M. A. CallesServerless Securityhttps://doi.org/10.1007/978-1-4842-6100-2_9

9. Authentication and Authorization

Miguel A. Calles¹

(1)

La Habra, CA, USA

In this chapter, we will define authentication and authorization. We will review different approaches for implementing both in our serverless application, discuss where those approaches might apply, and provide some security practices for each. Lastly, we will review services and capabilities that AWS, Azure, and Google Cloud provide to help us implement authentication and authorization.

Authentication and Authorization

Authentication and authorization are similar yet different. Authentication (AuthN) allows us to verify that the person/machine wanting access is who he/she/it ...

Get Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud by Miguel A. Calles

9. Authentication and Authorization

Authentication and Authorization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly