为无服务器应用程序实施安全最佳实践.pdf

《为无服务器应用程序实施安全最佳实践.pdf》由会员分享，可在线阅读，更多相关《为无服务器应用程序实施安全最佳实践.pdf（137页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Heeki Park(he/him)Principal Solutions ArchitectAWSChris McPeek(he/him)Principal Solutions Architec

2、tAWSImplementing security best practices for serverless applicationsC N S 3 6 0 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.IntroductionGetting started securelyScaling with developer velocityBuilding identity-aware applicationsInnovating with security at the forefrontConclusio

3、nAgenda 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Fitness tracking 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Basic Architecture 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Basic Architecture 2025,Amazon Web Services,Inc.or its

4、affiliates.All rights reserved.Basic Architecture 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Basic ArchitectureActivities API 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web

5、Services,Inc.or its affiliates.All rights reserved.Getting started securely use native AWS security services 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Use AWS accounts as boundaries around resourcesDENY permissions for direct pre-prod/Prod deployments,deferring to automation

6、DeveloperAWS account DEV AWS account PROD Source code repositoryBuild/deploy pipelines 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Encrypt data at restKMS for environment variables,CMK for zip packagingKMS for cachingKMS/CMK for state machine definitions,activitiesKMS/CMK for