload validation on key reuse </h3> <p>This can return the wrong cached response and create hidden data integrity issues.</p> <p><strong>Fix:</strong> validate a stable subset of the payload with the idempotency key.</p> <h3> Mistake 5: Too-short TTL </h3> <p>The key expires before retries/redrives finish, so duplicates sneak through.</p> <p><strong>Fix:</strong> pick TTL based on actual operational timelines, not guesswork.</p> <h2> Final thoughts </h2> <p>If I had to summarize production-grade idempotency architecture in one line, it would be this:</p> <p><strong>Design for duplicate delivery as normal behavior, then make your Lambda handlers safe, deterministic, and observable.</strong></p> <p>AWS gives us excellent building blocks for this:</p> <ul> <li>Lambda</li> <li>SQS / EventBridge / API Gateway</li> <li>DynamoDB conditional writes</li> <li>AWS Lambda Powertools idempotency utility</li> </ul> <p>When I combine them intentionally, retries stop being scary and start being a reliability feature instead of a data integrity risk.</p> <p>If you are building Lambda-driven systems that write to money, inventory, notifications, or customer state, idempotency is not optional. It is a core part of the architecture.</p> <p>That placement helps readers understand the flow before diving into implementation details.</p> <h2> References </h2> <ul> <li>AWS Lambda Powertools (Python) documentation</li> <li>AWS Lambda developer guide</li> <li>Amazon SQS developer guide (Lambda event source mappings / retries / partial batch response)</li> <li>Amazon EventBridge documentation (retries, targets, replay/archive)</li> <li>Amazon DynamoDB documentation (conditional writes, TTL, PITR)</li> </ul> aws webdev eventdriven productivity Building a Serverless Command Bus / Workflow Backbone for Microservices Renaldi Sun, 15 Mar 2026 22:00:00 +0000 https://dev.to/aws-builders/building-a-serverless-command-bus-workflow-backbone-for-microservices-599b https://dev.to/aws-builders/building-a-serverless-command-bus-workflow-backbone-for-microservices-599b <p>When I design microservice platforms on AWS, one of the recurring problems I see is not “how do I trigger a Lambda,” but rather “how do I keep a growing set of services coordinated, observable, and governed without turning everything into tight coupling?”</p> <p>That is where a <strong>serverless command bus plus workflow backbone</strong> becomes a powerful pattern.</p> <p>In this post, I will walk through how I build this in practice using <strong>Amazon EventBridge</strong> and <strong>AWS Step Functions</strong>, and I will cover:</p> <ul> <li>Commands vs events</li> <li>EventBridge vs direct invoke</li> <li>Step Functions for orchestrated flows</li> <li>Auditability and tracing</li> <li>Contract evolution</li> <li>Governance and domain boundaries</li> </ul> <p>I will also include an <strong>end-to-end implementation walkthrough</strong>, code samples, and architecture guidance so this is not just conceptual.</p> <h2> Why this pattern is worth building </h2> <p>As systems grow, teams usually end up with some mixture of:</p> <ul> <li>synchronous service-to-service calls</li> <li>ad hoc retries</li> <li>duplicated orchestration logic</li> <li>inconsistent logging/correlation IDs</li> <li>unclear ownership of contracts</li> <li>event naming drift</li> <li>“mystery failures” across multiple services</li> </ul> <p>A command bus/workflow backbone gives you a more intentional architecture:</p> <ul> <li> <strong>Commands</strong> are routed to the right handler or orchestrator</li> <li> <strong>Workflows</strong> coordinate multi-step business actions</li> <li> <strong>Events</strong> are published as business facts for downstream consumers</li> <li> <strong>Tracing/audit</strong> become standard instead of optional</li> <li> <strong>Contract governance</strong> is enforced at boundaries rather than after incidents</li> </ul> <p>This is especially effective for domains like:</p> <ul> <li>order fulfillment</li> <li>onboarding/KYC</li> <li>claims processing</li> <li>content moderation pipelines</li> <li>payment settlement</li> <li>inventory reservation</li> <li>fulfillment and notification fan-out</li> </ul> <h2> What I mean by “Command Bus” in a serverless context </h2> <p>In classic application architecture, a command bus is often an in-process dispatching mechanism. In distributed systems, I use the term a bit differently:</p> <ul> <li>A <strong>command</strong> represents an intent to perform a business action</li> <li>The <strong>command bus</strong> is the routing layer that accepts commands and sends them to the correct handler/orchestrator</li> <li>A <strong>workflow backbone</strong> is the orchestration mechanism that executes multi-step business flows and emits events</li> </ul> <p>On AWS, a practical implementation is:</p> <ul> <li> <strong>API Gateway + Lambda</strong> for ingress</li> <li> <strong>EventBridge</strong> as the command routing fabric</li> <li> <strong>Step Functions</strong> as the workflow engine</li> <li> <strong>EventBridge (domain event bus)</strong> for business events</li> <li> <strong>DynamoDB / S3 / CloudWatch / X-Ray / OTEL</strong> for auditability and observability</li> </ul> <h2> Commands vs Events (and why this distinction matters) </h2> <p>This is the first thing I standardize with teams, because it affects naming, routing, retries, and ownership.</p> <h3> Commands </h3> <p>A command is an instruction or request to do something.</p> <p>Examples:</p> <ul> <li><code>CreateOrder</code></li> <li><code>ApproveLoanApplication</code></li> <li><code>ReserveInventory</code></li> <li><code>InitiateRefund</code></li> </ul> <p>Commands are typically:</p> <ul> <li><strong>intent-driven</strong></li> <li>often addressed to <strong>one owning domain/service</strong> </li> <li>can be <strong>accepted/rejected</strong> </li> <li>may need <strong>validation and idempotency</strong> </li> <li>often require <strong>stronger governance</strong> at the boundary</li> </ul> <p>A command implies someone is asking for work to be done.</p> <h3> Events </h3> <p>An event is a fact that something already happened.</p> <p>Examples:</p> <ul> <li><code>OrderCreated</code></li> <li><code>InventoryReserved</code></li> <li><code>PaymentAuthorized</code></li> <li><code>RefundInitiated</code></li> </ul> <p>Events are typically:</p> <ul> <li><strong>past-tense facts</strong></li> <li>can have <strong>many subscribers</strong> </li> <li>should be treated as <strong>immutable</strong> </li> <li>support <strong>decoupled reactions</strong> </li> <li>are excellent for <strong>read models, analytics, notifications, integrations</strong> </li> </ul> <p>An event should not be phrased as an instruction.</p> <h3> A rule I use with teams </h3> <p>If the payload is saying, “please do this,” it is a <strong>command</strong>.<br><br> If the payload is saying, “this happened,” it is an <strong>event</strong>.</p> <p>That sounds simple, but it prevents a lot of design drift.</p> <h2> EventBridge vs direct invoke (when to use each) </h2> <p>I do not recommend forcing everything through a bus. Some interactions should remain direct and synchronous.</p> <h3> Use EventBridge when you want </h3> <ul> <li>loose coupling between producers and consumers</li> <li>routing based on message metadata</li> <li>asynchronous execution</li> <li>fan-out to multiple consumers</li> <li>cross-account integration patterns</li> <li>central governance on message flow</li> <li>easy addition of new downstream consumers later</li> </ul> <h3> Use direct invoke (HTTP/gRPC/Lambda invoke) when you need </h3> <ul> <li>immediate response to the caller</li> <li>low latency request/response semantics</li> <li>tight transactional dependencies (within reason)</li> <li>user-facing UX that cannot tolerate async polling/callbacks</li> <li>simple service composition where orchestration overhead is not justified</li> </ul> <h3> My practical guidance </h3> <p>I usually use a <strong>hybrid</strong> model:</p> <ul> <li> <strong>Direct invoke</strong> for request/response reads and tightly-coupled synchronous operations</li> <li> <strong>Command bus + Step Functions</strong> for business workflows and long-running actions</li> <li> <strong>Event bus</strong> for domain events and downstream side effects</li> </ul> <p>That gives you the best of both worlds without ideological overreach.</p> <h2> Reference Architecture </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffxumnxndus9urwvskf9c.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffxumnxndus9urwvskf9c.png" alt=" " width="800" height="293"></a></p> <h3> Architecture overview </h3> <p>At a high level, the flow is:</p> <ol> <li>Client sends a command (e.g., <code>CreateOrder</code>)</li> <li>API layer validates, stamps correlation metadata, applies idempotency</li> <li>Command is published to a <strong>Command Bus</strong> (EventBridge)</li> <li>Rule routes command to a <strong>Step Functions</strong> state machine</li> <li>Workflow invokes domain steps (fraud, payment, inventory, order write)</li> <li>Workflow emits <strong>domain events</strong> (e.g., <code>OrderCreated</code> or <code>OrderRejected</code>)</li> <li>Event consumers react independently (notifications, analytics, CRM, projections)</li> <li>Audit and tracing data is captured throughout</li> </ol> <p>This separates:</p> <ul> <li><strong>request intent ingestion</strong></li> <li><strong>workflow orchestration</strong></li> <li><strong>event publication</strong></li> <li><strong>consumer reactions</strong></li> <li><strong>governance/observability</strong></li> </ul> <h2> End-to-End Walkthrough: <code>CreateOrder</code> command </h2> <p>To make this concrete, I will use an order workflow.</p> <h3> Business scenario </h3> <p>A client submits an order. The system needs to:</p> <ol> <li>Validate the request and check idempotency</li> <li>Run a fraud check</li> <li>Authorize payment</li> <li>Reserve inventory</li> <li>Persist the order</li> <li>Publish the resulting business event(s)</li> <li>Notify downstream systems</li> </ol> <h3> Step 1: Client submits a command </h3> <p>The client calls an API endpoint such as:</p> <ul> <li><code>POST /orders</code></li> </ul> <p>Internally, I treat this as a <code>CreateOrderCommand</code>.</p> <p>The API layer does not directly orchestrate business logic. Its job is to:</p> <ul> <li>authenticate/authorize</li> <li>validate payload shape</li> <li>assign <code>commandId</code> and <code>correlationId</code> </li> <li>apply idempotency safeguards</li> <li>publish the command to the bus</li> </ul> <h3> Step 2: Command is routed on the command bus </h3> <p>The command lands on an EventBridge bus (logical “command bus”).</p> <p>A rule matches:</p> <ul> <li>source</li> <li>detail-type</li> <li>possibly domain/version metadata</li> </ul> <p>That rule starts a Step Functions state machine for <code>CreateOrder</code>.</p> <p>This gives me routing flexibility without wiring the producer directly to the orchestrator.</p> <h3> Step 3: Step Functions orchestrates the business flow </h3> <p>The state machine runs each step with retries and error handling.</p> <p>Typical flow:</p> <ul> <li><code>FraudCheck</code></li> <li><code>AuthorizePayment</code></li> <li><code>ReserveInventory</code></li> <li><code>PersistOrder</code></li> <li><code>PublishOrderCreatedEvent</code></li> </ul> <p>If any step fails:</p> <ul> <li>compensate if needed (e.g., release reservation / void payment)</li> <li>emit failure event (e.g., <code>OrderRejected</code>, <code>PaymentFailed</code>)</li> <li>write audit trail</li> </ul> <h3> Step 4: Domain events are published </h3> <p>Once the workflow succeeds or fails, the workflow emits a domain event to an EventBridge <strong>event bus</strong> (logical “domain event bus”).</p> <p>Examples:</p> <ul> <li><code>OrderCreated</code></li> <li><code>OrderRejected</code></li> <li><code>PaymentFailed</code></li> </ul> <p>These events can fan out to multiple consumers without changing the workflow code.</p> <h3> Step 5: Consumers react independently </h3> <p>Downstream services subscribe and act:</p> <ul> <li>Notifications send email/SMS/push</li> <li>Analytics ingests event into a lake/warehouse</li> <li>CRM updates lifecycle state</li> <li>Projection service updates a query/read model</li> </ul> <p>None of these consumers need to be in the critical path of order creation.</p> <h2> Implementation discussion (practical, not just theoretical) </h2> <p>Below is a concrete implementation shape I use and recommend.</p> <h2> Message contract design (command and event envelopes) </h2> <p>I strongly recommend standardizing a message envelope early. It pays off in observability, replay, governance, and contract evolution.</p> <h3> Command envelope example </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"meta"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"messageType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"command"</span><span class="p">,</span><span class="w"> </span><span class="nl">"commandName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CreateOrder"</span><span class="p">,</span><span class="w"> </span><span class="nl">"schemaVersion"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"commandId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"cmd_01HSYJQF3A6M0R6G0J7VY7A1J9"</span><span class="p">,</span><span class="w"> </span><span class="nl">"correlationId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"corr_2f1d3a07-3d89-4a62-9f6c-9f29f4e96f7e"</span><span class="p">,</span><span class="w"> </span><span class="nl">"causationId"</span><span class="p">:</span><span class="w"> </span><span class="kc">null</span><span class="p">,</span><span class="w"> </span><span class="nl">"occurredAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T09:20:00Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tenantId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tenant-001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"initiator"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"user"</span><span class="p">,</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"user-123"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"routing"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"domain"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders"</span><span class="p">,</span><span class="w"> </span><span class="nl">"target"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders.workflow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"priority"</span><span class="p">:</span><span class="w"> </span><span class="s2">"normal"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"orderId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ORD-100045"</span><span class="p">,</span><span class="w"> </span><span class="nl">"customerId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CUST-9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"currency"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AUD"</span><span class="p">,</span><span class="w"> </span><span class="nl">"items"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"sku"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SKU-123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"qty"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"unitPrice"</span><span class="p">:</span><span class="w"> </span><span class="mf">49.95</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"sku"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SKU-999"</span><span class="p">,</span><span class="w"> </span><span class="nl">"qty"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"unitPrice"</span><span class="p">:</span><span class="w"> </span><span class="mf">19.95</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"paymentMethodToken"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tok_abc123"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Event envelope example </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"meta"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"messageType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"event"</span><span class="p">,</span><span class="w"> </span><span class="nl">"eventName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OrderCreated"</span><span class="p">,</span><span class="w"> </span><span class="nl">"schemaVersion"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1.1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"eventId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"evt_01HSYK2GQKCNZC3Q0Z6R3T9M7K"</span><span class="p">,</span><span class="w"> </span><span class="nl">"correlationId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"corr_2f1d3a07-3d89-4a62-9f6c-9f29f4e96f7e"</span><span class="p">,</span><span class="w"> </span><span class="nl">"causationId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"cmd_01HSYJQF3A6M0R6G0J7VY7A1J9"</span><span class="p">,</span><span class="w"> </span><span class="nl">"occurredAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T09:20:03Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"producer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders.workflow"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"subject"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"domain"</span><span class="p">:</span><span class="w"> </span><span class="s2">"orders"</span><span class="p">,</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ORD-100045"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"orderId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ORD-100045"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CREATED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"paymentStatus"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AUTHORIZED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"inventoryStatus"</span><span class="p">:</span><span class="w"> </span><span class="s2">"RESERVED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"totalAmount"</span><span class="p">:</span><span class="w"> </span><span class="mf">119.85</span><span class="p">,</span><span class="w"> </span><span class="nl">"currency"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AUD"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Why I standardize envelopes </h3> <p>This makes it much easier to implement:</p> <ul> <li>trace propagation</li> <li>replay tooling</li> <li>audit logging</li> <li>schema validation</li> <li>version migration</li> <li>tenant-aware governance</li> </ul> <h2> API ingress (Lambda) for command intake </h2> <p>This example shows a command-ingress Lambda that validates input, applies idempotency, and publishes to EventBridge.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/handlers/create-order-command.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">APIGatewayProxyEventV2</span><span class="p">,</span> <span class="nx">APIGatewayProxyStructuredResultV2</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">EventBridgeClient</span><span class="p">,</span> <span class="nx">PutEventsCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-eventbridge</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">,</span> <span class="nx">PutCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/lib-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">randomUUID</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">crypto</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">eb</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">EventBridgeClient</span><span class="p">({});</span> <span class="kd">const</span> <span class="nx">ddb</span> <span class="o">=</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="k">new</span> <span class="nc">DynamoDBClient</span><span class="p">({}));</span> <span class="kd">const</span> <span class="nx">COMMAND_BUS_NAME</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">COMMAND_BUS_NAME</span><span class="o">!</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">IDEMPOTENCY_TABLE</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">IDEMPOTENCY_TABLE</span><span class="o">!</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">COMMAND_SOURCE</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">com.example.orders.api</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span> <span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEventV2</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyStructuredResultV2</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">correlationId</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">"</span><span class="s2">x-correlation-id</span><span class="dl">"</span><span class="p">]</span> <span class="o">??</span> <span class="s2">`corr_</span><span class="p">${</span><span class="nf">randomUUID</span><span class="p">()}</span><span class="s2">`</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">idempotencyKey</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">"</span><span class="s2">idempotency-key</span><span class="dl">"</span><span class="p">]</span> <span class="o">??</span> <span class="s2">`idem_</span><span class="p">${</span><span class="nf">randomUUID</span><span class="p">()}</span><span class="s2">`</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">event</span><span class="p">.</span><span class="nx">body</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">statusCode</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Missing request body</span><span class="dl">"</span> <span class="p">})</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">body</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">body</span><span class="p">);</span> <span class="c1">// Minimal shape validation (use JSON Schema in production)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">body</span><span class="p">.</span><span class="nx">customerId</span> <span class="o">||</span> <span class="o">!</span><span class="nb">Array</span><span class="p">.</span><span class="nf">isArray</span><span class="p">(</span><span class="nx">body</span><span class="p">.</span><span class="nx">items</span><span class="p">)</span> <span class="o">||</span> <span class="nx">body</span><span class="p">.</span><span class="nx">items</span><span class="p">.</span><span class="nx">length</span> <span class="o">===</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">statusCode</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid order payload</span><span class="dl">"</span> <span class="p">})</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// Idempotency write (fail if key already exists)</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">ddb</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span> <span class="k">new</span> <span class="nc">PutCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">IDEMPOTENCY_TABLE</span><span class="p">,</span> <span class="na">Item</span><span class="p">:</span> <span class="p">{</span> <span class="na">pk</span><span class="p">:</span> <span class="nx">idempotencyKey</span><span class="p">,</span> <span class="na">createdAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">().</span><span class="nf">toISOString</span><span class="p">(),</span> <span class="nx">correlationId</span> <span class="p">},</span> <span class="na">ConditionExpression</span><span class="p">:</span> <span class="dl">"</span><span class="s2">attribute_not_exists(pk)</span><span class="dl">"</span> <span class="p">})</span> <span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="na">err</span><span class="p">:</span> <span class="kr">any</span><span class="p">)</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">err</span><span class="p">.</span><span class="nx">name</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">ConditionalCheckFailedException</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">statusCode</span><span class="p">:</span> <span class="mi">409</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Duplicate request</span><span class="dl">"</span><span class="p">,</span> <span class="nx">correlationId</span><span class="p">,</span> <span class="nx">idempotencyKey</span> <span class="p">})</span> <span class="p">};</span> <span class="p">}</span> <span class="k">throw</span> <span class="nx">err</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">commandId</span> <span class="o">=</span> <span class="s2">`cmd_</span><span class="p">${</span><span class="nf">randomUUID</span><span class="p">()}</span><span class="s2">`</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">().</span><span class="nf">toISOString</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">commandEnvelope</span> <span class="o">=</span> <span class="p">{</span> <span class="na">meta</span><span class="p">:</span> <span class="p">{</span> <span class="na">messageType</span><span class="p">:</span> <span class="dl">"</span><span class="s2">command</span><span class="dl">"</span><span class="p">,</span> <span class="na">commandName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">CreateOrder</span><span class="dl">"</span><span class="p">,</span> <span class="na">schemaVersion</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1.0</span><span class="dl">"</span><span class="p">,</span> <span class="nx">commandId</span><span class="p">,</span> <span class="nx">correlationId</span><span class="p">,</span> <span class="na">causationId</span><span class="p">:</span> <span class="kc">null</span><span class="p">,</span> <span class="na">occurredAt</span><span class="p">:</span> <span class="nx">now</span><span class="p">,</span> <span class="na">tenantId</span><span class="p">:</span> <span class="dl">"</span><span class="s2">tenant-001</span><span class="dl">"</span><span class="p">,</span> <span class="na">initiator</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user</span><span class="dl">"</span><span class="p">,</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user-123</span><span class="dl">"</span> <span class="p">}</span> <span class="p">},</span> <span class="na">routing</span><span class="p">:</span> <span class="p">{</span> <span class="na">domain</span><span class="p">:</span> <span class="dl">"</span><span class="s2">orders</span><span class="dl">"</span><span class="p">,</span> <span class="na">target</span><span class="p">:</span> <span class="dl">"</span><span class="s2">orders.workflow</span><span class="dl">"</span><span class="p">,</span> <span class="na">priority</span><span class="p">:</span> <span class="dl">"</span><span class="s2">normal</span><span class="dl">"</span> <span class="p">},</span> <span class="na">data</span><span class="p">:</span> <span class="nx">body</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">eb</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span> <span class="k">new</span> <span class="nc">PutEventsCommand</span><span class="p">({</span> <span class="na">Entries</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">EventBusName</span><span class="p">:</span> <span class="nx">COMMAND_BUS_NAME</span><span class="p">,</span> <span class="na">Source</span><span class="p">:</span> <span class="nx">COMMAND_SOURCE</span><span class="p">,</span> <span class="na">DetailType</span><span class="p">:</span> <span class="dl">"</span><span class="s2">CreateOrderCommand</span><span class="dl">"</span><span class="p">,</span> <span class="na">Time</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">now</span><span class="p">),</span> <span class="na">Detail</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">commandEnvelope</span><span class="p">)</span> <span class="p">}</span> <span class="p">]</span> <span class="p">})</span> <span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="na">statusCode</span><span class="p">:</span> <span class="mi">202</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">content-type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">x-correlation-id</span><span class="dl">"</span><span class="p">:</span> <span class="nx">correlationId</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Command accepted</span><span class="dl">"</span><span class="p">,</span> <span class="nx">commandId</span><span class="p">,</span> <span class="nx">correlationId</span> <span class="p">})</span> <span class="p">};</span> <span class="p">};</span> </code></pre> </div> <h3> A note on API response semantics </h3> <p>I usually return <strong><code>202 Accepted</code></strong> for async workflows. That is clearer than pretending the business operation is already complete.</p> <h2> EventBridge routing for the command bus </h2> <p>I use EventBridge rules to map command types to orchestrators or handlers.</p> <h3> Routing rule concept </h3> <ul> <li><code>source = com.example.orders.api</code></li> <li><code>detail-type = CreateOrderCommand</code></li> <li>target = Step Functions state machine</li> </ul> <p>This is a clean handoff between ingress and orchestration.</p> <h2> Step Functions for orchestrated flows </h2> <p>This is the backbone of the pattern for multi-step business actions.</p> <p>Step Functions gives you:</p> <ul> <li>retries/backoff</li> <li>explicit error branches</li> <li>timeouts</li> <li>compensation flows</li> <li>state tracking</li> <li>execution history</li> <li>integration with Lambda and AWS services</li> </ul> <h3> Example state machine (Amazon States Language) </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CreateOrder workflow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FraudCheck"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FraudCheck"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${FraudCheckFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultSelector"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"fraud.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.fraudResult"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Retry"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Lambda.ServiceException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Lambda.SdkClientException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"States.TaskFailed"</span><span class="p">],</span><span class="w"> </span><span class="nl">"IntervalSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"BackoffRate"</span><span class="p">:</span><span class="w"> </span><span class="mf">2.0</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxAttempts"</span><span class="p">:</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FraudDecision"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"FraudDecision"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Choice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Choices"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Variable"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.fraudResult.fraud.approved"</span><span class="p">,</span><span class="w"> </span><span class="nl">"BooleanEquals"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AuthorizePayment"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Default"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishOrderRejected"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"AuthorizePayment"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${AuthorizePaymentFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultSelector"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"payment.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.paymentResult"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Catch"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"States.ALL"</span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishPaymentFailed"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ReserveInventory"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ReserveInventory"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${ReserveInventoryFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultSelector"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"inventory.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.inventoryResult"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Catch"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"States.ALL"</span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishOrderRejected"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PersistOrder"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PersistOrder"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${PersistOrderFnArn}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultSelector"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"order.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.orderResult"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PublishOrderCreated"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishOrderCreated"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::events:putEvents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Entries"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"EventBusName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${DomainEventBusName}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"com.example.orders.workflow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"DetailType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OrderCreated"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Detail.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"States.JsonToString($.orderResult.order.eventEnvelope)"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishPaymentFailed"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::events:putEvents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Entries"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"EventBusName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${DomainEventBusName}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"com.example.orders.workflow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"DetailType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PaymentFailed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Detail.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"States.JsonToString($.paymentResult.paymentFailureEvent)"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"PublishOrderRejected"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::events:putEvents"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Entries"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"EventBusName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"${DomainEventBusName}"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Source"</span><span class="p">:</span><span class="w"> </span><span class="s2">"com.example.orders.workflow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"DetailType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OrderRejected"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Detail.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"States.JsonToString($.fraudResult.fraud.rejectionEvent)"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Why I like this approach </h3> <p>The orchestration is visible and reviewable. You can reason about:</p> <ul> <li>what happens on success</li> <li>what retries are safe</li> <li>how failures are surfaced</li> <li>which events are emitted</li> <li>which steps need compensation</li> </ul> <p>That is much harder when orchestration is hidden across multiple services.</p> <h2> Domain task implementation example (Lambda) </h2> <p>Here is a simplified payment authorization step.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/handlers/authorize-payment.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Context</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="kd">type</span> <span class="nx">WorkflowInput</span> <span class="o">=</span> <span class="p">{</span> <span class="na">meta</span><span class="p">:</span> <span class="p">{</span> <span class="na">correlationId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">commandId</span><span class="p">?:</span> <span class="kr">string</span><span class="p">;</span> <span class="p">};</span> <span class="nl">data</span><span class="p">:</span> <span class="p">{</span> <span class="na">orderId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">customerId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">currency</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">items</span><span class="p">:</span> <span class="nb">Array</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">sku</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">qty</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="nl">unitPrice</span><span class="p">:</span> <span class="kr">number</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">;</span> <span class="nl">paymentMethodToken</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="p">};</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">input</span><span class="p">:</span> <span class="nx">WorkflowInput</span><span class="p">,</span> <span class="nx">context</span><span class="p">:</span> <span class="nx">Context</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">correlationId</span> <span class="o">=</span> <span class="nx">input</span><span class="p">.</span><span class="nx">meta</span><span class="p">?.</span><span class="nx">correlationId</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">unknown</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">totalAmount</span> <span class="o">=</span> <span class="nx">input</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">items</span><span class="p">.</span><span class="nf">reduce</span><span class="p">((</span><span class="nx">sum</span><span class="p">,</span> <span class="nx">i</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">sum</span> <span class="o">+</span> <span class="nx">i</span><span class="p">.</span><span class="nx">qty</span> <span class="o">*</span> <span class="nx">i</span><span class="p">.</span><span class="nx">unitPrice</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span> <span class="c1">// Simulated payment auth</span> <span class="kd">const</span> <span class="nx">paymentAuthorized</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">level</span><span class="p">:</span> <span class="dl">"</span><span class="s2">INFO</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Authorizing payment</span><span class="dl">"</span><span class="p">,</span> <span class="nx">correlationId</span><span class="p">,</span> <span class="na">awsRequestId</span><span class="p">:</span> <span class="nx">context</span><span class="p">.</span><span class="nx">awsRequestId</span><span class="p">,</span> <span class="na">orderId</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">orderId</span><span class="p">,</span> <span class="nx">totalAmount</span> <span class="p">}));</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">paymentAuthorized</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Payment authorization failed</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="na">authorized</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">authorizationId</span><span class="p">:</span> <span class="s2">`auth_</span><span class="p">${</span><span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">()}</span><span class="s2">`</span><span class="p">,</span> <span class="na">amount</span><span class="p">:</span> <span class="nc">Number</span><span class="p">(</span><span class="nx">totalAmount</span><span class="p">.</span><span class="nf">toFixed</span><span class="p">(</span><span class="mi">2</span><span class="p">)),</span> <span class="na">currency</span><span class="p">:</span> <span class="nx">input</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">currency</span> <span class="p">};</span> <span class="p">};</span> </code></pre> </div> <h2> CDK example (wiring the core pieces) </h2> <p>Below is a simplified AWS CDK (TypeScript) example to show how the pieces connect.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// lib/command-bus-stack.ts</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">constructs</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">events</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-events</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">targets</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-events-targets</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">lambda</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">dynamodb</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">sfn</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-stepfunctions</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">CommandBusStack</span> <span class="kd">extends</span> <span class="nc">cdk</span><span class="p">.</span><span class="nx">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">commandBus</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">events</span><span class="p">.</span><span class="nc">EventBus</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">CommandBus</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">eventBusName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">command-bus</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">domainEventBus</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">events</span><span class="p">.</span><span class="nc">EventBus</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">DomainEventBus</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">eventBusName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">domain-event-bus</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">idempotencyTable</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">IdempotencyTable</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">pk</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">billingMode</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">BillingMode</span><span class="p">.</span><span class="nx">PAY_PER_REQUEST</span><span class="p">,</span> <span class="na">timeToLiveAttribute</span><span class="p">:</span> <span class="dl">"</span><span class="s2">ttl</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">createOrderCommandFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">CreateOrderCommandFn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_20_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">"</span><span class="s2">create-order-command.handler</span><span class="dl">"</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="dl">"</span><span class="s2">dist</span><span class="dl">"</span><span class="p">),</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">COMMAND_BUS_NAME</span><span class="p">:</span> <span class="nx">commandBus</span><span class="p">.</span><span class="nx">eventBusName</span><span class="p">,</span> <span class="na">IDEMPOTENCY_TABLE</span><span class="p">:</span> <span class="nx">idempotencyTable</span><span class="p">.</span><span class="nx">tableName</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">commandBus</span><span class="p">.</span><span class="nf">grantPutEventsTo</span><span class="p">(</span><span class="nx">createOrderCommandFn</span><span class="p">);</span> <span class="nx">idempotencyTable</span><span class="p">.</span><span class="nf">grantReadWriteData</span><span class="p">(</span><span class="nx">createOrderCommandFn</span><span class="p">);</span> <span class="c1">// Placeholder state machine - replace with full definition</span> <span class="kd">const</span> <span class="nx">createOrderStateMachine</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">sfn</span><span class="p">.</span><span class="nc">StateMachine</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">CreateOrderStateMachine</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">definitionBody</span><span class="p">:</span> <span class="nx">sfn</span><span class="p">.</span><span class="nx">DefinitionBody</span><span class="p">.</span><span class="nf">fromString</span><span class="p">(</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">StartAt</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Done</span><span class="dl">"</span><span class="p">,</span> <span class="na">States</span><span class="p">:</span> <span class="p">{</span> <span class="na">Done</span><span class="p">:</span> <span class="p">{</span> <span class="na">Type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Succeed</span><span class="dl">"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}))</span> <span class="p">});</span> <span class="k">new</span> <span class="nx">events</span><span class="p">.</span><span class="nc">Rule</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">RouteCreateOrderCommand</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">eventBus</span><span class="p">:</span> <span class="nx">commandBus</span><span class="p">,</span> <span class="na">eventPattern</span><span class="p">:</span> <span class="p">{</span> <span class="na">source</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">com.example.orders.api</span><span class="dl">"</span><span class="p">],</span> <span class="na">detailType</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">CreateOrderCommand</span><span class="dl">"</span><span class="p">]</span> <span class="p">},</span> <span class="na">targets</span><span class="p">:</span> <span class="p">[</span><span class="k">new</span> <span class="nx">targets</span><span class="p">.</span><span class="nc">SfnStateMachine</span><span class="p">(</span><span class="nx">createOrderStateMachine</span><span class="p">)]</span> <span class="p">});</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">CommandBusName</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">commandBus</span><span class="p">.</span><span class="nx">eventBusName</span> <span class="p">});</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">DomainEventBusName</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">domainEventBus</span><span class="p">.</span><span class="nx">eventBusName</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> CDK notes from real projects </h3> <p>In production, I also add:</p> <ul> <li>DLQs where supported</li> <li>alarms on failed executions and throttles</li> <li>log retention policies</li> <li>encryption settings</li> <li>resource policies for cross-account publishing</li> <li>least-privilege IAM per state/task</li> <li>tagging and cost allocation labels</li> </ul> <h2> Auditability and tracing (this is where the pattern really pays off) </h2> <p>A lot of teams build async systems and then struggle to answer a simple question:</p> <blockquote> <p>“What happened to this request?”</p> </blockquote> <p>I design for that from day one.</p> <h3> What I want to trace across the platform </h3> <p>At minimum:</p> <ul> <li> <code>correlationId</code> (request-level trace)</li> <li> <code>commandId</code> / <code>eventId</code> </li> <li> <code>causationId</code> (what produced this)</li> <li>workflow execution ID / ARN</li> <li>domain entity ID (e.g., <code>orderId</code>)</li> <li>tenant ID (if multi-tenant)</li> <li>timestamps and status transitions</li> </ul> <h3> Where I record this </h3> <p>I typically combine:</p> <ul> <li> <strong>structured logs</strong> (CloudWatch Logs)</li> <li> <strong>execution history</strong> (Step Functions)</li> <li> <strong>traces</strong> (X-Ray / OpenTelemetry where applicable)</li> <li> <strong>audit store</strong> (DynamoDB or S3, depending on retention/query needs)</li> </ul> <h3> Audit log strategy (practical approach) </h3> <p>I usually write a normalized audit record for each important transition:</p> <ul> <li>command accepted</li> <li>workflow started</li> <li>step completed/failed</li> <li>event published</li> <li>consumer processed/failed</li> </ul> <p>This can be as simple as a DynamoDB table keyed by <code>correlationId</code> and <code>timestamp</code>, or an append-only S3 log for long-term retention.</p> <h3> Important distinction: audit vs debug logs </h3> <ul> <li> <strong>Debug logs</strong> help developers troubleshoot</li> <li> <strong>Audit records</strong> help operators, compliance, and support teams reconstruct what happened</li> </ul> <p>Do not assume one replaces the other.</p> <h2> Contract evolution (how to avoid breaking consumers) </h2> <p>This is one of the biggest long-term risks in event-driven systems.</p> <h3> My default rule: evolve, do not break </h3> <p>For events, I prefer:</p> <ul> <li>additive changes</li> <li>optional fields</li> <li>versioned schemas</li> <li>compatibility checks in CI</li> <li>deprecation windows</li> </ul> <p>For commands, I am stricter because commands are business API boundaries.</p> <h3> Practical contract evolution patterns </h3> <h4> 1) Envelope version + payload schema version </h4> <p>I keep envelope metadata stable and version the business schema independently.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"meta"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"schemaVersion"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1.1"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> 2) Add fields, do not rename/remove casually </h4> <p>Safer changes:</p> <ul> <li>add optional field</li> <li>add new event type (if semantics change)</li> <li>add new metadata</li> </ul> <p>Riskier changes:</p> <ul> <li>renaming fields</li> <li>changing field meaning</li> <li>changing enum semantics</li> <li>changing required/optional behavior</li> </ul> <h4> 3) Prefer new event types when semantics change materially </h4> <p>If <code>OrderCreated</code> starts meaning something different, I usually create a new event type rather than mutating semantics.