 Right. Oh, I cannot move. Oh, yeah, I can. So, hello, everyone. I'm Dario from Maya Cloud. We are a UK-based company. I'm actually trying to run away from Winters in general for the rest of my life, and that's where I'm in Singapore. We are actually trying to get new customers here. We already have a couple of perspective once. This is what I did all my life. At a certain point, I just leave all any sort of contracting or contracted job and found my own company, and I got a lot of time to do all those certifications and stuff. So, I'm presenting this story that happened actually something like three, four weeks ago, so it's very, very recent. This was the client that had the full set of the application, is already running full serverless because it's all AWS Lambda, Fargate, so on and so forth. But they had a piece of the infrastructure, a piece of the application that it was running on ECS, pure ECS, so ECS for you that don't know. They've got the Fargate which is like the run containers on AWS own magical servers, and they just run okay, but they have some limitations like the space and you cannot serve volumes stuff like that. This new application in development, it was running on that kind of ECS, and it was just on development. It was not facing the public, but then there was an audit from the government, and they need to show the application working properly, and the application need to be public, but it had no authentication. Just that little bit, it was not present. The rest of the application had authentication already in the backend, so they had an authentication API based on JSON web tokens, but not this bit, so they came to us like, do whatever you can, do whatever needs to be done, but make it work in production life, and that it's able to pass an audit. And so we came there and we used this thing, the guys at BandLab they presented this call, they are using as well, it's called Lambda Edge. This thing is just the best thing that has happened to my life in the last three weeks. So, yeah, it's super cool. I watch a video on YouTube or something like that, or I tweet from someone who did some basic HTTP authentication using this, and it was not good enough for me, but it was super promising, so this is what I actually needed. I needed something, in this case, Lambda Edge, to authenticate the headers, or to check if the headers they were having a proper embedded token with authentication on it, and so that I could pass it somehow, like with a proxy, a web proxy to the backend, which is normal Java somewhere, and then I also needed to do all those things that we all do, like catching static assets and Java script in CloudFront, CloudFront, any other CDN. We're actually also using multi-cloud, someone who's using multi-cloud, we're using multi-cloud, and so how to do that in AWS? Well, obviously using Lambda, and I'm not gonna present Lambda again, because it's just been already very nicely done, but yeah, we pass through all this process of doing all those things manually back in the day, we don't do that anymore, we just run things in Lambda, if something doesn't work, it's AWS fault, not mine, as simple as that. I just make things to go into their specifications, is therefore from there. Lambda Edge, it's super cool, because it's moving your Lambda execution to the edges, so they are basically edges, which are like kind of just data centers, API entry points, call it as you want, all over the world, and they are moving physically the code execution into those edges, so it's very fast, it's super fast, and it's allowing you to do logic into those edges before passing it to anywhere else, to the origin, which could be an STI bucket, it could be your current legacy application, like in my case, living somewhere touchy, like in ECS based on EC2, so that was super cool, because we didn't want to basically redeploy everything. How is the bucket deployed? I already spoiled myself, I told you that it's an ECS, but it was an EC2, and I was feeling quite dodgy, because I've been on EC2, nobody likes EC2 anymore, because EC2 is super old school, if someone comes to me and told me, like the whole application is running on EC2, I just run away, it's like, good for you, come back to the future, and I also saw this thing, this is super awesome, so the guys at AWS for whatever reason, well this is actually pretty cool, this is good for legacy stuff, if you are unfortunate like me and you have to work with banks and things like that, like very, very huge legacy companies, AWS offered you to run EC2 on premises, in their fancy boxes, the storage, how is it called, snow, something, snowball, so you can run EC2 on premises, it's like going back to, I don't know, 1982. This is my backend, okay, this is where I'm running, unfortunately on containers that they have to run on EC2, which is called ECS slash classic or something like that, I'm running 90% of the staff in ECS Fargate, and I consider that to be serverless, because I just don't care, yes I do have to do the container, not me, Jenkins or someone, but it's still running on AWS backend, but not ECS on EC2, ECS on EC2 means that you have to provision some EC2 machines that they are running the ECS agent, that's the only bit that you have to worry about, it's already too much for me, and this is how it's run the rest of the application, which I'm not presenting here tonight, it's Fargate, which is super cool, if you are not using it and you have to do legacy stuff like I do, you have to run code that someone else wrote, because I cannot have this Williplanda super awesome thing, I cannot deploy stuff, what I do is to go into developers, try to tell them, do it right, do it right, but it's always another company, so I have to get that and put it in the cloud somehow. If you have to do that like me, go for Fargate, if you are using other cloud providers, there are other super cool things there too, there are other cloud providers that they have similar things five years ago, and they didn't for whatever reason market it so well, but AWS is much better than that. So I still call Fargate serverless, even though it's Docker. Deploying the whole thing is not any easy, it's not any easy, it's like you have to basically convince the developers to make the whole thing again a little bit more your way, a little bit more native cloud or cloud native, and whenever something is broken in one of the 1000 AWS services, it's gonna, you're gonna realize that yeah, you are no hitting the 15 minutes newest lambda timeout or you're just using too much memory, someone is using some kind of function that is not in the standard environment, so you have to pack it into lambda, I don't want to do my own packing, it's kind of takes a lot of time. We do all these things that, let's