Serverless-App Security


In this module, you will learn techniques to secure a serverless application which created in the previous sections.

We will cover AWS services and features you can leverage to improve the security of a serverless application with 5 features:

  1. Authentication & Authorization for 3rd party with AWS Cognito
  2. Limiting accessed IP address & sites with API Gateway CORS
  3. Managing client’s quotas with API Gateway Usage Plan
  4. Protecting application from security threats such as Cross-site scripting (XSS), Flooding & SQL injection with AWS Web Application Firewall (AWS WAF)