SlideShare a Scribd company logo

Protecting Applications with Lambda@Edge and OAuth

Download as PPTX, PDF
Allan Denot
Allan Denot

Securing application access without a VPN, using a CloudFront distribution with Lambda@Edge functions forcing OAuth authentication with Azure or Github

Technology
1 of 17
Protecting Applications with Lambda@Edge
Allan Denot ➔ 5 years working as DevOps and AWS ➔ Senior DevOps Engineer at amaysim ➔ Master in IT from University of Sydney ➔ Former Ansible “expert” ➔ Currently doing Docker, ECS, CI/CD and Serverless @denot allandenot.com
Problem #1
Environment Consistency (or lack thereof)
Environment Consistency (or lack thereof) Engineer Before Internal VPC Dev QA VPN Stakeholders? Mobile? Architecture not consistent with Production
Internal VPC Environment Consistency (or lack thereof) CloudFront Dev QA VPN Production CloudFrontCloudFrontCan’t be exposed to public
Environment Consistency Solution #1 Internal VPC CloudFront Dev QA VPN Production CloudFrontCloudFront with Lambda with Lambda
Problem #2 (caused by Solution #1)
Protecting API Endpoints
Protected API Endpoints Internal VPC QA CloudFront with Lambda API call 302 Redirect to OAuth Automate d test client Automate d test client
Protected API Endpoints Requirements ➔ Protected from public ➔ Can’t use API Tokens or header authentication - keep consistency with production ➔ Known sources should have direct access
Solution #2 Protected API Endpoints Internal VPC QA CloudFront with Lambda API call 200 OK Automate d test client Dynamo DB Automate d test client
How it works
302 Redirect to OAuth Endpoint Request CALLBACK_URL with client code 200 Allow and set cookie Stores IP 302 Redirect to CALLBACK_URL with client code Request Webpage Flow Client CloudFront Labda@Edge OAuth Provider Client Authenticates with OAuth Provider Can include multiple interactions Checks code is valid Dynamo DB Dynamo DBIP Exists?
Demo
Questions? Links github.com/amaysim-au/cloudfront-auth-whitelist branches: github and azure Original code: github.com/Widen/cloudfront-auth

Recommended

LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your doorLFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your doorEric Smalling
 
use case ibm k8s_service+devops
use case ibm k8s_service+devopsuse case ibm k8s_service+devops
use case ibm k8s_service+devopsShoichiro Sakaigawa
 
Continous Delivery and Continous Integration at IKERLAN
Continous Delivery and Continous Integration at IKERLANContinous Delivery and Continous Integration at IKERLAN
Continous Delivery and Continous Integration at IKERLANAngel Conde Manjon
 
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)Hui (Henry) Chen
 
Reactive Microservices with Quarkus
Reactive Microservices with QuarkusReactive Microservices with Quarkus
Reactive Microservices with QuarkusNiklas Heidloff
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Lacework
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019Liran Tal
 

Recommended

LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your doorLFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your doorEric Smalling
 
use case ibm k8s_service+devops
use case ibm k8s_service+devopsuse case ibm k8s_service+devops
use case ibm k8s_service+devopsShoichiro Sakaigawa
 
Continous Delivery and Continous Integration at IKERLAN
Continous Delivery and Continous Integration at IKERLANContinous Delivery and Continous Integration at IKERLAN
Continous Delivery and Continous Integration at IKERLANAngel Conde Manjon
 
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)Hui (Henry) Chen
 
Reactive Microservices with Quarkus
Reactive Microservices with QuarkusReactive Microservices with Quarkus
Reactive Microservices with QuarkusNiklas Heidloff
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Lacework
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019Liran Tal
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersDevOps.com
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
 
Visual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlowVisual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlowNiklas Heidloff
 
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security AssuranceSec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security AssuranceAbdessamad TEMMAR
 
Enterprise level cloud CI
Enterprise level cloud CIEnterprise level cloud CI
Enterprise level cloud CISQUADEX
 
Jakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaJakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaNiklas Heidloff
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Codefresh
 
You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!VMware Tanzu
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon
 
Test coverage development
Test coverage developmentTest coverage development
Test coverage developmentbo wang bo wang
 
Deploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOpsDeploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOpsAndrea Tosato
 
Software Composition Analysis Deep Dive
Software Composition Analysis Deep DiveSoftware Composition Analysis Deep Dive
Software Composition Analysis Deep DiveUlisses Albuquerque
 
Docker
DockerDocker
DockerDiego Pacheco
 
Node.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In SchoolNode.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In SchoolLiran Tal
 
Emulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API ProvidersEmulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API ProvidersCisco DevNet
 
DevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDavide Cioccia
 
Continuous Integration from server to cloud
Continuous Integration from server to cloudContinuous Integration from server to cloud
Continuous Integration from server to cloudPaolo D'Incau
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Developing Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhiskDeveloping Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhiskNiklas Heidloff
 
Super Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with ContainersSuper Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with ContainersAll Things Open
 
Cloud-native Patterns
Cloud-native PatternsCloud-native Patterns
Cloud-native PatternsVMware Tanzu
 

More Related Content

What's hot

Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersDevOps.com
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
 
Visual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlowVisual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlowNiklas Heidloff
 
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security AssuranceSec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security AssuranceAbdessamad TEMMAR
 
Enterprise level cloud CI
Enterprise level cloud CIEnterprise level cloud CI
Enterprise level cloud CISQUADEX
 
Jakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaJakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaNiklas Heidloff
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Codefresh
 
You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!VMware Tanzu
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon
 
Test coverage development
Test coverage developmentTest coverage development
Test coverage developmentbo wang bo wang
 
Deploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOpsDeploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOpsAndrea Tosato
 
