- Separate business logic from infrastructure code.
- Add the function handler code in a file with a
.lambda.tssuffix. - Group function handlers in a
functionsfolder. - Configure appropriate memory and timeout settings.
- Use environment variables for configuration.
- Set up appropriate IAM permissions with least privilege.
- Use appropriate task definitions and container configurations
- If needed, configure auto-scaling based on metrics
- Set up proper networking and security groups
- Implement health checks and monitoring
- Configure appropriate encryption and access controls
- Set up lifecycle rules for cost optimization
- Implement versioning for critical data
- Configure logging and monitoring
- Configure backup and retention policies
- Configure appropriate capacity mode (on-demand or provisioned)
- Set up auto-scaling for provisioned capacity
- Implement proper key schema and indexes
- Configure backup and point-in-time recovery
- Configure appropriate authentication and authorization
- Set up request validation and throttling
- Implement CORS for cross-origin requests
- Configure logging and monitoring
- Configure appropriate authentication and authorization
- Set up request validation and throttling
- Implement CORS for cross-origin requests
- Configure logging and monitoring
- Design VPCs with appropriate subnet architecture
- Configure security groups with least privilege
- Set up VPC endpoints for AWS services when possible
- Configure appropriate cache behaviors for different content types
- Set up proper origin configurations
- Implement security headers and CORS
- Configure logging and monitoring
- Set up alarms for critical metrics
- Configure appropriate thresholds and actions
- Create dashboards for monitoring