PK
Uploaded byPratik Khasnabis
PPTX, PDF272 views

Azure serverless security

The document discusses serverless architecture, emphasizing the necessity of security in such environments despite the absence of traditional servers. It outlines security responsibilities among various teams and highlights specific security practices, including the use of OAuth 2.0 and Azure Active Directory for authentication. Additionally, it provides guidance on ensuring secure API calls and managing secrets using Azure Key Vault and managed identities.

Embed presentation

Downloaded 10 times
AZURE SERVERLESS SECURITY P R A T I K K H A S N A B I S A Z U R E C L O U D A R C H I T E C T ( M C S E & M C S D ) @ S O F T V E D A
SERVERLESS ARCHITECTURE “Serverless architectures are application designs that incorporate third-party “Backend as a Service” (BaaS) services, and/or that include custom code run in managed, ephemeral containers on a “Functions as a Service” (FaaS) platform. By using these ideas, and related ones like single-page applications, such architectures remove much of the need for a traditional always-on server component. …” - Martin Fowler SPA App FaaS BaaS
SERVERLESS SECURITY • Just because there is no servers to manage doesn’t absolve you from the responsibility of securing your serverless architecture. • Security on cloud is everyone's responsibility including the development team, the SRE/Ops team, Cyber Security team and of course your cloud vendor. • Security controls also depend on the threat model and risks identified for your specific application. There is no one size fits all solution to cyber security.
SECURING YOUR AZURE ACCOUNT Your Pa$$word doesn't matter Enabling multi-factor authentication (MFA) for accounts will end up blocking 99.9% of automated attacks.
APPSEC PRACTICES Secure coding practices Protect against OWASP Top 10 Do Input validation Logging and Monitoring Enable HTTPS only with TLS 1.2 Framework currency Dependencies vulnerability scans “UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks” “Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report. The credit agency failed to patch a disclosed vulnerability in Apache Struts, a common open source web server.” “Backdoors snuck into 12 OSS packages were downloaded hundreds of thousands of times.”
TYPICAL SERVERLESS ARCHITECTURE ON AZURE Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling
AZURE BLOBS – STATIC WEBSITE HOSTING https://todoappinsecure.z13.web.core.windows.net/
TODO APP - SPA CODE const azureFuncUrl = "https://todoinsecurefunctionapp.azurewebsites.net/api/todo/"; function callSearchAPi() { var id = $("#searchInput").val(); $.ajax({ url: azureFuncUrl + id, type: "GET … } $("#searchBtn").click(function () { clearErrorMessage(); callSearchAPi(); })
TODO FUNCTION https://todoinsecurefunctionapp.azurewebsites.net/api/todo/{id}
SETTING CORS
TODO TABLE STORAGE Connection String in Function App Application Settings
IS THIS APP SECURE? Storage blob Storage table Cosmos DB Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling App Config
PROBLEM STATEMENT How do we make sure that the REST API calls from the SPA to Azure Function is secure as in only authenticated and authorised users can invoke the Azure Function. How do we make sure that only the Azure Function app can access the backend Database and secure the credential.
OAUTH 2.0 IMPLICIT GRANT FLOW
REGISTER TODO APP IN AZURE AD
REGISTER TODO API FUNCTION IN AZURE AD
TODO APP SECURE –SPA CODE
ADAL.JS – LOGIN
ADAL.JS – GET ACESS TOKEN
CHANGE AUTHENTICATION TO FUNCTION
AZURE API MANAGEMENT • Reducing the attack surface • CORS Policy • Validate JWT Policy • Rate limiting
PUBLISH TODO FUNCTION APP IN AZURE APIM
CONFIGURE VALIDATE-JWT POLICY
IS THIS APP SECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key App Config
INSPECT THE JWT ACCESS TOKEN
ADD APPLICATION ROLE IN MANIFEST
GRANT APPLICATION ROLE TO USER
INSPECT THE JWT ACCESS TOKEN
TOKEN VALIDATION & ROLE CHECK
IS THIS APP SECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key App Config JWT
CREDENTIAL FREE CODE Managed Identity for Azure Resources (aka MSI) – MSI_ENDPOINT – MSI_SECRET
CREATE AN IDENTITY FOR THE FUNCTION APP
SAVE CONNECTION STRING AS A SECRET IN KV
SET A LEAST PRIVILEGE ACCESS POLICY TO THE FUNCTION APP IDENTITY
SET THE CONNECTION STRING VALUE IN FUNCTION APP APPLICATION SETTINGS Format is @Microsoft.KeyVault(SecretUri=secret_uri_with_version)
IS THIS APP SECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key MSI JWT
SECURE SERVERLESS ARCHITECTURE Azure Active Directory Azure Key Vault API Management Storage blob Static Website Hosting Sign In Open-id config MSI Access Policy GET Static Assets (Unauthenticated) AJAX API Calls API Calls Table Ops GET Secret SPA App (ADAL.js) Storage table CORS policy Validate JWT policy Validate Claims JWT JWTFunction Key Get Access Token Data Store JWT
TAKEAWAYS • Implement OAUTH 2.0 Implicit Flow in the SPA to get a access token for the Function App being called • Register the SPA and the Function App in Azure AD as applications • Change Function App application manifest and add “app roles” • Grant roles to users in AD for the Function App application • Publish the Function App in Azure API Management • Validate the JWT token in APIM policy • Check the role in the claims within the JWT in Function App code • Set Managed Identity for the Function App • Stote connection strings as secrets in Azure Key Vault • Grant least privilege access policy to the Function App MSI in the Key Vault • Change the application configuration for Function App to point to Key Vault
THANK YOU Pratik Khasnabis Azure Cloud Architect (MCSE & MCSD) @softveda

