AWS User Group Netherlands - 5th year anniversary meetup

3 min read

09 November, 2022 | Meetups

Yesterday evening I attended the AWS UG NL 5th year anniversary meetup in Amsterdam. The night consisted of 4 talks and some delicious pizza and beer, hosted in the same place where the first meetup was organised back on November 8th, 2017: the Xebia office space. This is my overview of the night.

Scotty beam me up - Ric van Slooten

What needed to be done to handle beyond 1,000 bookings in less than minutes

A story of how their flight and rail disruption system (organising hotels, transport and food when journeys are cancelled or delayed) went from being a deployment-per-customer type architecture running VMs in idle most of the time, to utilising serverless services on AWS. They saved costs, and increased performance/scalability. They also found benefits through better insights using CloudWatch. Furthermore, they mentioned that the company downsized its engineering capability after a large portion of the migration was done.

Develop Compliant Infrastructure - Joris Conijn

This talk was based around a blog post from AWS about using cfn-guard syntax (Guard DSL) to author AWS Config rules. This means if you are already familiar with writing cfn-guard rules, it won’t be as difficult to set up an extra reactive measure to validate your infrastructure; as previously you would have to develop a Lambda function to create these rules.

At the moment, these rules can’t be shared as though the syntax is the same, cfn-guard works on entire CloudFormation templates whereas AWS Config checks against individual changed resources; this means that not all the same properties and resources can be checked with both tools.

Four Ways to Run Kotlin on AWS Lambda - Elena van Engelen-Maslova

While Kotlin is most known for running on Android or interoperably with Java on the JVM, it is also able to compile to other runtimes like NodeJS or standalone with Kotlin Native. This talk walked through some of the benefits and trade-offs with using these different runtimes on Lambda. Also showing some example Lambda code and CDK setup.

Running Kotlin on the JVM runtime in Lambda is relatively easy, as this runtime is officially supported in AWS. However, the cold-start times are very slow due to the overhead with starting the VM, the warm-starts are also slower than NodeJS due to this overhead.

Compiling Kotlin to NodeJS to then deploy to Lambda has a few more steps to get working. To use the NodeJS AWS SDK in Kotlin, you need to provide an external interface to the functions you want to use. Though, once this is set up, it can be re-used across projects. The NodeJS runtime is also officially supported, and its start times are better than the JVM runtimes, however performance may be slower if a lot of multithreading is needed.

To use Kotlin Native on Lambda requires the use of a custom runtime. This can be built and provided by using open-source docker containers for the desired architecture/environment. While you can use the Java AWS SDKs, not all libraries will work with Kotlin Native out of the box. Libraries using Reflection will need metadata added to them, though there are tools to automatically generate this.

On top of running Kotlin in Lambda, you can also use NodeJS compilation to write CDK constructs in Kotlin.

Network Firewall Deep-Dive - Sidney Borrego y Diaz

A lot of this talk went over my head, as I don’t work with VPCs and firewalls very often, and strictly-governed firewall configurations/policies don’t seem very applicable when writing serverless applications using AWS managed services. However, there were some nice examples of how one might set up Suricata rules to do some basic, and more complex, threat detection and dropping packets.