AWS has introduced Lambda Function URLs, an enhancement to its serverless platform that makes an HTTPS endpoint a built-in feature.
In some respects the surprise is that this feature was not already available. Previously, invoking a Lambda function via an HTTPS endpoint required additional services such as API Gateway or Elastic Load Balancer. Now, a function URL can be created directly in the Lambda console or via the API.
A simple dialog assigns an HTTPS endpoint to the function and lets the developer set AWS IAM (Identity and Access Management) authentication, or none; and also allows configuration of CORS (cross-origin resource sharing). CORS enables settings-permitted origins for requests, allowed HTTP methods, maximum cache age, and whether or not cookies or other credentials may be included in a request.
Every function URL Is globally unique, and AWS cautions that part of the URL is based on the AWS account ID and that the “process is deterministic … it may be possible for anyone to retrieve your account ID.”
Another caution is that if the authentication type is set to NONE, AWS automatically sets a resource policy enabling anyone on the internet to call the function, if the account setting it up has the appropriate permission.
The documentation notes that developers can then use custom authorization logic within the function, but in this case the function is still invoked and billed, even if the request ends up being denied.
Lambda is priced per request, currently at $0.20 per 1 million, and per duration, depending also on the memory allocated. Five million 50ms requests for a 50ms 128MB function would cost just $1.53 per month, noted developer advocate Alex Casalboni.
However, bill shock is still possible as one organization discovered last year, when a combination of increasing numbers of logs along with rate-limiting in a dependency caused functions to take sometimes over 10 minutes to run, resulting in bills of $1,000 per month. Lambda is convenient and scalable but is an expensive way to purchase compute resources for intensive use.
AWS suggests that function URLs are best suited to single-function microservices that do not require the features of API Gateway, such as webhook handlers and form validators. Ease of setup means it is likely to be a popular option.
Late last month the cloud giant also enabled up to 10GB ephemeral storage for Lambda functions, up from the previous limit of 512MB. This change is designed to suit workloads such as financial analysis and machine learning, involving the processing of large amounts of temporary data.