Learn DevOps

Syllabus 35 days challenge AWS Serverless

Hải Yến Trịnh's photo
Hải Yến Trịnh
·

18 min read

Table of contents

AWS Serverless Landscape: A Comprehensive Guide

I. Compute: The Serverless Engine

  • AWS Lambda: The heart of serverless, allowing you to run code without managing servers, with automatic scaling.

  • AWS Fargate: Serverless containers for applications needing more control or running alongside Lambda functions.

  • AWS App Runner: Simplifies deploying containerized web apps and APIs.

  • AWS Lambda@Edge: Deploy Lambda functions to CloudFront edge locations for reduced latency and improved global performance.

II. Data Powerhouse

  • Amazon DynamoDB: Fully managed NoSQL database ideal for serverless applications, built for performance and scalability.

  • Amazon Simple Storage Service (S3): Serverless object storage, foundational for data storage, triggering Lambda functions, and more.

  • Amazon Aurora Serverless: Relational database (MySQL and PostgreSQL compatible) that automatically scales based on your serverless application's needs.

  • Amazon Timestream: Purpose-built for storing and querying time series data at scale, often generated by serverless applications and IoT devices.

III. Connecting the Dots: Networking & APIs

  • Amazon API Gateway: Build, manage, and secure APIs that serve as entry points for your Lambda functions and other backend services.

  • Amazon CloudFront: Content Delivery Network (CDN) to supercharge your app's delivery speed and expand global reach.

IV. Workflows and Event-Driven Logic

  • AWS Step Functions: Visually design and orchestrate complex, multi-step serverless workflows involving multiple AWS services.

  • Amazon EventBridge: The nervous system of your serverless architecture, connecting services and responding to events (from AWS, your applications, or SaaS) to trigger actions.

  • Amazon SQS (Simple Queue Service): Decouple components, handle traffic spikes, and build resilient serverless applications using message queues.

  • Amazon SNS (Simple Notification Service): Send notifications (SMS, email, push, etc.) from your serverless applications to keep users informed or trigger actions.

  • AWS IoT Core: Ingest, process, and act on data from millions of IoT devices. Lambda functions often provide the serverless logic at the edge.

  • Amazon MQ: A fully managed message broker service compatible with popular messaging protocols like JMS and AMQP, enabling you to build asynchronous serverless applications.

V. Analytics and Insights

  • Amazon Kinesis Data Analytics: Analyze real-time streaming data, frequently produced by IoT devices or serverless applications.

VI. Building Modern Apps

  • AWS Amplify: Framework for building and deploying full-stack serverless web and mobile applications rapidly.

  • AWS AppSync: Build scalable, real-time GraphQL APIs perfect for data-intensive serverless applications.

VII. AI/ML Without the Hassle

  • Amazon SageMaker Serverless Inference: Deploy machine learning models without managing servers, scaling automatically based on demand.

  • Amazon Personalize: Managed personalization service makes it easy to add personalized recommendations and experiences to your serverless apps.

  • Amazon Forecast: Managed forecasting service enabling you to build accurate forecasts based on time series data.

  • Amazon Textract: Extract text and data from documents; a managed service to automate document-based workflows within serverless applications.

VIII. Essential Security & Identity

  • IAM (Identity and Access Management): AWS's security foundation. Control access to services and resources securely.

  • Amazon Cognito: Securely manage user sign-up, sign-in, and handle user data within your serverless apps.

  • AWS Secrets Manager: Securely store and access sensitive data (API keys, database credentials) directly from your code, enhancing security best practices.

IX. Operational Excellence: Observability, Automation, and Governance

  • Amazon CloudWatch: Monitor, collect logs, set alarms, and gain insights into your serverless applications and infrastructure.

  • AWS X-Ray: Analyze and debug requests as they flow through your serverless applications, helping you pinpoint and troubleshoot issues quickly.

  • AWS CloudTrail: Log and track API calls made to your AWS account – crucial for security auditing and compliance.

  • AWS Config: Track resource configuration changes, detect drift from desired states, and enforce compliance rules.

  • AWS Systems Manager: Automate operational tasks, manage system configurations, and patch your serverless infrastructure effectively.

X. Developer's Toolkit

  • AWS SAM (Serverless Application Model): Simplify the definition, deployment, and management of serverless applications.

