I'm building the infrastructure for my startup using AWS, and as a solo developer, I'm relying on services like Lambdas, API Gateway, and DynamoDB for an event-driven architecture. I'm aiming to minimize operational overhead so I can focus on the business side of things. I have some previous AWS experience, including an internship there, but this is my first go at setting up a comprehensive architecture from scratch without any supervision. I'm looking for insights on a few specific areas:
* What hidden costs or unexpected issues should I be aware of with services like Lambda?
* What best practices would you recommend for building a serverless or event-driven architecture?
* Are there any tools or methods that have helped you effectively track or manage costs while maintaining speed?
I'm also open to any general advice, particularly things you learned the hard way.
5 Answers
Just a heads up—Lambda can be tricky for user-facing APIs. You might want to consider that if your app relies heavily on it.
After getting your landing zones and billing alerts in place, consider using CDK (Cloud Development Kit) for your infrastructure setup. If you're looking to deploy from CI/CD, checking out OIDC short-lived credentials instead of hardcoded keys is a smart move. Plus, avoid nested stacks; save names and ARNs as string parameters to share across stacks, it's cleaner!
First off, definitely set up billing alerts. You don’t want to be caught off guard with unexpected charges. Do that before you start using services like DynamoDB or Lambda.
I suggest starting out with a solid landing zone even before deploying any resources. It sets a good foundation for everything that follows.
Setting up a multi-account AWS Organization with a Landing Zone and SSO federation to your identity provider is key. After that, work on things like creating accounts for your workloads within the Org, set up SCP guardrails, and establish billing alerts. Getting these foundational elements right at the start can save you a lot of headaches later on—retrofits can be a hassle!
Absolutely! And don’t forget to enable multi-factor authentication on everything. It's a must.