Hello, all! Does anyone support serverless architectures (like AWS Lambda, EventBridge, API Gateway, etc.) in your internal developer platforms? I'm curious if you had to change the way you handle governance or CI/CD to match that app paradigm.

Hi @Carl Caum We have repos with (GitLab) CI/CD pipelines for Lambda, API Gateway and Step Functions. We’ve mostly retrofit these pipelines to use Terraform instead of shell scripts with AWS cli, etc. So far, we’ve primarily relied on sourcing the Lambda functions from S3 instead of ECR, although we use ECR heavily for our backend/EKS/helm deployment patterns. We’re starting to talk about refactoring the serverless and frontend deployment strategy to just-as-easily deploy to Kubernetes as S3/Lambda/CloudFront etc.

We're just headed down this route with our first group who are not following the "containers into k8s" model and its throwing up significant challenges however we'll get through it 😂

@Bryan Dady Do the devleopers have full ownership over their Terraform? If not, how are they iterating on their infrastructure resources as they develop their application?

just understanding what a successful pipeline looks like for the serverless teams, how our security tooling integrates for serverless (we have centralised templates for teams to use). They are not technical challenges per se, but it's a different model

@Carl Caum I would say Yes, the developers have full ownership of their Terraform. We have had strong success with TF modules and project templates that abstract away much of the config complexity, and support the developers in quickly getting an MVP off the ground.