AWS Lambda sandbox
Scope
region scope - specify multiple az
code in the same region
Features
max runtime 15 mins
max resource - vcpu ?, memory ?
Can be triggered by CloudWatch alarm directly now - cross-region
Alias - allows to test a new version without impacting live traffic which is served via an alias. If testing is successful, point the live alias to the new function version. Sort of, allows you perform [[devops#Canary deployments|canary deployments]] for Lambda.
Routing to a specific alias? #question
Error Error: Timed Out If some of your TCP connections are timing out, this may be due to packet fragmentation. Lambda functions cannot handle incoming fragmented TCP requests, since Lambda does not support IP fragmentation for TCP or ICMP.
Deployment package
Container images
Upto 10 GB in size
Zip file archives
Upload directly to Lambda (<50 MB) or to S3 (> 50 MB), and provide the S3 url to the Lambda service.
Layers
Use for reusable code, cache session objects, shared libraries, telemetry, etc.
Share dependencies across multiple functions
Separate core app logic from dependecies
Reduce the app deployment package size
Useful for zip file archives only. When using containers, these dependencies can be added to the image directly.
Cross Service APIs
Lambda Functions manage EC2 ENIs for functions created in a [[vpc]]. Initially, terraform aws provider helped cleanup these ENIs on function removal since AWS api did not. Later, AWS updated the API to delete these lingering ENIs and that started causing failures in terraform as it could no longer find the lingering ENI when trying to clean-up.
HashiCorp and AWS had to do a large scale outreach to fix these configs, and help practitioners migrate.