More Related Content

PPTX
Azure App Service Deep Dive
byAzure Riyadh User Group
 
PPTX
Introduction to Microsoft Azure 101
byR M Shahidul Islam Shahed
 
PPTX
Azure Big Picture
byAzure Riyadh User Group
 
PDF
Building microservices on azure
byVaibhav Gujral
 
PPTX
Azure Web Apps Advanced Security
byUdaiappa Ramachandran
 
PPTX
Azure Automation and Update Management
byUdaiappa Ramachandran
 
PPTX
Certification in Microsoft Azure
byDaniel Toomey
 
PPTX
Sydney 2015 Azure bootcamp PaaS presentation
byAaron Saikovski
 
Azure App Service Deep Dive
byAzure Riyadh User Group
 
Introduction to Microsoft Azure 101
byR M Shahidul Islam Shahed
 
Azure Big Picture
byAzure Riyadh User Group
 
Building microservices on azure
byVaibhav Gujral
 
Azure Web Apps Advanced Security
byUdaiappa Ramachandran
 
Azure Automation and Update Management
byUdaiappa Ramachandran
 
Certification in Microsoft Azure
byDaniel Toomey
 
Sydney 2015 Azure bootcamp PaaS presentation
byAaron Saikovski
 

What's hot

PPTX
Lets talk about: Azure Kubernetes Service (AKS)
byPedro Sousa
 
PPTX
Azure IaaS Server Lifecycle Presentation
byDaniel Toomey
 
PPTX
Microsoft Azure News - Dec 2016
byDaniel Toomey
 
PPTX
Azure appservice
byRaju Kumar
 
PDF
Innovation at Scale - Top 10 AWS questions when you start
byShiva Narayanaswamy
 
PDF
Overview of Amazon Web Services
byBrett Gillett
 
PPTX
Using Windows Azure for Solving Identity Management Challenges
byMichael Collier
 
Lets talk about: Azure Kubernetes Service (AKS)
byPedro Sousa
 
Azure IaaS Server Lifecycle Presentation
byDaniel Toomey
 
Microsoft Azure News - Dec 2016
byDaniel Toomey
 
Azure appservice
byRaju Kumar
 
Innovation at Scale - Top 10 AWS questions when you start
byShiva Narayanaswamy
 
Overview of Amazon Web Services
byBrett Gillett
 
Using Windows Azure for Solving Identity Management Challenges
byMichael Collier
 

Similar to Azure serverless security

PPTX
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
byCallon Campbell
 
PPTX
Design Practices for a Secure Azure Solution
byMichele Leroux Bustamante
 
PDF
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
byCodit
 
PDF
Modern App Architecture - Microservices, API Friendly
byDevOps Indonesia
 
PPTX
Adapt or Die Sydney - API Security
byApigee | Google Cloud
 
PPTX
Developing Solutions for Azure - Best Practices
byFisnik Doko
 
PPTX
Azure Security: How to protect a hybrid PaaS-IaaS solution built entirely in ...
byLorenzo Barbieri
 
PPTX
Azure AD for browser-based application developers
byBob German
 
PDF
24032022 Zero Trust for Developers Pub.pdf
byTomasz Kopacz
 
PDF
Azure AD B2C – integration in a bank
byKseniia Lvova
 
PDF
Enhancing your Security APIs
byApigee | Google Cloud
 
PPTX
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
bySpiffy
 
PDF
Red team-view-gaps-in-the-serverless-application-attack-surface
byPriyanka Aash
 
PDF
Virtual Meetup - API Security Best Practices
byJimmy Attia
 
PPTX
What's new for Serverless Computing in Azure
byMicrosoft Tech Community
 
PPTX
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud?
byLorenzo Barbieri
 
PPTX
Start Secure, Stay Secure: Full-Lifecycle Application Security with Azure
byDinusha Kumarasiri
 
