Episode #25: Using Serverless to Transform Careers and Communities with Farrah Campbell and Danielle Heberling
12/02/19 • 27 min
About Farrah Campbell:
After 10 years of working in healthcare management, a serendipitous 20-minute car ride with Kara Swisher inspired Farrah to make the jump into technology. She has worked at multiple startups in many different capacities, eventually working her way to being the Ecosystems Director for Stackery in Portland, Oregon. As the Stackery Ecosystems Director, Farrah has managed the Stackery relationship with AWS including Stackery as an Advanced Technology Partner, achieving the AWS DevOps Competency, a launch partner for Lambda Layers. Farrah has cultivated the serverless community as an organizer of Portland Serverless Days, the Portland Serverless Meetup, along with numerous serverless workshops and the Portland tech community events from Techfest to bringing multiple luminaries to Portland. She's also an AWS Serverless Hero.
- Twitter: @FarrahC32
- Email: [email protected]
About Danielle Heberling:
Danielle Heberling is a software engineer with a background that includes being a musician and teaching at a K-8 public school. She’s passionate about building things that make the world a better place, whether that be through social change or a good laugh. When she’s not coding, you can often find her reaching back to her teaching roots by mentoring folks from underrepresented groups that would like to make a career switch into tech.
- Twitter: @deeheber
- Email: [email protected]
Notes:
- Translator GitHub Repo: https://github.com/stackery/language-translator
- Translator App: www.serverlessing.io
- Stackery Blog: https://www.stackery.io/blog/
- re:Invent Session: https://www.portal.reinvent.awsevents.com/connect/search.ww?searchPhrase=DVC16
Transcript:
Jeremy: Hi everyone. I'm Jeremy Daly and you're listening to Serverless Chats. This week I'm chatting with Farrah Campbell and Danielle Heberling. Hi Farrah and Danielle, thanks for joining me.
Farrah: Hey Jeremy, thanks for having me.
Danielle: Thanks for having me.
Jeremy: So you both work at Stackery and we can talk a little bit more about what Stackery does in a bit, but I want to start with you Farrah because you are the ecosystems director there and I think it's a really interesting role. Can you tell us what that's all about?
Farrah: Sure. Well, essentially the way I look at it is my job is to connect with people across AWS and other technical partners along with the serverless ecosystem so that we can increase serverless adoption.
Jeremy: Awesome. And Danielle, you are a software engineer at Stackery, and I'm curious what that role looks like when you are building serverless applications to help people build serverless applications.
Danielle: Yeah, it's pretty meta actually. Well, at Stackery we're a small startup. There's only six software engineers total. So I guess you could say we're all technically full stack, so I just jump in anywhere in the stack where I'm needed. And sometimes do customer support too.
Jeremy: Very cool. So I saw the two of you give a talk at Serverlessconf, New York, called Leveling Up Serverless. And you talk about this app that you built and we will get into that in a minute, but what I really loved about your talk was the story behind it. And as you both explained, you have very different backgrounds. Neither of you started in tech, but somehow you sort of serendipitously came across serverless, started participating in the serverless community. And that's what inspired you and enabled you in a way to actually build this application. And I think your story is inspiring, especially to people who are getting into tech or thinking about getting into tech. So I'd love to just talk about your experiences today and we can go through that. So Farrah, let's start with you. How did you get into tech?
Farrah: Well, my intro to tech wasn't like many people's, I hear. In fact, it wasn't until after high school that I really actually explored the internet. My mom had met a new man that she married who owned a computer company called MicroAge and he started a new startup in the back of that where he had multiple engineers working.
And I talked him into letting me work for them to research th...
About Farrah Campbell:
After 10 years of working in healthcare management, a serendipitous 20-minute car ride with Kara Swisher inspired Farrah to make the jump into technology. She has worked at multiple startups in many different capacities, eventually working her way to being the Ecosystems Director for Stackery in Portland, Oregon. As the Stackery Ecosystems Director, Farrah has managed the Stackery relationship with AWS including Stackery as an Advanced Technology Partner, achieving the AWS DevOps Competency, a launch partner for Lambda Layers. Farrah has cultivated the serverless community as an organizer of Portland Serverless Days, the Portland Serverless Meetup, along with numerous serverless workshops and the Portland tech community events from Techfest to bringing multiple luminaries to Portland. She's also an AWS Serverless Hero.
- Twitter: @FarrahC32
- Email: [email protected]
About Danielle Heberling:
Danielle Heberling is a software engineer with a background that includes being a musician and teaching at a K-8 public school. She’s passionate about building things that make the world a better place, whether that be through social change or a good laugh. When she’s not coding, you can often find her reaching back to her teaching roots by mentoring folks from underrepresented groups that would like to make a career switch into tech.
