Join 8k+ readers and level up you AWS game with just 5 mins a week. Every Monday, I share practical tips, tutorials and best practices for building serverless architectures on AWS.
When to use API Gateway vs. Lambda Function URLs Read on my blog Read time: 4 minutes “Lambdalith” is a monolithic approach to building serverless applications where a single Lambda function serves an entire API, instead of one function per endpoint. It’s an increasingly popular approach. It provides portability between Lambda functions and container applications. You can lift and shift an existing application into Lambda without rewriting it. You can use web frameworks you are already familiar with, and lean on the existing ecosystems of tools, ORMs and middleware. It also makes testing easier, because you can apply familiar testing methodologies. Tools like the AWS Lambda Web Adapter [1] have made this approach more accessible. In addition, Lambda Function URLs [2] also work well with this pattern. Which brings up a good question. “In 2024, if you want to build a REST API using serverless technologies. Should you use Lambda Function URLs or API Gateway?” Here are some trade-offs you should consider when making this decision. Function URL pros
Function URL cons
Where Function URL makes senseIf you want to (i.e. not forced into it by the choice to use Function URL) build a Lambdalith and you don’t need any of the additional features that API Gateway offers. Then Function URLs make sense — it’s cheaper, faster and has fewer moving parts. Similarly, if you need to return a large payload (> 10MB) or to run for more than 29s, then Function URL can also make sense. That is if you can’t refactor the client-server interaction. Given the limited support for authentication & authorization, it’s not suitable for user-facing APIs. These APIs often require a Cognito authorizer or a custom Lambda authorizer. This leaves function URLs as best suited for public APIs or internal APIs inside a microservices architecture. By “internal API”, I refer to APIs that are used by other services but not by the frontend application directly. These APIs usually require AWS_IAM auth because the caller is another AWS resource — a Lambda function, an EC2 instance, an ECS task, etc. API Gateway pros
API Gateway cons
When API Gateway makes senseGiven the vast array of features that API Gateway offers, it makes sense in most cases if you’re OK with the additional cost that comes with the convenience. The 29s and 10MB response limits can be problematic in some cases. But they can be mitigated with patterns such as Decoupled Invocations [6] and S3 presigned URLs [7]. However, these workarounds require you to refactor the client-server interaction, so they are not always viable. SummaryBecause of its flexibility, I prefer API Gateway over Function URLs or ALBs. But Function URL is a useful tool, especially when cost and performance are your primary concerns. It’s also an important lift-and-shift option for people migrating from an existing EC2 or container-based application. It lets them enjoy the benefits of Lambda without rewriting their application. Finally, as Ben eloquently puts it, this tradeoff represents a deeper choice we often face. What’s easier at author time might mean more ownership at runtime. For example, we don’t get per-endpoint metrics from function URLs so we have to bring that capability to the table ourselves and be responsible for them. Something for you to think about ;-) Links[2] AWS Lambda: function URL is live! [3] Introducing AWS Lambda response streaming [4] Embedded metric format specification [5] API Gateway: Why you should use Service Proxies [6] How to use the Decoupled Invocation pattern with AWS Lambda and serverless [7] Hit the 6MB Lambda payload limit? Here’s what you can do Whenever you're ready, here are 3 ways I can help you:
|
by Yan Cui, AWS Serverless Hero
Join 8k+ readers and level up you AWS game with just 5 mins a week. Every Monday, I share practical tips, tutorials and best practices for building serverless architectures on AWS.
"The offer is strong with this one." Hey there! I've got an awesome offer for you this Star Wars Day. I've partnered with the best AWS content creators to give you 30% off on a fantastic range of AWS books and courses! From left to right: me, Philip Riecks, Sandro Volpicella, Alex DeBrie, Daniel Galati and Tobias Schmidt. Enter the code TBMAPRBD at checkout to get your discount. But hurry, this offer ends in 3 days. Check out these deals: 30% OFF on AppSync Masterclass: Learn fullstack...
I can’t believe it’s May already! It’s been a busy few months here. Here’s what I've been up to and what you might have missed. Blog posts How to handle execution timeouts in AWS Step Functions How to apply the TDD mindset to serverless Here are four ways you can implement WebSockets using serverless DynamoDB now supports cross-account access. But is that a good idea? When to use Step Functions vs. doing it all in a Lambda function When to use API Gateway vs. Lambda Function URLs First...
Step Functions lets you set a timeout on Task states and the whole execution. By default, a Task state times out after 60 seconds. But an execution can run for a year if no TimeoutSeconds is configured. To a user, the execution would appear as “stuck”. AWS best practices recommend using timeouts to avoid such scenarios [1]. So it’s important to consider what happens when you experience a timeout You can use the Catch clause to handle the States.Timeout error when a Task state times out. You...