O'Reilly logo

Serverless Single Page Apps by Ben Rady

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authorizing DynamoDB Access

Traditional web applications often enforce data access policies with application logic. This typically means performing a database query to fetch user profile information, and then based on that information and the type and content of the request, either rejecting the request or executing it. Any such checks need to run in a secure environment, such as an application server, in order to be effective.

As we’ll see in the next chapter, it’s possible for serverless applications to perform arbitrary security checks with application logic, but another solution is to control access in a completely data-driven fashion. With our application, for example, we can do that using the fine-grained access control[59] facilities ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required