  • AWS CloudFormation: Infrastructure-as-code service for defining your serverless infrastructure using templates.

  • AWS CDK (Cloud Development Kit): Define your cloud infrastructure using familiar programming languages.

  • AWS SAM CLI & AWS SDKs: Command-line tools and language-specific libraries for streamlined interactions with AWS services.

Syllabus 35 days (Overview)

Week 1: Laying the Serverless Foundation (Lambda, DynamoDB, API Gateway)

  • Day 1: Unveiling the Serverless Paradigm

    • Theory: Demystifying serverless computing. Comparing and contrasting serverless with traditional architectures. Examining core benefits and potential drawbacks.

    • Practice: Setting up your AWS playground. Configuring the AWS CLI. Navigating the AWS Management Console. Understanding key concepts like regions, availability zones, and the AWS Free Tier.

    • Mini Project: Deploy a "Hello World" Lambda function that dynamically retrieves and displays data from an external API (e.g., weather data).

    • Research: Deep dive into serverless architecture patterns (microservices, event-driven). Research real-world serverless adoption cases across various industries.

  • Day 2: Mastering AWS Lambda - The Serverless Workhorse

    • Theory: Unpacking the Lambda execution model. Exploring runtimes, triggers, event sources, environment variables, layers, concurrency, cold starts, and function lifecycle.

    • Practice: Creating Lambda functions using different runtimes (Python, Node.js). Experimenting with various triggers (API Gateway, S3 events, scheduled events). Implementing error handling and logging.

    • Mini Project: Build a serverless image processing pipeline. Users can upload images to an S3 bucket, triggering a Lambda function that applies transformations (resizing, watermarking, format conversion) and stores the processed images.

    • Research: Investigating Lambda performance optimization techniques (minimizing package size, optimizing cold starts, using provisioned concurrency).

  • Day 3: Taming Data with Amazon DynamoDB

    • Theory: Introduction to NoSQL databases. Deep dive into DynamoDB concepts (tables, items, attributes, primary keys, secondary indexes). Understanding data types, read/write capacity modes, and consistency models.

    • Practice: Creating a DynamoDB table with various attributes and primary keys. Performing CRUD operations using the AWS CLI, SDKs, and the console.

    • Mini Project: Build a serverless product catalog application. Users can add products (with images stored in S3), view product details, update inventory, and search for products based on different criteria.

    • Research: Exploring advanced DynamoDB concepts: data modeling patterns, query optimization, global tables, DynamoDB Streams, and transactions.

  • Day 4: Building Robust APIs with Amazon API Gateway

    • Theory: Fundamentals of REST APIs. API Gateway architecture and key concepts: resources, methods, endpoints, request validation and transformation, API keys, usage plans, and throttling.

    • Practice: Creating a REST API using API Gateway. Defining resources, methods, and integrating Lambda functions as backend logic. Implementing request validation, authorization using API keys, and response formatting.

    • Mini Project: Expose your product catalog application built on Day 3 via a secure REST API using API Gateway. Allow users to register, log in, and perform actions based on their roles (e.g., admin vs. regular user).

    • Research: Exploring advanced API Gateway features: custom authorizers (e.g., using AWS Cognito), caching, request/response transformation using AWS Lambda or VTL, CORS configuration, and API versioning.

  • Day 5: Locking Down Your Serverless Fort Knox: Security Essentials

    • Theory: Security best practices for serverless applications. Understanding the Shared Responsibility Model. Deep dive into IAM roles, policies, and the principle of least privilege.

    • Practice: Creating IAM roles with fine-grained permissions for your Lambda functions and API Gateway. Storing and retrieving sensitive data (API keys, database credentials) securely using AWS Secrets Manager.

    • Mini Project: Implement granular access control for your product catalog API. Users with different roles (admin, editor, viewer) should have varying levels of access to API resources and actions.

    • Research: Explore advanced security services: AWS WAF (web application firewall) for protecting against common web exploits, AWS Shield for DDoS mitigation, and security auditing with CloudTrail.

  • Weekends (Day 6 & 7)

    • Weekend Challenge: Design and build a serverless application integrating Lambda, DynamoDB, and API Gateway. This could be a real-time chat application, a social media platform, or a serverless workflow engine. Focus on scalability, security, and a well-defined architecture.