</p> <h4> 4) Validate contracts in CI </h4> <p>I recommend automated checks for:</p> <ul> <li>JSON schema validation</li> <li>compatibility rules (backward/forward depending on consumer strategy)</li> <li>sample payload fixtures</li> <li>consumer contract tests</li> </ul> <h3> Command vs event evolution nuance </h3> <ul> <li> <strong>Commands</strong> are usually controlled at ingress and can be validated more strictly</li> <li> <strong>Events</strong> may have many consumers and require more conservative change management</li> </ul> <p>That is another reason to keep commands and events conceptually separate.</p> <h2> Governance and domain boundaries (the part teams often postpone) </h2> <p>A command bus is not just a technical component. It is a governance surface.</p> <p>If you skip governance, you will eventually get:</p> <ul> <li>inconsistent naming</li> <li>ambiguous ownership</li> <li>wildcard subscriptions everywhere</li> <li>unbounded fan-out</li> <li>accidental data exposure</li> <li>“shared bus chaos”</li> </ul> <h3> Governance principles I use </h3> <h4> 1) Explicit ownership by domain </h4> <p>Each command/event type should have a clear owner.</p> <p>Examples:</p> <ul> <li>Orders owns <code>CreateOrder</code>, <code>OrderCreated</code>, <code>OrderRejected</code> </li> <li>Inventory owns <code>ReserveInventory</code> (if exposed), <code>InventoryReserved</code> </li> <li>Payments owns <code>PaymentAuthorized</code>, <code>PaymentFailed</code> </li> </ul> <h4> 2) Naming conventions </h4> <p>I standardize at least:</p> <ul> <li> <code>source</code> values (e.g., <code>com.example.orders.workflow</code>)</li> <li> <code>detail-type</code> values (e.g., <code>OrderCreated</code>)</li> <li>envelope metadata keys</li> <li>versioning conventions</li> </ul> <p>This prevents drift and simplifies routing/analytics.</p> <h4> 3) Separate buses by concern (when warranted) </h4> <p>I often separate:</p> <ul> <li> <strong>command bus</strong> (internal command routing)</li> <li> <strong>domain event bus</strong> (business events)</li> <li>optional <strong>integration bus</strong> (external partner/integration events)</li> </ul> <p>In larger organizations, I may also separate by:</p> <ul> <li>environment (<code>dev</code>, <code>test</code>, <code>prod</code>)</li> <li>business domain</li> <li>account boundaries</li> <li>compliance/data residency needs</li> </ul> <h4> 4) Least privilege on publishers and subscribers </h4> <p>Producers should not be able to publish arbitrary event types to every bus. IAM and EventBridge resource policies should reflect domain boundaries.</p> <h4> 5) Data classification rules </h4> <p>Do not let sensitive payloads flow “because it is convenient.” Define:</p> <ul> <li>PII handling rules</li> <li>masking/redaction requirements</li> <li>retention policies</li> <li>replay restrictions</li> <li>external egress controls</li> </ul> <h2> Failure handling and resilience (what makes this production-grade) </h2> <p>Async architecture is easy to demo and hard to run well unless failure paths are designed intentionally.</p> <h3> Areas I design explicitly </h3> <h4> Idempotency </h4> <p>Commands can be retried by clients, gateways, or operators. Idempotency is non-negotiable for business writes.</p> <p>Use:</p> <ul> <li>client-provided idempotency key (preferred)</li> <li>server-generated fallback only as backup</li> <li>TTL on idempotency records to manage table growth</li> </ul> <h4> Retries and backoff </h4> <p>Retries should be defined per step, not copy-pasted blindly.</p> <p>Questions I ask:</p> <ul> <li>Is the step retry-safe?</li> <li>Is the downstream side effect idempotent?</li> <li>What is the blast radius if retried?</li> <li>Do I need jitter/backoff?</li> </ul> <h4> Dead-letter and replay </h4> <p>Some failures need operator intervention, not endless retries.</p> <p>I usually implement:</p> <ul> <li>DLQ for failed async processing where supported</li> <li>replay tooling with filters (by date, event type, correlation ID)</li> <li>safe replay mode (e.g., dry-run validation before reprocessing)</li> </ul> <h4> Compensation </h4> <p>Not every workflow can be truly atomic. For distributed business flows, compensation matters.</p> <p>Examples:</p> <ul> <li>if inventory reservation succeeds but payment later fails, release reservation</li> <li>if payment succeeds but order persistence fails, void/mark payment for manual review</li> </ul> <p>Step Functions makes these paths explicit and testable.</p> <h2> Testing strategy (what I actually test) </h2> <h3> 1) Contract tests </h3> <ul> <li>validate command/event envelopes against schemas</li> <li>enforce required metadata fields</li> <li>check backward compatibility rules</li> </ul> <h3> 2) Workflow tests </h3> <ul> <li>success path</li> <li>step-specific failure paths</li> <li>retries/timeouts</li> <li>compensation branches</li> </ul> <h3> 3) Consumer isolation tests </h3> <ul> <li>consumers should handle unknown fields</li> <li>consumers should tolerate duplicate events</li> <li>consumers should reject malformed payloads safely</li> </ul> <h3> 4) Observability assertions </h3> <ul> <li>logs include correlation IDs</li> <li>emitted events include causation/correlation metadata</li> <li>alarms trigger on failed workflows</li> </ul> <p>I treat observability metadata as part of the contract, not a nice-to-have.</p> <h2> When not to use this pattern </h2> <p>I like this pattern a lot, but I would not use it everywhere.</p> <p>I avoid it when:</p> <ul> <li>the flow is very simple and synchronous</li> <li>latency is critical and async orchestration adds unnecessary overhead</li> <li>the team is not ready to operate event-driven systems yet</li> <li>there is no real need for decoupling/auditability</li> <li>a direct service call is clearer and sufficient</li> </ul> <p>Architecture should reduce complexity, not relocate it.</p> <h2> A practical rollout plan (if you are introducing this incrementally) </h2> <p>If I were introducing this into an existing microservice platform, I would phase it in:</p> <h3> Phase 1: Standardize envelopes and correlation IDs </h3> <p>Keep current calls, but enforce consistent metadata.</p> <h3> Phase 2: Introduce EventBridge for non-critical domain events </h3> <p>Start with notifications/analytics fan-out.</p> <h3> Phase 3: Move one business workflow to Step Functions </h3> <p>Choose a flow with clear business value and observable pain today.</p> <h3> Phase 4: Add command routing and idempotent ingress </h3> <p>Introduce a command bus for selected workflows.</p> <h3> Phase 5: Formalize governance and contract checks </h3> <p>Naming, ownership, CI validation, replay procedures, IAM boundaries.</p> <p>This sequence reduces organizational friction while building platform confidence.</p> <h2> Final thoughts </h2> <p>The biggest advantage of a serverless command bus/workflow backbone is not just that it is “event-driven” or “serverless.” It is that it gives your microservices ecosystem a <strong>clear execution model</strong>:</p> <ul> <li>commands express intent</li> <li>workflows coordinate business actions</li> <li>events publish facts</li> <li>consumers react independently</li> <li>audit and tracing are built in</li> <li>governance is enforceable at boundaries</li> </ul> <p>That combination is what helps a platform scale across both <strong>services</strong> and <strong>teams</strong>.</p> <p>If I am building for long-term maintainability, this is one of the patterns I reach for early, especially when I know business workflows will grow in complexity and scrutiny.</p> <h2> References </h2> <ul> <li>AWS EventBridge documentation</li> <li>AWS Step Functions documentation</li> <li>AWS Lambda developer guide</li> <li>AWS API Gateway developer guide</li> <li>AWS CDK documentation</li> <li>AWS X-Ray and observability documentation</li> <li>AWS Well-Architected Framework (especially reliability and operational excellence guidance)</li> <li>Event-driven architecture patterns and domain-driven design references (commands/events, bounded contexts, integration events)</li> </ul> webdev programming microservices aws Building with API Gateway, Lambda and DynamoDB Single-Table Design for Multi-Tenant SaaS Renaldi Sun, 08 Mar 2026 22:00:00 +0000 https://dev.to/aws-builders/building-with-api-gateway-lambda-and-dynamodb-single-table-design-for-multi-tenant-saas-3cm3 https://dev.to/aws-builders/building-with-api-gateway-lambda-and-dynamodb-single-table-design-for-multi-tenant-saas-3cm3 <p>When I build multi-tenant SaaS on AWS, one of my favorite combinations is <strong>API Gateway + Lambda + DynamoDB</strong>. It gives me a clean serverless control plane, fast iteration, and a lot of flexibility in how I model data and enforce tenancy.</p> <p>In this post, I will walk through an end-to-end implementation pattern for a <strong>multi-tenant SaaS API</strong> using:</p> <ul> <li> <strong>Amazon API Gateway</strong> for API ingress</li> <li> <strong>AWS Lambda</strong> for business logic</li> <li> <strong>Amazon DynamoDB</strong> with a <strong>single-table design</strong> </li> <li> <strong>Amazon Cognito + JWT</strong> for authentication</li> <li> <strong>Per-tenant throttling and quotas</strong> using API Gateway usage plans (with a Lambda authorizer pattern)</li> </ul> <p>I will focus on the architectural and data modeling decisions that matter in production:</p> <ul> <li>Tenant isolation patterns</li> <li>Partition key design</li> <li>Hot partition mitigation</li> <li>GSIs for access patterns</li> <li>Auth context propagation (Cognito/JWT)</li> <li>Per-tenant throttling and quotas</li> </ul> <p>I will also include code and an implementation walkthrough so you can adapt the pattern to your own SaaS.</p> <h2> Why this stack works so well for multi-tenant SaaS </h2> <p>I like this stack because it lets me combine <strong>application-level tenancy controls</strong> with <strong>infrastructure-level scalability</strong>:</p> <ul> <li> <strong>API Gateway</strong> gives me request routing, auth integration, throttling, and observability.</li> <li> <strong>Lambda</strong> gives me a stateless execution layer where I can consistently apply tenant-aware logic.</li> <li> <strong>DynamoDB</strong> gives me low-latency reads/writes and a data model that can be shaped around access patterns, which is exactly what multi-tenant SaaS needs.</li> </ul> <p>The biggest challenge is not deploying these services. It is designing them so that one tenant cannot interfere with another tenant, and so that one noisy tenant does not dominate throughput.</p> <p>That is where the design details matter.</p> <h2> What I am building in this walkthrough </h2> <p>To make the examples concrete, I will use a simple <strong>B2B issue tracking SaaS</strong>:</p> <ul> <li>Each <strong>tenant</strong> is a customer organization</li> <li>Each tenant has: <ul> <li>users</li> <li>projects</li> <li>tickets</li> <li>comments</li> </ul> </li> <li>Users authenticate with <strong>Cognito</strong> </li> <li>API calls are authorized via JWT and mapped to a tenant context</li> <li>Data lives in one DynamoDB table (single-table design)</li> </ul> <p>Example endpoints:</p> <ul> <li><code>POST /projects/{projectId}/tickets</code></li> <li><code>GET /projects/{projectId}/tickets?status=OPEN</code></li> <li><code>GET /me/tickets</code></li> <li><code>POST /tickets/{ticketId}/comments</code></li> </ul> <p>Important design principle:</p> <blockquote> <p>I do not trust the client to tell me the tenant ID in the path/body for authorization purposes. I derive tenancy from the <strong>validated JWT</strong>, then enforce it in my Lambda logic and DynamoDB key design.</p> </blockquote> <h2> Architecture Overview </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxpcmu4r9xgxldubuqxoo.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxpcmu4r9xgxldubuqxoo.png" alt=" " width="800" height="391"></a></p> <p>This architecture uses:</p> <ol> <li> <strong>Cognito</strong> to issue JWTs</li> <li> <strong>API Gateway (REST API)</strong> as the front door</li> <li> <strong>Lambda Authorizer</strong> to validate JWT and inject normalized auth context</li> <li> <strong>Lambda handlers</strong> for business operations</li> <li> <strong>DynamoDB single table</strong> for all entities</li> <li> <strong>API Gateway usage plans</strong> for per-tenant throttling/quota (via authorizer metering key)</li> </ol> <p>I am intentionally using a <strong>Lambda authorizer</strong> (instead of only a native Cognito authorizer) because it lets me:</p> <ul> <li>normalize claims (<code>tenantId</code>, <code>roles</code>, <code>plan</code>)</li> <li>enforce custom auth checks</li> <li>return a <strong><code>usageIdentifierKey</code></strong> to support per-tenant usage plans and quotas in API Gateway REST API</li> </ul> <h2> End-to-end request flow (from login to DynamoDB write) </h2> <p>Let’s walk through a <code>POST /projects/{projectId}/tickets</code> call.</p> <ol> <li> <p><strong>User signs in via Cognito</strong></p> <ul> <li>Cognito issues a JWT (ID token or access token, depending your claim strategy)</li> <li>The token contains user identity and tenant-related claims (for example <code>tenant_id</code>, <code>plan</code>, <code>roles</code>)</li> </ul> </li> <li> <p><strong>Client calls API Gateway</strong></p> <ul> <li>Sends <code>Authorization: Bearer &lt;JWT&gt;</code> </li> </ul> </li> <li> <p><strong>API Gateway invokes Lambda Authorizer</strong></p> <ul> <li>Validates the JWT signature and issuer</li> <li>Extracts/normalizes claims</li> <li>Returns: <ul> <li>IAM policy (<code>Allow</code>)</li> <li> <code>context</code> (tenant ID, user ID, roles, plan)</li> <li> <code>usageIdentifierKey</code> (tenant-specific metering key for usage plan enforcement)</li> </ul> </li> </ul> </li> <li> <p><strong>API Gateway invokes Lambda handler</strong></p> <ul> <li>The handler reads the authorizer context from <code>event.requestContext.authorizer</code> </li> </ul> </li> <li> <p><strong>Lambda writes to DynamoDB</strong></p> <ul> <li>Uses tenant-prefixed keys and tenant-aware access patterns</li> <li>Applies conditional expressions as needed</li> <li>Writes base item + GSI attributes</li> </ul> </li> <li> <p><strong>CloudWatch metrics/logs capture telemetry</strong></p> <ul> <li>API Gateway request count/throttles</li> <li>Lambda duration/errors</li> <li>DynamoDB consumed capacity/throttles</li> </ul> </li> </ol> <p>This pattern keeps tenancy and throttling context consistent across the request path.</p> <h2> Tenant isolation patterns (and which one I am using) </h2> <p>Before writing a single key schema, I decide what kind of tenancy model I need.</p> <h3> 1) Silo model (strongest isolation) </h3> <p>Each tenant gets isolated infrastructure (separate table / account / stack).</p> <p><strong>Pros</strong></p> <ul> <li>Strong isolation</li> <li>Easier compliance stories for some customers</li> <li>No noisy neighbor at data layer</li> </ul> <p><strong>Cons</strong></p> <ul> <li>Higher operational overhead</li> <li>Harder fleet-wide schema changes</li> <li>More expensive for small tenants</li> </ul> <h3> 2) Pool model (shared infrastructure, tenant-aware app logic) </h3> <p>All tenants share the same infrastructure (same API, same Lambda, same table), but every request and every item is tenant-scoped.</p> <p><strong>Pros</strong></p> <ul> <li>Cost-efficient</li> <li>Operationally simpler for most SaaS products</li> <li>Scales well if keys are designed correctly</li> </ul> <p><strong>Cons</strong></p> <ul> <li>You must be disciplined about isolation in code and data model</li> <li>Hot partitions/noisy neighbors need mitigation</li> </ul> <h3> 3) Bridge model (hybrid) </h3> <p>Some tenants are pooled, some are siloed (for enterprise/compliance tiers).</p> <p><strong>Pros</strong></p> <ul> <li>Flexible business model</li> <li>Lets you upsell isolation</li> </ul> <p><strong>Cons</strong></p> <ul> <li>More deployment and routing complexity</li> </ul> <h3> What I am using here </h3> <p>For this post, I am using the <strong>pool model</strong> with strong tenant-aware design:</p> <ul> <li>Tenant ID is always derived from auth context</li> <li>DynamoDB keys are tenant-prefixed</li> <li>Access patterns are tenant-scoped</li> <li>API Gateway usage plans enforce per-tenant limits</li> <li>Lambda code refuses cross-tenant access even if a user manipulates IDs</li> </ul> <p>This is a very practical pattern for SaaS teams that want speed and scale without overbuilding day one.</p> <h2> Single-table design mindset for multi-tenant SaaS </h2> <p>A lot of DynamoDB pain comes from designing tables like relational schemas.</p> <p>I do the opposite: I start with <strong>access patterns</strong>, then design keys around them.</p> <h3> Access patterns I need </h3> <p>For this SaaS, I care about these reads/writes:</p> <ol> <li>Create a ticket in a project</li> <li>List tickets by project (optionally filtered by status)</li> <li>List tickets assigned to the current user</li> <li>Get a ticket by ID</li> <li>Add/list comments for a ticket</li> <li>List projects for a tenant</li> <li>Look up user membership / role in a tenant</li> </ol> <p>These access patterns will drive:</p> <ul> <li>primary key design (<code>PK</code>, <code>SK</code>)</li> <li>GSI design</li> <li>where I shard to avoid hot partitions</li> </ul> <h2> Partition key design (tenant-aware and access-pattern-first) </h2> <p>This is the part that usually makes or breaks multi-tenant DynamoDB.</p> <h3> A common mistake </h3> <p>A very common first attempt is:</p> <ul> <li><code>PK = TENANT#&lt;tenantId&gt;</code></li> <li><code>SK = &lt;everything else&gt;</code></li> </ul> <p>That can work for small tenants, but it becomes risky when a tenant is large or very active because <strong>all writes for that tenant</strong> concentrate on a small number of partitions.</p> <h3> My design approach </h3> <p>I still make keys tenant-aware, but I <strong>distribute writes across tenant sub-collections</strong>.</p> <p>I use patterns like:</p> <ul> <li> <code>PK = TENANT#&lt;tenantId&gt;</code> for tenant metadata and low-volume tenant-level items</li> <li> <code>PK = TENANT#&lt;tenantId&gt;#PROJECT#&lt;projectId&gt;</code> for project and ticket collections</li> <li> <code>PK = TENANT#&lt;tenantId&gt;#TICKET#&lt;ticketId&gt;</code> for ticket root + comments (if comment-heavy)</li> <li>Sharded GSIs (or write-sharded partitions) for high-volume list patterns</li> </ul> <p>This gives me tenant isolation without forcing every high-volume write into one tenant partition.</p> <h2> Example item model (single table) </h2> <p>I usually keep a few shared attributes on every item:</p> <ul> <li> <code>PK</code>, <code>SK</code> </li> <li><code>entityType</code></li> <li><code>tenantId</code></li> <li>timestamps (<code>createdAt</code>, <code>updatedAt</code>)</li> <li>optional GSI attributes (<code>GSI1PK</code>, <code>GSI1SK</code>, <code>GSI2PK</code>, <code>GSI2SK</code>)</li> </ul> <h3> Example items </h3> <h4> Tenant metadata </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"META"</span><span class="p">,</span><span class="w"> </span><span class="nl">"entityType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tenantId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Acme Corp"</span><span class="p">,</span><span class="w"> </span><span class="nl">"plan"</span><span class="p">:</span><span class="w"> </span><span class="s2">"pro"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T00:00:00Z"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> Project </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PROJECT#p_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"entityType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PROJECT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tenantId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"projectId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"p_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Platform"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T00:00:00Z"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> Ticket (project-scoped partition) </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123#PROJECT#p_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TICKET#tk_9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"entityType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TICKET"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tenantId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"projectId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"p_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ticketId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tk_9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"title"</span><span class="p">:</span><span class="w"> </span><span class="s2">"API returns 500 on retry"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OPEN"</span><span class="p">,</span><span class="w"> </span><span class="nl">"priority"</span><span class="p">:</span><span class="w"> </span><span class="s2">"HIGH"</span><span class="p">,</span><span class="w"> </span><span class="nl">"assigneeUserId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"u_77"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdByUserId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"u_12"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T01:00:00Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"updatedAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T01:00:00Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"GSI1PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123#PROJECT#p_001#STATUS#OPEN"</span><span class="p">,</span><span class="w"> </span><span class="nl">"GSI1SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UPDATED#2026-02-25T01:00:00Z#TICKET#tk_9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"GSI2PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123#ASSIGNEE#u_77"</span><span class="p">,</span><span class="w"> </span><span class="nl">"GSI2SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UPDATED#2026-02-25T01:00:00Z#TICKET#tk_9001"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> Comment (ticket-scoped partition) </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"PK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"TENANT#t_123#TICKET#tk_9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"SK"</span><span class="p">:</span><span class="w"> </span><span class="s2">"COMMENT#2026-02-25T01:05:00Z#c_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"entityType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"COMMENT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tenantId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"t_123"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ticketId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tk_9001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"commentId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"c_001"</span><span class="p">,</span><span class="w"> </span><span class="nl">"authorUserId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"u_12"</span><span class="p">,</span><span class="w"> </span><span class="nl">"body"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Investigating now"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T01:05:00Z"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Why this layout works </h3> <ul> <li>Tenant is embedded in every key path</li> <li>Tickets are grouped by project for efficient project views</li> <li>Comments are grouped by ticket for efficient comment threads</li> <li>User-assignee lookup is handled by GSI</li> <li>Status-based listing is handled by GSI</li> </ul> <p>This is a good default shape for many SaaS workloads.</p> <h2> GSIs for access patterns (and how I decide them) </h2> <p>I try to make every GSI exist for a <strong>specific query</strong>, not “just in case”.</p> <h3> GSI1: List tickets by project + status </h3> <p><strong>Use case:</strong> <code>GET /projects/{projectId}/tickets?status=OPEN</code></p> <ul> <li><code>GSI1PK = TENANT#&lt;tenantId&gt;#PROJECT#&lt;projectId&gt;#STATUS#&lt;status&gt;</code></li> <li><code>GSI1SK = UPDATED#&lt;timestamp&gt;#TICKET#&lt;ticketId&gt;</code></li> </ul> <p>This lets me list tickets by status and sort by most recent updates.</p> <h3> GSI2: List tickets assigned to a user </h3> <p><strong>Use case:</strong> <code>GET /me/tickets</code></p> <ul> <li><code>GSI2PK = TENANT#&lt;tenantId&gt;#ASSIGNEE#&lt;userId&gt;</code></li> <li><code>GSI2SK = UPDATED#&lt;timestamp&gt;#TICKET#&lt;ticketId&gt;</code></li> </ul> <p>This gives me a tenant-safe “my work” view.</p> <h3> Optional GSI3: Lookup by public ticket reference (if needed) </h3> <p>If you expose a user-friendly ticket reference like <code>ACME-194</code>, I may add a sparse GSI:</p> <ul> <li><code>GSI3PK = TENANT#&lt;tenantId&gt;#REF#ACME-194</code></li> <li><code>GSI3SK = TICKET#&lt;ticketId&gt;</code></li> </ul> <p>I do not add this unless I truly need it.</p> <h2> Hot partition mitigation (the part many examples skip) </h2> <p>A single-table design can be “correct” and still fail under traffic if hot partitions are ignored.