© 2019, Amazon Web Services, Inc. or its Affiliates. Danilo Poccia Principal Evangelist, Serverless @danilop danilop Evolutionary Serverless Architectures with Safe Deployments

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Oskars Sylwan on Unsplash Focus on what you want to build, not the nuts & bolts required by the implementation of the solution

© 2019, Amazon Web Services, Inc. or its Affiliates. Development Equilibrium Unique Features to Build Comfort Zone of Known Issues

© 2019, Amazon Web Services, Inc. or its Affiliates. PhotoVogue Case Study “IT is no longer holding back the business. In fact, it’s helping us grow faster” — Marco Viganò, Digital CTO, Condé Nast Italia

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Samuele Errico Piccarini on Unsplash

© 2019, Amazon Web Services, Inc. or its Affiliates. Gain Speed & Control Project Product

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. v1 v2 v3 Customer needs Project Product

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Project Product Reach milestone Customer value Lifecycle costs Cost to reach milestone Backward looking Forward looking

© 2019, Amazon Web Services, Inc. or its Affiliates. Features Defects Risks Debts Business Customers Security & Compliance Builders Avoid Overutilization Product

© 2019, Amazon Web Services, Inc. or its Affiliates. “An evolutionary architecture designs for incremental change in an architecture as a first principle.” — Rebecca Parsons, CTO, Neal Ford, Meme Wrangler, ThoughtWorks

© 2019, Amazon Web Services, Inc. or its Affiliates. “Incremental change should be your first requirement.” — Me

© 2019, Amazon Web Services, Inc. or its Affiliates. Product Target

© 2019, Amazon Web Services, Inc. or its Affiliates. Product New Features Refactoring Improve Security Improve Scalability Target ? ? This is an Optimization Problem…

© 2019, Amazon Web Services, Inc. or its Affiliates. Best Solution (Unknown) This is an Optimization Problem… Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Best Solution (Unknown) How to Explore the Space of All Possible Solutions? Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Fitness Function Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Fitness Function Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Fitness Function Candidate Solutions Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Candidate Solutions Best Solution (Unknown) Fitness Function Generation Selection Possible Solutions

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Eliecer Gallegos on Unsplash

© 2019, Amazon Web Services, Inc. or its Affiliates. + Source Code Metrics + Tests Coverage + Performance Metrics + Encryption Checks + Credential Rotation Checks + …

© 2019, Amazon Web Services, Inc. or its Affiliates. + Source Code Metrics + Tests Coverage + Performance Metrics + Encryption Checks + Credential Rotation Checks + … = My Fitness Function

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function Best Solution (Unknown) Should I go here? Current Architecture Or there? How good the current architecture is? How much would improve if … Functional Requirement Non-Functional Requirement

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function fitness time Improved Scalability Encryption In Transit Increased Availability Encryption At Rest First Release v1 v2 v3 v4 v5

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by G. Crescoli on Unsplash

© 2019, Amazon Web Services, Inc. or its Affiliates. …in Machine Learning: the Objective Function Objective Function Loss Regularization How predictive the model is on the data How complex the model is (to avoid overfitting) Objective is to minimize = +

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function & Complexity Fitness Function Fitness Regularization How good the architecture is How complex the architecture is Change sign to maximize = -

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Code Template Infrastructure as Code

© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Serverless Application Model (SAM) AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetFunction: Type: AWS::Serverless::Function Properties: Handler: index.get Runtime: nodejs8.10 CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref MyTable Events: GetResource: Type: Api Properties: Path: /resource/{resourceId} Method: get MyTable: Type: AWS::Serverless::SimpleTable Just 20 lines to create: • Lambda function • IAM role • API Gateway • DynamoDB table O pen Source

© 2019, Amazon Web Services, Inc. or its Affiliates. SAM CLI pip install --user aws-sam-cli sam init --name my-app --runtime python cd my-app/ sam local ... # generate-event/invoke/start-api/start-lambda sam validate # The SAM template sam build # Depending on the runtime sam package --s3-bucket my-packages-bucket \ --output-template-file packaged.yaml sam deploy --template-file packaged.yaml \ --stack-name my-stack-prod sam logs -n MyFunction --stack-name my-stack-prod -t # Tail sam publish # To the Serverless Application Repository O pen Source CodePipeline Use CloudFormation deployment actions with any SAM application Jenkins Use SAM CLI plugin

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Code Stack Package Deploy Template Feedback

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Stack Deploy

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Stack Deploy

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures – Safe Deployments All At Once Canary Deployment Linear Deployment Hooks Alarms PreTraffic Function PostTraffic Function Stack Deploy

© 2019, Amazon Web Services, Inc. or its Affiliates. Hooks Hooks Serverless Architectures – Safe Deployments PreTraffic Function PostTraffic Function

© 2019, Amazon Web Services, Inc. or its Affiliates. Hooks Computing Fitness with PreTraffic & PostTraffic Functions Update Product Dashboard PreTraffic Function PostTraffic Function Publish Fitness as Metric Analyze Architecture

© 2019, Amazon Web Services, Inc. or its Affiliates. Computing Fitness with PreTraffic & PostTraffic Functions Hooks List Stack Resources Check Non-Functional Requirements Config Rules Source Code Metrics Performance Metrics PreTraffic Function PostTraffic Function

© 2019, Amazon Web Services, Inc. or its Affiliates. Checking All Resources in a CloudFormation Stack Check Non-Functional Requirements ü check encryption at rest for all S3 buckets ü check versioning for all S3 buckets ü check encryption at rest for all DynamoDB tables ü check permissions for all S3 buckets ü check that S3 buckets accept HTTPS requests only ü check auto scaling / on-demand for all DynamoDB tables

© 2019, Amazon Web Services, Inc. or its Affiliates. Using AWS Config to Evaluate Rules Config Rules ü s3-bucket-logging-enabled ü s3-bucket-replication-enabled ü s3-bucket-versioning-enabled ü s3-bucket-public-write-prohibited ü s3-bucket-public-read-prohibited ü s3-bucket-ssl-requests-only ü s3-bucket-server-side-encryption-enabled ü dynamodb-autoscaling-enabled ü dynamodb-throughput-limit-check ü lambda-function-public-access-prohibited ü lambda-function-settings-check

© 2019, Amazon Web Services, Inc. or its Affiliates. fitness time Improved Scalability Encryption In Transit Increased Availability Encryption At Rest First Release v1 v2 v3 v4 v5 Product Dashboard Back End Latency Concurrent Users Sales Per Minute Your Top Business Metric Fitness Function Catalog Searches Per Minute

© 2019, Amazon Web Services, Inc. or its Affiliates. Safe deployments in SAM Resources: GetFunction: Type: AWS::Serverless::Function Properties: AutoPublishAlias: live DeploymentPreference: Type: Canary10Percent5Minutes Alarms: - !Ref ApiErrorsAlarm - !Ref ApiLatencyAlarm Hooks: PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PreTrafficLambdaFunction Canary10Percent30Minutes Canary10Percent5Minutes Canary10Percent10Minutes Canary10Percent15Minutes Linear10PercentEvery10Minutes Linear10PercentEvery1Minute Linear10PercentEvery2Minutes Linear10PercentEvery3Minutes AllAtOnce Compute Fitness

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Kea Mowat on Unsplash Speed & Control

© 2019, Amazon Web Services, Inc. or its Affiliates. Demo

© 2019, Amazon Web Services, Inc. or its Affiliates. https://github.com/danilop/evolutionary-serverless-architectures-with-safe-deployments

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2019, Amazon Web Services, Inc. or its Affiliates. Thank you! @danilop danilop