    • Consolidation & Exploration: Review concepts, strengthen weak areas, and delve into intriguing topics uncovered during the week.

Week 2: The Art of Event-Driven Architecture (S3, EventBridge, SQS, Step Functions)

  • Day 8: Unleashing the Power of Amazon S3 Events

    • Theory: S3 beyond object storage. Understanding S3 storage classes, lifecycle policies, versioning, and the power of event notifications.

    • Practice: Configuring S3 event notifications to trigger Lambda functions based on various events (object creation, deletion, updates). Working with pre-signed URLs for secure file uploads and downloads.

    • Mini Project: Build a serverless data processing pipeline. Users upload data files (CSV, JSON) to an S3 bucket. Upon upload, trigger a Lambda function to validate, transform, and load the data into a target system (e.g., DynamoDB, Redshift, or another S3 bucket for archival).

    • Research: Deep dive into S3 security best practices: bucket policies, ACLs (Access Control Lists), and using AWS KMS (Key Management Service) for encryption.

  • Day 9: Orchestrating Events with Amazon EventBridge

    • Theory: Embracing the power of event-driven architectures. Understanding EventBridge's role as the central nervous system of your serverless applications. Exploring event buses, rules, targets, schemas, and event filtering.

    • Practice: Creating an event bus and defining rules to route events to different targets based on event patterns. Experiment with sending custom events from your applications and integrating with SaaS providers.

    • Mini Project: Build a serverless system for monitoring and alerting. Collect events from various sources (CloudWatch alarms, application logs, custom events) using EventBridge. Based on event patterns, trigger actions like sending notifications (SNS), executing remediation Lambda functions, or logging to a central location.

    • Research: Exploring the broader ecosystem of EventBridge: integrating with SaaS applications, using EventBridge Scheduler, and building event-driven architectures with microservices.

  • Day 10: Embracing Asynchronous Workflows with Amazon SQS

    • Theory: Understanding message queues and their importance in distributed systems. Deep dive into Amazon SQS: queues, messages, visibility timeouts, long polling, dead-letter queues, FIFO queues, and standard queues.

    • Practice: Creating and configuring SQS queues. Implementing producers and consumers using Lambda functions or other AWS services. Experiment with different SQS features like message attributes, batch operations, and message retention.

    • Mini Project: Enhance your data processing pipeline from Day 8 to handle high volumes of data asynchronously. Decouple the data validation and transformation steps using SQS queues, enabling parallel processing and improved resilience.

    • Research: Investigating advanced SQS use cases: message prioritization, using SQS with other AWS services (SNS, Step Functions), and best practices for building robust and scalable messaging systems.

  • Day 11: Visualizing Workflows with AWS Step Functions

    • Theory: Mastering workflow orchestration with AWS Step Functions. Understanding state machines, task types (Lambda, ECS, SNS, etc.), error handling, retries, parallel execution, branching logic, and integrations.

    • Practice: Building simple and complex state machines using the Step Functions visual workflow designer or AWS SAM templates. Implementing error handling, retries, and passing data between states.

    • Mini Project: Design and build a serverless workflow for processing customer orders. The workflow should include steps like order validation, payment processing, inventory management, shipment notification, and error handling.

    • Research: Explore advanced Step Functions patterns: scatter/gather for parallel processing, choice states for branching logic, wait states for time-based workflows, and integrating external systems using API Activities.

  • Day 12: Tapping into Real-Time Data with Amazon Kinesis

    • Theory: Entering the world of real-time data streaming with Amazon Kinesis. Understanding Kinesis Data Streams, Kinesis Data Firehose, and Kinesis Data Analytics. Key concepts: shards, producers, consumers, data ingestion, and processing.

    • Practice: Creating a Kinesis Data Stream and configuring producers to send data (e.g., application logs, sensor data). Build consumers using Lambda functions to process the data stream in real-time.

    • Mini Project: Build a system for analyzing real-time website traffic. Capture website events (page views, clicks, user interactions) as they occur and stream them to Kinesis. Use Kinesis Data Analytics to analyze the data in real time and generate insights (e.g., popular pages, user behavior patterns).

    • Research: Investigating advanced Kinesis use cases: building real-time dashboards, log aggregation, fraud detection, anomaly detection, and integrating Kinesis with other analytics services like Amazon EMR and Redshift.