</p> <p>Here are the patterns I use.</p> <h3> 1) Avoid concentrating all writes into one tenant root partition </h3> <p>If all writes use <code>PK = TENANT#&lt;tenantId&gt;</code>, a large tenant can get hot fast.</p> <p><strong>Mitigation:</strong> partition by natural sub-aggregates (project, ticket thread, etc.)</p> <h3> 2) Use write sharding for high-volume list/index patterns </h3> <p>Suppose one tenant has a huge number of ticket updates, and your status GSI gets hot.</p> <p>I can shard the GSI partition key:</p> <ul> <li><code>GSI1PK = TENANT#t_123#PROJECT#p_001#STATUS#OPEN#SHARD#03</code></li> </ul> <p>Then query multiple shards and merge results in Lambda.</p> <p>How do I pick the shard?</p> <ul> <li>Hash <code>ticketId</code> or <code>(ticketId + status)</code> into <code>N</code> buckets</li> <li>Start small (for example 4 or 8 shards)</li> <li>Increase if traffic grows</li> </ul> <p>Example helper:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">function</span> <span class="nf">shardFor</span><span class="p">(</span><span class="nx">value</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">shardCount</span> <span class="o">=</span> <span class="mi">8</span><span class="p">):</span> <span class="kr">string</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">hash</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="nx">i</span> <span class="o">&lt;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span><span class="p">;</span> <span class="nx">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="nx">hash</span> <span class="o">=</span> <span class="p">(</span><span class="nx">hash</span> <span class="o">*</span> <span class="mi">31</span> <span class="o">+</span> <span class="nx">value</span><span class="p">.</span><span class="nf">charCodeAt</span><span class="p">(</span><span class="nx">i</span><span class="p">))</span> <span class="o">&gt;&gt;&gt;</span> <span class="mi">0</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">shard</span> <span class="o">=</span> <span class="nx">hash</span> <span class="o">%</span> <span class="nx">shardCount</span><span class="p">;</span> <span class="k">return</span> <span class="nx">shard</span><span class="p">.</span><span class="nf">toString</span><span class="p">().</span><span class="nf">padStart</span><span class="p">(</span><span class="mi">2</span><span class="p">,</span> <span class="dl">"</span><span class="s2">0</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h3> 3) Separate write-heavy entities from read-heavy aggregations </h3> <p>If comments are very high volume, I often avoid mixing them in the same partition as ticket metadata.</p> <p>That is why in the example above I used:</p> <ul> <li>ticket record under <code>TENANT#...#PROJECT#...</code> </li> <li>comments under <code>TENANT#...#TICKET#...</code> </li> </ul> <h3> 4) Use on-demand capacity early, then tune if needed </h3> <p>For newer SaaS products, I often start with <strong>on-demand</strong> capacity because it reduces operational tuning.</p> <p>As traffic patterns stabilize, I decide whether provisioned + autoscaling is worth it.</p> <h3> 5) Watch metrics by access pattern, not just table-wide </h3> <p>I monitor:</p> <ul> <li>Throttled requests</li> <li>Consumed read/write capacity</li> <li>Latency by endpoint</li> <li>GSI-specific pressure</li> </ul> <p>If one endpoint is slow, I inspect whether the underlying key pattern is too concentrated.</p> <h2> Auth context propagation (Cognito/JWT -&gt; API Gateway -&gt; Lambda) </h2> <p>This is the glue that keeps tenant isolation consistent.</p> <h3> What I want from auth context </h3> <p>By the time my business Lambda runs, I want a normalized auth context like this:</p> <ul> <li><code>tenantId</code></li> <li><code>userId</code></li> <li><code>roles</code></li> <li><code>plan</code></li> <li>(optional) <code>scopes</code>, <code>email</code>, <code>orgId</code>, <code>isSupportUser</code> </li> </ul> <p>I do not want each Lambda handler parsing arbitrary JWT claims differently.</p> <h3> Cognito claim strategy </h3> <p>You have a few options:</p> <ul> <li>Use Cognito <strong>ID token</strong> claims directly (simpler if tenant custom attributes are on the user profile)</li> <li>Use <strong>Pre Token Generation</strong> trigger to inject normalized tenant claims into the token you use for APIs</li> <li>Use groups + custom claims for role/plan mapping</li> </ul> <p>For this post, I will assume the token contains:</p> <ul> <li><code>sub</code></li> <li> <code>custom:tenant_id</code> (or <code>tenant_id</code>)</li> <li> <code>custom:plan</code> (or <code>plan</code>)</li> <li><code>cognito:groups</code></li> </ul> <h2> Lambda Authorizer example (TypeScript) </h2> <p>This authorizer validates the Cognito JWT, extracts tenant context, and returns:</p> <ul> <li>an Allow policy</li> <li>authorizer context</li> <li> <code>usageIdentifierKey</code> (for per-tenant API Gateway usage plan metering)</li> </ul> <blockquote> <p>Note: In API Gateway REST APIs, <code>usageIdentifierKey</code> should be the <strong>API key value</strong> you want metered. In production, I usually map <code>tenantId -&gt; meteringKey</code> and return the metering key, not the raw tenant ID.<br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// authorizer.ts</span> <span class="k">import</span> <span class="kd">type</span> <span class="p">{</span> <span class="nx">APIGatewayTokenAuthorizerEvent</span><span class="p">,</span> <span class="nx">APIGatewayAuthorizerResult</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CognitoJwtVerifier</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-jwt-verify</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">userPoolId</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">USER_POOL_ID</span><span class="o">!</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">clientId</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">APP_CLIENT_ID</span><span class="o">!</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">verifier</span> <span class="o">=</span> <span class="nx">CognitoJwtVerifier</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="nx">userPoolId</span><span class="p">,</span> <span class="na">tokenUse</span><span class="p">:</span> <span class="dl">"</span><span class="s2">id</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// or "access" if your claims are injected there</span> <span class="nx">clientId</span><span class="p">,</span> <span class="p">});</span> <span class="kd">function</span> <span class="nf">buildPolicy</span><span class="p">(</span><span class="nx">principalId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">effect</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Allow</span><span class="dl">"</span> <span class="o">|</span> <span class="dl">"</span><span class="s2">Deny</span><span class="dl">"</span><span class="p">,</span> <span class="nx">resource</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">principalId</span><span class="p">,</span> <span class="na">policyDocument</span><span class="p">:</span> <span class="p">{</span> <span class="na">Version</span><span class="p">:</span> <span class="dl">"</span><span class="s2">2012-10-17</span><span class="dl">"</span><span class="p">,</span> <span class="na">Statement</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">Action</span><span class="p">:</span> <span class="dl">"</span><span class="s2">execute-api:Invoke</span><span class="dl">"</span><span class="p">,</span> <span class="na">Effect</span><span class="p">:</span> <span class="nx">effect</span><span class="p">,</span> <span class="na">Resource</span><span class="p">:</span> <span class="nx">resource</span><span class="p">,</span> <span class="p">},</span> <span class="p">],</span> <span class="p">},</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// Replace with a real lookup (DynamoDB / Secrets Manager / config service)</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">lookupMeteringKey</span><span class="p">(</span><span class="nx">tenantId</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">string</span><span class="o">&gt;</span> <span class="p">{</span> <span class="c1">// Example only. In production, return the API Gateway API key *value* assigned to that tenant.</span> <span class="k">return</span> <span class="s2">`meter-</span><span class="p">${</span><span class="nx">tenantId</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span> <span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayTokenAuthorizerEvent</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayAuthorizerResult</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">raw</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">authorizationToken</span> <span class="o">||</span> <span class="dl">""</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">raw</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="sr">/^Bearer</span><span class="se">\s</span><span class="sr">+/i</span><span class="p">,</span> <span class="dl">""</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">claims</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">verifier</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">token</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">tenantId</span> <span class="o">=</span> <span class="p">(</span><span class="nx">claims</span><span class="p">[</span><span class="dl">"</span><span class="s2">custom:tenant_id</span><span class="dl">"</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">)</span> <span class="o">??</span> <span class="p">(</span><span class="nx">claims</span><span class="p">[</span><span class="dl">"</span><span class="s2">tenant_id</span><span class="dl">"</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">tenantId</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Missing tenant claim</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">userId</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">claims</span><span class="p">.</span><span class="nx">sub</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">plan</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span> <span class="p">(</span><span class="nx">claims</span><span class="p">[</span><span class="dl">"</span><span class="s2">custom:plan</span><span class="dl">"</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">)</span> <span class="o">??</span> <span class="p">(</span><span class="nx">claims</span><span class="p">[</span><span class="dl">"</span><span class="s2">plan</span><span class="dl">"</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">)</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">free</span><span class="dl">"</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">groups</span> <span class="o">=</span> <span class="p">(</span><span class="nx">claims</span><span class="p">[</span><span class="dl">"</span><span class="s2">cognito:groups</span><span class="dl">"</span><span class="p">]</span> <span class="k">as</span> <span class="kr">string</span><span class="p">[]</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">)</span> <span class="o">??</span> <span class="p">[];</span> <span class="kd">const</span> <span class="nx">meteringKey</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">lookupMeteringKey</span><span class="p">(</span><span class="nx">tenantId</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">policy</span> <span class="o">=</span> <span class="nf">buildPolicy</span><span class="p">(</span><span class="nx">userId</span><span class="p">,</span> <span class="dl">"</span><span class="s2">Allow</span><span class="dl">"</span><span class="p">,</span> <span class="nx">event</span><span class="p">.</span><span class="nx">methodArn</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="p">...</span><span class="nx">policy</span><span class="p">,</span> <span class="na">context</span><span class="p">:</span> <span class="p">{</span> <span class="nx">tenantId</span><span class="p">,</span> <span class="nx">userId</span><span class="p">,</span> <span class="nx">plan</span><span class="p">,</span> <span class="na">rolesJson</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">groups</span><span class="p">),</span> <span class="p">},</span> <span class="na">usageIdentifierKey</span><span class="p">:</span> <span class="nx">meteringKey</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// API Gateway treats "Unauthorized" specially</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Unauthorized</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <h3> Why I normalize here instead of in every Lambda </h3> <p>This avoids duplicated auth parsing and reduces inconsistent authorization logic across handlers.</p> <p>It also gives me one place to:</p> <ul> <li>map plans</li> <li>map roles</li> <li>support internal support-user impersonation rules (if needed)</li> <li>connect metering/throttling to tenancy</li> </ul> <h2> Business Lambda: reading auth context and enforcing tenancy </h2> <p>Now let’s create a ticket.</p> <p>This handler:</p> <ul> <li>reads tenant context from the authorizer</li> <li>ignores any tenant ID in the request body</li> <li>writes a ticket item to DynamoDB using a tenant-prefixed key</li> <li>populates GSIs for list access patterns </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// create-ticket.ts</span> <span class="k">import</span> <span class="kd">type</span> <span class="p">{</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">APIGatewayProxyResult</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">,</span> <span class="nx">PutCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/lib-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">randomUUID</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">crypto</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">ddb</span> <span class="o">=</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="k">new</span> <span class="nc">DynamoDBClient</span><span class="p">({}));</span> <span class="kd">const</span> <span class="nx">TABLE_NAME</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">TABLE_NAME</span><span class="o">!</span><span class="p">;</span> <span class="kd">type</span> <span class="nx">AuthorizerCtx</span> <span class="o">=</span> <span class="p">{</span> <span class="na">tenantId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">userId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">plan</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">rolesJson</span><span class="p">?:</span> <span class="kr">string</span><span class="p">;</span> <span class="p">};</span> <span class="kd">function</span> <span class="nf">response</span><span class="p">(</span><span class="nx">statusCode</span><span class="p">:</span> <span class="kr">number</span><span class="p">,</span> <span class="nx">body</span><span class="p">:</span> <span class="nx">unknown</span><span class="p">):</span> <span class="nx">APIGatewayProxyResult</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">statusCode</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">body</span><span class="p">),</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">getAuthContext</span><span class="p">(</span><span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">):</span> <span class="nx">AuthorizerCtx</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">requestContext</span><span class="p">.</span><span class="nx">authorizer</span> <span class="o">??</span> <span class="p">{})</span> <span class="k">as</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nx">unknown</span><span class="o">&gt;</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tenantId</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">auth</span><span class="p">.</span><span class="nx">tenantId</span> <span class="o">??</span> <span class="dl">""</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">userId</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">auth</span><span class="p">.</span><span class="nx">userId</span> <span class="o">??</span> <span class="dl">""</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">plan</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">auth</span><span class="p">.</span><span class="nx">plan</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">free</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">rolesJson</span> <span class="o">=</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">rolesJson</span> <span class="p">?</span> <span class="nc">String</span><span class="p">(</span><span class="nx">auth</span><span class="p">.</span><span class="nx">rolesJson</span><span class="p">)</span> <span class="p">:</span> <span class="dl">"</span><span class="s2">[]</span><span class="dl">"</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">tenantId</span> <span class="o">||</span> <span class="o">!</span><span class="nx">userId</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Missing auth context</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">tenantId</span><span class="p">,</span> <span class="nx">userId</span><span class="p">,</span> <span class="nx">plan</span><span class="p">,</span> <span class="nx">rolesJson</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">shardFor</span><span class="p">(</span><span class="nx">value</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">shardCount</span> <span class="o">=</span> <span class="mi">8</span><span class="p">):</span> <span class="kr">string</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">hash</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="nx">i</span> <span class="o">&lt;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span><span class="p">;</span> <span class="nx">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="nx">hash</span> <span class="o">=</span> <span class="p">(</span><span class="nx">hash</span> <span class="o">*</span> <span class="mi">31</span> <span class="o">+</span> <span class="nx">value</span><span class="p">.</span><span class="nf">charCodeAt</span><span class="p">(</span><span class="nx">i</span><span class="p">))</span> <span class="o">&gt;&gt;&gt;</span> <span class="mi">0</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="nc">String</span><span class="p">(</span><span class="nx">hash</span> <span class="o">%</span> <span class="nx">shardCount</span><span class="p">).</span><span class="nf">padStart</span><span class="p">(</span><span class="mi">2</span><span class="p">,</span> <span class="dl">"</span><span class="s2">0</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyResult</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">tenantId</span><span class="p">,</span> <span class="nx">userId</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">getAuthContext</span><span class="p">(</span><span class="nx">event</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">projectId</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">pathParameters</span><span class="p">?.</span><span class="nx">projectId</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">projectId</span><span class="p">)</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">projectId is required</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">body</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">body</span> <span class="p">?</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">body</span><span class="p">)</span> <span class="p">:</span> <span class="p">{};</span> <span class="kd">const</span> <span class="nx">title</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">body</span><span class="p">.</span><span class="nx">title</span> <span class="o">??</span> <span class="dl">""</span><span class="p">).</span><span class="nf">trim</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">assigneeUserId</span> <span class="o">=</span> <span class="nx">body</span><span class="p">.</span><span class="nx">assigneeUserId</span> <span class="p">?</span> <span class="nc">String</span><span class="p">(</span><span class="nx">body</span><span class="p">.</span><span class="nx">assigneeUserId</span><span class="p">)</span> <span class="p">:</span> <span class="kc">undefined</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">priority</span> <span class="o">=</span> <span class="nx">body</span><span class="p">.</span><span class="nx">priority</span> <span class="p">?</span> <span class="nc">String</span><span class="p">(</span><span class="nx">body</span><span class="p">.</span><span class="nx">priority</span><span class="p">)</span> <span class="p">:</span> <span class="dl">"</span><span class="s2">MEDIUM</span><span class="dl">"</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">title</span><span class="p">)</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">title is required</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">ticketId</span> <span class="o">=</span> <span class="s2">`tk_</span><span class="p">${</span><span class="nf">randomUUID</span><span class="p">()}</span><span class="s2">`</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">().</span><span class="nf">toISOString</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">status</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">OPEN</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Optional GSI sharding for high-volume status lists</span> <span class="kd">const</span> <span class="nx">statusShard</span> <span class="o">=</span> <span class="nf">shardFor</span><span class="p">(</span><span class="nx">ticketId</span><span class="p">,</span> <span class="mi">8</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">item</span> <span class="o">=</span> <span class="p">{</span> <span class="na">PK</span><span class="p">:</span> <span class="s2">`TENANT#</span><span class="p">${</span><span class="nx">tenantId</span><span class="p">}</span><span class="s2">#PROJECT#</span><span class="p">${</span><span class="nx">projectId</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="na">SK</span><span class="p">:</span> <span class="s2">`TICKET#</span><span class="p">${</span><span class="nx">ticketId</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="na">entityType</span><span class="p">:</span> <span class="dl">"</span><span class="s2">TICKET</span><span class="dl">"</span><span class="p">,</span> <span class="nx">tenantId</span><span class="p">,</span> <span class="nx">projectId</span><span class="p">,</span> <span class="nx">ticketId</span><span class="p">,</span> <span class="nx">title</span><span class="p">,</span> <span class="nx">status</span><span class="p">,</span> <span class="nx">priority</span><span class="p">,</span> <span class="nx">assigneeUserId</span><span class="p">,</span> <span class="na">createdByUserId</span><span class="p">:</span> <span class="nx">userId</span><span class="p">,</span> <span class="na">createdAt</span><span class="p">:</span> <span class="nx">now</span><span class="p">,</span> <span class="na">updatedAt</span><span class="p">:</span> <span class="nx">now</span><span class="p">,</span> <span class="c1">// List tickets by project + status</span> <span class="na">GSI1PK</span><span class="p">:</span> <span class="s2">`TENANT#</span><span class="p">${</span><span class="nx">tenantId</span><span class="p">}</span><span class="s2">#PROJECT#</span><span class="p">${</span><span class="nx">projectId</span><span class="p">}</span><span class="s2">#STATUS#</span><span class="p">${</span><span class="nx">status</span><span class="p">}</span><span class="s2">#SHARD#</span><span class="p">${</span><span class="nx">statusShard</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="na">GSI1SK</span><span class="p">:</span> <span class="s2">`UPDATED#</span><span class="p">${</span><span class="nx">now</span><span class="p">}</span><span class="s2">#TICKET#</span><span class="p">${</span><span class="nx">ticketId</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="c1">// List tickets by assignee</span> <span class="p">...(</span><span class="nx">assigneeUserId</span> <span class="o">&amp;&amp;</span> <span class="p">{</span> <span class="na">GSI2PK</span><span class="p">:</span> <span class="s2">`TENANT#</span><span class="p">${</span><span class="nx">tenantId</span><span class="p">}</span><span class="s2">#ASSIGNEE#</span><span class="p">${</span><span class="nx">assigneeUserId</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="na">GSI2SK</span><span class="p">:</span> <span class="s2">`UPDATED#</span><span class="p">${</span><span class="nx">now</span><span class="p">}</span><span class="s2">#TICKET#</span><span class="p">${</span><span class="nx">ticketId</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">}),</span> <span class="p">};</span> <span class="k">await</span> <span class="nx">ddb</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span> <span class="k">new</span> <span class="nc">PutCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">TABLE_NAME</span><span class="p">,</span> <span class="na">Item</span><span class="p">:</span> <span class="nx">item</span><span class="p">,</span> <span class="na">ConditionExpression</span><span class="p">:</span> <span class="dl">"</span><span class="s2">attribute_not_exists(PK) AND attribute_not_exists(SK)</span><span class="dl">"</span><span class="p">,</span> <span class="p">})</span> <span class="p">);</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">201</span><span class="p">,</span> <span class="p">{</span> <span class="nx">ticketId</span><span class="p">,</span> <span class="nx">status</span><span class="p">,</span> <span class="na">createdAt</span><span class="p">:</span> <span class="nx">now</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">create-ticket failed</span><span class="dl">"</span><span class="p">,</span> <span class="nx">err</span><span class="p">);</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">500</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Internal server error</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <h3> Isolation note </h3> <p>The handler never accepts <code>tenantId</code> from the request body for authorization purposes.</p> <p>Even if a client sends a different tenant ID, it does not matter because the handler uses <code>tenantId</code> from the validated authorizer context.</p> <h2> Querying with GSIs (list tickets by project + status) </h2> <p>Now let’s implement <code>GET /projects/{projectId}/tickets?status=OPEN</code>.</p> <p>Because I sharded <code>GSI1PK</code>, I may need to query multiple shards and merge the results.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// list-project-tickets.ts</span> <span class="k">import</span> <span class="kd">type</span> <span class="p">{</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">APIGatewayProxyResult</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/client-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">,</span> <span class="nx">QueryCommand</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@aws-sdk/lib-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">ddb</span> <span class="o">=</span> <span class="nx">DynamoDBDocumentClient</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="k">new</span> <span class="nc">DynamoDBClient</span><span class="p">({}));</span> <span class="kd">const</span> <span class="nx">TABLE_NAME</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">TABLE_NAME</span><span class="o">!</span><span class="p">;</span> <span class="kd">function</span> <span class="nf">response</span><span class="p">(</span><span class="nx">statusCode</span><span class="p">:</span> <span class="kr">number</span><span class="p">,</span> <span class="nx">body</span><span class="p">:</span> <span class="nx">unknown</span><span class="p">):</span> <span class="nx">APIGatewayProxyResult</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">statusCode</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">body</span><span class="p">),</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">getTenantId</span><span class="p">(</span><span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">):</span> <span class="kr">string</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">requestContext</span><span class="p">.</span><span class="nx">authorizer</span> <span class="o">??</span> <span class="p">{})</span> <span class="k">as</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nx">unknown</span><span class="o">&gt;</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">tenantId</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">auth</span><span class="p">.</span><span class="nx">tenantId</span> <span class="o">??</span> <span class="dl">""</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">tenantId</span><span class="p">)</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Missing tenantId</span><span class="dl">"</span><span class="p">);</span> <span class="k">return</span> <span class="nx">tenantId</span><span class="p">;</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyResult</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">tenantId</span> <span class="o">=</span> <span class="nf">getTenantId</span><span class="p">(</span><span class="nx">event</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">projectId</span> <span class="o">=</span> <span class="nx">event</span><span class="p">.</span><span class="nx">pathParameters</span><span class="p">?.</span><span class="nx">projectId</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">status</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">queryStringParameters</span><span class="p">?.</span><span class="nx">status</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">OPEN</span><span class="dl">"</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">projectId</span><span class="p">)</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">400</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">projectId is required</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">shardCount</span> <span class="o">=</span> <span class="mi">8</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">queries</span> <span class="o">=</span> <span class="nb">Array</span><span class="p">.</span><span class="k">from</span><span class="p">({</span> <span class="na">length</span><span class="p">:</span> <span class="nx">shardCount</span> <span class="p">},</span> <span class="p">(</span><span class="nx">_</span><span class="p">,</span> <span class="nx">n</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">shard</span> <span class="o">=</span> <span class="nc">String</span><span class="p">(</span><span class="nx">n</span><span class="p">).</span><span class="nf">padStart</span><span class="p">(</span><span class="mi">2</span><span class="p">,</span> <span class="dl">"</span><span class="s2">0</span><span class="dl">"</span><span class="p">);</span> <span class="k">return</span> <span class="nx">ddb</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span> <span class="k">new</span> <span class="nc">QueryCommand</span><span class="p">({</span> <span class="na">TableName</span><span class="p">:</span> <span class="nx">TABLE_NAME</span><span class="p">,</span> <span class="na">IndexName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI1</span><span class="dl">"</span><span class="p">,</span> <span class="na">KeyConditionExpression</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI1PK = :pk</span><span class="dl">"</span><span class="p">,</span> <span class="na">ExpressionAttributeValues</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">:pk</span><span class="dl">"</span><span class="p">:</span> <span class="s2">`TENANT#</span><span class="p">${</span><span class="nx">tenantId</span><span class="p">}</span><span class="s2">#PROJECT#</span><span class="p">${</span><span class="nx">projectId</span><span class="p">}</span><span class="s2">#STATUS#</span><span class="p">${</span><span class="nx">status</span><span class="p">}</span><span class="s2">#SHARD#</span><span class="p">${</span><span class="nx">shard</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">},</span> <span class="na">Limit</span><span class="p">:</span> <span class="mi">25</span><span class="p">,</span> <span class="c1">// tune based on your UX pagination model</span> <span class="na">ScanIndexForward</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="c1">// newest first</span> <span class="p">})</span> <span class="p">);</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">results</span> <span class="o">=</span> <span class="k">await</span> <span class="nb">Promise</span><span class="p">.</span><span class="nf">all</span><span class="p">(</span><span class="nx">queries</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">items</span> <span class="o">=</span> <span class="nx">results</span><span class="p">.</span><span class="nf">flatMap</span><span class="p">((</span><span class="nx">r</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">r</span><span class="p">.</span><span class="nx">Items</span> <span class="o">??</span> <span class="p">[]);</span> <span class="c1">// Merge and sort in-memory because we queried multiple shards</span> <span class="nx">items</span><span class="p">.</span><span class="nf">sort</span><span class="p">((</span><span class="nx">a</span><span class="p">,</span> <span class="nx">b</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nc">String</span><span class="p">(</span><span class="nx">b</span><span class="p">.</span><span class="nx">updatedAt</span><span class="p">).</span><span class="nf">localeCompare</span><span class="p">(</span><span class="nc">String</span><span class="p">(</span><span class="nx">a</span><span class="p">.</span><span class="nx">updatedAt</span><span class="p">)));</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">200</span><span class="p">,</span> <span class="p">{</span> <span class="nx">items</span><span class="p">,</span> <span class="na">count</span><span class="p">:</span> <span class="nx">items</span><span class="p">.</span><span class="nx">length</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">list-project-tickets failed</span><span class="dl">"</span><span class="p">,</span> <span class="nx">err</span><span class="p">);</span> <span class="k">return</span> <span class="nf">response</span><span class="p">(</span><span class="mi">500</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Internal server error</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <h3> Tradeoff discussion </h3> <p>Sharding improves write scalability, but read logic is more complex because I need fan-out queries.</p> <p>That is a normal DynamoDB tradeoff. I only add this complexity for access patterns that actually need it.</p> <h2> Per-tenant throttling and quotas (API Gateway + authorizer metering) </h2> <p>This is one of the most useful SaaS controls and one of the least discussed implementation details.</p> <h3> What I want </h3> <p>I want to enforce limits like:</p> <ul> <li>Free tier tenant: lower RPS and daily quota</li> <li>Pro tier tenant: higher RPS and quota</li> <li>Enterprise tenant: custom limits</li> </ul> <h3> Why API Gateway usage plans help </h3> <p>API Gateway REST APIs support:</p> <ul> <li>throttling</li> <li>quotas</li> <li>API keys</li> <li>usage plans</li> </ul> <p>With a Lambda authorizer, I can return a <strong><code>usageIdentifierKey</code></strong> so API Gateway meters/throttles by a tenant-specific key, even when the client authenticates with JWT.</p> <h3> Important implementation note </h3> <p>For REST APIs, set <code>apiKeySourceType</code> to <code>AUTHORIZER</code> so the usage key comes from the authorizer rather than an <code>x-api-key</code> header.</p> <h3> CDK sketch (TypeScript) </h3> <p>Below is a simplified CDK sketch to show the pattern. You will need to adapt it to your stack structure.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">constructs</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">apigw</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-apigateway</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">lambda</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">dynamodb</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">MultiTenantApiStack</span> <span class="kd">extends</span> <span class="nc">cdk</span><span class="p">.</span><span class="nx">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">table</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">AppTable</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">PK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">sortKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">SK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">billingMode</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">BillingMode</span><span class="p">.</span><span class="nx">PAY_PER_REQUEST</span><span class="p">,</span> <span class="na">pointInTimeRecovery</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">removalPolicy</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">RemovalPolicy</span><span class="p">.</span><span class="nx">RETAIN</span><span class="p">,</span> <span class="p">});</span> <span class="nx">table</span><span class="p">.</span><span class="nf">addGlobalSecondaryIndex</span><span class="p">({</span> <span class="na">indexName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI1</span><span class="dl">"</span><span class="p">,</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI1PK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">sortKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI1SK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">projectionType</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">ProjectionType</span><span class="p">.</span><span class="nx">ALL</span><span class="p">,</span> <span class="p">});</span> <span class="nx">table</span><span class="p">.</span><span class="nf">addGlobalSecondaryIndex</span><span class="p">({</span> <span class="na">indexName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI2</span><span class="dl">"</span><span class="p">,</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI2PK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">sortKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">GSI2SK</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="na">projectionType</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">ProjectionType</span><span class="p">.</span><span class="nx">ALL</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">authorizerFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">AuthorizerFn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_20_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">"</span><span class="s2">authorizer.handler</span><span class="dl">"</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="dl">"</span><span class="s2">dist/authorizer</span><span class="dl">"</span><span class="p">),</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">USER_POOL_ID</span><span class="p">:</span> <span class="dl">"</span><span class="s2">your-user-pool-id</span><span class="dl">"</span><span class="p">,</span> <span class="na">APP_CLIENT_ID</span><span class="p">:</span> <span class="dl">"</span><span class="s2">your-app-client-id</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">createTicketFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">CreateTicketFn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_20_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">"</span><span class="s2">create-ticket.handler</span><span class="dl">"</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="dl">"</span><span class="s2">dist/create-ticket</span><span class="dl">"</span><span class="p">),</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">TABLE_NAME</span><span class="p">:</span> <span class="nx">table</span><span class="p">.</span><span class="nx">tableName</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">table</span><span class="p">.</span><span class="nf">grantReadWriteData</span><span class="p">(</span><span class="nx">createTicketFn</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">api</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">apigw</span><span class="p">.</span><span class="nc">RestApi</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">SaaSApi</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">restApiName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">multi-tenant-saas-api</span><span class="dl">"</span><span class="p">,</span> <span class="na">apiKeySourceType</span><span class="p">:</span> <span class="nx">apigw</span><span class="p">.</span><span class="nx">ApiKeySourceType</span><span class="p">.</span><span class="nx">AUTHORIZER</span><span class="p">,</span> <span class="c1">// key point for per-tenant metering</span> <span class="na">deployOptions</span><span class="p">:</span> <span class="p">{</span> <span class="na">stageName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">prod</span><span class="dl">"</span><span class="p">,</span> <span class="na">metricsEnabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">loggingLevel</span><span class="p">:</span> <span class="nx">apigw</span><span class="p">.</span><span class="nx">MethodLoggingLevel</span><span class="p">.</span><span class="nx">INFO</span><span class="p">,</span> <span class="na">dataTraceEnabled</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">throttlingBurstLimit</span><span class="p">:</span> <span class="mi">2000</span><span class="p">,</span> <span class="na">throttlingRateLimit</span><span class="p">:</span> <span class="mi">1000</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">tokenAuthorizer</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">apigw</span><span class="p">.</span><span class="nc">TokenAuthorizer</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">JwtAuthorizer</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">handler</span><span class="p">:</span> <span class="nx">authorizerFn</span><span class="p">,</span> <span class="na">resultsCacheTtl</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">5</span><span class="p">),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">projects</span> <span class="o">=</span> <span class="nx">api</span><span class="p">.</span><span class="nx">root</span><span class="p">.</span><span class="nf">addResource</span><span class="p">(</span><span class="dl">"</span><span class="s2">projects</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">projectId</span> <span class="o">=</span> <span class="nx">projects</span><span class="p">.</span><span class="nf">addResource</span><span class="p">(</span><span class="dl">"</span><span class="s2">{projectId}</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">tickets</span> <span class="o">=</span> <span class="nx">projectId</span><span class="p">.</span><span class="nf">addResource</span><span class="p">(</span><span class="dl">"</span><span class="s2">tickets</span><span class="dl">"</span><span class="p">);</span> <span class="nx">tickets</span><span class="p">.</span><span class="nf">addMethod</span><span class="p">(</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nx">apigw</span><span class="p">.</span><span class="nc">LambdaIntegration</span><span class="p">(</span><span class="nx">createTicketFn</span><span class="p">),</span> <span class="p">{</span> <span class="na">authorizer</span><span class="p">:</span> <span class="nx">tokenAuthorizer</span><span class="p">,</span> <span class="na">authorizationType</span><span class="p">:</span> <span class="nx">apigw</span><span class="p">.</span><span class="nx">AuthorizationType</span><span class="p">.</span><span class="nx">CUSTOM</span><span class="p">,</span> <span class="p">}</span> <span class="p">);</span> <span class="c1">// Example usage plan (create multiple plans for free/pro/enterprise)</span> <span class="kd">const</span> <span class="nx">freePlan</span> <span class="o">=</span> <span class="nx">api</span><span class="p">.</span><span class="nf">addUsagePlan</span><span class="p">(</span><span class="dl">"</span><span class="s2">FreePlan</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">free-tier-plan</span><span class="dl">"</span><span class="p">,</span> <span class="na">throttle</span><span class="p">:</span> <span class="p">{</span> <span class="na">rateLimit</span><span class="p">:</span> <span class="mi">50</span><span class="p">,</span> <span class="na">burstLimit</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="p">},</span> <span class="na">quota</span><span class="p">:</span> <span class="p">{</span> <span class="na">limit</span><span class="p">:</span> <span class="mi">100000</span><span class="p">,</span> <span class="na">period</span><span class="p">:</span> <span class="nx">apigw</span><span class="p">.</span><span class="nx">Period</span><span class="p">.</span><span class="nx">DAY</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">freePlan</span><span class="p">.</span><span class="nf">addApiStage</span><span class="p">({</span> <span class="nx">api</span><span class="p">,</span> <span class="na">stage</span><span class="p">:</span> <span class="nx">api</span><span class="p">.</span><span class="nx">deploymentStage</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// API keys that represent tenant metering identities.</span> <span class="c1">// In production, create one per tenant and associate with the correct plan.</span> <span class="kd">const</span> <span class="nx">tenantApiKey</span> <span class="o">=</span> <span class="nx">api</span><span class="p">.</span><span class="nf">addApiKey</span><span class="p">(</span><span class="dl">"</span><span class="s2">TenantApiKey_t_123</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">apiKeyName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">tenant-t_123-metering-key</span><span class="dl">"</span><span class="p">,</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// value can be auto-generated or explicitly set</span> <span class="p">});</span> <span class="nx">freePlan</span><span class="p">.</span><span class="nf">addApiKey</span><span class="p">(</span><span class="nx">tenantApiKey</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> How I usually operationalize this </h3> <ul> <li>Create usage plans by tier (<code>free</code>, <code>pro</code>, <code>enterprise</code>)</li> <li>Create an API key per tenant (metering identity)</li> <li>Store the key value (or a mapping) securely</li> <li>Have the authorizer return the correct <code>usageIdentifierKey</code> for the tenant</li> </ul> <p>This gives me a clean SaaS throttle/quota model without making clients manage API keys directly.</p> <h2> Authorization checks beyond JWT validation (critical for tenant safety) </h2> <p>JWT validation is not enough. I also enforce authorization in Lambda based on tenant and role.</p> <p>Examples:</p> <ul> <li>User can create tickets only in projects belonging to their tenant</li> <li>User can comment only on tickets in their tenant</li> <li>Support/admin actions require specific roles/scopes</li> <li>Cross-tenant resource IDs are rejected even if guessed</li> </ul> <h3> Example guard pattern </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">function</span> <span class="nf">requireRole</span><span class="p">(</span><span class="nx">rolesJson</span><span class="p">:</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">,</span> <span class="nx">allowed</span><span class="p">:</span> <span class="kr">string</span><span class="p">[])</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">roles</span> <span class="o">=</span> <span class="nx">rolesJson</span> <span class="p">?</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">rolesJson</span><span class="p">)</span> <span class="k">as</span> <span class="kr">string</span><span class="p">[]</span> <span class="p">:</span> <span class="p">[];</span> <span class="kd">const</span> <span class="nx">ok</span> <span class="o">=</span> <span class="nx">roles</span><span class="p">.</span><span class="nf">some</span><span class="p">((</span><span class="nx">r</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">allowed</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="nx">r</span><span class="p">));</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">err</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Forbidden</span><span class="dl">"</span><span class="p">);</span> <span class="p">(</span><span class="nx">err</span> <span class="k">as</span> <span class="kr">any</span><span class="p">).</span><span class="nx">statusCode</span> <span class="o">=</span> <span class="mi">403</span><span class="p">;</span> <span class="k">throw</span> <span class="nx">err</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>I typically build a small internal library for:</p> <ul> <li>auth context parsing</li> <li>role checks</li> <li>tenant-scoped key helpers</li> <li>common error responses</li> </ul> <p>That reduces drift across Lambda functions.</p> <h2> End-to-end implementation walkthrough </h2> <p>Here is a practical sequence I would follow to build this from scratch.</p> <h3> Step 1: Define your access patterns first </h3> <p>Before touching CloudFormation/CDK, write down:</p> <ul> <li>reads</li> <li>writes</li> <li>sorting/filtering requirements</li> <li>expected high-volume paths</li> </ul> <p>This will drive your <code>PK/SK</code> and GSI decisions.</p> <h3> Step 2: Set up Cognito and define tenant claims </h3> <p>Create a user pool and app client. Decide how tenant context appears in JWTs.</p> <p>I recommend normalizing these claims:</p> <ul> <li><code>tenant_id</code></li> <li><code>plan</code></li> <li> <code>roles</code> or <code>groups</code> </li> </ul> <p>If your current user profile attributes are inconsistent, fix that first. It will save a lot of pain later.</p> <h3> Step 3: Build the Lambda authorizer </h3> <p>Implement JWT validation and claim normalization.</p> <p>Outputs should include:</p> <ul> <li><code>tenantId</code></li> <li><code>userId</code></li> <li><code>rolesJson</code></li> <li><code>plan</code></li> <li> <code>usageIdentifierKey</code> (tenant metering key)</li> </ul> <h3> Step 4: Create DynamoDB single table + GSIs </h3> <p>Start with only the GSIs you need for your first release.</p> <p>A good initial setup:</p> <ul> <li>base table (<code>PK</code>, <code>SK</code>)</li> <li> <code>GSI1</code> for project+status ticket listing</li> <li> <code>GSI2</code> for assignee ticket listing</li> </ul> <h3> Step 5: Implement tenant-safe handlers </h3> <p>In every handler:</p> <ul> <li>parse auth context from API Gateway authorizer context</li> <li>derive keys from auth context</li> <li>never trust client-supplied tenant IDs for authorization</li> <li>use conditional expressions when appropriate</li> </ul> <h3> Step 6: Add per-tenant usage plans </h3> <p>Create:</p> <ul> <li>usage plans by tier</li> <li>API keys per tenant</li> <li>tenant -&gt; metering key mapping</li> </ul> <p>Then return the metering key in the Lambda authorizer.</p> <h3> Step 7: Test with real tokens and tenant boundary tests </h3> <p>I always run tests for:</p> <ul> <li>valid tenant access</li> <li>invalid token</li> <li>wrong tenant resource ID</li> <li>quota exceeded / throttle behavior</li> <li>large-tenant list/query traffic</li> </ul> <h2> Example request/response flow (local testing mindset) </h2> <h3> Create ticket request </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> POST <span class="se">\</span> <span class="s2">"https://{apiId}.execute-api.{region}.amazonaws.com/prod/projects/p_001/tickets"</span> <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Authorization: Bearer &lt;JWT&gt;"</span> <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{ "title": "API returns 500 on retry", "priority": "HIGH", "assigneeUserId": "u_77" }'</span> </code></pre> </div> <h3> Expected response </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"ticketId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tk_6b4d8e3e-...."</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OPEN"</span><span class="p">,</span><span class="w"> </span><span class="nl">"createdAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-02-25T01:00:00Z"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> List tickets by status </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="se">\</span> <span class="s2">"https://{apiId}.execute-api.{region}.amazonaws.com/prod/projects/p_001/tickets?status=OPEN"</span> <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Authorization: Bearer &lt;JWT&gt;"</span> </code></pre> </div> <h2> Common mistakes I see in this architecture </h2> <h3> 1) Trusting <code>tenantId</code> from the client </h3> <p>This is the fastest way to create cross-tenant data leaks.</p> <p><strong>Fix:</strong> derive tenant context from validated JWT and enforce server-side.</p> <h3> 2) Designing the table like a relational schema </h3> <p>DynamoDB single-table design is access-pattern driven, not entity-table driven.</p> <p><strong>Fix:</strong> start with queries and write paths first.</p> <h3> 3) Overusing one tenant root partition key </h3> <p>This can create hot partitions for large tenants.</p> <p><strong>Fix:</strong> use tenant-aware sub-collections and shard high-volume patterns.</p> <h3> 4) Adding too many GSIs early </h3> <p>Every GSI adds write amplification and operational cost.</p> <p><strong>Fix:</strong> add GSIs only for clear access patterns.</p> <h3> 5) Treating JWT validation as full authorization </h3> <p>A valid token does not mean a valid action.</p> <p><strong>Fix:</strong> layer role checks and tenant-resource checks in Lambda.</p> <h3> 6) Ignoring quota/throttling strategy until later </h3> <p>By the time you need it, retrofitting it can be messy.</p> <p><strong>Fix:</strong> establish a per-tenant metering pattern early (usage plans or app-level rate limiting).</p> <h2> When I would extend this design </h2> <p>As the SaaS grows, I often add:</p> <ul> <li> <strong>DynamoDB Streams</strong> for async workflows (notifications, audit, search indexing)</li> <li> <strong>SQS/EventBridge</strong> for background processing</li> <li> <strong>Fine-grained authorization model</strong> (RBAC/ABAC) beyond simple groups</li> <li><strong>Tenant-level feature flags</strong></li> <li> <strong>Audit log table</strong> (append-only) for compliance</li> <li> <strong>Support-user safe impersonation</strong> with strict audit trails</li> <li> <strong>Silo/bridge routing</strong> for enterprise tenants needing dedicated infrastructure</li> </ul> <p>The nice part is that the core pattern (API Gateway + Lambda + DynamoDB + normalized auth context) still holds.</p> <h2> Final thoughts </h2> <p>This stack is powerful because it lets me solve <strong>architecture and data modeling together</strong>.</p> <p>The API layer, auth model, and DynamoDB key design are not separate decisions in a multi-tenant SaaS. They are one system:</p> <ul> <li>Auth defines the tenant context</li> <li>The API propagates and enforces it</li> <li>The data model encodes it</li> <li>Throttling/quotas protect the platform from noisy neighbors</li> </ul> <p>If you get those four pieces aligned early, you can move fast without constantly revisiting foundational decisions.</p> <p>If I were building a new SaaS MVP today on AWS, this would still be one of my first choices.</p> <h2> References </h2> <ul> <li>Amazon API Gateway REST API documentation</li> <li>AWS Lambda developer guide</li> <li>Amazon DynamoDB developer guide</li> <li>DynamoDB single-table design patterns (AWS documentation and re:Invent talks)</li> <li>Amazon Cognito user pools and JWT token documentation</li> <li>API Gateway usage plans and API keys documentation</li> <li> <code>aws-jwt-verify</code> library documentation</li> <li>DynamoDB best practices for partition key design and adaptive capacity</li> <li>AWS Well-Architected Framework (Serverless Lens)</li> </ul> webdev programming typescript lambda Step Functions Distributed Map Best Practices for Large-Scale Batch Workloads Renaldi Sun, 01 Mar 2026 22:00:00 +0000 https://dev.to/aws-builders/step-functions-distributed-map-best-practices-for-large-scale-batch-workloads-55n2 https://dev.to/aws-builders/step-functions-distributed-map-best-practices-for-large-scale-batch-workloads-55n2 <p>When I need to process a very large dataset in parallel on AWS without standing up a whole batch platform, AWS Step Functions <strong>Distributed Map</strong> is one of the first tools I reach for.</p> <p>It gives me a clean orchestration layer for large-scale batch jobs while still letting me control concurrency, retries, failure thresholds, and output handling in a way that is production-friendly.</p> <p>In this post, I will walk through how I approach <strong>Distributed Map for large-scale batch workloads</strong>, with a focus on practical best practices I would actually use in a real system.</p> <h2> When I choose Distributed Map (and when I do not) </h2> <p>I typically consider <strong>Distributed Map</strong> when one or more of these are true:</p> <ul> <li>My dataset is too large to comfortably pass around as state input</li> <li>I would exceed normal inline <code>Map</code> limits or create a huge execution history</li> <li>I need high concurrency across many items</li> <li>My input already lives in S3 (CSV, JSON, object lists, etc.)</li> <li>I want a serverless orchestration layer and clear visibility into the run</li> </ul> <p>I usually <strong>do not</strong> start with Distributed Map if:</p> <ul> <li>The batch is small and an inline <code>Map</code> or a single Lambda is enough</li> <li>I need heavy distributed compute semantics (for example, Spark-style transformations)</li> <li>My processing requires very long-running per-item tasks that are better suited to another service design</li> </ul> <p>The key is to treat Distributed Map as an orchestration primitive for <strong>massively parallel item or batch processing</strong>, not as a replacement for every data platform.</p> <h2> Architecture at a glance </h2> <blockquote> <p><strong>Figure 1.</strong> Reference architecture for large-scale batch processing with Step Functions Distributed Map (S3 input, batched child workflows, ResultWriter, and observability).</p> </blockquote> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi9couhdi2uhu05pg02lw.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi9couhdi2uhu05pg02lw.png" alt=" " width="800" height="488"></a></p> <h2> Core best practices I use in production </h2> <h3> 1) Start with a lower <code>MaxConcurrency</code> and scale up deliberately </h3> <p>This is the biggest mistake I see: people let the workflow fan out too aggressively before validating downstream capacity.</p> <p>Distributed Map can run a very high number of child executions in parallel (AWS documents up to 10,000 parallel child workflow executions in distributed mode), which is great, but your <strong>downstream systems</strong> (Lambda concurrency, databases, APIs, third-party services) are usually the real bottleneck.</p> <p>What I do instead:</p> <ul> <li>Start with a conservative <code>MaxConcurrency</code> </li> <li>Load test with representative input</li> <li>Watch downstream latency, throttling, and error rates</li> <li>Increase concurrency gradually</li> </ul> <p>I treat <code>MaxConcurrency</code> as a <strong>safety valve</strong>, not just a performance knob.</p> <h3> 2) Use <code>ItemBatcher</code> for throughput and cost efficiency </h3> <p>If each item is tiny and the per-item work is short, processing one item per child execution can create unnecessary overhead.</p> <p>In those cases, I use <code>ItemBatcher</code> to group items into batches and process each batch in one child execution.</p> <p>Why this helps:</p> <ul> <li>Fewer child executions</li> <li>Fewer state transitions</li> <li>Better Lambda efficiency (especially for small records)</li> <li>Easier downstream write batching</li> </ul> <p>The tradeoff is that my worker logic must handle <code>Items[]</code> input and return a sensible batch-level result.</p> <h3> 3) Keep child outputs compact and use S3 for detailed results </h3> <p>A common anti-pattern is returning large payloads from every child execution. That creates pressure on Step Functions payload limits and makes debugging harder.</p> <p>My default pattern is:</p> <ul> <li>Child workflow returns a <strong>compact summary</strong> (counts, status, pointers)</li> <li>Worker writes detailed outputs/errors to S3 (if needed)</li> <li>Distributed Map uses <code>ResultWriter</code> to export consolidated execution results</li> </ul> <p>This keeps the orchestration layer lightweight while preserving traceability.</p> <h3> 4) Define explicit failure tolerance (<code>ToleratedFailure*</code>) for noisy datasets </h3> <p>Large batch workloads often contain some bad records. If I expect occasional malformed rows or downstream rejections, failing the entire Map Run on the first bad batch is usually too strict.</p> <p>I set one of these based on business tolerance:</p> <ul> <li><code>ToleratedFailurePercentage</code></li> <li><code>ToleratedFailureCount</code></li> </ul> <p>This lets me absorb known-noisy inputs while still failing fast when quality degrades beyond an acceptable threshold.</p> <p>Important design point: these thresholds apply to <strong>failed/timed-out child workflow executions</strong>, so I make sure my child workflow raises failures intentionally when a batch truly cannot be processed.</p> <h3> 5) Put retries and error handling inside the child workflow </h3> <p>I prefer retries at the point of failure (inside the <code>ItemProcessor</code> states), not only at the parent level.</p> <p>For example:</p> <ul> <li>Retry transient Lambda/service errors</li> <li>Catch and classify non-retryable failures</li> <li>Return a clear batch summary when possible</li> <li>Fail the child execution when the batch should count toward failure tolerance</li> </ul> <p>This gives me better control over what counts as a retryable blip versus a real batch failure.</p> <h3> 6) Choose child execution type intentionally (<code>EXPRESS</code> vs <code>STANDARD</code>) </h3> <p>Distributed Map runs inside a <strong>Standard</strong> parent state machine, but each child workflow can be <code>EXPRESS</code> or <code>STANDARD</code>.</p> <p>My practical rule of thumb:</p> <ul> <li>Use <strong>EXPRESS</strong> child workflows for high-throughput, shorter-running item/batch tasks</li> <li>Use <strong>STANDARD</strong> child workflows when I need longer-running orchestration or richer execution semantics</li> </ul> <p>I decide this early because it affects cost, runtime behavior, and observability patterns.</p> <h3> 7) Design the worker to be idempotent </h3> <p>At scale, retries and reprocessing happen. I assume they <em>will</em> happen.</p> <p>That means my batch worker should be idempotent, for example by:</p> <ul> <li>Using deterministic item IDs</li> <li>Recording processed item keys/checkpoints</li> <li>Using conditional writes (where supported)</li> <li>Writing outputs with deterministic object keys (or versioned prefixes)</li> </ul> <p>This makes retries safe and reduces cleanup work.</p> <h3> 8) Treat quotas and throttling as part of the design, not an afterthought </h3> <p>With large-scale fan-out, service quotas and API throttling become part of normal engineering.</p> <p>I usually validate:</p> <ul> <li>Step Functions quotas relevant to Distributed Map and Map Runs</li> <li> <code>StartExecution</code> / API throttling expectations</li> <li>Lambda concurrency and reserved concurrency</li> <li>Downstream service write capacity or request limits</li> </ul> <p>This saves a lot of pain later.</p> <h2> Example state machine (Distributed Map with batching and ResultWriter) </h2> <p>Below is a <strong>JSONPath-based</strong> example that shows a production-style shape I like to start from.</p> <p>What this example demonstrates:</p> <ul> <li>S3-backed input via <code>ItemReader</code> </li> <li> <code>ItemBatcher</code> to process multiple records per child execution</li> <li>Controlled parallelism via <code>MaxConcurrency</code> </li> <li>Failure tolerance via <code>ToleratedFailurePercentage</code> </li> <li> <code>ResultWriter</code> to S3</li> <li>Retries and a clear failure path inside the child workflow </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Large-scale batch processing with Distributed Map"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"RunDistributedBatch"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"RunDistributedBatch"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Map"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Label"</span><span class="p">:</span><span class="w"> </span><span class="s2">"BatchIngestV1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ItemReader"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ReaderConfig"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"InputType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CSV"</span><span class="p">,</span><span class="w"> </span><span class="nl">"CSVHeaderLocation"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FIRST_ROW"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::s3:getObject"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Bucket.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.input.bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Key.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.input.key"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ItemSelector"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"jobId.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.jobId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"record.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$$.Map.Item.Value"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ItemBatcher"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"MaxItemsPerBatch"</span><span class="p">:</span><span class="w"> </span><span class="mi">100</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"MaxConcurrency"</span><span class="p">:</span><span class="w"> </span><span class="mi">300</span><span class="p">,</span><span class="w"> </span><span class="nl">"ToleratedFailurePercentage"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"ItemProcessor"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ProcessorConfig"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Mode"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DISTRIBUTED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ExecutionType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"EXPRESS"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ProcessBatch"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ProcessBatch"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::lambda:invoke"</span><span class="p">,</span><span class="w"> </span><span class="nl">"OutputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.Payload"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"FunctionName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:ap-southeast-2:123456789012:function:batch-worker"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Payload.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Retry"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"Lambda.ServiceException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Lambda.AWSLambdaException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Lambda.SdkClientException"</span><span class="p">,</span><span class="w"> </span><span class="s2">"States.TaskFailed"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"IntervalSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"BackoffRate"</span><span class="p">:</span><span class="w"> </span><span class="mf">2.0</span><span class="p">,</span><span class="w"> </span><span class="nl">"MaxAttempts"</span><span class="p">:</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Catch"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"ErrorEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"States.ALL"</span><span class="p">],</span><span class="w"> </span><span class="nl">"ResultPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"MarkBatchFailed"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"MarkBatchFailed"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Fail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Cause"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Batch worker failed after retries"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ResultWriter"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"WriterConfig"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Transformation"</span><span class="p">:</span><span class="w"> </span><span class="s2">"COMPACT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"OutputType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"JSONL"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:::s3:putObject"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Parameters"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Bucket.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.resultWriter.bucket"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Prefix.$"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.resultWriter.prefix"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Notes on this definition (why I like this shape) </h3> <ul> <li>I use <code>ItemReader</code> so the parent execution input stays small</li> <li>I use <code>ItemBatcher</code> to reduce overhead for tiny records</li> <li>I set <code>MaxConcurrency</code> explicitly so I do not accidentally overwhelm downstream systems</li> <li>I use a <strong>small but non-zero</strong> failure tolerance only if the workload can tolerate some bad batches</li> <li>I use <code>ResultWriter</code> so the Map Run does not need to return a giant in-memory result array</li> </ul> <h2> Example batch worker (Python Lambda) </h2> <p>This is a simplified worker pattern I use for batched processing. The main ideas are:</p> <ul> <li>Accept <code>Items[]</code> from <code>ItemBatcher</code> </li> <li>Process each item safely</li> <li>Return a compact summary</li> <li>Fail the batch only when appropriate (so failure tolerance behaves meaningfully) </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">hashlib</span> <span class="kn">from</span> <span class="n">typing</span> <span class="kn">import</span> <span class="n">Dict</span><span class="p">,</span> <span class="n">Any</span><span class="p">,</span> <span class="n">List</span> <span class="k">def</span> <span class="nf">_stable_item_id</span><span class="p">(</span><span class="n">item</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">])</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="n">raw</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">item</span><span class="p">,</span> <span class="n">sort_keys</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">separators</span><span class="o">=</span><span class="p">(</span><span class="sh">"</span><span class="s">,</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">:</span><span class="sh">"</span><span class="p">))</span> <span class="k">return</span> <span class="n">hashlib</span><span class="p">.</span><span class="nf">sha256</span><span class="p">(</span><span class="n">raw</span><span class="p">.</span><span class="nf">encode</span><span class="p">(</span><span class="sh">"</span><span class="s">utf-8</span><span class="sh">"</span><span class="p">)).</span><span class="nf">hexdigest</span><span class="p">()</span> <span class="k">def</span> <span class="nf">handler</span><span class="p">(</span><span class="n">event</span><span class="p">:</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">],</span> <span class="n">context</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]:</span> <span class="c1"># When ItemBatcher is used, Step Functions passes batched input as {"Items": [...]} </span> <span class="n">items</span><span class="p">:</span> <span class="n">List</span><span class="p">[</span><span class="n">Dict</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]]</span> <span class="o">=</span> <span class="n">event</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">Items</span><span class="sh">"</span><span class="p">,</span> <span class="p">[])</span> <span class="n">successes</span> <span class="o">=</span> <span class="mi">0</span> <span class="n">failures</span> <span class="o">=</span> <span class="mi">0</span> <span class="n">failed_items</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">for</span> <span class="n">item_wrapper</span> <span class="ow">in</span> <span class="n">items</span><span class="p">:</span> <span class="c1"># In this example, ItemSelector wrapped the original row into {"jobId": ..., "record": ...} </span> <span class="n">record</span> <span class="o">=</span> <span class="n">item_wrapper</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">record</span><span class="sh">"</span><span class="p">,</span> <span class="p">{})</span> <span class="n">item_id</span> <span class="o">=</span> <span class="nf">_stable_item_id</span><span class="p">(</span><span class="n">record</span><span class="p">)</span> <span class="k">try</span><span class="p">:</span> <span class="c1"># Example validation (replace with real business logic) </span> <span class="k">if</span> <span class="ow">not</span> <span class="n">record</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">ValueError</span><span class="p">(</span><span class="sh">"</span><span class="s">Empty record</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># TODO: process the record (write to DynamoDB/S3/etc.) </span> <span class="c1"># Make downstream writes idempotent (conditional write / deterministic key) </span> <span class="n">successes</span> <span class="o">+=</span> <span class="mi">1</span> <span class="k">except</span> <span class="nb">Exception</span> <span class="k">as</span> <span class="n">exc</span><span class="p">:</span> <span class="n">failures</span> <span class="o">+=</span> <span class="mi">1</span> <span class="n">failed_items</span><span class="p">.