Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Push the envelope: CloudFormation Lambda-backed Custom Resources

Bar Schwartz (Software Engineer) @ Palo Alto Networks:
Serverless architectures bring infrastructure provisioning to the very early stage of your development lifecycle. Serverless applications are not Lambda functions, but service-full applications with different services used as building blocks. Configuration of those services needs to be very precise and easy to manage to help you reduce the manual work and avoid mistakes. In this talk, I will cover an advanced method to take your configurations to the next level.

  • Be the first to comment

  • Be the first to like this

Push the envelope: CloudFormation Lambda-backed Custom Resources

  1. 1. Pushing the envelope CloudFormation Lambda-backed Custom Resources Bar Schwartz Software Engineer, Palo Alto Networks
  2. 2. Agenda ● Servicefull applications ● Infrastructure as Code ● AWS CloudFormation ● Lambda-baked CloudFormation custom resource ● Best practices 2 | © 2019 Palo Alto Networks. All Rights Reserved.
  3. 3. Servicefull applications
  4. 4. Serverless ≠ FaaS (Function as a Service) Servicefull applications that stitch together additional resources Not Only Functions 4 | © 2019 Palo Alto Networks. All Rights Reserved. Limited list of AWS serverless managed services AWS FargateAWS Lambda DynamoDB Amazon Aurora Serverless API Gateway Simple Queue Service Step FunctionsAppSync
  5. 5. 5 | © 2019 Palo Alto Networks. All Rights Reserved. A Serverless Application
  6. 6. Infrastructure as Code
  7. 7. Infrastructure as Code 7 | © 2019 Palo Alto Networks. All Rights Reserved. ● Manage technology stack through software ● Saved in version control system ● Developers become more involved in defining configuration ● Ops teams get involved earlier in the development process AWS CloudFormation
  8. 8. AWS CloudFormation
  9. 9. AWS CloudFormation 9 | © 2019 Palo Alto Networks. All Rights Reserved. Common Language Describe and provision all the infrastructure resources in your cloud environment Reusable Deploy in many accounts and regions It's just code Author it, check it into a version control system, and review with team members
  10. 10. Template Example 10 | © 2019 Palo Alto Networks. All Rights Reserved.
  11. 11. Custom Resources
  12. 12. Custom Resource Template 12 | © 2019 Palo Alto Networks. All Rights Reserved.
  13. 13. 13 | © 2019 Palo Alto Networks. All Rights Reserved. Create DeleteUpdate The template developer creates a stack that contains a custom resource There's any change to the properties of the custom resource within the template The template developer deletes a stack that contains a custom resource Custom Resource Lifecycle
  14. 14. Custom Resource Template 14 | © 2019 Palo Alto Networks. All Rights Reserved.
  15. 15. Physical Resource Id 15 | © 2019 Palo Alto Networks. All Rights Reserved.
  16. 16. Response 16 | © 2019 Palo Alto Networks. All Rights Reserved.
  17. 17. Best Practices
  18. 18. handle exceptions log the failure response that an operation failed Best Practices 18 | © 2019 Palo Alto Networks. All Rights Reserved. ALWAYS return a response Single purpose Think about the smallest piece without any dependencies Set timeout Set a timer in your function to respond to AWS CloudFormation with an error
  19. 19. Thank You paloaltonetworks.com Email: baschwartz@paloaltonetworks.com

×