Book Image

Advanced Serverless Architectures with Microsoft Azure

By : Daniel Bass
Book Image

Advanced Serverless Architectures with Microsoft Azure

By: Daniel Bass

Overview of this book

Advanced Serverless Architectures with Microsoft Azure redefines your experience of designing serverless systems. It shows you how to tackle challenges of varying levels, not just the straightforward ones. You'll be learning how to deliver features quickly by building systems, which retain the scalability and benefits of serverless. You'll begin your journey by learning how to build a simple, completely serverless application. Then, you'll build a highly scalable solution using a queue, load messages onto the queue, and read them asynchronously. To boost your knowledge further, the book also features durable functions and ways to use them to solve errors in a complex system. You'll then learn about security by building a security solution from serverless components. Next, you’ll gain an understanding of observability and ways to leverage application insights to bring you performance benefits. As you approach the concluding chapters, you’ll explore chaos engineering and the benefits of resilience, by actively switching off a few of the functions within a complex system, submitting a request, and observing the resulting behavior. By the end of this book, you will have developed the skills you need to build and maintain increasingly complex systems that match evolving platform requirements.
Table of Contents (8 chapters)

Serverless Security

Let's understand how serverless security is different from normal application security. The security story on serverless is mostly a good one. Because the underlying infrastructure is completely managed by the cloud provider, there are no out-of-date versions of software running on poorly maintained servers with unnecessary ports exposed. Azure is accredited with many different security standards and is generally considered to be very secure. The platform itself is actively protected against malware and DoS attacks.

However, that's not to say that Serverless is automatically secure. It shares some vulnerabilities with conventional systems that are worth noting:

  • You still need to take care of authentication, authorization, and access control. If you set up a serverless database with a password in the top 10 most common passwords, it can be hacked just as easily as if it were a non-serverless database.

  • Services such as FaaS, or any serverless service that interacts with...