- Twitter: @deeheber
- Email: [email protected]
Notes:
- Translator GitHub Repo: https://github.com/stackery/language-translator
- Translator App: www.serverlessing.io
- Stackery Blog: https://www.stackery.io/blog/
- re:Invent Session: https://www.portal.reinvent.awsevents.com/connect/search.ww?searchPhrase=DVC16
Transcript:
Jeremy: Hi everyone. I'm Jeremy Daly and you're listening to Serverless Chats. This week I'm chatting with Farrah Campbell and Danielle Heberling. Hi Farrah and Danielle, thanks for joining me.
Farrah: Hey Jeremy, thanks for having me.
Danielle: Thanks for having me.
Jeremy: So you both work at Stackery and we can talk a little bit more about what Stackery does in a bit, but I want to start with you Farrah because you are the ecosystems director there and I think it's a really interesting role. Can you tell us what that's all about?
Farrah: Sure. Well, essentially the way I look at it is my job is to connect with people across AWS and other technical partners along with the serverless ecosystem so that we can increase serverless adoption.
Jeremy: Awesome. And Danielle, you are a software engineer at Stackery, and I'm curious what that role looks like when you are building serverless applications to help people build serverless applications.
Danielle: Yeah, it's pretty meta actually. Well, at Stackery we're a small startup. There's only six software engineers total. So I guess you could say we're all technically full stack, so I just jump in anywhere in the stack where I'm needed. And sometimes do customer support too.
Jeremy: Very cool. So I saw the two of you give a talk at Serverlessconf, New York, called Leveling Up Serverless. And you talk about this app that you built and we will get into that in a minute, but what I really loved about your talk was the story behind it. And as you both explained, you have very different backgrounds. Neither of you started in tech, but somehow you sort of serendipitously came across serverless, started participating in the serverless community. And that's what inspired you and enabled you in a way to actually build this application. And I think your story is inspiring, especially to people who are getting into tech or thinking about getting into tech. So I'd love to just talk about your experiences today and we can go through that. So Farrah, let's start with you. How did you get into tech?
Farrah: Well, my intro to tech wasn't like many people's, I hear. In fact, it wasn't until after high school that I really actually explored the internet. My mom had met a new man that she married who owned a computer company called MicroAge and he started a new startup in the back of that where he had multiple engineers working.
And I talked him into letting me work for them to research th...
Previous Episode
Episode #24: Serverless Application Security with Ory Segal (Part 2)
This is PART 2 of my conversation with Ory Segal. View PART 1.
About Ory Segal:
Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec (acquired by Palo Alto Networks), a start-up that enables organizations to build and maintain secure and reliable serverless applications. Prior to PureSec, Ory was Sr. Director of Threat Research at Akamai, were he led a team of top web security & big data researchers. Prior to Akamai, Ory worked at IBM as the Security Products Architect and Product Manager for the market leading application security solution IBM Security AppScan. Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation systems, etc. Ory is serving as an officer of the Web Application Security Consortium (WASC), he is a member of the W3C WebAppSec working group, and was an OWASP Israel board member.
- Twitter: @orysegal
- Prisma by Palo Alto Networks: https://www.paloaltonetworks.com/prisma
- The 12 Most Critical Risks for Serverless Applications: https://www.puresec.io/serverless-security-top-12-csa-puresec
Transcript:
Jeremy: All right. So let's move on to number four. So number four is over privileged function, permissions and roles. This is one of my favorites because I feel like this is something that people do wrong all the time because it's just easy to put a star permission.
Ory: Yeah. And this is an issue that I've been thinking about a lot of, why is it like from a psychological perspective that developers put a wild card there? So, obviously, we've talked about the very granular and very powerful IAM model in public clouds, and that's very relevant to serverless. You break your App down into functions, you assign each function you need to assign to each function, the permissions that it actually needs in order to do its task and nothing more than that, and that's the point here. How do you make sure that if somebody exploits the function, if somebody finds a problem in the function, they are not able to manipulate that function to maybe do some lateral movement inside your Cloud account, move to other data stores, etc?
So that's very important and we see that developers have a tendency, and this is one of the most common issues, to just use a wild card and allow the function to perform all of the actions on certain resources. And that, as I said, this is something that I've asked a lot of developers, why are they doing that? And I'm hearing different answers. Some are just lazy, I have to admit, I do that from time to time as well. It's much easier than actually having to go to the documentation and figure out the name, the exact name of the permission that I need. The other set of developers talked about future proofing the function. So they said, okay, now the function only puts items into database, but maybe next week I'll need it to read, which by the way violates the principle of single responsibility, but let's put that aside. And so they did just put maybe crude permissions or they put everything.
