AWS Lambda

AWS Lambda
Developer(s)Amazon.com
Initial releaseNovember 13, 2014; 10 years ago (2014-11-13)
Operating systemCross-platform
Available inEnglish
Websiteaws.amazon.com/lambda Edit this on Wikidata

AWS Lambda is an event-driven, serverless Function as a Service (FaaS) provided by Amazon as a part of Amazon Web Services. It is designed to enable developers to run code without provisioning or managing servers. It executes code in response to events and automatically manages the computing resources required by that code. It was introduced on November 13, 2014. [1]

Specification

Each AWS Lambda instance runs within a lightweight, isolated environment powered by Firecracker microVMs. These microVMs are initialized with a runtime environment based on Amazon Linux (Amazon Linux AMI or Amazon Linux 2), a custom Linux distribution developed by AWS. Firecracker provides hardware-virtualization-based isolation, aiming to achieve near-bare-metal performance with minimal overhead. AWS claims that, unlike traditional virtual machines, these microVMs launch in milliseconds, enabling rapid and secure function execution with a minimal memory footprint. The Amazon Linux AMI is specifically optimized for cloud-native and serverless workloads, aiming to provide a lightweight, secure, and performant runtime environment. [2][3][4]

As of 2025, AWS Lambda supports Node.js, Python, Java, Go, .NET, Ruby and custom runtimes.[5]

Features

In 2019, at the AWS annual cloud computing conference (AWS re:Invent), the AWS Lambda team announced "Provisioned Concurrency", a feature that "keeps functions initialized and hyper-ready to respond in double-digit milliseconds."[6] The Lambda team described Provisioned Concurrency as "ideal for implementing interactive services, such as web and mobile backends, latency-sensitive microservices, or synchronous APIs."[7]

The Lambda Function URL gives Lambda a unique and permanent URL which can be accessed by authenticated and non-authenticated users alike.[8]

Lambda layer

AWS Lambda layer is a ZIP archive containing libraries, frameworks or custom code that can be added to AWS Lambda functions. [9] As of December 2024, AWS Lambda layers have significant limitations: [10][11]

  • No semantic versioning support.
  • Incompatibility with major security scanning tools.
  • Contribution to Lambda's 250MB size limit.
  • Impeded local testing.
  • No tree-shaking optimizations.

Lambda Destinations vs. Dead Letter Queues

AWS Lambda Destinations provide advanced error handling and routing capabilities compared to Dead Letter Queues (DLQs). While DLQs only capture failed asynchronous invocations for manual processing, Lambda Destinations support both synchronous and asynchronous invocations. Lambda Destinations allow routing to various targets, such as Amazon SQS, SNS, EventBridge, or another Lambda function, based on the outcome of the invocation (success or failure). Destinations also include the ability to capture detailed contextual information about the invocation, such as request and response payloads, aiding in more granular monitoring and troubleshooting. This feature facilitates more dynamic and automated error-handling workflows in serverless applications. [12][13]

Best practices

Following DevSecOps practices can help end-users to use and secure Lambda-based applications more effectively. [14] In Lambda-based applications, the line between the infrastructure and business logic is blurred and the apps are usually spread across various services. According to Yan Cui, to get the most value from testing efforts, Lambda-based applications should be tested mainly for their integrations, and unit tests should be used only if there is a complex business logic. Also, to make debugging and implementation of Lambda-based easier, developers should use orchestration within the bounded context of a microservice, and should use choreography between the bounded-contexts.[13]

Portability

Migration from AWS Lambda to other AWS compute services, such as Amazon ECS, presents challenges due to tight integration with AWS Lambda's APIs, often referred to as service lock-in. Tools like AWS Lambda Web Adapter offer a pathway for portability by enabling developers to build web applications using familiar frameworks under the "Lambdalith" or monolithic Lambda design pattern. [15][16] However, this approach introduces limitations, including coarser-grained alerting and access controls, potential cold start delays with large dependencies, and limited suitability for non-HTTP APIs.

Adopting architectural patterns such as hexagonal architecture can mitigate these challenges by abstracting dependencies and facilitating compatibility across compute platforms. [13] By separating the core business logic from infrastructure-specific code, this approach supports both HTTP and non-HTTP APIs, offering a more portable foundation for serverless workloads.

Testing

Testing integrations between services is crucial, particularly for serverless applications like AWS Lambda, due to their distributed and fragmented architecture. Simulator tools like LocalStack can facilitate testing but may yield false positives because they may diverge from actual AWS services. [17]

To address this limitation, Yan Cui introduced "remocal testing," enabling local execution of application code while interacting with genuine AWS services. This approach allows real-time debugging and rapid code modifications without deployment. However, it necessitates provisioning and subsequent decommissioning of AWS resources, requiring meticulous planning. [13]

Security

In April 2022, researchers found cryptomining malware targeting AWS Lambda named "Denonia".[18][19][20]

See also

References

  1. ^ Serverless Development on AWS Building Enterprise-Scale Serverless Solutions. O'Reilly Media. ISBN 9781098141899.
  2. ^ Accelerating Server-Side Development with Fastify: A comprehensive guide to API development for building a scalable backend for your web apps. ISBN 9781800568747.
  3. ^ "Firecracker โ€“ Lightweight Virtualization for Serverless Computing".
  4. ^ "Secure and fast microVMs for serverless computing".
  5. ^ "Lambda runtimes".
  6. ^ "New โ€“ Provisioned Concurrency for Lambda Functions". aws.amazon.com. 3 December 2019. Archived from the original on 2020-10-18. Retrieved 2020-10-12.
  7. ^ "New โ€“ Provisioned Concurrency for Lambda Functions". Amazon Web Services. 2019-12-03. Archived from the original on 2020-02-03. Retrieved 2020-02-03.
  8. ^ "Lambda function URLs - AWS Lambda". docs.aws.amazon.com. Archived from the original on 2024-03-01. Retrieved 2024-03-01.
  9. ^ "Managing Lambda dependencies with layers". Archived from the original on 2024-02-04. Retrieved 2024-02-02.
  10. ^ Sbarski, Peter. Serverless Architectures on AWS: With examples using AWS Lambda. ISBN 9781638351146.
  11. ^ Data Engineering with AWS: Learn how to design and build cloud-based data transformation pipelines using AWS. ISBN 9781800569041.
  12. ^ Programming AWS Lambda: Build and Deploy Serverless Applications with Java. O'Reilly Media. ISBN 9781492041023.
  13. ^ a b c d Cui, Yan (2020). Serverless Architectures on AWS (2nd ed.). Manning. ISBN 978-1617295423.
  14. ^ Katzer, Jason (2020). Learning Serverless: Design, Develop, and Deploy with Confidence. O'Reilly Media. ISBN 978-1492057017.
  15. ^ "AWS Lambda Web Adapter". GitHub. Archived from the original on 2024-11-28. Retrieved 2024-11-29.
  16. ^ "The Lambda monolith". Archived from the original on 2024-11-26. Retrieved 2024-11-29.
  17. ^ Stojanovic, Slobodan. Serverless Applications with Node.js Using AWS Lambda and Claudia.js. Manning. ISBN 9781638356172.
  18. ^ "Archived copy". Archived from the original on 2024-11-15. Retrieved 2024-11-04.{{cite web}}: CS1 maint: archived copy as title (link)
  19. ^ "Archived copy". Archived from the original on 2024-03-15. Retrieved 2024-11-04.{{cite web}}: CS1 maint: archived copy as title (link)
  20. ^ "Archived copy". Archived from the original on 2024-04-05. Retrieved 2024-11-04.{{cite web}}: CS1 maint: archived copy as title (link)