  • Weekends (Day 13 & 14)

    • Weekend Challenge: Choose a real-world scenario and build a serverless application incorporating event-driven architecture. Integrate services like S3, EventBridge, SQS, and Step Functions to handle complex logic and asynchronous workflows.

    • Consolidation & Exploration: Review concepts, work on any challenging areas, and explore areas of particular interest discovered during the week.

Week 3: Mastering Serverless Development and Operations

  • Day 15: Gaining Visibility with Serverless Monitoring and Observability

    • Theory: The critical importance of monitoring and observability in serverless applications. Key metrics to monitor (invocations, errors, latency, throttles). Tools: CloudWatch (metrics, logs, alarms), X-Ray (distributed tracing), and third-party solutions.

    • Practice: Setting up CloudWatch alarms for critical metrics. Using X-Ray to trace requests through your serverless applications and identify bottlenecks. Configuring centralized logging for your Lambda functions.

    • Mini Project: Implement a comprehensive monitoring and alerting system for a serverless application. Create dashboards to visualize key metrics, configure alerts for anomalies, and set up automated responses (e.g., scaling up resources, triggering remediation actions).

    • Research: Investigating best practices for serverless monitoring and logging. Exploring advanced monitoring techniques: custom metrics, log aggregation, and analysis tools.

  • Day 16: Automating Deployments with CI/CD Pipelines

    • Theory: Embracing the principles of CI/CD (Continuous Integration/Continuous Delivery) for serverless applications. Tools: AWS CodePipeline, CodeBuild, CodeDeploy, SAM CLI, AWS CDK, and integration with version control systems (e.g., GitHub, GitLab).

    • Practice: Building a CI/CD pipeline for your serverless application. Automating code deployments, testing, and infrastructure provisioning. Using Infrastructure-as-Code (IaC) tools like AWS SAM or CDK to define your infrastructure.

    • Mini Project: Implement a CI/CD pipeline for a complex serverless application. Automate the entire deployment process, from code changes to production, with proper testing and rollback mechanisms in place.

    • Research: Exploring advanced CI/CD practices: blue/green deployments, canary releases, automated testing strategies (unit, integration, end-to-end), and security considerations in CI/CD pipelines.

  • Day 17: The Economics of Serverless: Cost Optimization Strategies

    • Theory: Understanding serverless pricing models (compute time, requests, data transfer). Strategies for optimizing costs: right-sizing resources, minimizing cold starts, optimizing function duration, selecting appropriate storage classes.

    • Practice: Analyzing your serverless application costs using the AWS Cost Explorer. Identifying cost drivers and implementing optimization techniques (e.g., reducing function runtime, optimizing data storage).

    • Mini Project: Take an existing serverless application and perform a cost optimization review. Identify areas for improvement and implement changes to reduce costs while maintaining performance and functionality.

    • Research: Exploring advanced cost optimization techniques: using reserved concurrency for Lambda, serverless cost monitoring tools, and building cost-aware serverless architectures.

  • Day 18: Building Full-Stack Applications with AWS Amplify

    • Theory: Introduction to AWS Amplify, a framework for building and deploying full-stack serverless web and mobile applications. Key features: Authentication, DataStore, API (GraphQL and REST), Storage, Hosting, Functions.

    • Practice: Building a simple web or mobile application using AWS Amplify. Implementing user authentication, a real-time database, API integration, and deploying the application with Amplify Hosting.

    • Mini Project: Develop a real-time collaborative application using AWS Amplify (e.g., a shared whiteboard, a chat application, or a collaborative document editor).

    • Research: Exploring advanced Amplify features: using GraphQL APIs with AWS AppSync, implementing offline capabilities with DataStore, and integrating with other AWS services.

  • Day 19: Containers in a Serverless World: Fargate and App Runner

    • Theory: Understanding the role of containers in the serverless ecosystem. Comparing and contrasting AWS Fargate and AWS App Runner. Benefits of using containers for specific use cases.

    • Practice: Deploying a containerized application to AWS Fargate. Using App Runner to deploy a simple web application.

    • Mini Project: Containerize an existing application (e.g., a web server, a background job processor) and deploy it as a serverless service using either AWS Fargate or App Runner, choosing the best fit for the specific application requirements.