PDF
SecDevOps for API Security
by42Crunch
 
PDF
apidays London 2023 - APIs: The Attack Surface That Connects Us All, Stefan M...
byapidays
 
PDF
Secure your app against DDOS, API Abuse, Hijacking, and Fraud
byTu Pham
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
byCallon Campbell
 
Design Practices for a Secure Azure Solution
byMichele Leroux Bustamante
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
byCodit
 
Modern App Architecture - Microservices, API Friendly
byDevOps Indonesia
 
Adapt or Die Sydney - API Security
byApigee | Google Cloud
 
Developing Solutions for Azure - Best Practices
byFisnik Doko
 
Azure Security: How to protect a hybrid PaaS-IaaS solution built entirely in ...
byLorenzo Barbieri
 
Azure AD for browser-based application developers
byBob German
 
24032022 Zero Trust for Developers Pub.pdf
byTomasz Kopacz
 
Azure AD B2C – integration in a bank
byKseniia Lvova
 
Enhancing your Security APIs
byApigee | Google Cloud
 
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
bySpiffy
 
Red team-view-gaps-in-the-serverless-application-attack-surface
byPriyanka Aash
 
Virtual Meetup - API Security Best Practices
byJimmy Attia
 
What's new for Serverless Computing in Azure
byMicrosoft Tech Community
 
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud?
byLorenzo Barbieri
 
Start Secure, Stay Secure: Full-Lifecycle Application Security with Azure
byDinusha Kumarasiri
 
SecDevOps for API Security
by42Crunch
 
apidays London 2023 - APIs: The Attack Surface That Connects Us All, Stefan M...
byapidays
 
Secure your app against DDOS, API Abuse, Hijacking, and Fraud
byTu Pham
 

Recently uploaded

PDF
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
PDF
Mastering Agentic Orchestration with UiPath Maestro | Hands on Workshop
byUiPathCommunity
 
PDF
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
PDF
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
PDF
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
PDF
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
PDF
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
PDF
How Much Does It Cost To Build Software
bycollinmishell2
 
PPTX
Guardrails in Action - Ensuring Safe AI with Azure AI Content Safety.pptx
byUdaiappa Ramachandran
 
PDF
Crane Accident Prevention Guide: Key OSHA Regulations for Safer Operations
bySharpEagle Technology
 
PDF
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
PDF
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
PDF
[BDD 2025 - Mobile Development] Mobile Engineer and Software Engineer: Are we...
bywintari3
 
PDF
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
PDF
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
PPTX
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
PDF
DUBAI IT MODERNIZATION WITH AZURE MANAGED SERVICES.pdf
byLogicEra
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
Mastering Agentic Orchestration with UiPath Maestro | Hands on Workshop
byUiPathCommunity
 
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
How Much Does It Cost To Build Software
bycollinmishell2
 
Guardrails in Action - Ensuring Safe AI with Azure AI Content Safety.pptx
byUdaiappa Ramachandran
 
Crane Accident Prevention Guide: Key OSHA Regulations for Safer Operations
bySharpEagle Technology
 
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
[BDD 2025 - Mobile Development] Mobile Engineer and Software Engineer: Are we...
bywintari3
 
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
DUBAI IT MODERNIZATION WITH AZURE MANAGED SERVICES.pdf
byLogicEra
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 

