UsefulLinks
Computer Science
Cloud Computing
Serverless Technologies
1. Introduction to Serverless Computing
2. Core Concepts and Architecture
3. Functions as a Service In-Depth
4. Major Serverless Platforms
5. Developing and Deploying Serverless Applications
6. Serverless Architectural Patterns
7. Observability in Serverless Systems
8. Security Considerations
9. Advanced Topics and Challenges
10. The Future of Serverless
8.
Security Considerations
8.1.
The Shared Responsibility Model in Serverless
8.1.1.
Provider vs. Customer Responsibilities
8.1.2.
Security Boundaries
8.2.
Identity and Access Management
8.2.1.
Principle of Least Privilege
8.2.1.1.
Minimizing Permissions
8.2.1.2.
Role-Based Access Control
8.2.2.
Function Execution Roles
8.2.2.1.
Assigning Roles to Functions
8.2.2.2.
Temporary Credentials
8.3.
Securing Function Code
8.3.1.
Dependency Scanning
8.3.1.1.
Vulnerability Detection
8.3.1.2.
Automated Scanning Tools
8.3.2.
Static Application Security Testing
8.3.2.1.
Code Analysis Techniques
8.3.2.2.
Integration with CI/CD
8.4.
Securing Event Sources
8.4.1.
API Gateway Security
8.4.1.1.
Authentication Mechanisms
8.4.1.2.
Authorization Policies
8.4.2.
Event Injection Attacks
8.4.2.1.
Input Validation
8.4.2.2.
Event Source Filtering
8.5.
Managing Secrets and Configuration
8.5.1.
Environment Variables vs. Secrets Managers
8.5.1.1.
Secure Storage of Secrets
8.5.1.2.
Rotation and Auditing
8.6.
Network Security
8.6.1.
Virtual Private Cloud Integration
8.6.1.1.
Private Network Access
8.6.1.2.
Subnet Configuration
8.6.2.
Egress and Ingress Controls
8.6.2.1.
Restricting Outbound and Inbound Traffic
8.6.2.2.
Firewall Rules
Previous
7. Observability in Serverless Systems
Go to top
Next
9. Advanced Topics and Challenges