    • Research: Exploring advanced container orchestration with Amazon ECS and EKS in a serverless context. Investigating container security best practices.

  • Weekends (Day 20 & 21)

    • Weekend Challenge: Build a complex serverless application that incorporates CI/CD, monitoring, cost optimization, and advanced features like AWS Amplify or containerized deployments. This is your opportunity to showcase your mastery of the concepts covered.

    • Consolidation & Exploration: Thoroughly review the topics covered this week. Identify your strengths and weaknesses, and create a plan for addressing knowledge gaps.

Week 4: Deep Dives, Specializations, and Advanced Topics

  • Day 22: Serverless Security Deep Dive

    • Theory: Delving into advanced serverless security concepts: threat modeling, securing serverless APIs, data protection (encryption at rest and in transit), vulnerability scanning, security auditing, and compliance.

    • Practice: Implementing security best practices for your serverless applications. Using tools like AWS Security Hub, AWS Config, and third-party security solutions to enhance the security posture of your serverless deployments.

    • Mini Project: Perform a security audit of an existing serverless application. Identify potential vulnerabilities and implement appropriate security controls to mitigate risks.

    • Research: Exploring advanced serverless security topics: implementing zero-trust security principles, securing serverless CI/CD pipelines, and staying updated on the latest security threats and mitigation techniques.

  • Day 23: Building Serverless Data Pipelines and Analytics

    • Theory: Designing and building serverless data pipelines for ingestion, processing, and analysis. Services: Kinesis, AWS Glue, AWS Lambda, S3, Athena, Redshift, and other data analytics tools.

    • Practice: Creating a serverless data pipeline that ingests data from multiple sources, processes and transforms the data, and loads it into a target data store (e.g., S3, Redshift).

    • Mini Project: Build a serverless data lake solution using S3, Glue, and Athena. Ingest data from various sources (databases, logs, social media feeds), process it using Glue jobs, and enable ad-hoc queries on the data using Athena.

    • Research: Exploring advanced data processing and analytics techniques: stream processing with Kinesis, batch processing with Glue, serverless machine learning for data analysis, and building real-time data visualization dashboards.

  • Day 24: Serverless Machine Learning at Scale

    • Theory: Harnessing the power of serverless computing for machine learning workloads. Services: Amazon SageMaker, Amazon Rekognition, Amazon Textract, Amazon Personalize, and other AI/ML services.

    • Practice: Deploying a pre-trained machine learning model as a serverless API using AWS Lambda and SageMaker. Using pre-built AI services (Rekognition, Textract) for image and document analysis.

    • Mini Project: Build a serverless application that performs image recognition or natural language processing tasks. You can use pre-trained models or train your own custom models using SageMaker.

    • Research: Exploring advanced serverless machine learning: using custom containers with SageMaker, building serverless MLOps pipelines, and integrating with other AWS services for data preparation and model training.

  • Day 25 & 26: Choose Your Own Adventure: Specialized Deep Dive

    • Options:

      • Advanced AWS Amplify: Deep dive into advanced features, custom configurations, and complex application architectures with Amplify.

      • Serverless with Infrastructure-as-Code (IaC): Mastering IaC tools like AWS SAM and CDK for defining, deploying, and managing complex serverless applications.

      • Serverless Backends for Mobile Applications: Focus on building highly scalable and performant backends for mobile applications using serverless technologies.

      • Serverless for IoT: Explore serverless architectures for ingesting, processing, and analyzing data from IoT devices.

      • Serverless Security and Compliance: Dive into advanced security and compliance topics: HIPAA, PCI DSS, GDPR, and other industry-specific regulations.

  • Day 27 & 28: Serverless Design Patterns and Best Practices

    • Theory: Reviewing essential serverless design patterns: strangler pattern, saga pattern, event sourcing, CQRS, and others. Deep dive into serverless best practices for security, performance, cost optimization, and operational excellence.

    • Practice: Refactoring an existing serverless application to implement a specific design pattern or improve its overall architecture.

    • Project: Prepare and present a case study on a real-world serverless application. Analyze its architecture, design decisions, and lessons learned.

Week 5: Looking Ahead, Building Mastery

  • Day 29 & 30: Emerging Trends in Serverless Computing

    • Theory: Exploring the ever-evolving landscape of serverless computing. Researching emerging trends and technologies: serverless databases, edge computing, quantum computing, event-driven architectures, and more.