</span><span class="nf">append</span><span class="p">({</span> <span class="sh">"</span><span class="s">itemId</span><span class="sh">"</span><span class="p">:</span> <span class="n">item_id</span><span class="p">,</span> <span class="sh">"</span><span class="s">error</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">exc</span><span class="p">)</span> <span class="p">})</span> <span class="n">total</span> <span class="o">=</span> <span class="nf">len</span><span class="p">(</span><span class="n">items</span><span class="p">)</span> <span class="n">failure_ratio</span> <span class="o">=</span> <span class="p">(</span><span class="n">failures</span> <span class="o">/</span> <span class="n">total</span><span class="p">)</span> <span class="k">if</span> <span class="n">total</span> <span class="k">else</span> <span class="mf">0.0</span> <span class="c1"># Business decision: </span> <span class="c1"># fail the child execution only when the batch quality is unacceptable. </span> <span class="k">if</span> <span class="n">total</span> <span class="o">==</span> <span class="mi">0</span> <span class="ow">or</span> <span class="n">failure_ratio</span> <span class="o">&gt;</span> <span class="mf">0.20</span> <span class="ow">or</span> <span class="n">successes</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span> <span class="k">raise</span> <span class="nc">RuntimeError</span><span class="p">(</span> <span class="sa">f</span><span class="sh">"</span><span class="s">Batch failed: successes=</span><span class="si">{</span><span class="n">successes</span><span class="si">}</span><span class="s">, failures=</span><span class="si">{</span><span class="n">failures</span><span class="si">}</span><span class="s">, total=</span><span class="si">{</span><span class="n">total</span><span class="si">}</span><span class="sh">"</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">PARTIAL_SUCCESS</span><span class="sh">"</span> <span class="k">if</span> <span class="n">failures</span> <span class="k">else</span> <span class="sh">"</span><span class="s">SUCCESS</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">totalItems</span><span class="sh">"</span><span class="p">:</span> <span class="n">total</span><span class="p">,</span> <span class="sh">"</span><span class="s">successes</span><span class="sh">"</span><span class="p">:</span> <span class="n">successes</span><span class="p">,</span> <span class="sh">"</span><span class="s">failures</span><span class="sh">"</span><span class="p">:</span> <span class="n">failures</span><span class="p">,</span> <span class="sh">"</span><span class="s">failedItemSample</span><span class="sh">"</span><span class="p">:</span> <span class="n">failed_items</span><span class="p">[:</span><span class="mi">10</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h3> Worker implementation tips I strongly recommend </h3> <ul> <li>Keep the response small</li> <li>Write detailed failure artifacts to S3 if you need full diagnostics</li> <li>Use deterministic keys / conditional writes for idempotency</li> <li>Separate retryable vs non-retryable exceptions in your code (if possible)</li> <li>Emit metrics (success count, failure count, latency) from the worker</li> </ul> <h2> One retry gotcha I always call out (important) </h2> <p>I am very careful with adding a <code>Retry</code> block on the <strong>Distributed Map state itself</strong>.</p> <p>Why? Because AWS documents that if you define retriers on the Distributed Map state, the retry policy applies to <strong>all child workflow executions started by that Map state</strong>, not just the one that failed. In practice, that can create a lot of duplicate work and surprise costs if you are not expecting it.</p> <p>My default approach:</p> <ul> <li>Put retries inside the child workflow first (fine-grained retries)</li> <li>Use Map-level <code>Retry</code> only when I intentionally want to rerun the whole Map state / Map Run behavior</li> <li>Make sure idempotency is in place before enabling broader retries</li> </ul> <h2> Observability and operations checklist (what I watch) </h2> <p>When I productionize this pattern, I monitor the workflow at three levels:</p> <h3> A) Parent state machine </h3> <ul> <li>Execution failures/timeouts</li> <li>End-to-end duration</li> <li>Throttling indicators (if any)</li> </ul> <h3> B) Map Run / child workflow level </h3> <ul> <li>Child execution success/failure trends</li> <li>Failure rate relative to my tolerated threshold</li> <li>Backlog behavior when concurrency is constrained</li> </ul> <h3> C) Worker and downstream systems </h3> <ul> <li>Lambda concurrency and duration</li> <li>Error rate and retries</li> <li>Database/API throttling</li> <li>Write latency and saturation</li> </ul> <p>I also make sure the team has a runbook for:</p> <ul> <li>What to do when failure tolerance is exceeded</li> <li>How to inspect Map Run details and failing child executions</li> <li>When and how to redrive after fixing data or IAM issues</li> </ul> <h2> Common mistakes I try to avoid </h2> <h3> 1) Leaving <code>MaxConcurrency</code> effectively unlimited </h3> <p>This can look great in testing and then melt a downstream dependency in production.</p> <h3> 2) Returning huge outputs from child workflows </h3> <p>This adds payload pressure and makes the state machine harder to operate.</p> <h3> 3) Using batch sizes without thinking about item size </h3> <p>Small records and large records behave very differently. Batch by both <strong>count</strong> and (if needed) <strong>input bytes</strong> based on your real data.</p> <h3> 4) Treating all failures the same </h3> <p>Malformed data, throttling, and transient AWS service errors should not all be handled identically.</p> <h3> 5) Skipping idempotency </h3> <p>At scale, retries are normal. Idempotency is what keeps retries safe.</p> <h2> A practical rollout strategy I use </h2> <p>If I am introducing Distributed Map into an existing system, I usually do it in phases:</p> <ol> <li><strong>Prototype with a small sample dataset</strong></li> <li><strong>Enable explicit <code>MaxConcurrency</code></strong></li> <li><strong>Add <code>ItemBatcher</code></strong></li> <li><strong>Add <code>ResultWriter</code> and compact outputs</strong></li> <li><strong>Load test with realistic record sizes</strong></li> <li><strong>Tune retries, batch size, and failure thresholds</strong></li> <li><strong>Document redrive/runbook steps</strong></li> </ol> <p>This sequence helps me avoid premature complexity while still landing on a production-grade design.</p> <h2> Final thoughts </h2> <p>Distributed Map is one of those features that becomes incredibly powerful once I stop thinking of it as “just a bigger map loop” and start treating it as a <strong>batch orchestration framework</strong> with explicit controls.</p> <p>The best results usually come from combining:</p> <ul> <li><strong>S3-backed input</strong></li> <li><strong>Deliberate concurrency limits</strong></li> <li><strong>Batched child processing</strong></li> <li><strong>Compact outputs + S3 result export</strong></li> <li><strong>Clear failure semantics</strong></li> <li><strong>Good observability and runbooks</strong></li> </ul> <p>That combination gives me something that scales well and is still operationally sane.</p> <h2> References </h2> <ul> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/state-map-distributed.html" rel="noopener noreferrer">AWS Step Functions: Distributed Map (Developer Guide)</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/state-map.html" rel="noopener noreferrer">AWS Step Functions: Map state (inline vs distributed)</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/input-output-itemreader.html" rel="noopener noreferrer">AWS Step Functions: ItemReader (Map)</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/input-output-itembatcher.html" rel="noopener noreferrer">AWS Step Functions: ItemBatcher (Map)</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/input-output-resultwriter.html" rel="noopener noreferrer">AWS Step Functions: ResultWriter (Map)</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/concepts-examine-map-run.html" rel="noopener noreferrer">AWS Step Functions: Viewing a Distributed Map Run execution</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/procedure-cw-metrics.html" rel="noopener noreferrer">AWS Step Functions: Monitoring metrics with CloudWatch</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/redrive-map-run.html" rel="noopener noreferrer">AWS Step Functions: Redriving Map Runs</a></li> <li><a href="https://docs.aws.amazon.com/step-functions/latest/dg/service-quotas.html" rel="noopener noreferrer">AWS Step Functions: Service quotas</a></li> <li><a href="https://catalog.workshops.aws/large-scale-data-processing-with-step-functions/en-US" rel="noopener noreferrer">AWS Step Functions Workshop: Large-scale data processing</a></li> </ul> architecture aws distributedsystems serverless How to Monitor Event Delivery in Amazon EventBridge Renaldi Wed, 25 Feb 2026 05:06:19 +0000 https://dev.to/aws-builders/how-to-monitor-event-delivery-in-amazon-eventbridge-4bno https://dev.to/aws-builders/how-to-monitor-event-delivery-in-amazon-eventbridge-4bno <p>When I first started using Amazon EventBridge more heavily, I realized something important pretty quickly: <strong>it is very easy to build event-driven flows, but much harder to know when delivery is degrading before things break</strong>.</p> <p>This post is specifically about <strong>best practices for monitoring event delivery in EventBridge</strong> (not just target-side application monitoring). AWS actually has strong guidance here, and the key is to monitor <strong>a combination of retry, success, failure, DLQ, and latency metrics</strong> together instead of looking at a single number in isolation. </p> <p>I’ll walk through:</p> <ul> <li>what to monitor</li> <li>what I alert on (and why)</li> <li>an architecture pattern that works well</li> <li>practical alarm design so you do not get spammed all day</li> </ul> <h2> Why this matters </h2> <p>AWS recommends monitoring EventBridge delivery behavior because underperforming or undersized targets can cause <strong>excessive retries, delivery delays, and permanent delivery failures</strong>. They also explicitly recommend combining multiple metrics and setting alarms/dashboards for early detection.</p> <p>Also, by default, EventBridge retries failed target delivery for <strong>up to 24 hours and up to 185 times</strong> (with exponential backoff and jitter). If retries are exhausted, the event is dropped unless you configured a DLQ.</p> <p>That default behavior is great for resilience, but it also means a problem can quietly turn into a backlog / latency issue if you are not watching the right signals.</p> <h2> The architecture I use for monitoring EventBridge delivery </h2> <p>Here is the monitoring architecture pattern I like for production workloads.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe822qmqcc5wdthhjfuzv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe822qmqcc5wdthhjfuzv.png" alt=" " width="800" height="236"></a></p> <h3> Best-practice notes in this architecture </h3> <ul> <li>I prefer <strong>a DLQ per rule target</strong> (or at least per critical target path), because AWS recommends configuring a dead-letter queue for each rule target to avoid losing undelivered events.</li> <li>I keep <strong>CloudWatch alarms on EventBridge metrics</strong> and <strong>separate alarms on the target service</strong> (for example Lambda errors, API 5xx, Step Functions failures). EventBridge tells me about delivery behavior; target metrics tell me what is happening after delivery.</li> <li>I treat the DLQ as a <strong>diagnostics feed</strong>, not just a parking lot.</li> </ul> <h2> The core EventBridge metrics I monitor (and why) </h2> <p>AWS’s EventBridge best-practices page specifically calls out a small set of metrics for delivery monitoring, and I use those as the foundation.</p> <h3> 1) <code>InvocationAttempts</code> </h3> <p>This is the <strong>total number of times EventBridge attempted to invoke a target</strong>, including retries.</p> <p>Why I care:</p> <ul> <li>It gives me the denominator for delivery health.</li> <li>It helps me see if retries are inflating traffic to a struggling target.</li> </ul> <h3> 2) <code>SuccessfulInvocationAttempts</code> </h3> <p>This is the number of invocation attempts where EventBridge successfully delivered the event to the target.</p> <p>Why I care:</p> <ul> <li>It is the numerator for a success-rate metric.</li> <li>On its own, it can look healthy even when retries are growing, so I always compare it with <code>InvocationAttempts</code>.</li> </ul> <h3> 3) <code>RetryInvocationAttempts</code> </h3> <p>This is the number of invocation attempts that were retries. AWS explicitly says an increase here may be an early indication of an undersized target.</p> <p>Why I care:</p> <ul> <li>This is usually my <strong>earliest warning signal</strong>.</li> <li>I can catch target stress before it becomes permanent failure.</li> </ul> <h3> 4) <code>FailedInvocations</code> </h3> <p>This is the number of invocations that <strong>failed permanently</strong> (not retried, or not recovered after retry), with some exclusions noted in the metric definition.</p> <p>Why I care:</p> <ul> <li>This is a direct “something is broken” signal.</li> <li>If this rises and there is no DLQ, I am at risk of event loss after retries are exhausted.</li> </ul> <h3> 5) <code>InvocationsSentToDlq</code> </h3> <p>This is the number of invocations moved to a dead-letter queue.</p> <p>Why I care:</p> <ul> <li>This tells me failed deliveries are now becoming <strong>operational work</strong>.</li> <li>Even if the system is “surviving,” this still means customers or downstream processes may be impacted.</li> </ul> <h3> 6) <code>InvocationsFailedToBeSentToDlq</code> </h3> <p>This is the nightmare metric: EventBridge tried to move failed invocations to the DLQ but could not (for example due to permissions, unavailable resource, or size issues). AWS documents this metric and notes it is emitted only when non-zero.</p> <p>Why I care:</p> <ul> <li>This is a <strong>critical alarm</strong> for me.</li> <li>It means my failure safety net is not working.</li> </ul> <h3> 7) <code>IngestionToInvocationSuccessLatency</code> </h3> <p>AWS recommends this latency metric for detecting event delivery delays. It measures end-to-end latency from ingestion to successful delivery and can surface delays from retries, timeouts, or slow target responses. It also includes the target’s time to respond successfully.</p> <p>Why I care:</p> <ul> <li>This catches degraded delivery even when there are no obvious hard failures.</li> <li>It is great for detecting “everything is technically working, but much slower than usual.”</li> </ul> <h2> The most useful derived metric: <code>SuccessfulInvocationRate</code> </h2> <p>AWS explicitly recommends combining metrics and even gives a metric math example:</p> <p><code>SuccessfulInvocationRate = SuccessfulInvocationAttempts / InvocationAttempts</code><br> I strongly agree with this. In practice, I always graph and alert on a success rate, not just raw counts.</p> <h3> CloudWatch metric math expression (example) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>SuccessfulInvocationRate = SuccessfulInvocationAttempts / InvocationAttempts </code></pre> </div> <h3> My practical implementation tip </h3> <p>I only evaluate this alarm when there is meaningful traffic. Otherwise, low-volume rules can produce noisy alerts (for example, 1 failed attempt on a rarely used rule).</p> <p>A common pattern is:</p> <ul> <li>a <strong>volume guard</strong> (enough attempts in the window)</li> <li>plus a <strong>success-rate threshold</strong> </li> </ul> <h2> What I alert on (my starting best-practice alarm set) </h2> <p>Below is a practical alert set I use as a starting point. The exact thresholds should be tuned to your workload and business SLOs.</p> <blockquote> <p>I treat these as <strong>starting thresholds</strong>, not universal truths.</p> </blockquote> <h3> Alert 1 (Critical): <code>InvocationsFailedToBeSentToDlq &gt; 0</code> </h3> <p><strong>Severity:</strong> P1 / Critical<br><br> <strong>Why:</strong> The DLQ safety net itself is failing. AWS notes this can happen due to permission issues, unavailable resources, or size limits.</p> <p><strong>What I do immediately</strong></p> <ul> <li>Check SQS queue existence and region</li> <li>Check SQS resource policy / permissions</li> <li>Check encryption / access configuration if applicable</li> <li>Check message size / payload patterns</li> </ul> <h3> Alert 2 (High): <code>FailedInvocations &gt; 0</code> on critical rules </h3> <p><strong>Severity:</strong> P1 or P2 (depends on rule criticality)<br><br> <strong>Why:</strong> Permanent delivery failure is already happening. AWS documents <code>FailedInvocations</code> as permanently failed invocations.</p> <p><strong>Best practice</strong></p> <ul> <li>Scope alarms <strong>per rule</strong> for critical paths</li> <li>Route alerts to the owning team, not one giant shared channel</li> </ul> <h3> Alert 3 (High): <code>InvocationsSentToDlq &gt; 0</code> </h3> <p><strong>Severity:</strong> P2 (or P1 for critical business flows)<br><br> <strong>Why:</strong> Failures are being captured safely, but delivery is still failing and backlog is building. AWS best-practice guidance specifically calls out watching <code>FailedInvocations</code> and <code>InvocationsSentToDlq</code>.</p> <p><strong>What I do</strong></p> <ul> <li>Triage DLQ message attributes (<code>ERROR_CODE</code>, <code>ERROR_MESSAGE</code>, <code>RETRY_ATTEMPTS</code>, etc.) to identify the root cause faster. EventBridge includes these attributes in DLQ messages.</li> </ul> <h3> Alert 4 (Warning): <code>RetryInvocationAttempts</code> rising above baseline </h3> <p><strong>Severity:</strong> Warning / P3<br><br> <strong>Why:</strong> AWS says an increase may be an early indication of an undersized target.</p> <p>This is one of my favorite early-warning alerts.</p> <p><strong>How I tune it</strong></p> <ul> <li>For steady traffic: alert on absolute count per period</li> <li>For bursty traffic: alert on retry rate (retry attempts / invocation attempts)</li> <li>Use a longer evaluation window to avoid false positives during short spikes</li> </ul> <h3> Alert 5 (Warning/High): <code>SuccessfulInvocationRate</code> below threshold </h3> <p><strong>Severity:</strong> Warning or P2<br><br> <strong>Why:</strong> This gives a single health signal that accounts for retries and success together (exactly what AWS recommends via metric math).</p> <p><strong>Example starting thresholds</strong></p> <ul> <li>Warning: <code>&lt; 99.9%</code> for 10 minutes (high-volume, sensitive systems)</li> <li>High: <code>&lt; 99%</code> for 5–10 minutes</li> <li>Critical: <code>&lt; 95%</code> for 5 minutes on critical paths</li> </ul> <p>Again, tune these to your business tolerance.</p> <h3> Alert 6 (Warning): <code>IngestionToInvocationSuccessLatency</code> p95/p99 above baseline </h3> <p><strong>Severity:</strong> Warning or P2<br><br> <strong>Why:</strong> AWS recommends using this metric to detect delays, and it surfaces retry effects and slow target responses.</p> <p><strong>My recommendation</strong></p> <ul> <li>Alert on <strong>p95</strong> or <strong>p99</strong> rather than average</li> <li>Use a baseline per rule (or per target type), because latency expectations differ a lot</li> </ul> <h3> Alert 7 (Warning): <code>ThrottledRules &gt; 0</code> </h3> <p><strong>Severity:</strong> Warning / P2 if persistent<br><br> <strong>Why:</strong> AWS documents that throttled rule executions may delay invocations.</p> <p>This is especially useful when traffic grows and quota pressure starts to show up.</p> <h2> My dashboard layout (simple but effective) </h2> <p>I try not to overcomplicate the dashboard. I keep one dashboard section per critical rule / target path, and I always put these together:</p> <h3> Panel group A: Delivery health </h3> <ul> <li><code>InvocationAttempts</code></li> <li><code>SuccessfulInvocationAttempts</code></li> <li><code>RetryInvocationAttempts</code></li> <li><code>FailedInvocations</code></li> <li><code>InvocationsSentToDlq</code></li> </ul> <h3> Panel group B: Delivery quality </h3> <ul> <li> <code>SuccessfulInvocationRate</code> (metric math)</li> <li> <code>IngestionToInvocationSuccessLatency</code> (p50, p95, p99)</li> </ul> <h3> Panel group C: Protection / risk </h3> <ul> <li><code>InvocationsFailedToBeSentToDlq</code></li> <li><code>ThrottledRules</code></li> </ul> <p>This matches AWS’s “combine multiple metrics for a holistic overview” guidance, and in practice it makes troubleshooting much faster.</p> <h2> Practical runbook: how I interpret the pattern combinations </h2> <p>This is the part that saves the most time during incidents.</p> <h3> Pattern 1: Retries rising, success rate still high </h3> <p><strong>Likely meaning:</strong> target is stressed but still mostly coping<br><br> <strong>Metrics pattern:</strong></p> <ul> <li> <code>RetryInvocationAttempts</code> up</li> <li> <code>SuccessfulInvocationRate</code> mostly stable</li> <li>latency rising (<code>IngestionToInvocationSuccessLatency</code>)</li> </ul> <p><strong>What I check</strong></p> <ul> <li>target concurrency / scaling</li> <li>downstream dependency latency</li> <li>throttling on target service</li> </ul> <h3> Pattern 2: Retries rising, success rate dropping, DLQ starts filling </h3> <p><strong>Likely meaning:</strong> target is underprovisioned or misconfigured<br><br> <strong>Metrics pattern:</strong></p> <ul> <li> <code>RetryInvocationAttempts</code> up</li> <li> <code>SuccessfulInvocationRate</code> down</li> <li> <code>InvocationsSentToDlq</code> &gt; 0</li> </ul> <p><strong>What I check</strong></p> <ul> <li>target capacity / rate limits</li> <li>permission changes</li> <li>endpoint availability / DNS / networking</li> <li>recent deployments</li> </ul> <h3> Pattern 3: Failed invocations and DLQ-send failures </h3> <p><strong>Likely meaning:</strong> primary path failing and safety net misconfigured<br><br> <strong>Metrics pattern:</strong></p> <ul> <li> <code>FailedInvocations</code> &gt; 0</li> <li> <code>InvocationsFailedToBeSentToDlq</code> &gt; 0</li> </ul> <p><strong>What I do</strong></p> <ul> <li>page immediately</li> <li>validate DLQ queue, region, permissions, and policy</li> <li>verify EventBridge can <code>SendMessage</code> to the SQS DLQ</li> </ul> <p>AWS’s DLQ guidance includes permission requirements and examples, and this is the first place I look when DLQ delivery fails.</p> <h2> Common mistakes I see (and try to avoid) </h2> <h3> 1) Only alerting on <code>FailedInvocations</code> </h3> <p>This catches issues late. By the time permanent failures show up, you may already have retries, delays, and customer impact.</p> <p><strong>Better:</strong> also alert on retries and latency.</p> <h3> 2) No DLQ configured </h3> <p>AWS explicitly recommends configuring a DLQ for each rule target to avoid losing undelivered events.</p> <h3> 3) No alarm on <code>InvocationsFailedToBeSentToDlq</code> </h3> <p>This is the “we thought we were safe, but we are not” blind spot.</p> <h3> 4) One global alarm for all rules </h3> <p>This creates noisy alerts and slow triage.</p> <p><strong>Better:</strong> alarm <strong>per critical rule / target path</strong>, and map ownership.</p> <h3> 5) Using static latency thresholds with no baseline thinking </h3> <p>Different targets behave differently. A Lambda target and an API destination will not share the same normal latency profile.</p> <h2> A practical starting checklist (copy this into your ops notes) </h2> <ul> <li>[ ] Configure <strong>DLQ for each critical EventBridge rule target</strong> </li> <li>[ ] Alarm on <code>InvocationsFailedToBeSentToDlq &gt; 0</code> (critical)</li> <li>[ ] Alarm on <code>FailedInvocations &gt; 0</code> for critical rules</li> <li>[ ] Alarm on <code>InvocationsSentToDlq &gt; 0</code> for critical rules</li> <li>[ ] Track <code>RetryInvocationAttempts</code> trend (early warning)</li> <li>[ ] Create <code>SuccessfulInvocationRate</code> metric math and alert on sustained dips</li> <li>[ ] Track <code>IngestionToInvocationSuccessLatency</code> p95/p99 and alert on sustained increase</li> <li>[ ] Add <code>ThrottledRules</code> alert if traffic growth is expected</li> <li>[ ] Build per-rule dashboards for critical flows </li> <li>[ ] Document a DLQ triage + replay runbook</li> </ul> <h2> Final thoughts </h2> <p>If I had to summarize the best practice in one sentence, it would be this:</p> <p><strong>Do not monitor EventBridge delivery with a single failure metric. Monitor retries, success rate, DLQ activity, and delivery latency together.</strong></p> <p>That combination gives me an early warning signal, a confirmed-failure signal, and a customer-impact signal, which is exactly what I want in production.