Skip to main content

Lambda

Rationale#

Lambda is the service we use for running serverless functions.

The main reasons why we chose it over other alternatives are:

  1. It allows us to execute tasks without having to design any infrastructure.
  2. It complies with several certifications from ISO and CSA. Many of these certifications are focused on granting that the entity follows best practices regarding secure cloud-based environments and information security.
  3. It supports many different runtimes, allowing to run code for programming languages like Python, Ruby, Go, among others.
  4. It supports lambda scheduling, allowing to run lambdas on a scheduled basis. This is specially useful for tasks like CI workers cleaning.
  5. It integrates with other AWS services, allowing to easily manage EC2 instances or sending emails via SQS.
  6. Resources can be written as code using Terraform.
  7. Lambda logs and performance can be monitored using CloudWatch.

Alternatives#

  1. Cloudflare Workers: We use them for setting up security headers with Cloudflare. They do not easily connect with other AWS services.
  2. Google Functions: They do not easily connect with other AWS services.
  3. Azure Functions: They do not easily connect with other AWS services.

Usage#

We use Lambda for:

  1. Cleaning Gitlab CI stale machines by using scheduled lambdas.
  2. Sending emails in our ASM.

Guidelines#

  1. You can access the AWS Lambda console after authenticating on AWS.
  2. Any changes to Lambda's infrastructure must be done via Merge Requests.
  3. To learn how to test and apply infrastructure via Terraform, visit the Terraform Guidelines.