And then there are those who just either don't care, or don't know, or are not aware that this is a problem. So those are the three types of developers or answers that I've heard. But this is by far the most common and I've seen frameworks that automatically generates wildcards as well, which is also bad. And I've seen some bad examples as well in tutorials, which is the worst thing this can happen because we're trying to teach people how to write [crosstalk 00:48:21].
Jeremy: To go the other way. Yeah. Well, so the example that the document uses is the Dynamo DB star permission. And I love this example because you would think, okay, put items, get items, query items, delete items, that seems like that's what I'm giving it permission to. But, no, when you give Dynamo DB star permission, you're giving it the ability to delete tables, or change provision capacity, and you can do a lot of really bad stuff there. And obviously, this is all predicated on someone actually being able to get into your function, but that is something that is possible ... again, it's limited in how you can do that but it certainly is possible. We'll get into that more.
Just one point about about the permissions per function. One of the things that I like to do is I try to give each function the permissions that I think it needs, then I publish it to the cloud, and they try to run it. And then actually, AWS does a grea...
Next Episode
Episode #26: re:Inventing Serverless with Chris Munns
About Chris Munns:
Chris Munns is the Senior Manager of Developer Advocacy for Serverless Applications at Amazon Web Services based in New York City. Chris works with AWS's developer customers to understand how serverless technologies can drastically change the way they think about building and running applications at potentially massive scale with minimal administration overhead. Prior to this role, Chris was the global Business Development Manager for DevOps at AWS, spent a few years as a Solutions Architect at AWS, and has held senior operations engineering posts at Etsy, Meetup, and other NYC based startups. Chris has a Bachelor of Science in Applied Networking and System Administration from the Rochester Institute of Technology.
- Twitter: @chrismunns
- Email: [email protected]
- AWS Compute Blog: https://aws.amazon.com/blogs/compute/
Transcript:
Jeremy: Hi, everyone. I'm Jeremy Daly and you're listening to Serverless Chats. This week, I'm chatting with Chris Munns. Hey Chris, thanks for being here.
Chris: Hey, Jeremy. Thanks for having me.
Jeremy: You are the Senior Manager of Developer Advocacy for Serverless at AWS cloud. Why don't you tell the listeners a little bit about your background and what you do in that role?
Chris: For sure. Definitely. Going back to the earlier parts of my career, I started as what I guess, I would have considered a sysadmin. Maybe these days, you would call it a DevOps engineer or an SRV or something like that. I took care of servers and infrastructure, a jack of all trades across the stack below the application. Then, just a little over eight years ago, just about eight years ago, I first joined AWS solutions architect, did that for a couple years, actually went back out to a startup and then came back again. Then for the last three years, I have been a developer advocate for Serverless at AWS.
Then, just in the last year or so I've actually built out a team of people that are all over the globe. What we do as a team is we create a lot of content, we deliver a lot of content, we do a lot of interacting with our customers, trying to share the good word about Serverless and get people over the challenges and things that they are understanding the various aspects of our platform, I would say. You'll see a lot of our stuff show up in webinars, and Twitch and blog posts and in conferences, and in social media and all that stuff. I would say the next biggest part of what we do is act as a voice of the customer back to the product teams. We are embedded in the product organization, we have influence over and what product is built and to a degree, how it's built. We want to make sure that our customers, concerns, the things they're trying to solve the challenges that they have are being properly represented back to the product organization.
Jeremy: Great. All right. We are live actually in Las Vegas, we're at the Big Show, as AWS fans, I guess would call it. We're at re:Invent 2019 there have been ton of announcements so far this week and I think we're pretty much done, we've hit the max on cognitive load for the number of serverless announcements that have come out. There are a whole bunch of them that I want to talk about, and we can get into some of these in detail. There were some really great ones that I think solve a lot of customers pain points. What do you think are the biggest announcements that came out so far? Maybe not just that re:Invent, but also in the last couple of weeks? Because the last few weeks, there's been a ton of announcements as well. What are your thoughts on that?
Chris: Yeah, it's been a really hectic period for us in the serverless organization at AWS, in the last two weeks a whole bunch of things. Really, I like to boil it down to four key big things that we've launched in last couple months, announced in the last say three months that I think take on some of the biggest challenges that our customers have. The first was back in September, we announced that we were going to be changing the way that VPC networking worked for your lambda functions. We announced this new concept of what we call a VPC to VPC net, it's built on in a data based technology called Hyperplane, it's part of the advanced part of our networking stack.
As of last week, the week here before re:Invent, we got Thanksgiving here in United States, we actually finished the rollout all the public regions that we have across the globe. It's taken some time to get this rolled out. It's actually a really huge infrastructure shift, but basically what this did was it drastically lo...
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/serverless-chats-393394/episode-25-using-serverless-to-transform-careers-and-communities-with-55542448"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to episode #25: using serverless to transform careers and communities with farrah campbell and danielle heberling on goodpods" style="width: 225px" /> </a>
Copy