• Unleashing the Power of Serverless with Cloudflare

    Posted on Dec 20, 2023
    Serverless Cloudflare

    As a developer constantly on the lookout for ways to streamline application deployment and management, I’ve found the marriage between the Serverless framework and Cloudflare’s capabilities to be a match made in the cloud. Below, I walk through the process of deploying a serverless function on Cloudflare with tangible code examples, demonstrating how this powerful duo can make your development process more efficient.

    Read more ›
    Tagged with Cloudflare, Serverless
    Posted in Technology

  • The Fulfilled Promise of Serverless

    Posted on Oct 10, 2022


    I respectfully disagree with the arguments made on Last Week in AWS against Serverless.

    Regarding portability issues

    The problem described is down to architecture. Do you need to add logic that handles the API Gateway? Yes. Does it have to be an integral part of your Lambda functions? No. In the majority of Serverless stacks that I've seen, the handling of the API Gateway event (think auth, middleware, different content types, etc.) is done in a separate package and can be relatively easily re-implemented for another Cloud provider. I do accept the premise of AWS Step Functions being the exception to this rule, but I don't believe they are absolutely necessary (nor do they feel productive to work with). Most Step Functions structure can be replaced by either a Queue or Messaging system, depending on the requirements.

    Regarding the perceived value fallacy

    Essentially the argument is about the limited impact savings Serverless could bring to the table compared to the overall budget. One critical thing isn't taken into account - The inevitable DevOps department. I have seen plenty of early stage startup with 5-10 engineers and zero DevOps. Nearly in every one of those cases they were able to do that by going either fully managed (e.g. Vercel, Auth0) or fully Serverless. Those saved salaries count for much more than the net savings on the infrastructure budget.

    Regarding the difficulty of collaboration compared to WordPress

    It is unclear in your argument whether those collaborators were writers or engineers, but I'm assuming writers. I do agree that it is much easier to write articles using WordPress than your home-made lean Serverless solution. This however completely misses the point. It is not WordPress the writers are missing, it is the WYSIWYG editor (In WordPress's case - Gutenberg). There are plenty of full-featured Markdown editors that can directly save to GitHub. A website generator such as Hugo could easily connect those repositories with your website and presto! Writers are happy again.
    Read more ›
    Tagged with aws, serverless cloud cloudexpat
    Posted in Technology

  • Adding Serverless to your Web Application

    Posted on Oct 31, 2017


    As you've probably heard, Serverless is the next big thing in the cloud industry.
    Here's I'll go over some of the ways you can integrate Serverless technology in your existing web apps!



    Serverless is essentially a system of Function-as-a-Service, where you have certain functions in the cloud, and you get billed by their usage & required computation.
    This is a further abstraction from the actual Virtual Machines in common use today, and goes hand-in-hand with a Microservices approach to web development.
    But enough about dictionary definitions, let's go to the good stuff:

    Examples of integrating Serverless with your existing Web App

    Reports

    Database reports are a pretty common request, often by marketing/business departments to get a better understanding of your users.
    This is more common in early-stage applications, before you connect them to proper analytics tools.
    Using Serverless, it's quite simple to have a function that runs a report on the database.
    We'll use AWS Lambda in this example:
    1. Go to Lambda on your AWS Dashboard:
    2. Choose "Author from scratch":
    3. In your Lambda function, add the following code:
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

      'use strict';
module.exports.runReport = (event, context, callback) => {
  const response = {
    statusCode: 200,
    body: {
      message: 'Result: ',
      input: event,
    },
  };
  const mysql = require('mysql');
  const connection = mysql.createConnection({
    host: 'localhost',
    user: 'user',
    password: 'password',
    database: 'database',
    port: 'port' //if you remove this line port defaults to 3306
  });
  connection.connect();
  connection.query('SELECT * FROM users', function(err, results) {
    if (err) throw err;
    response.body.message += JSON.stringify(results);
    response.body = JSON.stringify(response.body);
    callback(null, response);
  })

  connection.end();

};
    4. As an easier alternative, get the entire Serverless Boilerplate here

    Admin Panel

    In most web applications there's some sort of an Admin Panel.
    Ideally, the admin panel should be a separate application, to limit potential systemic weaknesses.
    Using Serverless, we're able to take advantage of some of the most secure systems available - IAM permissions.
    Examples of cool things you could do to further secure your Admin Panel:
    • Restrict Admin functions permissions - Since Lambda functions have their own IAM roles, you can have very fine-grained permission settings. A great example of this is with DynamoDB.
      You can literally give your function access to specific tables with a custom IAM policy:
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

      {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1509470869566",
      "Action": [
        "dynamodb:BatchGetItem",
        "dynamodb:DescribeTable",
        "dynamodb:GetItem",
        "dynamodb:GetRecords",
        "dynamodb:ListTables",
        "dynamodb:Query",
        "dynamodb:Scan"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:dynamodb:YOUR-REGION:YOUR-AWS-ID:table/TABLE-NAME"
    }
  ]
}
      Or another great example where a function can only write items to the table without reading any:
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

      {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1509470869566",
      "Action": [
        "dynamodb:PutItem"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:dynamodb:YOUR-REGION:YOUR-AWS-ID:table/TABLE-NAME"
    }
  ]
}


    • Combine API Gateway with Cognito User Pools for authentication - This is quite complex, but this guide has a pretty good walkthrough. In the following days (probably weeks) I'll try to add this to the boilerplates repository.


    • Write the entire Admin Panel on Serverless - If your app doesn't have a fully fledged Admin Panel yet (and you understood the last 2 items on the list), This could offer both a high level of security as well as a great way to integrate Serverless into an important but not-yet-customer-ready parts of your system.

    Cron Jobs

    Most applications have some form of Cron Jobs, but more often than not,
    there's a good chance that you don't have a lot of logging/analytics for your Cron Jobs.
    With CloudWatch you can schedule functions to run every minute/hour/day/week, just like a normal Cron Job.
    Combine that with CloudWatch Alarms, and you have both a logging system and an alarm system in case something goes wrong.


    These were just a few examples of how you could integrate Serverless into your web app right away.
    In the future, I'll try to work on the boilerplate repository, to add more cases.
    Read more ›
    Tagged with serverless, aws aws lambda nodejs
    Posted in Technology