Skip to Main Content
Security and Microservice Architecture on AWS
book

Security and Microservice Architecture on AWS

by Gaurav Raje
September 2021
Intermediate to advanced content levelIntermediate to advanced
394 pages
10h 40m
English
O'Reilly Media, Inc.
Book available
Content preview from Security and Microservice Architecture on AWS

Chapter 7. Security in Transit

If two modules in a monolith are to communicate with each other, it is generally a simple in-memory method call. Microservices, unlike monoliths, rely on an external transport (such as a network) to communicate with each other (since modules are decomposed into independent services possibly running on different machines).

External communication channels are more likely to be vulnerable to potential threats from malicious actors compared to in-memory calls. Thus, by definition, external communication channels run with a higher aggregate risk.

To illustrate this point, I will use an example of an ecommerce application’s checkout process, as outlined in Figure 7-1. Imagine that the checkout process involves the application calculating the item’s price and charging the customer by looking it up in a repository. Upon checking out, the company then decrements this item’s available inventory.

Since an external communication channel inherently increases the aggregate risk of the application, security professionals need to add controls to ensure that potential threats are minimized. Encryption in transit is the most commonly used control that reduces the potential threat of messages being intercepted, tampered with, or spoofed. (Encryption is covered in detail in Chapter 3).

Figure 7-1. In the case of microservices, calls to external services happen over ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Microservices Security in Action

Microservices Security in Action

Prabath Siriwardena, Wajjakkara Kankanamge Anthony Nuwan Dias
Serverless Architectures on AWS, Second Edition

Serverless Architectures on AWS, Second Edition

Yan Cui, Ajay Nair, Peter Sbarski

Publisher Resources

ISBN: 9781098101459Errata PageSupplemental Content