AWS re:Invent 2022
Practical Experience with a Serverless First Strategy at Capital One Svs311

Title

AWS re:Invent 2022 - Practical experience with a serverless-first strategy at Capital One (SVS311)

Summary

  • Higgy Park, a specialist solutions architect at AWS, and George, a senior distinguished engineer at Capital One, discuss serverless architectures and best practices.
  • Capital One has adopted a serverless-first approach, heavily using AWS Lambda and Fargate, and has closed its last data center in 2020, moving all operations to AWS.
  • The AWS Serverless Application Model (SAM) and SAM CLI are highlighted as tools for developers to manage serverless resources and test locally.
  • Capital One has standardized its release process with "One Pipeline" and integrated SAM and CloudFormation into it.
  • Secrets management and the use of Lambda layers for caching secrets to avoid overwhelming secret stores are discussed.
  • Safe deployment strategies using AWS CodeDeploy and traffic shifting are covered, with Capital One's custom rollout strategies shared.
  • Provision concurrency and its impact on deployment times are examined, with insights into how AWS calculates and allocates provision concurrency during rollouts.
  • Resiliency patterns for API Gateway, including private APIs with custom domain names and multi-region resiliency, are discussed.
  • Common errors and challenges with provision concurrency are shared, along with insights into CPU burst behavior during Lambda function initialization.
  • SnapStart for Java-based Lambda functions is introduced, which significantly reduces cold start times.
  • Best practices and common pitfalls in serverless architectures are shared, with emphasis on cost optimization and performance.
  • A new serverless learning path is announced, offering badges for specialization in AWS serverless technologies.

Insights

  • Capital One's serverless-first approach and complete migration to AWS cloud is a significant move for a major bank, showcasing the trust in AWS's capabilities and the benefits of cloud computing in terms of innovation and operational efficiency.
  • The AWS Serverless Application Model (SAM) and SAM CLI are essential tools for developers working with serverless architectures, enabling local testing and deployment, which can significantly speed up the development process.
  • The concept of "One Pipeline" for release processes at Capital One emphasizes the importance of standardization and automation in CI/CD pipelines, ensuring consistency and compliance across deployments.
  • Secrets management is a critical aspect of serverless architectures, especially for regulated industries like banking. Capital One's approach to caching secrets locally within Lambda functions using an extension is a practical solution to avoid overwhelming secret stores.
  • Traffic shifting and safe deployment strategies are crucial for minimizing the impact of new deployments on production environments. Capital One's custom rollout strategies provide a real-world example of how to manage deployments effectively.
  • Provision concurrency is a powerful feature for managing Lambda function performance, but it requires careful planning and understanding of AWS's allocation calculations to avoid extended deployment times and potential impact on production traffic.
  • The introduction of SnapStart for Java-based Lambda functions is a game-changer for reducing cold start times, making Java a more viable option for serverless computing on AWS.
  • The shared best practices and pitfalls provide valuable guidance for organizations adopting serverless architectures, highlighting the importance of cost optimization, performance tuning, and monitoring.
  • The new serverless learning path and badge system introduced by AWS encourages continuous learning and specialization in serverless technologies, which can benefit both individuals and organizations.
Powering Cloud Modernization Wlog Observability in Context at Scale Prt235Prepare for the Unexpected with Code to Cloud Security Prt240