In this chapter, we will discuss the different aspects of securing an application deployed using serverless computing. We will discuss the shared responsibility model between the client and the cloud provider, and outline the security controls provided by the Azure platform. We will walk through a step-by-step guidance for the following aspects:
- Connecting a Function App to a private network
- Deploying a Function App on a private network, without internet access
- Protecting the Function App with a network firewall
- Configuring function authorization with API keys
- Configuring Function App authentication with Azure Active Directory and Facebook identity providers
- Handling data encryption in transit and at rest
- Managing administrative access to the application
Unlike the previous chapters, the examples in this chapter are not presented in the context of the text sentiment analysis application. This is because the different approaches to securing the application are...