Chapter 1 – Hello from Lambda
Project Summary
This project demonstrates core AWS solution architecture skills by deploying a secure, serverless, and observable Hello from Lambda API. Designed for portfolio visibility, it includes IAM, Lambda, API Gateway, CloudWatch, and WAF configuration with security-first principle.
Architectural Diagrams
The following high-level diagram outlines the core AWS services and flow behind the serverless ‘Hello from Lambda’ API, highlighting security layers and logical separation.
Figure 1: High-level architecture for the 'Hello from Lambda' API
Security Considerations
IAM roles follow the principle of least privilege. The API Gateway is protected with AWS WAF to mitigate common web exploits, and all logs are sent to CloudWatch for auditability and visibility. No hardcoded secrets or publicly exposed endpoints exist beyond the API entry point.
Figure 3: WAF Rules
Lambda Code Elements
A simple Python-based Lambda function that returns a stylized ‘Hello from Lambda’ message in nostalgic ASCII art.
Figure 2: Lambda function code snippet
Service Breakdown
This solution integrates several core AWS services: AWS Lambda for compute, Amazon API Gateway for routing, IAM for access control, CloudWatch for logging, and AWS WAF for edge protection. Each service was chosen to support a secure, fully serverless architecture.
Cost Overview
This solution is designed to remain lightweight and cost-effective. While Lambda and API Gateway incur minimal charges at low volumes, the use of AWS WAF introduces a small monthly cost due to custom rule sets. Based on current usage, estimated monthly costs are:
- AWS Lambda: ~£0.00/month (within Free Tier limits)
- API Gateway: ~£0.04/month for minimal traffic
- AWS WAF: ~£5.00–£6.00/month for 1 Web ACL and 4 rules
- CloudWatch Logs: ~£0.15–£0.40/month depending on volume and retention
No EC2 instances, load balancers, or persistent storage were required — keeping operational overhead low and aligned with a serverless-first design philosophy.
Key Learning
This chapter demonstrates the power of combining AWS services to produce scalable, event-driven solutions. The exercise reinforces architecture thinking — especially around decoupling, observability, and applying security-first design from the start.
Improvements & Next Steps
In Chapter 2, the focus shifts to building a static front-end website with AWS S3, CloudFront, and Route 53 — the first step towards a full-stack AWS deployment.
