There are certain scenarios where server less may not fit well.
For example - AWS Lambda is stateless and allow execution of maximum 5 minutes. Server-less can also be expensive if you have very uniform predictable load.
Also security becomes issue when we do a paradigm shift to this new model. Whats your opinion about the points to be taken care before going server-less and when not to go server-less.
SCJP SCWCD AIX SOA AWS GA
The significant problems we face cannot be solved by the same level of thinking that created them -- Albert Einstein
First, few months ago, AWS extended maximum execution time to 15 minutes for AWS Lambda. Also, AWS Lambda is not really stateless, it's more share-nothing, as you can store some data in /tmp folder for subsequent invocations, and they may or may not be there, depending if you are getting the same container/micro VM or not.
For security, I would say that serverless is more secure than what we had before. Let's talk about serverless functions, as something that holds and runs your code:
Your average function runs in less than 300ms, then it's gone. It's really hard to hack something that is available for less than a second periodically.
Your functions can and should have fine grained permissions, that make them more secure than ever. For example, our function can read just specific data from specific table from the database, or save file in a specific subpath of a specific S3 bucket.
Your function can be triggered by a specific event from AWS platform only. For example, if it's triggered by an Amazon SNS topic message, it can't be invoked by an API request (unless you are using AWS API with your admin credentials, and if you exposed that, someone is probably already mining bitcoins with your account and a security of your function is not your main concern at that moment).
A Lambda function is read-only, except /tmp, which is temporary. No one can change your code from the function itself.
I can go on, as the list is really long, but I hope this is enough to illustrate the point and answer your question.
The fastest and most reliable components of any system are those that are not there. Tiny ad: