AWS Lambda Deep Dive
Difficulty: hard
Overview
AWS Lambda is a serverless compute service that runs code in response to events without provisioning or managing servers.
Key Limits:
| Setting | Limit |
|---|---|
| Max execution timeout | 15 minutes |
| Memory | 128 MB – 10,240 MB |
| Ephemeral storage (/tmp) | 512 MB – 10,240 MB |
| Deployment package (zip) | 50 MB compressed, 250 MB uncompressed |
| Container image size | 10 GB |
| Concurrent executions (default) | 1,000 per region |
| Environment variables | 4 KB total |
Invocation Types:
- RequestResponse (synchronous): Caller waits. Used by API Gateway, ALB, Cognito.
- Event (asynchronous): Lambda queues the event, returns immediately. Used by S3, SNS, EventBridge. Retries up to 2 times on failure.
- DryRun: Validates permissions without executing.
Event Source Mapping (poll-based): Lambda polls SQS, Kinesis, DynamoDB Streams, MSK. Lambda manages polling, scaling, and checkpointing.
Concurrency:
- Reserved Concurrency: Caps max concurrency for a function; guarantees capacity.
- Provisioned Concurrency: Pre-initializes execution environments to eliminate cold starts.
Cold Starts: Occur when a new execution environment is initialized. Affected by runtime (Java > Python > Node), package size, VPC config. Solutions: Provisioned Concurrency, SnapStart (Java 11+).
Lambda in VPC: Creates ENIs in specified subnets. Requires ec2:CreateNetworkInterface permissions. Uses Hyperplane ENIs (shared) — no longer significant cold start impact.
Layers: Up to 5 layers per function. Total uncompressed size ≤ 250 MB. Share code and libraries.
Lambda Destinations (async only): Route successful/failed invocations to SQS, SNS, EventBridge, or another Lambda. Prefer over DLQ — includes function response context.
Versions & Aliases: Versions are immutable snapshots. Aliases point to specific versions and support weighted routing (canary deployments).
Practice Linked Questions
Q1. What is the maximum execution timeout for an AWS Lambda function?
Select one answer before revealing.
Q2. Which Lambda invocation type is used by Amazon API Gateway when calling a Lambda function?
Select one answer before revealing.
Q3. A Lambda function needs to connect to a private Amazon RDS instance inside a VPC. What is required?
Select one answer before revealing.
Q4. A Lambda function processes messages from an SQS queue. Occasionally, messages fail processing and reappear in the queue, causing infinite retries. Which TWO approaches resolve this? (Choose 2)
Select one answer before revealing.
Q5. A Lambda function written in Java is experiencing high cold start latency affecting user-facing P99 response times. Which TWO options best address this? (Choose 2)
Select one answer before revealing.
Q6. A developer wants to run different code for a Lambda function in development, staging, and production without changing the deployment package. What is the recommended approach?
Select one answer before revealing.
Q7. Which Lambda concurrency setting guarantees that a specific function will always have execution capacity available and prevents it from being throttled by other functions in the account?
Select one answer before revealing.
Q8. A developer needs to run code before a Lambda function is invoked to validate a JWT token, and cache the result for 5 minutes. What should they implement?
Select one answer before revealing.
Q9. A Lambda function processes asynchronous events from S3. For failed invocations, the developer wants to capture the original event, error details, and function response for debugging. What should they configure?
Select one answer before revealing.
Q10. A Lambda function is deployed in a VPC private subnet with no NAT Gateway. It needs to call the AWS DynamoDB API. What is the most cost-effective and secure solution?
Select one answer before revealing.