eBook - ePub
Building Serverless Microservices in Python
A complete guide to building, testing, and deploying microservices using serverless computing on AWS
This is a test
- 168 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Building Serverless Microservices in Python
A complete guide to building, testing, and deploying microservices using serverless computing on AWS
Book details
Book preview
Table of contents
Citations
About This Book
A practical guide for developing end-to-end serverless microservices in Python for developers, DevOps, and architects.
Key Features
- Create a secure, cost-effective, and scalable serverless data API
- Use identity management and authentication for a user-specific and secure web application
- Go beyond traditional web hosting to explore the full range of cloud hosting options
Book Description
Over the last few years, there has been a massive shift from monolithic architecture to microservices, thanks to their small and independent deployments that allow increased flexibility and agile delivery. Traditionally, virtual machines and containers were the principal mediums for deploying microservices, but they involved a lot of operational effort, configuration, and maintenance. More recently, serverless computing has gained popularity due to its built-in autoscaling abilities, reduced operational costs, and increased productivity.
Building Serverless Microservices in Python begins by introducing you to serverless microservice structures. You will then learn how to create your first serverless data API and test your microservice. Moving on, you'll delve into data management and work with serverless patterns. Finally, the book introduces you to the importance of securing microservices.
By the end of the book, you will have gained the skills you need to combine microservices with serverless computing, making their deployment much easier thanks to the cloud provider managing the servers and capacity planning.
What you will learn
- Discover what microservices offer above and beyond other architectures
- Create a serverless application with AWS
- Gain secure access to data and resources
- Run tests on your configuration and code
- Create a highly available serverless microservice data API
- Build, deploy, and run your serverless configuration and code
Who this book is for
If you are a developer with basic knowledge of Python and want to learn how to build, test, deploy, and secure microservices, then this book is for you. No prior knowledge of building microservices is required.
Frequently asked questions
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlegoās features. The only differences are the price and subscription period: With the annual plan youāll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Building Serverless Microservices in Python by Richard Takashi Freeman in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.
Information
Creating Your First Serverless Data API
In this chapter, we will build a complete serverless microservice, accessible via a REST API, and capable of querying a NoSQL database. We will start by discussing and creating the Amazon Web Services (AWS) security infrastructure to ensure restricted access to AWS resources. We will then create, add records to, and query a NoSQL database, first using the Management Console, then using Python. Then, we will go over the code used in the Lambda function in Python and API Gateway integration. Finally, we will deploy it and test that the API is working.
The following topics will be covered in this chapter:
- Overview of security in AWS
- Securing your serverless microservice
- Building a serverless microservice data API
- Setting up Lambda security in the AWS management console
- Creating and writing to a NoSQL database called DynamoDB using AWS
- Creating and writing to a NoSQL database called DynamoDB using Python
- Creating a Lambda to query DynamoDB
- Setting up API Gateway and integrating it with a Lambda Proxy
- Connecting API Gateway, Lambda, and DynamoDB
- Cleaning-up
Overview of security in AWS
We will start with a discussion on security and how to set it up correctly in AWS.
Why is security important?
You might have heard of ransomware, cyber attacks, or security breaches recently and you would not want your organization to be affected by these. