Serverless computing is about functions that run fast and return small responses. On the other hand, files can be arbitrarily large, and sending them through ephemeral functions can easily hit a limit of the runtime.
This is the problem signed URLs solve.
Learn how to implement a serverless-friendly, robust, and secure solution to handle files using signed URLs.
How to implement file downloads in a serverless architecture? A common step in the serverless journey is when you have the basics ready: Lambdas are started and stopped automatically, the database auto-scales to meet demand. Then a feature request comes in: "as a user I want to download the file I bought". Maybe the app is an ecommerce site where users can buy digital product. Or it can be a learning platform with video courses.
On the surface, there is nothing special with this feature. The backend already has a lot of features implemented: users can register, log in, browse products, make purchases. So, why files are different?
Serverless works best when things are small: login is a small request with a small response, the product list is paginated so that it returns a limited number of items, a purchase is just a request with some specific parameters. But files can be big.
Signed URLs is a technique to solve the file problem in a serverless architecture. And while the details are different, it is implemented in every cloud and not just in AWS.
It is a surprisingly complicated topic. The permissions rely on IAM that interacts with signed URLs in strange ways, expiration time is tricky to get right, and implementing file uploads is a complex operation both on the backend and the frontend with many subtle ways to get wrong.
This book covers the big ideas and the fine details on how to implement a secure and performant solution. This will help you choose the right implementation for your own apps.
Hey, I'm Tamás! I co-author the advancedweb.hu blog where I've published more than 300 articles to date on various technology topics.
I'm a software developer focusing mostly on cloud computing and web technologies. I'm especially interested in how to handle edge cases to end up with dependable software.
Writing serverless apps brings a lot of faschinating problems that require insight into several components to solve properly. One of the first for me was how to handle files and that turned out to be a surprisingly deep topic. This book aims to provide a complete overview of the pros and cons of the available tools and approaches so you can choose the best one according to your needs.
My books and courses: