Download the full Securing Weak Points in Serverless Architecture Whitepaper
Content Summary
1. Serverless Architectures
Serverless computing refers to the technology that supports back-end services and allows enterprises to take advantage of shifting certain responsibilities to CSPs such as AWS, including capacity management, patching, and availability. With serverless computing, enterprises can build back-end applications without being directly involved in availability and scalability. Aside from the relative affordability of serverless computing, its architecture also allows enterprises to write and deploy code without worrying about the management and the security of the underlying infrastructure — hence the term “serverless.”
2. Connected Services in a Serverless Architecture
Understanding how a serverless architecture operates entails understanding the different services involved in it. The scope of this paper includes services offered by AWS, which is the top provider of serverless solutions.
- Amazon Simple Storage Service (Amazon S3)
- AWS Lambda
- Amazon API Gateway
- AWS IAM
3. Misconfigurations and Unsecure Coding Practices
Users of the aforementioned services should define policies to use the least-privilege approach as a best practice, and should diligently assign and check privileges for a better security posture. However, a complex mix of services might prove difficult for users to manually address. In this section, we discuss and demonstrate misconfigurations and risks users might introduce or overlook when securing specific AWS serverless services. To help avoid these misconfigurations and risks, AWS provides its users with the AWS Well-Architected Framework, a set of architectural best practices for designing and running secure and efficient cloud systems.
4. Possible Compromise and Attack Scenarios
AWS provides security mechanisms used in serverless services for users to set up and configure. However, malicious actors look for various ways to take advantage of common user errors, misconfigurations, and even one of the serverless model’s own strengths — its distributed nature — so as to proceed with their activities.
5. Other Security Considerations in Serverless Deployments
Amazon provides security features for their services and guidance for users to consider in order to secure their respective environments. But it is safe to say that there will always be room for better security for serverless services. In this section, we discuss opportunities for improving security in the connected services of a serverless architecture. (We recommend best practices and other security measures that address these issues in the next section.)
6. Security Measures for Serverless Services
Serverless services have become essential business tools, and keeping them secure should be of utmost priority not just for enterprises that use them but for the people and the organizations relying on these enterprises’ applications as well. The following are some best practices and security solutions that can help keep serverless services secure.
7. Serverless Technology and Shared Responsibility
In the serverless model, CSPs are in charge of securing critical software and hardware infrastructures. In the shared responsibility model, this is known as “security of the cloud.” CSPs also handle the security of other critical components, such as server-side encryption, the operating system, and network and firewall configuration. These are components that are part of “security in the cloud,” which in other cloud models falls under the users’ responsibility. CSPs also implement the least-privilege policy and the default-deny approach to service communications. In the case of AWS Lambda, AWS takes care of the underlying infrastructure, the operating system, and the application platform, while the users themselves are responsible for the security of their code, the storage and the accessibility of sensitive data, and the IAM in relation to AWS Lambda and within their function. But all this should not make adopters of serverless services complacent about security.
Executive Summary
The public cloud has empowered enterprises to reach new digital heights, allowing them to create dynamic and scalable operations. For their varying dynamic and flexible needs, there are different compute options available for enterprises to choose from.1 One of those is the serverless model.
Serverless computing is a kind of cloud computing execution model that enables enterprises to use the computational power of a cloud service provider (CSP), such as Amazon Web Services (AWS). It allows enterprises to take advantage of a further reduction in overhead expenses pertaining to server operations and maintenance and to associated processes such as patch management, scaling, and availability. With serverless computing, enterprises can focus on building apps and core products, rather than using manpower to maintain and secure server infrastructure. This means that enterprises that choose to go serverless benefit from increased flexibility, automation, cost-effectiveness, and agility.
From powering and scaling websites and applications in a matter of minutes2 without requiring adopters to worry about infrastructure, to allowing organizations to iterate software faster using the continuous integration and continuous deployment (CI/CD) methodology, serverless technology is enabling organizations to have the speed and the efficiency that they need to drive innovation and improve business.
The serverless model is regarded as relatively more secure than other cloud models because, for example, in the case of AWS Lambda, AWS takes care of the underlying infrastructure, the operating system, and the application platform. But this does not mean that securing the serverless model falls solely under AWS’ responsibility. AWS Lambda users are responsible for securing their code, the storage and the accessibility of sensitive data, and the identity and access management (IAM) in relation to the AWS Lambda service and within their function. In short, the services that users choose to use dictate what they are responsible for. The serverless model also requires customers to understand their responsibility in maintaining proper IAM, critical data storage and accessibility, and code quality. CloudOps and DevOps professionals need to be responsible in properly configuring elements such as IAM and critical data storage as they set up cloud services as well as ensuring that they are deploying secure code.
This research paper aims to shed light on the security considerations in serverless environments and provide recommendations that can help ensure that serverless deployments are kept as secure as possible.
To continue your deep dive into Serverless Architectures: Download the Securing Weak Points in Serverless Architecture Whitepaper
References
- Trend Micro. (Oct.24, 2019). Trend Micro Security News. “The Cloud: What it is and what it’s for.” Accessed on May 25, 2020, at https://www.trendmicro.com/vinfo/us/security/news/security-technology/the-cloud-what-it-is-and-what-it-s-for
- Amazon Web Services. (March 22, 2019). YouTube. “Build a Serverless Startup in Just 30 Minutes!” Accessed on May 25, 2020, at https://www.youtube.com/watch?v=qBNYmYRlTpU.