Serverless (Deep Workflow)

Serverless shifts complexity to permissions, quotas, observability, and state at the edges. Guide the user to explicit trade-offs: simplicity vs cold starts, synchronous vs async, and least privilege IAM that is still operable.

When to Offer This Workflow

Trigger conditions:

• Choosing between containers vs functions, or decomposing a service into functions
• Cold starts, timeouts, memory sizing, or concurrency throttling
• “Works locally, fails in Lambda”—IAM, VPC, DNS, or env differences
• Cost spikes, recursive invocation, or DLQ backlogs

Initial offer:

Use six stages: (1) workload fit & constraints, (2) triggers & contract, (3) IAM & networking, (4) runtime performance, (5) observability & ops, (6) cost & governance. Confirm cloud and language/runtime.

Stage 1: Workload Fit & Constraints

Goal: Decide if functions are appropriate and what boundaries look like.

Fit Criteria (heuristics)

• Good: event-driven, spiky traffic, small well-defined units, short execution, state externalized
• Hard: long CPU-heavy jobs, large in-memory state, strict low-latency p99 without provisioned concurrency, complex socket protocols

Clarify

• SLAs: sync API vs async pipeline
• Payload limits, execution time cap, tmp storage
• Stateful needs: DB, queue, cache, workflow engine

Exit condition: Clear yes/no/partial with escape hatch (container, batch, ECS/Fargate, Step Functions).

Stage 2: Triggers & Contract

Goal: Define inputs, idempotency, retry semantics, and output side effects.

Map

• Triggers: HTTP, queue, schedule, object storage, streams, webhooks
• At-least-once delivery → idempotent handlers and dedupe keys
• Partial failure in batch: what gets retried vs poison messages

Design

• Event schema versioning; backward-compatible consumers
• DLQ or failed-letter path with replay procedure

Exit condition: Written contract: success criteria, retry policy, dead-letter ownership.

Stage 3: IAM & Networking

Goal: Least privilege that is debuggable; correct VPC when needed.

IAM

• One role per function family; resource-scoped policies
• Avoid * actions on * resources except where cloud forces it—then narrow ASAP
• Cross-account and KMS decrypt permissions explicit

Networking

• Public vs VPC-attached functions (cold start + ENI trade-offs)
• Egress for third-party APIs: NAT costs and security groups / NACLs
• Private API Gateway / internal ALB patterns if applicable

Exit condition: IAM policy review with least privilege checklist; network path diagram for dependencies.

Stage 4: Runtime Performance

Goal: Meet latency and throughput within platform limits.

Tactics