<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Serverless | The AWS Blog</title><link>https://theawsblog.com/tags/serverless/</link><description>Articles, tutorials and insights from the AWS community.</description><generator>Hugo</generator><language>en</language><managingEditor>@theawsblog (The AWS Blog)</managingEditor><webMaster>@theawsblog</webMaster><lastBuildDate>Mon, 29 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://theawsblog.com/tags/serverless/index.xml" rel="self" type="application/rss+xml"/><item><title>Lambda durable functions fit the messy middle of agent workflows</title><link>https://theawsblog.com/news/emiliano-montesdeoca/lambda-durable-functions-agent-workflows/</link><pubDate>Mon, 29 Jun 2026 00:00:00 +0000</pubDate><author>Emiliano Montesdeoca</author><guid>https://theawsblog.com/news/emiliano-montesdeoca/lambda-durable-functions-agent-workflows/</guid><description>AWS Lambda durable functions give multi-agent and human-in-the-loop workflows checkpointing, replay, callbacks, and polling without forcing every team to assemble custom orchestration infrastructure.</description><content:encoded>&lt;p&gt;Agent workflows are rarely a neat chain of fast API calls. They wait for humans, retry model calls, poll external systems, compensate for failed steps, and burn money when the same expensive operation runs twice.&lt;/p&gt;
&lt;p&gt;The AWS Compute Blog post on &lt;a href="https://aws.amazon.com/blogs/compute/building-fault-tolerant-multi-agent-ai-workflows-with-aws-lambda-durable-functions/"&gt;building fault-tolerant multi-agent AI workflows with AWS Lambda durable functions&lt;/a&gt; is useful because it focuses on that messy middle. The healthcare prior authorization example is domain-specific, but the orchestration problem is common.&lt;/p&gt;
&lt;h2 id="what-changed"&gt;What changed&lt;/h2&gt;
&lt;p&gt;Lambda durable functions extend the Lambda programming model with checkpoint and replay operations. The source article highlights patterns such as:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;code&gt;context.step()&lt;/code&gt; for checkpointed work,&lt;/li&gt;
&lt;li&gt;callback waits for human review or external completion signals,&lt;/li&gt;
&lt;li&gt;condition waits for polling long-running systems,&lt;/li&gt;
&lt;li&gt;replay behavior that skips completed durable operations,&lt;/li&gt;
&lt;li&gt;execution metrics and status events for operational visibility.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;That means a long-running workflow can pause without paying compute charges during the wait, then resume from the right point when a callback arrives or a condition changes.&lt;/p&gt;
&lt;h2 id="why-it-matters-for-ai-systems"&gt;Why it matters for AI systems&lt;/h2&gt;
&lt;p&gt;Multi-agent workflows are expensive and non-deterministic. If an extraction agent, reasoning agent, or synthesis agent has already completed, you usually do not want a transient failure later in the flow to rerun everything from the start.&lt;/p&gt;
&lt;p&gt;Durable checkpointing directly addresses that. It also makes human-in-the-loop patterns less awkward. A review step can suspend for hours or days without holding a running process open or building separate queue-and-database plumbing for every workflow.&lt;/p&gt;
&lt;p&gt;This is not only an AI feature. It is orchestration for any process where work is valuable, waits are long, and retries must be controlled.&lt;/p&gt;
&lt;h2 id="the-architectural-trade-off"&gt;The architectural trade-off&lt;/h2&gt;
&lt;p&gt;The biggest benefit is also the thing to design carefully: workflow logic lives in code.&lt;/p&gt;
&lt;p&gt;That can be cleaner than stitching together many small infrastructure pieces, but it requires discipline. Builders need deterministic step boundaries, idempotent external calls, clear timeout behavior, and replay-aware logging. If a step charges a credit card, submits a claim, sends an email, or updates a ticket, retries must reuse idempotency keys.&lt;/p&gt;
&lt;p&gt;You also need to decide when Step Functions is still a better fit. If the team benefits from visual state machines, service integrations, explicit workflow definitions, or non-developer operators inspecting the flow, Step Functions remains strong. Durable functions are attractive when the orchestration is code-heavy, developer-owned, and benefits from staying close to the Lambda handler.&lt;/p&gt;
&lt;h2 id="what-builders-should-do-next"&gt;What builders should do next&lt;/h2&gt;
&lt;p&gt;Do not start by converting every workflow. Start with one painful process that has three properties:&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;expensive completed steps that should not repeat,&lt;/li&gt;
&lt;li&gt;long waits for humans or external systems,&lt;/li&gt;
&lt;li&gt;retry behavior that is currently implemented with custom glue.&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;Then design the durable function around failure cases first. What happens if an agent times out? If the human rejects the result? If the external API accepts a submission but the response is lost? If the workflow exceeds the business deadline?&lt;/p&gt;
&lt;p&gt;The source example uses prior authorization, but the pattern applies to code review agents, document processing, procurement approvals, incident remediation, and migration assessment pipelines.&lt;/p&gt;
&lt;p&gt;The practical takeaway: durable functions are not just about making Lambda run longer. They are about making long-running workflows resumable, observable, and cheaper to wait on.&lt;/p&gt;</content:encoded></item><item><title>OpenSearch Serverless next generation changes the economics of tenant isolation</title><link>https://theawsblog.com/news/emiliano-montesdeoca/opensearch-serverless-multitenant-search/</link><pubDate>Wed, 24 Jun 2026 00:00:00 +0000</pubDate><author>Emiliano Montesdeoca</author><guid>https://theawsblog.com/news/emiliano-montesdeoca/opensearch-serverless-multitenant-search/</guid><description>Amazon OpenSearch Serverless next-generation architecture makes collection-per-tenant search more practical with scale-to-zero compute and regional endpoint routing.</description><content:encoded>&lt;p&gt;Multi-tenant search has always forced an uncomfortable trade-off: isolate tenants cleanly and pay for too much infrastructure, or pool tenants together and accept more operational and security complexity.&lt;/p&gt;
&lt;p&gt;The AWS Big Data Blog post on &lt;a href="https://aws.amazon.com/blogs/big-data/implement-multi-tenant-search-with-amazon-opensearch-serverless-next-generation/"&gt;multi-tenant search with Amazon OpenSearch Serverless next generation&lt;/a&gt; is important because it changes that cost model. Scale-to-zero compute and regional endpoint routing make collection-per-tenant designs more realistic.&lt;/p&gt;
&lt;h2 id="what-changed"&gt;What changed&lt;/h2&gt;
&lt;p&gt;OpenSearch Serverless next-generation architecture lets collection groups scale compute to zero, while storage charges still apply. AWS also added a per-account, regional endpoint that can route requests to collections using headers such as &lt;code&gt;x-amz-aoss-collection-name&lt;/code&gt;.&lt;/p&gt;
&lt;p&gt;That means a SaaS application can keep a cleaner collection-per-tenant model without managing a separate endpoint and connection pool for every tenant.&lt;/p&gt;
&lt;h2 id="why-builders-should-care"&gt;Why builders should care&lt;/h2&gt;
&lt;p&gt;Tenant isolation is easier to discuss in architecture reviews than to pay for in production.&lt;/p&gt;
&lt;p&gt;A collection-per-tenant design gives strong isolation boundaries for data, workload behavior, encryption, lifecycle, and noisy-neighbor risk. But if each tenant carries a minimum always-on compute cost, the design breaks down for long-tail tenants.&lt;/p&gt;
&lt;p&gt;Scale-to-zero compute makes the model more practical for SaaS platforms with many tenants that search occasionally. The regional endpoint also simplifies application routing. Instead of maintaining many endpoints, the application can target one endpoint and route by collection header.&lt;/p&gt;
&lt;h2 id="the-trade-offs"&gt;The trade-offs&lt;/h2&gt;
&lt;p&gt;Collection-per-tenant is not automatically the best design.&lt;/p&gt;
&lt;p&gt;For very small tenants with similar access patterns, pooled indexes may still be simpler. For very large tenants, dedicated collections or even separate domains may be appropriate. For regulated tenants, encryption, access policy, and audit boundaries may matter more than cost.&lt;/p&gt;
&lt;p&gt;Builders should also design the tenant mapping layer carefully. A regional endpoint reduces endpoint sprawl, but the application still needs a reliable mapping from tenant ID to collection name or ID. That mapping becomes part of the security boundary.&lt;/p&gt;
&lt;p&gt;Operational questions remain:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;How are collections created and deleted?&lt;/li&gt;
&lt;li&gt;What happens when a dormant tenant becomes active?&lt;/li&gt;
&lt;li&gt;How are per-tenant quotas enforced?&lt;/li&gt;
&lt;li&gt;How are index templates and mappings rolled out safely?&lt;/li&gt;
&lt;li&gt;How are tenant-level costs reported?&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-to-do-next"&gt;What to do next&lt;/h2&gt;
&lt;p&gt;For SaaS search workloads, revisit the tenancy model. Compare pooled, collection-per-tenant, and hybrid approaches using real tenant distribution, not an average tenant.&lt;/p&gt;
&lt;p&gt;A practical path is:&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;Put high-volume tenants in dedicated collections.&lt;/li&gt;
&lt;li&gt;Keep small tenants pooled or grouped if isolation requirements allow it.&lt;/li&gt;
&lt;li&gt;Use collection-per-tenant where security, compliance, or noisy-neighbor risk justifies the boundary.&lt;/li&gt;
&lt;li&gt;Automate collection lifecycle and mapping changes from the start.&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;The takeaway is that OpenSearch Serverless is making stronger isolation less expensive. That does not remove design work, but it gives builders more room to choose isolation for good reasons instead of avoiding it because of minimum compute cost.&lt;/p&gt;</content:encoded></item><item><title>S3 Files makes Lambda file workflows simpler, but not automatically better</title><link>https://theawsblog.com/news/emiliano-montesdeoca/s3-files-lambda-modernization/</link><pubDate>Wed, 24 Jun 2026 00:00:00 +0000</pubDate><author>Emiliano Montesdeoca</author><guid>https://theawsblog.com/news/emiliano-montesdeoca/s3-files-lambda-modernization/</guid><description>Amazon S3 Files lets Lambda functions work with S3-backed file paths instead of download-process-upload code, which can simplify workloads if teams understand consistency, throughput, and VPC implications.</description><content:encoded>&lt;p&gt;A lot of Lambda code that works with S3 is not complicated because the business logic is complicated. It is complicated because the function has to download an object, manage &lt;code&gt;/tmp&lt;/code&gt;, process the file, upload the result, and clean up after itself.&lt;/p&gt;
&lt;p&gt;The AWS Compute Blog post on &lt;a href="https://aws.amazon.com/blogs/compute/modernizing-lambda-s3-workloads-with-amazon-s3-files/"&gt;modernizing Lambda and S3 workloads with Amazon S3 Files&lt;/a&gt; shows a different model: mount an S3-backed file system and let the function use normal file paths.&lt;/p&gt;
&lt;p&gt;That sounds small. For many workloads, it changes the shape of the code.&lt;/p&gt;
&lt;h2 id="what-changed"&gt;What changed&lt;/h2&gt;
&lt;p&gt;S3 Files lets a Lambda function mount an S3 bucket as a file system at a path such as &lt;code&gt;/mnt/data&lt;/code&gt;. Code can open, read, write, list, and organize files using filesystem operations while S3 remains the durable backing store.&lt;/p&gt;
&lt;p&gt;The source article uses examples such as image processing, ETL pipelines, and multi-agent shared workspaces. In each case, the function moves away from explicit S3 transfer code and toward direct file I/O.&lt;/p&gt;
&lt;p&gt;That removes a surprising amount of glue:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;no manual download before processing,&lt;/li&gt;
&lt;li&gt;no upload step after writing output,&lt;/li&gt;
&lt;li&gt;less &lt;code&gt;/tmp&lt;/code&gt; capacity management,&lt;/li&gt;
&lt;li&gt;fewer cleanup paths for failed invocations,&lt;/li&gt;
&lt;li&gt;simpler handoffs between functions that share a workspace.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="why-builders-should-care"&gt;Why builders should care&lt;/h2&gt;
&lt;p&gt;The strongest use case is modernization of existing file-oriented libraries. Many image, document, ML, and data-processing libraries expect file paths. Without S3 Files, Lambda code often has to adapt object storage into temporary local files before real work can start.&lt;/p&gt;
&lt;p&gt;S3 Files lets builders keep file-based code and still use S3 as the storage layer. That can make Lambda more attractive for workloads that previously moved to containers only because file handling became awkward.&lt;/p&gt;
&lt;p&gt;The shared workspace pattern is also interesting for AI agents. If multiple Lambda functions collaborate on a session, a directory tree can be easier to reason about than a collection of object keys and serialized state blobs.&lt;/p&gt;
&lt;h2 id="the-trade-offs"&gt;The trade-offs&lt;/h2&gt;
&lt;p&gt;I would not replace every S3 API call with file I/O.&lt;/p&gt;
&lt;p&gt;Object APIs are still excellent when you want explicit object boundaries, event-driven processing, presigned URLs, lifecycle policies, replication, and direct control over metadata. File systems are easier for some code, but they can also hide transfer and consistency behavior behind familiar syntax.&lt;/p&gt;
&lt;p&gt;Builders should validate:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;throughput for large files,&lt;/li&gt;
&lt;li&gt;behavior under high concurrency,&lt;/li&gt;
&lt;li&gt;consistency expectations between producers and consumers,&lt;/li&gt;
&lt;li&gt;VPC and mount target requirements,&lt;/li&gt;
&lt;li&gt;IAM permissions for mount and write operations,&lt;/li&gt;
&lt;li&gt;failure behavior when a function exits while writing.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;Also remember that simpler code is not the same as simpler operations. If many functions share a writable workspace, you need naming conventions, cleanup policies, and safeguards against accidental overwrite.&lt;/p&gt;
&lt;h2 id="what-to-do-next"&gt;What to do next&lt;/h2&gt;
&lt;p&gt;Look for Lambda functions where more code is spent on S3 transfers than on the actual business logic. Image resizing, report generation, data conversion, document processing, and agent workspaces are good candidates.&lt;/p&gt;
&lt;p&gt;For each candidate, compare two versions:&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;current S3 API flow with &lt;code&gt;/tmp&lt;/code&gt;,&lt;/li&gt;
&lt;li&gt;S3 Files flow with mounted paths.&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;Measure duration, memory, error handling complexity, and cost. The winning design may be different per workload.&lt;/p&gt;
&lt;p&gt;The useful takeaway is not that file systems are better than object APIs. It is that Lambda now has a cleaner option when the workload is naturally file-shaped.&lt;/p&gt;</content:encoded></item><item><title>Lambda MicroVMs make isolated sandboxes a serverless design choice</title><link>https://theawsblog.com/news/emiliano-montesdeoca/lambda-microvms-isolated-sandboxes/</link><pubDate>Mon, 22 Jun 2026 00:00:00 +0000</pubDate><author>Emiliano Montesdeoca</author><guid>https://theawsblog.com/news/emiliano-montesdeoca/lambda-microvms-isolated-sandboxes/</guid><description>AWS Lambda MicroVMs give builders a new option for running user-generated and AI-generated code with VM-level isolation, fast resume, and controlled lifecycle state.</description><content:encoded>&lt;p&gt;AWS Lambda MicroVMs are interesting because they do not try to replace normal Lambda functions. They fill a different gap: workloads where the unit of isolation is not an event, but a user session, coding environment, agent run, scanner job, or other stateful sandbox.&lt;/p&gt;
&lt;p&gt;The &lt;a href="https://aws.amazon.com/blogs/aws/run-isolated-sandboxes-with-full-lifecycle-control-aws-lambda-introduces-microvms/"&gt;AWS announcement&lt;/a&gt; frames this around isolated sandboxes with full lifecycle control. That is the right framing. The practical value is not only that Firecracker provides VM-level isolation. It is that AWS is exposing a managed way to create, pause, resume, and retire those environments without asking every product team to become a virtualization platform team.&lt;/p&gt;
&lt;h2 id="what-changed"&gt;What changed&lt;/h2&gt;
&lt;p&gt;Lambda MicroVMs add a serverless compute primitive inside the Lambda family for running code in isolated, stateful execution environments. The source article describes several important properties:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;each session can run in its own Firecracker-backed MicroVM,&lt;/li&gt;
&lt;li&gt;environments can launch and resume from pre-initialized snapshots,&lt;/li&gt;