Azure serverless security

  • 1.
    AZURE SERVERLESS SECURITY P R AT I K K H A S N A B I S A Z U R E C L O U D A R C H I T E C T ( M C S E & M C S D ) @ S O F T V E D A
  • 2.
    SERVERLESS ARCHITECTURE “Serverless architecturesare application designs that incorporate third-party “Backend as a Service” (BaaS) services, and/or that include custom code run in managed, ephemeral containers on a “Functions as a Service” (FaaS) platform. By using these ideas, and related ones like single-page applications, such architectures remove much of the need for a traditional always-on server component. …” - Martin Fowler SPA App FaaS BaaS
  • 3.
    SERVERLESS SECURITY • Justbecause there is no servers to manage doesn’t absolve you from the responsibility of securing your serverless architecture. • Security on cloud is everyone's responsibility including the development team, the SRE/Ops team, Cyber Security team and of course your cloud vendor. • Security controls also depend on the threat model and risks identified for your specific application. There is no one size fits all solution to cyber security.
  • 4.
    SECURING YOUR AZUREACCOUNT Your Pa$$word doesn't matter Enabling multi-factor authentication (MFA) for accounts will end up blocking 99.9% of automated attacks.
  • 5.
    APPSEC PRACTICES Secure codingpractices Protect against OWASP Top 10 Do Input validation Logging and Monitoring Enable HTTPS only with TLS 1.2 Framework currency Dependencies vulnerability scans “UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks” “Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report. The credit agency failed to patch a disclosed vulnerability in Apache Struts, a common open source web server.” “Backdoors snuck into 12 OSS packages were downloaded hundreds of thousands of times.”
  • 6.
    TYPICAL SERVERLESS ARCHITECTUREON AZURE Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling
  • 7.
    AZURE BLOBS –STATIC WEBSITE HOSTING https://todoappinsecure.z13.web.core.windows.net/
  • 8.
    TODO APP -SPA CODE const azureFuncUrl = "https://todoinsecurefunctionapp.azurewebsites.net/api/todo/"; function callSearchAPi() { var id = $("#searchInput").val(); $.ajax({ url: azureFuncUrl + id, type: "GET … } $("#searchBtn").click(function () { clearErrorMessage(); callSearchAPi(); })
  • 9.
  • 10.
  • 11.
    TODO TABLE STORAGE ConnectionString in Function App Application Settings
  • 12.
    IS THIS APPSECURE? Storage blob Storage table Cosmos DB Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling App Config
  • 13.
    PROBLEM STATEMENT How dowe make sure that the REST API calls from the SPA to Azure Function is secure as in only authenticated and authorised users can invoke the Azure Function. How do we make sure that only the Azure Function app can access the backend Database and secure the credential.
  • 14.
  • 15.
    REGISTER TODO APPIN AZURE AD
  • 16.
    REGISTER TODO APIFUNCTION IN AZURE AD
  • 17.
    TODO APP SECURE–SPA CODE
  • 18.
  • 19.
    ADAL.JS – GETACESS TOKEN
  • 20.
  • 21.
    AZURE API MANAGEMENT •Reducing the attack surface • CORS Policy • Validate JWT Policy • Rate limiting
  • 22.
    PUBLISH TODO FUNCTIONAPP IN AZURE APIM
  • 23.
  • 24.
    IS THIS APPSECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key App Config
  • 25.
    INSPECT THE JWTACCESS TOKEN
  • 26.
  • 27.
  • 28.
    INSPECT THE JWTACCESS TOKEN
  • 29.
  • 30.
    IS THIS APPSECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key App Config JWT
  • 31.
    CREDENTIAL FREE CODE ManagedIdentity for Azure Resources (aka MSI) – MSI_ENDPOINT – MSI_SECRET
  • 32.
    CREATE AN IDENTITYFOR THE FUNCTION APP
  • 33.
    SAVE CONNECTION STRINGAS A SECRET IN KV
  • 34.
    SET A LEASTPRIVILEGE ACCESS POLICY TO THE FUNCTION APP IDENTITY
  • 35.
    SET THE CONNECTIONSTRING VALUE IN FUNCTION APP APPLICATION SETTINGS Format is @Microsoft.KeyVault(SecretUri=secret_uri_with_version)
  • 36.
    IS THIS APPSECURE? Storage blob Storage table Cosmos DB API Management Functions [Single Page App] Serve static content (HTML, CSS, JS, and image files) directly from a storage container named $web. [REST API Gateway] Serverless API management with automated scaling for securing, publishing, and analysing APIs [Backend - Microservice] FaaS in Azure. An event- driven serverless compute platform [Backend – Database] NoSQL Databases in Azure with almost limitless scaling JWT Key MSI JWT
  • 37.
    SECURE SERVERLESS ARCHITECTURE Azure ActiveDirectory Azure Key Vault API Management Storage blob Static Website Hosting Sign In Open-id config MSI Access Policy GET Static Assets (Unauthenticated) AJAX API Calls API Calls Table Ops GET Secret SPA App (ADAL.js) Storage table CORS policy Validate JWT policy Validate Claims JWT JWTFunction Key Get Access Token Data Store JWT
  • 38.
    TAKEAWAYS • Implement OAUTH2.0 Implicit Flow in the SPA to get a access token for the Function App being called • Register the SPA and the Function App in Azure AD as applications • Change Function App application manifest and add “app roles” • Grant roles to users in AD for the Function App application • Publish the Function App in Azure API Management • Validate the JWT token in APIM policy • Check the role in the claims within the JWT in Function App code • Set Managed Identity for the Function App • Stote connection strings as secrets in Azure Key Vault • Grant least privilege access policy to the Function App MSI in the Key Vault • Change the application configuration for Function App to point to Key Vault
  • 39.
    THANK YOU Pratik Khasnabis AzureCloud Architect (MCSE & MCSD) @softveda

Editor's Notes

  • #3 https://martinfowler.com/articles/serverless.html
  • #6 https://snyk.io/
  • #16 https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow
  • #23 https://login.microsoftonline.com/{tenant}/.well-known/openid-configuration
  • #34 https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
  • #40 https://github.com/mspnp/serverless-reference-implementation/blob/master/src/readme.md