top of page
Blog Posts
​Top 10 Most Viewed Posts
​
-
AWS Lambda Cookbook  - Part 4 - Environment Variables Best Practices
-
AWS Lambda Cookbook  - Part 5 - Input Validation Best Practices
-
Guide to AWS Serverless & Lambda Testing Best Practices - Part 1
-
Guide to Serverless & Lambda Testing - Part 2 - Testing Pyramid
-
Learn How to Write AWS Lambda Functions with Three Architecture Layers
Search


14 AWS Lambda Security Best Practices to Secure Your Serverless Applications
AWS Lambda makes it easy to build serverless apps—but security is often an afterthought. This post covers 14 real-world Lambda security best practices, from input validation, secret management, and least-privileged IAM to tenant isolation and safe logging. Backed by years of hands-on experience and aligned with OWASP Serverless Top 10, it includes a downloadable checklist to help you secure your functions from day one.

Ran Isenberg
4 days ago9 min read


Agentic AI Prompting: Best Practices for Smarter Vibe Coding
learn best practices for crafting effective prompts, integrating organizational context with MCP, avoiding common pitfalls, and scaling AI workflows across teams. Discover how to build faster, smarter, and safer with agentic AI—without losing your engineering edge.

Ran Isenberg
Jun 1710 min read


Agentic AI & MCP for Platform Teams: Strategy and Real-World Patterns
learn how to build a secure, governed foundation for AI adoption using three key building blocks: a centralized prompt library and CLI, MCP server blueprints, and connectors to organizational data. Discover practical strategies to enable architecture reviews, code transformations, and design generation—all while aligning with security and platform standards.

Ran Isenberg
May 277 min read


Catch Bugs Before They Catch You: Observability with CloudWatch Synthetics
Maintaining production systems is hard—bugs happen, and reacting late can cost you. AWS CloudWatch Synthetics offers a proactive way to catch issues before your users do by simulating real user actions. In this post, guest author Tom Nachum from CyberArk shares how his team uses synthetic canaries to monitor critical business flows, detect failures early, and boost reliability. Learn how to implement, schedule, and debug canaries with ease using AWS tools.

Tom Nachum
May 198 min read


I Tried Running an MCP Server on AWS Lambda… Here’s What Happened
I attempted to run an MCP server serverlessly on AWS Lambda using FastAPI, FastMCP, and the Lambda Web Adapter. While it technically worked, the developer experience was rough—cold starts were slow, observability was limited, and testing was clunky. Compared to my experience building with Bedrock agents, this felt like a step backward. MCP is promising, but today, running it on Lambda isn’t production-ready. Here’s my full breakdown and thoughts.

Ran Isenberg
May 104 min read


Build Serverless WebSockets with AWS AppSync Events and Powertools for AWS Lambda
In this post, you'll learn how to use AWS Lambda functions as both data sources and event handlers for publish and subscribe actions in AWS AppSync Events. We’ll walk through setting up a namespace, wiring direct Lambda integrations using CDK, and handling real-time events with Powertools for AWS Lambda. This approach gives you full control, observability, and flexibility—all while keeping your WebSocket architecture serverless and scalable.

Ran Isenberg
May 57 min read


Building Serverless MCP Servers and What Does Peppa Pig Have To Do With It
This post walks through building a stateless Model Context Protocol (MCP) server on AWS Lambda using Streamable HTTP—no custom bridges or transports. It explores MCP internals, tool/resource definitions, deployment with API Gateway, and local testing with stdio. Learn how Agentic AI Assistants leverage MCP to execute actions with real-time context, and how this protocol simplifies integration across diverse systems.
Anton Aleksandrov
Apr 2312 min read


Stop Building Internal Tools Nobody Wants: A Platform Engineer’s Guide
Stop building internal tools nobody wants. Platform engineering tips to boost adoption, DevX, feedback, and internal open-source mindset

Ran Isenberg
Mar 317 min read


AWS Service Catalog: A Game Changer for Platform Engineering
Discover how AWS Service Catalog helps Platform Engineers balance flexibility, security, and governance—transforming delivery at scale

Ran Isenberg
Mar 37 min read


5 Serverless Architecture Patterns You Should Stop Using (And What to Do Instead)
Avoid common AWS Serverless architecture pitfalls! Learn 5 outdated patterns & the best practices to replace them for better services

Ran Isenberg
Feb 107 min read


How Social Engineering Phishing Works: My Real-Life Encounter
Fell for a phishing attack using social engineering? I did—almost. Here’s how it worked, the tech behind it, and tips to stay safe.

Ran Isenberg
Jan 276 min read


Simplify Security, Governance, and WAF Management with AWS Firewall Manager
Learn how to simplify AWS security, manage WAF rules, and enforce policies across accounts with AWS Firewall Manager, with AWS CDK code

Yaron Ben Ezra
Jan 157 min read


2024 Summary & Come Write with Me
Review the year 2024 from my personal perspective and how to become a guest writer on my website

Ran Isenberg
Dec 31, 20246 min read


Protect Your API Gateway with AWS WAF using CDK
learn about AWS Web Application Firewall (WAF) and use CDK code to protect an REST API served by an API Gateway and enable metrics and logs

Ran Isenberg
Dec 16, 20244 min read


AWS re:Invent 2024: My Serverless Takeaways
AWS re:Invent 2024 exciting new services and features launched from a Serverless developer perspective.

Ran Isenberg
Dec 6, 202410 min read


AWS AppSync Events - Serverless WebSockets Done Right or Just Different?
AWS AppSync Events lets you broadcast realtime data with Serverless WebSockets. Learn how it works, use cases and diff from API GW Websocket

Ran Isenberg
Nov 18, 20249 min read


AWS WAF Essentials: Securing Your SaaS Services Against Cyber Threats
Learn about the AWS Web Application Firewall (WAF), what it is for, tips, and insights for visibility, ownership, governance and more

Ran Isenberg
Nov 13, 20247 min read


Understanding AWS Availability Zones: Boosting SaaS Resilience and Uptime
learn about AWS availability zones, what they are, why they are essential for SaaS Resilience and uptime

Ran Isenberg
Oct 21, 20248 min read


AWS re:Invent 2024 — My Selection Of Sessions
In this post, you will find my opinionated list of AWS re:Invent sessions that I found relevant to Serverless or highly interesting

Ran Isenberg
Oct 2, 202411 min read


Guide to AWS re:Invent - Tips & Tricks
my top tips for making the most out of the AWS re:Invent conference while navigating it like a pro.

Ran Isenberg
Sep 23, 20245 min read


A Critical Look at AWS Lambda Extensions: Pros, Cons, and Recommended Use Cases
In this post, I will share my thoughts about AWS Lambda extensions, the good and the bad, and when you should use or should not use them

Ran Isenberg
Sep 10, 20247 min read


Build a Serverless Web Application on Fargate ECS with AWS CDK
Build a secure Fargate ECS cluster with an application load balancer and a web application using Python CDK code.

Ran Isenberg
Aug 13, 20246 min read


Reflecting on Serverless: Current State, Community Thoughts, and Future Prospects
Reflect on the current state of serverless, share my thoughts about articles from the community, and discuss the future of serverless

Ran Isenberg
Jul 24, 202410 min read


Unlocking High Throughput with Amazon SQS FIFO Queues
Learn how SQS FIFO works and achieve optimal throughput with detailed insights and CDK TypeScript code examples.
Marcos Henrique
Jul 22, 20248 min read
bottom of page