1. ServerlessServerless
Introduction to Serverless ApplicationIntroduction to Serverless Application
Model (SAM) + Advanced Security &Model (SAM) + Advanced Security &
Safety Best PracticesSafety Best Practices
Martijn van DongenMartijn van Dongen
AWS Cloud Evangelist | Founder AWSug.nl | AWS APN AmbassadorAWS Cloud Evangelist | Founder AWSug.nl | AWS APN Ambassador
1
2. 400
300
200
100
Expert
Sessions are for attendees who are deeply familiar with the topic, have
implemented a solution on their own already, and are comfortable with how the
technology works across multiple services, architectures, and implementations.
Advanced
Sessions dive deeper into the selected topic. Presenters assume that the
attendees have some familiarity with the topic but may or may not have direct
experience implementing a similar solution.
Intermediate
Sessions are focused on providing best practices, details of service features and
demos, with the assumption that attendees have introductory knowledge of the
topic.
Introductory
Sessions are focused on providing an overview of AWS services, with the
assumption that attendees are new to the topic.
2
3. "We are willing to be misunderstood"We are willing to be misunderstood
for long periods of time."for long periods of time."
- Jeff Bezos- Jeff Bezos
3
8. Serverless Application Model (SAM)Serverless Application Model (SAM)
Security and Safety Best PracticesSecurity and Safety Best Practices
Intro. New to Serverless?
Layers. Keep the lambdas lambda.
Policies. [ARNs, Templates, Inline]
X-Ray. Some γ for your λ.
Canary Deploy. Deploy, #3!&ds$, Rollback.
VPC/Aurora. Connecting to Aurora Serverless.
Secrets. Don't want to know it.
8
44. Take AwaysTake Aways
Love SAM
Adopt Lambda Layers
Checkout X-Ray
Least Privileges
Canary Deployment
Deploy lambdas in VPCs
Secrets that only your app knows
44