&lt;li&gt;memory, disk, and running process state can survive during the session,&lt;/li&gt;
&lt;li&gt;idle environments can be suspended by policy,&lt;/li&gt;
&lt;li&gt;applications get a dedicated endpoint and short-lived request authentication.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;That combination matters for applications that cannot fit cleanly into stateless request-response functions. A code interpreter, browser automation sandbox, vulnerability scanner, AI coding assistant, data notebook, or game scripting environment often needs process state and filesystem state between interactions.&lt;/p&gt;
&lt;h2 id="why-builders-should-care"&gt;Why builders should care&lt;/h2&gt;
&lt;p&gt;The old decision tree was uncomfortable. Virtual machines gave strong isolation but slow startup and more operations. Containers started quickly but shared a kernel, which raises the bar for safely running untrusted code. Lambda functions were operationally simple but not designed for long-running interactive state.&lt;/p&gt;
&lt;p&gt;Lambda MicroVMs create a new middle path. For builders, the design conversation becomes more precise:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Use Lambda functions for event handlers and short stateless tasks.&lt;/li&gt;
&lt;li&gt;Use containers when you need packaging flexibility and can manage isolation risk.&lt;/li&gt;
&lt;li&gt;Use Lambda MicroVMs when each tenant, user, or agent run needs a dedicated stateful sandbox.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;This is especially relevant for AI systems. As more applications let agents write code, execute tools, inspect repositories, or process customer files, isolation becomes part of the product boundary. A prompt injection bug should not become a cross-tenant file access bug.&lt;/p&gt;
&lt;h2 id="the-trade-offs-are-still-real"&gt;The trade-offs are still real&lt;/h2&gt;
&lt;p&gt;MicroVMs reduce a lot of infrastructure work, but they do not remove architecture responsibility.&lt;/p&gt;
&lt;p&gt;First, lifecycle policy becomes a cost control. If idle sessions stay warm too long, the bill can drift. If they suspend too aggressively, users feel resume latency. Teams should treat idle duration as a product setting, not a default copied from a sample.&lt;/p&gt;
&lt;p&gt;Second, snapshot-based startup changes how applications initialize. Code that generates unique state, opens long-lived external connections, or assumes initialization happens once per user action needs careful review.&lt;/p&gt;
&lt;p&gt;Third, stateful sandboxes need cleanup rules. Temporary files, credentials, downloaded packages, generated artifacts, and logs can accumulate. Builders should define what survives during a session, what is exported, and what is destroyed.&lt;/p&gt;
&lt;p&gt;Finally, security does not stop at VM boundaries. The execution role, outbound network policy, source artifact pipeline, token handling, and tenant mapping are still part of the isolation story.&lt;/p&gt;
&lt;h2 id="what-to-do-next"&gt;What to do next&lt;/h2&gt;
&lt;p&gt;I would start with workloads where the current workaround is obviously expensive: per-user EC2 sandboxes, over-hardened container runners, or Lambda workflows full of awkward &lt;code&gt;/tmp&lt;/code&gt; and rehydration logic.&lt;/p&gt;
&lt;p&gt;For a proof of concept, validate four things before celebrating:&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;&lt;strong&gt;Cold launch and resume behavior&lt;/strong&gt; with your real image size and dependencies.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Idle cost profile&lt;/strong&gt; for normal user behavior, not a synthetic benchmark.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Tenant boundary tests&lt;/strong&gt; for filesystem, process, network, and IAM access.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Failure cleanup&lt;/strong&gt; when a session crashes, times out, or is abandoned.&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;Lambda MicroVMs are not just another Lambda feature. They are AWS acknowledging that the next wave of serverless workloads includes interactive, stateful, sometimes untrusted execution. That is a useful primitive, as long as teams treat it as an isolation architecture rather than a shortcut around security design.&lt;/p&gt;</content:encoded></item></channel></rss>