    • Discussion: Engage in discussions and debates about the potential impact of these trends on software development and cloud computing.

    • Project: Choose an emerging trend and research its potential applications, benefits, and challenges. Present your findings to your peers or mentors.

  • Day 31 & 32: Architecting for the Enterprise: Cross-Account Serverless

    • Theory: Understanding the need for cross-account architectures in organizations. Security and isolation benefits. Common use cases: shared services, multi-tenant applications.

      • Key Concepts: AWS Organizations, IAM roles and trust relationships across accounts, cross-account resource access (S3, Lambda, etc.), consolidated billing.

    • Practice:

      • Setting the Stage: If you don't have multiple AWS accounts, create a basic setup to simulate an organization (at least two accounts).

      • Building Bridges: Create IAM roles in different accounts that allow for secure cross-account access to resources (e.g., a Lambda function in Account A invoking a function in Account B).

    • Mini Project:

      • Centralized Logging: Build a centralized logging system where applications in different accounts stream logs to a dedicated S3 bucket in a central "Security" account. Use tools like Kinesis Firehose or Lambda for log forwarding.

    • Research:

      • Advanced Cross-Account Patterns: Explore patterns for securely sharing APIs across accounts (using API Gateway), building multi-tenant serverless applications, and managing deployments in multi-account environments.

  • Day 33 & 34: Building Your Serverless Portfolio: Advanced Project Development

    • Project Time: Dedicate these two days to building out more substantial projects for your portfolio. Focus on real-world applicability, complex architectures, and integrating multiple AWS services.

    • Project Ideas (with Cross-Account Focus):

      • Serverless Data Pipeline for Analytics: Data from various departments (different accounts) is processed and aggregated into a central data lake (separate account) for analysis.

      • Multi-Tenant SaaS Platform: A single codebase (one account) serves multiple tenants, each with their own isolated data and configurations (separate accounts).

      • Serverless Security Auditing Platform: A centralized system that collects security events and logs from various applications and accounts, providing a consolidated view for auditing and incident response.

    • Key Considerations:

      • Security: Apply robust security practices, especially in cross-account scenarios.

      • Scalability and Performance: Design for growth and handle fluctuating workloads.

      • Cost Optimization: Implement cost-aware practices throughout your project.

      • Documentation: Document your project thoroughly, including architecture diagrams, code explanations, and deployment instructions.

  • Day 35: Continuous Learning Roadmap

    • In-Depth Review: Conduct a comprehensive review of the core serverless concepts, services, and best practices you've covered. Identify any remaining knowledge gaps.

    • Specialized Learning Paths: Based on your interests, outline specific areas for further study. Examples:

      • Security Specialization: Deep dive into AWS security services, serverless security best practices, and compliance certifications.

      • Data Engineering Specialization: Master serverless data pipelines, data warehousing, stream processing, and advanced analytics.

      • AI/ML Specialization: Focus on serverless machine learning with SageMaker, pre-trained services, and building intelligent applications.

    • Resources & Communities: Create a curated list of essential resources for your continuous learning:

      • AWS Documentation: Your primary source of truth.

      • Blogs and Online Publications: A Cloud Guru, Serverless Stack, The New Stack, and more.

      • Podcasts: Heavy Networking, AWS Podcast, Software Engineering Daily (serverless episodes).

      • Conferences and Meetups: AWS re:Invent, Serverlessconf, local AWS user groups.

      • Open-Source Projects: Contribute to and learn from serverless projects on GitHub.

Go to this link for detailed syllabus: https://mydevopslearning.notion.site/Syllabus-Serverless-challenge-Overview-Detailed-9951d43aebea41dfa45257c0fdc05a7d?pvs=4

My serverless challenge articles

Day 1:https://mydevopslearning.notion.site/Day-1-Serverless-Paradigm-5acad8e92b804277908e01d83e378ff2

Day 2: https://mydevopslearning.notion.site/Day-2-AWS-Lambda-cf91c98703dc4a6a9f2de0a479d0ca6a

Day 3: https://mydevopslearning.notion.site/Day-3-DynamoDB-138852907ba9439aa6e34340b27878cd

AWS