Software Composition Analysis Deep Dive
Software Composition Analysis Deep DiveSoftware Composition Analysis Deep Dive
Software Composition Analysis Deep DiveUlisses Albuquerque
 
Node.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In SchoolNode.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In SchoolLiran Tal
 
Emulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API ProvidersEmulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API ProvidersCisco DevNet
 
DevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDavide Cioccia
 
Continuous Integration from server to cloud
Continuous Integration from server to cloudContinuous Integration from server to cloud
Continuous Integration from server to cloudPaolo D'Incau
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Developing Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhiskDeveloping Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhiskNiklas Heidloff
 

What's hot (20)

Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps Engineers
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
 
Visual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlowVisual Recognition with Anki Cozmo and TensorFlow
Visual Recognition with Anki Cozmo and TensorFlow
 
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security AssuranceSec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
Sec4dev 2021 - Catch Me If You can : Continuous Delivery vs. Security Assurance
 
Enterprise level cloud CI
Enterprise level cloud CIEnterprise level cloud CI
Enterprise level cloud CI
 
Jakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaJakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with Java
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
 
You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!You Want to Kubernetes? You MUST Know Containers!
You Want to Kubernetes? You MUST Know Containers!
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
 
Test coverage development
Test coverage developmentTest coverage development
Test coverage development
 
Deploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOpsDeploy multi-environment application with Azure DevOps
Deploy multi-environment application with Azure DevOps
 
Software Composition Analysis Deep Dive
Software Composition Analysis Deep DiveSoftware Composition Analysis Deep Dive
Software Composition Analysis Deep Dive
 
Docker
DockerDocker
Docker
 
Node.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In SchoolNode.js Security Done Right - Tips and Tricks They Won't Teach You In School
Node.js Security Done Right - Tips and Tricks They Won't Teach You In School
 
Emulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API ProvidersEmulators as an Emerging Best Practice for API Providers
Emulators as an Emerging Best Practice for API Providers
 
DevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bdd
 
Continuous Integration from server to cloud
Continuous Integration from server to cloudContinuous Integration from server to cloud
Continuous Integration from server to cloud
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014
 
Developing Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhiskDeveloping Serverless Applications with Apache OpenWhisk
Developing Serverless Applications with Apache OpenWhisk
 

Similar to Protecting Applications with Lambda@Edge and OAuth

Super Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with ContainersSuper Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with ContainersAll Things Open
 
Cloud-native Patterns
Cloud-native PatternsCloud-native Patterns
Cloud-native PatternsVMware Tanzu
 
Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)Alexandre Roman
 
Drone Continuous Integration
Drone Continuous IntegrationDrone Continuous Integration
Drone Continuous IntegrationDaniel Cerecedo
 
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSEnd-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSBhuvaneswari Subramani
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAmazon Web Services
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAmazon Web Services
 
When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?Niklas Heidloff
 
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...Amazon Web Services
 
The Tao of Docker - Devfest Nantes 2017
The Tao of Docker - Devfest Nantes 2017The Tao of Docker - Devfest Nantes 2017
The Tao of Docker - Devfest Nantes 2017Patrick Chanezon
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Amazon Web Services
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019ciberkleid
 
Deploy Code into Production Faster on Kubernetes
Deploy Code into Production Faster on KubernetesDeploy Code into Production Faster on Kubernetes
Deploy Code into Production Faster on KubernetesVMware Tanzu
 
Here Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New WorldHere Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New WorldC4Media
 
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Synopsys Software Integrity Group
 
Continuous Delivery Live
Continuous Delivery LiveContinuous Delivery Live
Continuous Delivery LiveDocker, Inc.
 
Microsoft Techsummit Zurich Docker and Microsoft
Microsoft Techsummit Zurich Docker and MicrosoftMicrosoft Techsummit Zurich Docker and Microsoft
Microsoft Techsummit Zurich Docker and MicrosoftPatrick Chanezon
 
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe Development
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe DevelopmentEclipse Che - A Revolutionary IDE for Distributed & Mainframe Development
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe DevelopmentDevOps.com
 

Similar to Protecting Applications with Lambda@Edge and OAuth (20)

Super Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with ContainersSuper Fast Inner Loop Application Development with Containers
Super Fast Inner Loop Application Development with Containers
 
Cloud-native Patterns
Cloud-native PatternsCloud-native Patterns
Cloud-native Patterns
 
Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)
 
Drone Continuous Integration
Drone Continuous IntegrationDrone Continuous Integration
Drone Continuous Integration
 
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWSEnd-to-End CI/CD at scale with Infrastructure-as-Code on AWS
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
 
When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?
 
Cloud Native & Docker
Cloud Native & DockerCloud Native & Docker
Cloud Native & Docker
 
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...
 
The Tao of Docker - Devfest Nantes 2017
The Tao of Docker - Devfest Nantes 2017The Tao of Docker - Devfest Nantes 2017
The Tao of Docker - Devfest Nantes 2017
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019
 
Deploy Code into Production Faster on Kubernetes
Deploy Code into Production Faster on KubernetesDeploy Code into Production Faster on Kubernetes
Deploy Code into Production Faster on Kubernetes
 
Here Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New WorldHere Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New World
 
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
 
Continuous Delivery Live
Continuous Delivery LiveContinuous Delivery Live
Continuous Delivery Live
 
Microsoft Techsummit Zurich Docker and Microsoft
Microsoft Techsummit Zurich Docker and MicrosoftMicrosoft Techsummit Zurich Docker and Microsoft
Microsoft Techsummit Zurich Docker and Microsoft
 
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe Development
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe DevelopmentEclipse Che - A Revolutionary IDE for Distributed & Mainframe Development
Eclipse Che - A Revolutionary IDE for Distributed & Mainframe Development
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 

Protecting Applications with Lambda@Edge and OAuth