say to the best of our expertise or our abilities. So we always use these kind of things, we don't use some, we use some in the past, it's kind of cool, we're still old school, we do everything in Terraform for consistency, we do Jenkins, we don't allow any developer, we don't allow any SRE, any kind of engineer to touch anything from the laptop, you are just deploying your whole thing with a click of your mouse, otherwise you'll fire, and you have to repeat that again and again and again until you get the green screen and full stop, that's the only way, and it's super tedious, that's the only way that the whole thing is gonna be consistent and it's gonna work. To be fair, we have like tons of Jenkins jobs that are super cool, you can test your stuff from a branch, you can do all those kind of things that the developers of the companies they need, most of them they don't think that's possible, it's actually quite easy, you can do absolutely whatever you want with these kind of very few tools, like Terraform, Jenkins, Spinnaker, and a couple of more things, if you are using containers or Kubernetes, just attend another meeting. Deploying specifically Lambda Edge, it's got a couple of problems, and this has taken at least one full day of my life, it's like, yeah, I hate it. Problem of doing CloudFront is that every time you do a change in CloudFront, it has to go all over the world, it goes places, and it takes long time, it takes something like, in the past it was 20 minutes, today it's like five to 15, 17 minutes, for me to wait 17 minutes to be sure that I change, it's actually up and running, it's like forever, I just cannot wait 17 minutes for absolutely anything, and when you do a change in CloudFront, you have to wait for that. So you deploy your Lambda in Virginia, in the Central AWS or the original AWS region, and then you test it there, you kind of fake, how is it gonna be behind CloudFront? It works okay theoretically, but to do the actual testing, you have to deploy it all over the world, and just wait a lot of time. It's pain in the ass, it looks a little bit like that. The small ones are the lambdas in the edge, and this happens again, and again, and again, and it doesn't matter how hard you try, it's gonna be like that, it has to be everything fully automated, it has to be everything absolutely serverless, it's just gonna go wrong a thousand times. So I made it very short, what was it like, less than 10 minutes. This is it, this is what we did. That was something that they asked us to do, like within two weeks, it took us something like three days, because we had that very good luck of having absolutely all the tools already there, we didn't have to do much, just add up a couple of lines of code that they already have for the backend, we put them in the Lambda, and then we move it to this Lambda Edge, and the whole application has switched to this new way of authenticating in the edge, rather than authenticating within the backend, and the whole application it runs, you can call me crazy, but it runs unauthenticated within AWS, it's everything SSL and everything is secure, but from the CloudFront to the Origin, it goes only with this JSON Web token, and it just works okay, they just switch the whole thing, and it passes the government auditory and all those things, so that's me, I know I didn't make it any technical, but I'm good for questions and answers, and having a year afterwards, happy to ask to answer any kind of technical question. So questions? Can you use Terraform to deploy Lambda Functions? Yes. Can you do that? You can do anything with Terraform. So first of all, with Terraform, you can do local providers and local data sources, so you can basically call Python, go wherever you use, and just use the AWS API or any CloudProvider API and do wherever you want. What we do for Lambda is the easiest of the thing, we just locally, but everything is done through the Terraform Apply command or wherever you want to call it. We just have a custom local resource that is shipping the code wherever it's going to go in the Lambda. If there is any change, the MD file sum is going to change of the zip file, and then Terraform is going to detect that that change, that's going to trigger the rest of the Terraform stuff, which is basically upload the local zip file to Lambda. That's already in Terraform in the AWS provider, uploading the zip file to Lambda and publish the new version. So yeah, it's quite easy, actually, and it works wonders. Some people in my own company, they like to go the S3 way. I do it locally because I don't do anything locally. It's all in that Jenkins thing, which is on autoscaling groups, replicated and all that stuff. Some people, they just do it on S3. They have the Lambda code on S3, and when there is a change, they detect it from S3, and they deploy it from S3 into Lambda. But yeah, you can, it works wonders. You can make coffee with Terraform. Yes? Okay, Fargate, it's pretty expensive, versus DCS on DC2. Fargate is, right? They just recently reduced the price, but before it was quite expensive. Yes and no. So Fargate and most of the serverless or all of the microservices in AWS, they're pretty expensive if you do a simple comparison of horsepower against your EC2 legacy 2.0 on-prem thing. If you do an actual proper usage of Fargate, you are normally saving money. In this case, for example, the way of flexibility that we could do in AWS EC2 autoscaling, it was way, way less than the flexibility than you can do in Fargate. In Fargate, you can do things like, I want to use a minimum of, I think is one fourth of a CPU and something like 200 and like one fourth of gigabyte as well. That's like the minimum you can have, and then it autoscales fastly because it's on Docker servers somewhere in AWS. It autoscales fastly to whatever you want. So yes, the CPU and memory per second is more expensive. It's way, way more expensive in Fargate than EC2. Well, not way more expensive, but it's more expensive. But if you make your application to scale properly, and it's actually only responding to certain HTTP requests that they're already behind CloudFront, they're already behind Cache, they're Cache content, they're already behind, they are safe from the OS attacks and stuff like that. You are gonna have the optimal number of hits to your backend, and it's gonna be super flexible. So at the end of the day, you are actually saving money. At least we have like three or four clients that they are using Fargate intensively. They're spending less than before migrating into Fargate. And before it was already ECS. It was just running ECS on EC2. And just that small change of not running it in your own EC2 machines, it's saving a lot of money for them. No last question. Thank you, everyone.