How to Secure AWS Serverless API(s)
Discover how to easily enhance security of your container-based AWS serverless API to protect against known and unknown vulnerabilities.
Serverless security covers risks in cloud functions, including excessive permissions, exposed APIs, insecure dependencies, and event-driven abuse.
Search across headline titles and summaries.
Background for this topic.
Serverless is a cloud execution model in which a provider runs and scales application code—typically short-lived, event-triggered functions—while the customer manages the code, configuration, and data rather than allocating servers. “Serverless” does not mean that servers are absent; it means their operation is abstracted from the application team.
Security responsibility therefore concentrates on application and cloud configuration. Material risks include overly broad identity permissions, publicly reachable function or API triggers, exposed secrets, vulnerable dependencies, and unsafe handling of event data. Functions should use least-privilege roles, authenticated and authorized triggers, protected secret stores, dependency scanning, and infrastructure-as-code review. Short lifetimes and distributed execution can also complicate logging and investigation, so teams need centralized, tamper-resistant logs that connect invocations to identities, requests, and downstream services. Provider controls still cover parts of the underlying infrastructure, but they do not secure insecure code, permissions, data flows, or deployment pipelines.
Discover how to easily enhance security of your container-based AWS serverless API to protect against known and unknown vulnerabilities.
ThreatMapper 1.3.0 features secret scanning and the ability to enumerate a software bill of materials (SBOM) at runtime to help secure serverless, Kubernetes, container and multi-cloud environments.
Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and discover the vast benefits of letting cloud services manage your infrastructure.