AWS Lambda - Comprehensive Guide

🚀 Tổng quan về Lambda

Lambda là gì?

  • Serverless Computing Service: Chạy code mà không cần quản lý server
  • Event-driven: Tự động trigger từ các AWS services khác
  • Pay-per-use: Chỉ trả tiền khi code thực thi
  • Auto-scaling: Tự động scale theo traffic

Kiến trúc Lambda

Event Source → Lambda Function → Destination
    ↓              ↓               ↓
S3 Upload    →  Process Image  →  DynamoDB
API Gateway  →  Business Logic →  SQS Queue
CloudWatch   →  Log Processing →  SNS Topic

📋 Các thành phần chính

1. Function Code

  • Runtime environments: Python, Node.js, Java, C#, Go, Ruby, PowerShell
  • Handler function: Entry point cho Lambda
  • Event object: Input data từ event source
  • Context object: Runtime information

2. Configuration

  • Memory allocation: 128MB - 10,240MB (10GB)
  • Timeout: 1 second - 15 minutes maximum
  • Environment variables: Key-value pairs
  • VPC settings: Network configuration nếu cần

3. Triggers (Event Sources)

  • Synchronous: API Gateway, ALB, CloudFront
  • Asynchronous: S3, SNS, CloudWatch Events
  • Stream-based: DynamoDB Streams, Kinesis, SQS

🛠️ Pricing Model

Request Pricing

  • Free tier: 1M requests/month miễn phí
  • Additional: $0.20 per 1M requests

Duration Pricing

  • Free tier: 400,000 GB-seconds/month
  • Additional: $0.0000166667 per GB-second

Ví dụ tính cost

Function: 512MB, chạy 100ms, 3M requests/month
- Request cost: (3M - 1M) × $0.20/1M = $0.40
- Duration cost: 3M × 0.1s × 0.5GB × $0.0000166667 = $2.50
- Total: $2.90/month

🔧 Lambda Patterns thường dùng

1. Web API Pattern

API Gateway → Lambda → DynamoDB
- RESTful APIs
- Real-time data processing
- Authentication với Cognito

2. Data Processing Pattern

S3 Upload → Lambda → Process → Store
- Image resizing
- File format conversion
- Data validation

3. Stream Processing Pattern

DynamoDB Stream → Lambda → Analytics
- Real-time analytics
- Data synchronization
- Audit logging

4. Scheduled Tasks Pattern

CloudWatch Events → Lambda → Batch Job
- Daily reports
- Database cleanup
- Health checks

📊 Performance & Optimization

Cold Start Optimization

  • Keep functions warm: CloudWatch Events mỗi 5 phút
  • Provisioned Concurrency: Pre-warmed instances
  • Runtime selection: Interpreted languages (Python, Node.js) start faster

Memory & CPU Optimization

  • Memory = CPU: Memory allocation tương ứng với CPU power
  • Profiling: Monitor execution time và memory usage
  • Right-sizing: Balance giữa cost và performance

Connection Pooling

# ❌ Tạo connection mỗi lần invoke
def lambda_handler(event, context):
    connection = create_db_connection()
    # Process data
    connection.close()

# ✅ Reuse connection across invocations
connection = create_db_connection()
def lambda_handler(event, context):
    # Reuse existing connection
    # Process data

🔒 Security Best Practices

IAM Roles & Permissions

  • Least privilege principle: Chỉ grant permissions cần thiết
  • Execution role: Role Lambda assume khi chạy
  • Resource-based policies: Control ai có thể invoke function

Environment Variables Security

  • KMS Encryption: Encrypt sensitive data
  • AWS Systems Manager: Store secrets securely
import os
import boto3

# ❌ Hardcode sensitive data
API_KEY = "sk-1234567890abcdef"

# ✅ Use environment variables + KMS
API_KEY = os.environ['ENCRYPTED_API_KEY']
kms = boto3.client('kms')
decrypted_key = kms.decrypt(CiphertextBlob=base64.b64decode(API_KEY))

VPC Configuration

  • Database access: Lambda trong VPC để connect RDS
  • NAT Gateway: Internet access từ private subnet
  • Security Groups: Network-level security

📝 Lambda Limitations

Execution Limits

  • Timeout: Maximum 15 minutes
  • Memory: Maximum 10GB
  • Payload size: 6MB synchronous, 256KB asynchronous
  • Deployment package: 50MB zipped, 250MB unzipped

Concurrency Limits

  • Account limit: 1,000 concurrent executions (có thể request tăng)
  • Reserved concurrency: Đặt aside cho function specific
  • Provisioned concurrency: Pre-warmed instances

🧪 Testing & Debugging

Local Testing

# SAM CLI
sam local start-api
sam local invoke "MyFunction" -e events/event.json

# Serverless Framework
serverless invoke local --function myFunction

Monitoring & Logging

  • CloudWatch Logs: Automatic logging
  • CloudWatch Metrics: Duration, errors, throttles
  • X-Ray: Distributed tracing
  • AWS Lambda Insights: Enhanced monitoring

🚀 Deployment Strategies

Deployment Packages

  • Zip file: Code + dependencies dưới 50MB
  • Container images: Sử dụng Docker, up to 10GB
  • Layers: Share code across multiple functions

CI/CD Pipeline

# GitHub Actions example
name: Deploy Lambda
on:
  push:
    branches: [main]
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Deploy to AWS
        run: |
          zip -r function.zip .
          aws lambda update-function-code \
            --function-name MyFunction \
            --zip-file fileb://function.zip

Blue/Green Deployment

  • Aliases: Point to specific versions
  • Weighted routing: Gradually shift traffic
  • Rollback capability: Quick revert on issues

💡 Real-world Use Cases

1. E-commerce Order Processing

API Gateway → Lambda → DynamoDB → SQS → Lambda → Email/SMS
- Order validation
- Inventory check
- Payment processing
- Notification sending

2. Data Lake Processing

S3 → Lambda → Glue → Athena → QuickSight
- File format conversion
- Data cataloging
- ETL operations
- Analytics preparation

3. IoT Data Processing

IoT Device → IoT Core → Lambda → DynamoDB → CloudWatch
- Real-time data ingestion
- Anomaly detection
- Alert generation
- Dashboard updates

📚 Exam Tips cho AWS SAA

Khi nào chọn Lambda?

  • ✅ Event-driven processing
  • ✅ Short-running tasks (< 15 minutes)
  • ✅ Unpredictable/intermittent workloads
  • ✅ Auto-scaling requirements

Khi nào KHÔNG chọn Lambda?

  • ❌ Long-running processes (> 15 minutes)
  • ❌ Consistent high-volume traffic
  • ❌ Complex networking requirements
  • ❌ Stateful applications

Key Concepts cho exam

  • Cold starts: Impact performance
  • Concurrency limits: Throttling behavior
  • Event source mappings: Stream processing
  • Dead letter queues: Error handling
  • Layers: Code sharing mechanism

📖 Tóm tắt

Lambda là cornerstone của serverless architecture trên AWS, cho phép: - Cost optimization thông qua pay-per-use model - Automatic scaling theo demand - Event-driven architecture với nhiều integration options - Focus on code thay vì infrastructure management

Hiểu rõ Lambda patterns, limitations, và best practices là essential cho AWS Solutions Architect Associate exam.