</p> <h2> References </h2> <ul> <li>AWS EventBridge monitoring best practices for event delivery (recommended metrics, success-rate metric math, retries/DLQ guidance). (<a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-monitoring-events-best-practices.html" rel="noopener noreferrer">AWS Documentation</a>) </li> <li>AWS EventBridge monitoring metrics reference (<code>AWS/Events</code> metrics and definitions). (<a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-monitoring.html" rel="noopener noreferrer">AWS Documentation</a>) </li> <li>AWS EventBridge retry behavior (default retry duration and count). (<a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-retry-policy.html" rel="noopener noreferrer">AWS Documentation</a>) </li> <li>AWS EventBridge DLQ guidance (DLQ behavior, limitations, permissions, message attributes). (<a href="https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-dlq.html" rel="noopener noreferrer">AWS Documentation</a>)</li> </ul> aws eventbridge eventdriven webdev Efficiently Handling High Concurrency with AWS Lambda SnapStart: A Step-by-Step Guide Renaldi Mon, 18 Nov 2024 01:06:10 +0000 https://dev.to/aws-builders/efficiently-handling-high-concurrency-with-aws-lambda-snapstart-a-step-by-step-guide-2m81 https://dev.to/aws-builders/efficiently-handling-high-concurrency-with-aws-lambda-snapstart-a-step-by-step-guide-2m81 <h2> Introduction </h2> <p>Modern online services frequently face unexpected surges in user activity. It's essential that your system can process multiple simultaneous requests efficiently to keep users satisfied and engaged. To address performance challenges in serverless environments, AWS offers Lambda SnapStart. This enhancement reduces function initialization time, helping maintain responsiveness when demand increases. We'll explore a real-world example demonstrating when this capability becomes valuable, and provide detailed instructions for setting it up in your own environment.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw019gmnny89jl4vu2imb.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw019gmnny89jl4vu2imb.png" alt=" " width="800" height="800"></a></p> <h2> Scenario Overview </h2> <p>Consider operating a web-based event admission system that sells access to live performances and gatherings. When highly anticipated shows become available for purchase, your platform experiences a sudden influx of concurrent visitors. To ensure smooth transaction processing during these peak periods, your system infrastructure must expand rapidly while maintaining quick response times for each customer interaction. By implementing Amazon's Lambda SnapStart functionality, you can minimize initialization delays in your cloud functions, enabling better performance during these intense usage periods.</p> <h2> What is AWS Lambda SnapStart? </h2> <p>AWS' Lambda SnapStart enhances function response times by performing pre-initialization and creating a cached memory state that can be reused for subsequent executions. This approach captures a ready-to-use version of your code, allowing new instances to launch more quickly. By eliminating the standard initialization delay typically experienced during first-time function calls, this capability particularly benefits applications that need to handle many simultaneous user requests.</p> <h2> Why Use Lambda SnapStart in This Scenario? </h2> <p>For an event ticketing service, speed is absolutely critical. When customers attempt to secure their spots, even slight delays can frustrate buyers and potentially cost you business. Implementing Amazon's SnapStart technology for serverless functions helps ensure rapid processing times, maintaining system responsiveness even during peak demand. This approach enables consistent, swift service delivery regardless of how many people are simultaneously trying to purchase tickets.</p> <h2> Step-by-Step Implementation Guide </h2> <p>Follow these steps to implement AWS Lambda with SnapStart for your ticketing platform.</p> <p><strong>Step 1: Create a New Lambda Function</strong></p> <ol> <li>On the AWS Lambda page, click on the "Create function" button.</li> <li>Under "Create function", choose "Author from scratch".</li> <li>Fill in the following details:</li> <li>Function name: TicketingProcessor</li> <li>Runtime: Select "Java 17"</li> </ol> <p><em>Note: Lambda SnapStart currently supports Java runtimes. We'll use Java 17 for this example.</em></p> <ol> <li>Under Permissions, expand the "Change default execution role" section.</li> <li>Select "Create a new role with basic Lambda permissions".</li> <li>Click on "Create function" at the bottom of the page.</li> </ol> <p><strong>Step 2: Write the Lambda Function Code</strong></p> <ol> <li>After the function is created, you'll be taken to the function's configuration page.</li> <li>Scroll down to the "Code source" section.</li> <li>Under "Code source", click on the file named LambdaFunction.java to open the code editor.</li> <li>Replace the existing code with the following Java code: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import com.amazonaws.services.lambda.runtime.Context; import com.amazonaws.services.lambda.runtime.RequestHandler; import java.util.HashMap; import java.util.Map; public class TicketingProcessor implements RequestHandler&lt;Map&lt;String, String&gt;, Map&lt;String, String&gt;&gt; { // Simulate heavy initialization logic static { try { // Simulate time-consuming startup tasks Thread.sleep(5000); // 5-second delay to simulate cold start } catch (InterruptedException e) { e.printStackTrace(); } } @Override public Map&lt;String, String&gt; handleRequest(Map&lt;String, String&gt; event, Context context) { Map&lt;String, String&gt; response = new HashMap&lt;&gt;(); response.put("message", "Ticket processed successfully!"); return response; } } </code></pre> </div> <p>This code simulates a Lambda function with heavy initialization (the static block that sleeps for 5 seconds). SnapStart will help us bypass this delay in subsequent invocations.</p> <p>Click on "Deploy" at the top right corner to save and deploy the code.</p> <p><strong>Step 3: Configure SnapStart for the Lambda Function</strong></p> <ol> <li>In the left-hand menu, under "Versioning", click on "Versions".</li> <li>Click on "Publish new version" at the top right.</li> <li>In the "Publish new version" dialog, for Version description, enter Initial version with SnapStart.</li> <li>Under "SnapStart", select "Enable SnapStart".</li> <li>Click on "Publish".</li> </ol> <p><em>Note: If you don't see the SnapStart option, ensure that you are using a supported runtime (Java 11 or Java 17). Enabling SnapStart during the publishing of a new version tells AWS to take a snapshot after initialization, which will be used for faster startups.</em></p> <p><strong>Step 4: Test the Lambda Function</strong></p> <ol> <li>Navigate back to your function by clicking on "Code" in the left-hand menu.</li> <li>Click on "Test" at the top right corner.</li> <li>In the "Configure test event" dialog:</li> <li>Select "Create new test event".</li> <li>Event template: Choose "Hello World".</li> <li>Event name: Enter TestEvent.</li> <li>Leave the default JSON as is: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "key1": "value1", "key2": "value2", "key3": "value3" } </code></pre> </div> <p>Click on "Create". Click on "Test" again to invoke the function. Check the "Execution result" section below. You should see a response <br> similar to:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "message": "Ticket processed successfully!" } </code></pre> </div> <p>Note the "Duration" in the "Summary" section. It should show a reduced execution time due to SnapStart on subsequent invocations.</p> <p><strong>Step 5: Simulate High Concurrency</strong><br> To test the function under high concurrency, we'll invoke it multiple times in quick succession.</p> <p><strong>Option 1:</strong> Use AWS Lambda Console's "Test" Feature Repeatedly<br> You can invoke the function multiple times manually to observe the performance improvement.<br> <strong>Option 2:</strong> Use AWS CLI to Invoke the Function Concurrently</p> <ol> <li>Install AWS CLI: If you haven't installed AWS CLI, follow the installation guide <a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html" rel="noopener noreferrer">here</a>.</li> <li>Configure AWS CLI: Run aws configure in your terminal and enter your AWS credentials.</li> <li>In the AWS Lambda console, on your function's page, note the "ARN" at the top. It looks like arn:aws:lambda:region:account-id:function:TicketingProcessor.</li> <li>Create a Script to Invoke the Function Concurrently. Create a file named invoke_lambda.sh with the following content: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#!/bin/bash FUNCTION_NAME="TicketingProcessor" REGION="your-region" # e.g., us-east-1 for i in {1..100} do aws lambda invoke --function-name $FUNCTION_NAME --region $REGION --payload '{}' response_$i.json &amp; done wait </code></pre> </div> <p><em>Replace your-region with your AWS region, such as us-west-2.</em></p> <p><strong>Step 6: Provide the Relevant Permissions and Test</strong></p> <ol> <li>Make the Script Executable by running chmod +x invoke_lambda.sh in your terminal.</li> <li>Run the Script by executing ./invoke_lambda.sh to invoke the Lambda function 100 times concurrently.</li> <li>Check the Results.</li> <li>The responses will be saved in files named response_1.json, response_2.json, ..., response_100.json.</li> <li>You can also check the "Monitoring" tab in the AWS Lambda console to see the invocation metrics.</li> </ol> <p><strong>Step 7: Review Performance Metrics</strong></p> <ol> <li>In the AWS Lambda console, navigate to your function's page.</li> <li>Click on the "Monitoring" tab.</li> <li>Observe the metrics:</li> <li>Invocations: Number of times your function was invoked.</li> <li>Duration: Time taken for each invocation.</li> <li>Concurrency: Number of concurrent executions.</li> <li>Errors: Any errors that occurred during execution.</li> <li>You should notice that the "Duration" metric shows reduced cold start times due to SnapStart, especially after the initial invocation.</li> </ol> <p><strong>Final Notes:</strong> </p> <ul> <li>Ensure that your AWS Identity and Access Management (IAM) role has the necessary permissions to execute Lambda functions and access AWS services.</li> <li>Be aware that invoking Lambda functions may incur costs. Refer to the <a href="https://aws.amazon.com/lambda/pricing/" rel="noopener noreferrer">AWS Lambda Pricing</a> page for more details.</li> </ul> <p><strong>Conclusion</strong><br> These implementation steps have shown you how to leverage Amazon's SnapStart capability to enhance your serverless application's responsiveness during peak loads. With this optimization in place, your event ticketing system can now better manage unexpected surges of visitor activity, maintaining quick response times and keeping your customers satisfied throughout their purchasing journey.</p> <p><strong>Additional Resources</strong></p> <ul> <li><a href="https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html" rel="noopener noreferrer">AWS Lambda SnapStart Documentation</a></li> <li><a href="https://docs.aws.amazon.com/lambda/latest/dg/perf-optimize.html" rel="noopener noreferrer">Optimizing AWS Lambda Performance</a></li> </ul> aws lambda java webdev Implementation of Melodistiq: Generating Lyrics and Melodies with AI Renaldi Thu, 25 Apr 2024 01:00:41 +0000 https://dev.to/aws-builders/unlocking-musical-creativity-with-ai-generating-lyrics-and-melodies-55p0 https://dev.to/aws-builders/unlocking-musical-creativity-with-ai-generating-lyrics-and-melodies-55p0 <h2> Introduction </h2> <p>Hello, fellow cloud enthusiasts and builders! </p> <p>In today's blog post, we will dive into an intriguing project that combines artificial intelligence with music creation. This post will detail the implementation of a Python code designed to generate music lyrics and melodies using AI technologies. This follows the successful presentation of the "Unlocking Musical Creativity with AI: Generating Lyrics and Melodies" talk.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd5zxquy5h3vn4p3x2qks.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd5zxquy5h3vn4p3x2qks.png" alt=" " width="800" height="457"></a></p> <h2> The Scenario </h2> <p>The goal of this project is to automate the creation of music lyrics and melodies. This can be particularly useful for musicians seeking inspiration or developers exploring the intersection of AI and creative arts. The process involves generating lyrics based on existing song data, creating a melody that fits the generated lyrics, and presenting the final composition in both audio and written formats.</p> <h2> Libraries and Tools Used </h2> <p>To accomplish this task, we utilize several Python libraries, each serving a distinct purpose:</p> <ul> <li>Pandas (pandas): A powerful data manipulation library used here to handle and preprocess lyrical data.</li> <li>Natural Language Toolkit (NLTK): This library is used for text processing to analyze, manipulate, and generate text data.</li> <li>OpenAI's GPT-3.5: Leveraged to enhance the quality of the generated lyrics.</li> <li>Mingus: An advanced music theory and notation package used to handle music data and generate melodies.</li> <li>FastText: A library developed by Facebook for efficient learning of word representations and sentence classification.</li> <li>FPDF: A library to generate PDF files, useful for presenting the lyrics in a readable format.</li> </ul> <p>Let's walk through implementing our code now.</p> <h2> Implementation </h2> <p><strong>Setting Up and Downloading Models</strong><br> First, we load necessary models and corpora:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import fasttext import fasttext.util import nltk nltk.download('cmudict') nltk.download('punkt') from nltk.corpus import cmudict d = cmudict.dict() fasttext.util.download_model('en', if_exists='ignore') ft = fasttext.load_model('cc.en.300.bin') </code></pre> </div> <p>Here, fastText and NLTK's CMU Pronouncing Dictionary are initialized. fastText is used later to find words similar to those not found in the CMU dictionary.</p> <p><strong>Data Collection</strong><br> Data is loaded and preprocessed from a CSV file containing song lyrics:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import pandas as pd df = pd.read_csv('EdSheeran.csv') df = df.dropna() lyrics = df['Lyric'].str.replace('\n', ' ').str.replace('\r', ' ').tolist() </code></pre> </div> <p>This section reads a CSV file, cleans the data by removing missing values, and formats the lyrics into a list.</p> <p><strong>Data Preprocessing</strong><br> The lyrics are tokenized and cleaned:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import re from nltk.tokenize import word_tokenize words = [word_tokenize(re.sub(r'\W+', ' ', lyric).lower()) for lyric in lyrics] words = [word for sublist in words for word in sublist] </code></pre> </div> <p>Here, special characters are removed, and the text is converted to lowercase to standardize the data.</p> <p><strong>N-gram Model and Lyrics Generation</strong><br> An N-gram model is used to generate new lyrics:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>N-gram Model and Lyrics Generation An N-gram model is used to generate new lyrics: from nltk.util import ngrams from nltk.probability import FreqDist import random n_values = [2, 5, 7] generated_lyrics = "" for n in n_values: ngrams_list = list(ngrams(words, n, pad_left=True, pad_right=True)) freq_dist = FreqDist(ngrams_list) def generate_lyrics(starting_ngram, freq_dist, num_words): generated_words = list(starting_ngram) for _ in range(num_words): next_word_candidates = [ngram[-1] for ngram in freq_dist.keys() if ngram[:n-1] == tuple(generated_words[-(n-1):])] if next_word_candidates: next_word = random.choice(next_word_candidates) generated_words.append(next_word) else: break return ' '.join(generated_words).replace(' ,', ',').replace(' .', '.').replace(' ;', ';') starting_ngram = random.choice(list(freq_dist.keys())) generated_lyrics += generate_lyrics(starting_ngram, freq_dist, 200) </code></pre> </div> <p>This segment builds N-grams from the cleaned words and creates a frequency distribution to model the probabilities of word sequences. New lyrics are generated based on these probabilities.</p> <p><strong>Enhancing Lyrics with GPT-3.5</strong><br> We then look to enhance our lyrics with the help of GPT-3.5.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import openai import os openai.api_key = os.getenv('openai_api_key') conversations = {} session_id=0; conversations[session_id] = [] conversations[session_id].append({"role": "system", "content": "You are a helpful assistant who will transform the lyrics below into a song."}) conversations[session_id].append({"role": "user", "content": generated_lyrics}) response = openai.ChatCompletion.create( model="gpt-3.5-turbo", messages=conversations[session_id], max_tokens=200 ) gpt_lyrics = response.choices[0]["message"]["content"].strip() </code></pre> </div> <p>Here, the OpenAI GPT-3.5 API is used to refine and enhance the generated lyrics, adding a layer of complexity and polish that might be lacking from the simple N-gram model. The environment variable openai_api_key is used to authenticate the API request.</p> <p><strong>Generating and Exporting the Melody</strong><br> The code then generates a melody using the Mingus library based on the stress patterns of the lyrics:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>from mingus.containers import Note, Bar, Track from mingus.midi import midi_file_out import mingus.extra.lilypond as lilypond def generate_melody(lyrics): # Load the CMU Pronouncing Dictionary stress_pattern = [] tokens = nltk.word_tokenize(lyrics) # Fix contractions fixed_tokens = [contractions.fix(token) for token in tokens] # Function to get the stress pattern of a word def get_stress(word): word = word.lower() phones = pronouncing.phones_for_word(word) if phones: stress_pattern = [int(s) for s in pronouncing.stresses(phones[0])] return [stress_pattern] else: # handle contractions if "'" in word: parts = word.split("'") stress_pattern = [] for part in parts: stress_pattern += get_stress(part) return stress_pattern # handle hyphenated words elif '-' in word: parts = word.split('-') stress_pattern = [] for part in parts: stress_pattern += get_stress(part) return stress_pattern else: print(f'Word not found in dictionary: {word}') # Find a similar word in the dictionary and use its stress pattern similar_word = find_similar_word(word) if similar_word: return get_stress(similar_word) else: # Use default pattern if no similar word is found return [[0, 1, 2]] # Get the stress pattern of the lyrics for word in fixed_tokens: # remove punctuation word = re.sub(r'[^\w\s]', '', word) stress_pattern += get_stress(word) # Flatten the stress_pattern list stress_pattern = [item for sublist in stress_pattern for item in sublist] print(lyrics) print(tokens) print(["Here are the stress patterns:"] + stress_pattern) # Generate a melody based on the stress pattern track = Track() b = Bar() b.set_meter((4, 4)) beats_in_current_bar = 0 for stress in stress_pattern: if stress == 0: note = Note('C', 4) elif stress == 1: note = Note('E', 4) elif stress == 2: note = Note('G', 4) b + note beats_in_current_bar += 1 if beats_in_current_bar == 4: track.add_bar(b) b = Bar() b.set_meter((4, 4)) beats_in_current_bar = 0 track.add_bar(b) return track </code></pre> </div> <p>Here, we define a function generate_melody that takes a string of lyrics as input and generates a melody based on the phonetic stress pattern of the words. The function uses the nltk library to tokenize the lyrics, handles contractions, and determines the stress pattern of each word using the CMU Pronouncing Dictionary. We account for special cases like contractions, hyphenated words, and words not found in the dictionary, attempting to find similar words or applying a default stress pattern when necessary.</p> <p>After extracting and flattening the stress pattern of the entire lyrics, the function uses this pattern to create a melody where different stress levels are mapped to specific musical notes (C, E, G) in a 4/4 time signature, adding these notes to a musical track using the mingus library. Each stress level in the pattern corresponds to a different note, and the function organizes these notes into bars, with each bar containing up to four beats. The track, comprising a series of bars filled with notes based on the lyrical stress pattern, is returned at the end of the function. This allows for the conversion of lyrical content into a basic musical representation, integrating elements of natural language processing and music composition.</p> <p>We can then look into creating the MIDI file and sheet music:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>formatted_lyrics = format_lyrics(gpt_lyrics) formatted_lyrics_with_newlines = add_newlines(formatted_lyrics) print("Here are the lyrics:" + formatted_lyrics_with_newlines) melody = generate_melody(formatted_lyrics_with_newlines) lilypond_string = lilypond.from_Track(melody) with open('melody.ly', 'w') as f: f.write(lilypond_string) print(melody) </code></pre> </div> <p>As can be seen, we output the lyrics and MIDI.</p> <p><strong>Outputting Lyrics as PDF</strong><br> Finally, we generate a PDF document containing the formatted lyrics, useful for singers or for archival purposes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>from fpdf import FPDF pdf = FPDF() pdf.add_page() pdf.set_font('Arial', 'B', 16) title = formatted_lyrics_with_newlines.split('\n')[0] pdf.cell(0, 10, title, 0, 1, 'C') pdf.set_font('Arial', '', 12) pdf.multi_cell(0, 10, formatted_lyrics_with_newlines) pdf.output('lyrics.pdf') </code></pre> </div> <p>Now, we have our fully functioning Python code for making music! Now, we can decide where to deploy this. Leveraging the capability of AWS, I am going to deploy it on an EC2.</p> <p><strong>Setting Up the EC2 Instance</strong></p> <ol> <li>Go to the EC2 dashboard in AWS Management Console.</li> <li>Click on "Launch Instance".</li> <li>Choose an Amazon Machine Image (AMI), such as Amazon Linux 2 AMI or Ubuntu Server.</li> <li>Select an instance type (e.g., t2.micro for testing purposes).</li> <li>Configure instance details as required.</li> <li>Add storage if the default isn’t enough.</li> <li>Configure Security Group to allow SSH (port 22) and any other necessary ports (e.g., port 80 for web server).</li> <li>Review and launch the instance by selecting or creating a new key pair.</li> </ol> <p>Now that we have the EC2 instance ready, we can access it.</p> <p><strong>Accessing the EC2 Instance</strong><br> Connect to your instance using SSH. For Windows, you can use PuTTY or any SSH client:<br> <code>ssh -i /path/to/your-key.pem ec2-user@your-instance-ip</code></p> <p><strong>Environment Setup</strong><br> Install Python and other necessary tools.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>sudo yum update -y sudo yum install python3 git -y </code></pre> </div> <p>Now move the code over to EC2 with SCP or SFTP and install the relevant Python libraries. You can also clone the repo provided at the end of this post.<br> <code>pip3 install pandas nltk openai pronouncing re fpdf fasttext</code></p> <p>You also will need to install lilypond for usage with Yum.<br> <code>sudo yum install lilypond -y</code></p> <p>Set environment variables (for example, for the OpenAI API key):<br> <code>export openai_api_key='your-api-key'</code></p> <p>With the environment now set up, we can run and automate the script.</p> <p><strong>Running and Automating the Script</strong><br> Run the script with the command below.<br> <code>python3 main.py</code></p> <p>To ensure the script runs automatically at system boot or keeps running after disconnections, we will use nohup to run the script in the background.<br> <code>nohup python3 your_script.py &amp;</code></p> <p>Set up a systemd service if you want it to start at boot and restart on failures.</p> <p>We can then monitor the script execution through checking the logs.<br> <code>tail -f nohup.out</code></p> <p>Optionally, configure CloudWatch to monitor the EC2 performance or to set up more advanced logging and alerting.</p> <p>And with that, we've set up our deployed solution! It takes a bit of learning to wrap your head around the NLP and music theory bits, but it really is quite a straightforward approach to getting started on making music with AI.</p> <p><strong>Conclusion</strong><br> This project showcases the power of AI in creative processes like songwriting. By integrating various technologies and libraries, we've created a system that not only generates lyrics but also composes a melody, presenting it in both audio and visual forms. This illustrates the potential for AI to assist in artistic expressions, providing tools that can inspire and enhance the creative capabilities of its users. Whether you're a developer, a musician, or an enthusiast in the realms of AI or music, this project offers fascinating insights and possibilities.</p> <p>The repo to the project can be accessed at: <a href="https://github.com/renaldig/melodistiq-music-generator" rel="noopener noreferrer">https://github.com/renaldig/melodistiq-music-generator</a></p> ai webdev python music