Amazon Web Services: The Magic of Lambda

Here at Alpine we are in love with Amazon Web Services (AWS), and for good reason. They are by far the leading cloud platform and always push innovation. AWS has many different services, but the one we will focus on today is Lambda. Lambda gives you the ability to run code (written in Node.js, Java, or Python) without the need to have a server powering it, as far you you are aware or care. But how can this be real?

We are used to running code. A server is stood up and libraries are loaded onto it. From there we can have an API created that allows other code to call these functions. Lambda removes our need to setup, configure, and maintain a server. In addition, Lambda also runs on demand so you can literally pay-per-sip. Do you have a function that only needs to be run once per hour to do some processing? Why go through the overhead of system configuration and maintenance when you can just write your function and have it run on a set interval?

A simple example is a ping application that checks if an IP or domain is active and then information such as domain/IP, response time averages, etc., is stored into a database to later be analyzed or alerted on. To accomplish this we could stand up a server and call the ping command (or write a custom script) and pipe that data into a mysql instance. This would leave us with a server that needs the OS, mysql, and any other packages installed to be constantly patched to keep up-to-date with that latest vulnerabilities. Instead, you can write a ping function in node.js, set it in Lambda to run on timed intervals, and store that information in AWS RDS or DynamoDB. All of this is managed by Amazon (with zero down/maintenance time) so they are responsible for keeping the software updated and we can focus on our data. The side benefit is that we also save on cost. Since we are running one function on a timed interval we do not have to pay for a server to be up 24/7/365.

Do you have a task that isn’t predictable on a schedule?  Another majorly cool feature of Lambda is that it is “event driven.” You can have the Lambda function sit dormant until it detects one of a large variety of events.  For instance, a Lambda can be triggered by an SNS topic, the creation or removal of a file from a S3 bucket, new records hitting a DynamoDB tables, CloudWatch Logs, and many other event sources. And you only need to worry about the code because Amazon manages the computational and memory resources in the background to make sure your function can keep up with the incoming events.

Let’s recap the huge benefits from using AWS Lambda:

  • Event Driven Code Execution – Code runs when an action is performed. Using AWS to configure this is as easy as a click of a button.
  • Serverless Architecture – No software to manage and maintain, no hardware to purchase and upgrade. Amazon takes care of all of this for you so you can focus on your operations.
  • Common Coding Languages – Using Node.js, Java, and Python means we have fairly popular and common languages to work with. No ramp-up time is needed to learn another custom language!
  • Pay-per-Sip Model – Like most AWS services you only pay for what you use and Lambda is no different. You are paying per request and for the duration of each run. While your code is idle there is nothing to worry about.
  • Run it in your VPC – recently, AWS released the capability to run your Lambda with internal access to resources in your virtual private cloud.  Long story short, you can secure your Lambdas and treat them as though they’re inside your data center.

We know that the cloud can still be scary to a lot of people but we want to keep putting forward the idea that you can do a lot of cool stuff today with the cloud technologies that are out there. Things that you can’t (or shouldn’t) do well by yourself are easily accessible and cheap to do with cloud services. Give it a try and make some magic.

Frank Urbanski

Author Frank Urbanski

Frank has worked for 8+ years as a Software and Cyber Security Engineer within the defense industry. At Alpine Cyber Solutions Frank oversees the Managed Security Services line of business. He has his passions set on Incident Response and Threat Management.

More posts by Frank Urbanski

Leave a Reply

Time limit is exhausted. Please reload CAPTCHA.