Monitoring platform for keeping systems up and running at all times.
Full stack visibility across the entire stack.
Detect and resolve any incident in record time.
Conform to industry best practices.
Dashbird continuously monitors and analyses your serverless applications to ensure reliability, cost and performance optimisation and alignment with the Well Architected Framework.
What defines a serverless system, main characteristics and how it operates
What are the types of serverless systems for computing, storage, queue processing, etc.
What are the challenges of serverless infrastructures and how to overcome them?
How systems can be reliable and the importance to cloud applications
What is a scalable system and how to handle increasing loads
Making systems easy to operate, manage and evolve
Learn the three basic concepts to build scalable and maintainable applications on serverless backends
The pros and cons of each architecture and insights to choose the best option for your projects
Battle-tested serverless patterns to make sure your cloud architecture is ready to production use
Strategies to compose functions into flexible, scalable and maintainable systems
Achieving loosely-coupled architectures with the asynchronous messaging pattern
Using message queues to manage task processing asynchronously
Asynchronous message and task processing with Pub/Sub
A software pattern to control workflows and state transitions on complex processes
The strategy and practical considerations about AWS physical infrastructure
How cloud resources are identified across the AWS stack
What makes up a Lambda function?
What is AWS Lambda and how it works
Suitable use cases and advantages of using AWS Lambda
How much AWS Lambda costs, pricing model structure and how to save money on Lambda workloads
Learn the main pros/cons of AWS Lambda, and how to solve the FaaS development challenges
Main aspects of the Lambda architecture that impact application development
Quick guide for Lambda applications in Nodejs, Python, Ruby, Java, Go, C# / .NET
Different ways of invoking a Lambda function and integrating to other services
Building fault-tolerant serverless functions with AWS Lambda
Understand how Lambda scales and deals with concurrency
How to use Provisioned Concurrency to reduce function latency and improve overall performance
What are Lambda Layers and how to use them
What are cold starts, why they happen and what to do about them
Understand the Lambda retry mechanism and how functions should be designed
Managing AWS Lambda versions and aliases
How to best allocate resources and improve Lambda performance
What is DynamoDB, how it works and the main concepts of its data model
How much DynamoDB costs and its different pricing models
Query and Scan operations and how to access data on DynamoDB
Alternative indexing methods for flexible data access patterns
How to organize information and leverage DynamoDB features for advanced ways of accessing data
Different models for throughput capacity allocation and optimization in DynamoDB
Comparing NoSQL databases: DynamoDB and Mongo
Comparing managed database services: DynamoDB vs. Mongo Atlas
How does an API gateway work and what are some of the most common usecases
Learn what are the benefits or drawbacks of using APIGateway
Picking the correct one API Gateway service provider can be difficult
Types of possible errors in an AWS Lambda function and how to handle them
Best practices for what to log in an AWS Lambda function
How to log objects and classes from the Lambda application code
Program a proactive alerting system to stay on top of the serverless stack
Exceptions that are the result of an error or unexpected issue should be logged, along with the stack trace containing details for where exactly the code failed.
Not all exceptions may be interesting to log. For example: if your user requests to delete an inexisting element in a database, your application may raise an exception that is handled for a nice response to the user. This exception is probably not necessary to log, unless there’s some value to it depending on the context.
Lamdbas serving as a public API backend (perhaps integrated with API Gateway) can benefit from logging the request and response headers. Data POSTed or PUT by the API requesters are also important to log. Be sure to not log secrets or other datapoints that are potentially sensitive.
For applications with complex data flows, logging messages manually may be helpful to debug potential issues later.
In the event of an error, instead of having to replay the invocation to identify the cause, simply inspecting the logs might be sufficient, if they provide enough information.
For projects that rely on concurrent and/or parallel execution, it may be interesting to place additional logs to help in identifying what is being executed in each thread and/or process.
Some types of information are critical to log so that they are available when it comes the time to act upon or prevent security breaches.
Having critical logs may help to:
When analyzing or acting on a possible security breach, it would be helpful to retrace the attacker’s steps. That includes which parameters were provided in invocation payloads.
Similarly, the response output should be logged. This will help to reveal which behaviors the attackers were leading the application into. It would also record which datapoints may now be in possession of a malicious third party.
Logging database queries also helps in identifying how attackers are trying to explore application data repositories. In a worst-case scenario, it will tell what information may have been exposed.
It’s important to avoid logging sensitive data. Usually, query parameter values should be omitted in logs, (especially if they are user inputs), leaving only the basic query structure.
Especially the failed authentication requests are essential to log. Additionally, developers should include in the logs every possible information about the requester and the context. IP addresses, user-agent, which areas of the application the user was trying to gain access to, etc.
Based on the OWASP Logging Cheat Sheet recommendations, four types of information should always be logged:
No results found