Skip to Main Content
Security and Microservice Architecture on AWS
book

Security and Microservice Architecture on AWS

by Gaurav Raje
September 2021
Intermediate to advanced content levelIntermediate to advanced
394 pages
10h 40m
English
O'Reilly Media, Inc.
Book available
Content preview from Security and Microservice Architecture on AWS

Chapter 2. Authorization and Authentication Basics

In Chapter 1, I talked about how security professionals may employ certain measures called controls (also known as countermeasures) to reduce the aggregate risk of any application. Some controls are better than others at applying nuanced security logic, to block only the unauthorized requests without affecting the experience of authorized users. Controls that are effective at identifying unauthorized requests and denying them access are said to be precise or sharp. The objective of this chapter is to examine two of the most precise security controls that an organization can employ on AWS:authorization and authentication. The level of granularity at which these controls work allows them to be sharpened enough to incorporate organizational nuance, resulting in well-tuned precision. This sharpening makes these controls your strongest and most targeted defense against potential threats.

Note

The concepts from this chapter are applicable to all applications running on AWS, not just microservices. Identity and access controls are the fundamental building blocks of every secure system. However, throughout the chapter, I will point at places where these controls benefit from the modularity that is provided by microservices.

To begin introducing these controls, let me define some terms. Each interaction or request within the cloud infrastructure can be thought of as initiated by some calling entity, called a principal. A principal can ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Microservices Security in Action

Microservices Security in Action

Prabath Siriwardena, Wajjakkara Kankanamge Anthony Nuwan Dias
Serverless Architectures on AWS, Second Edition

Serverless Architectures on AWS, Second Edition

Yan Cui, Ajay Nair, Peter Sbarski

Publisher Resources

ISBN: 9781098101459Errata PageSupplemental Content