SQL Lambda Tenant Isolation#2968
Open
devops-arch-cloud wants to merge 3 commits intoaws-samples:mainfrom
Open
Conversation
Author
|
@marcojahn @julianwood Do you have update on this PR? |
marcojahn
requested changes
Mar 9, 2026
Contributor
marcojahn
left a comment
marcojahn
left a comment
There was a problem hiding this comment.
Hello @devops-arch-cloud, I've added a review comment, pls review.
Author
devops-arch-cloud
left a comment
devops-arch-cloud
left a comment
There was a problem hiding this comment.
Updated read me file
Author
devops-arch-cloud
left a comment
devops-arch-cloud
left a comment
There was a problem hiding this comment.
Updated readme file
marcojahn
reviewed
Apr 8, 2026
Contributor
marcojahn
left a comment
marcojahn
left a comment
There was a problem hiding this comment.
Hello @devops-arch-cloud, i've added a few comments, pls review
| @@ -0,0 +1,67 @@ | |||
| # AWS Lambda Tenant Isolation with SQS | |||
Contributor
There was a problem hiding this comment.
Suggested change
| # AWS Lambda Tenant Isolation with SQS | |
| # AWS Lambda Tenant Isolation with Amazon SQS |
| @@ -0,0 +1,67 @@ | |||
| # AWS Lambda Tenant Isolation with SQS | |||
|
|
|||
| This pattern demonstrate AWS Lambda's tenant isolation feature in Multi-tenant application. It uses single SQS for multi-tenant applucation and isolating messages using messagegroupid and invoking isolated lambda enviornments. | |||
Contributor
There was a problem hiding this comment.
Suggested change
| This pattern demonstrate AWS Lambda's tenant isolation feature in Multi-tenant application. It uses single SQS for multi-tenant applucation and isolating messages using messagegroupid and invoking isolated lambda enviornments. | |
| This pattern demonstrate AWS Lambda's tenant isolation feature in Multi-tenant application. It uses single Amazon SQS for multi-tenant applucation and isolating messages using messagegroupid and invoking isolated lambda enviornments. |
| @@ -0,0 +1,49 @@ | |||
| { | |||
| "title": "AWS Lambda Tenant Isolation with SQS", | |||
Contributor
There was a problem hiding this comment.
Suggested change
| "title": "AWS Lambda Tenant Isolation with SQS", | |
| "title": "AWS Lambda Tenant Isolation with Amazon SQS", |
| (reads customer-id) (processes with tenant isolation) | ||
| ``` | ||
|
|
||
| ## Testing |
Contributor
There was a problem hiding this comment.
Testing could be more prescriptive, e.g. (below is just a sample)
- You send messages to the SQS queue with --message-group-id set to a tenant identifier (e.g., tenant-blue, tenant-green)
# Get the queue URL from stack outputs
QUEUE_URL=$(aws cloudformation describe-stacks \
--stack-name <your-stack-name> \
--query 'Stacks[0].Outputs[?OutputKey==`QueueUrl`].OutputValue' \
--output text)
- The SQS processor Lambda picks up the message, reads the MessageGroupId from the SQS record attributes, and passes it as the TenantId when invoking the tenant-isolated Lambda
# Send messages for tenant-blue
aws sqs send-message \
--queue-url $QUEUE_URL \
--message-body '{"data": "payload for blue"}' \
--message-group-id "tenant-blue"
- Lambda routes each invocation to a dedicated execution environment for that tenant
# Send messages for tenant-green
aws sqs send-message \
--queue-url $QUEUE_URL \
--message-body '{"data": "payload for green"}' \
--message-group-id "tenant-green"
- You verify isolation by checking CloudWatch Logs — each tenant should get its own log stream
aws logs describe-log-streams \
--log-group-name /aws/lambda/tenant-isolated-processor \
--order-by LastEventTime \
--descending
| - Asynchronous invocation pattern | ||
| - Automatic tenant context propagation | ||
|
|
||
| Learn more about this pattern at [Serverless Land Patterns](https://serverlessland.com/patterns/sqs-lambda-tenant-isolation) |
Contributor
There was a problem hiding this comment.
Suggested change
| Learn more about this pattern at [Serverless Land Patterns](https://serverlessland.com/patterns/sqs-lambda-tenant-isolation) | |
| Learn more about this pattern at [Serverless Land Patterns](https://serverlessland.com/patterns/sqs-lambda-tenant-isolation-sam-py) |
| * [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) | ||
| * [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed | ||
|
|
||
| ## Components |
Contributor
There was a problem hiding this comment.
Components & How It works
- combine
- please be more descriptive
- add an architecture diagram with short flow description (will replace a lot of this text)
Deployment instructions separate topic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
Description of changes:
Multi-tenant application demonstrating AWS Lambda's tenant isolation feature.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.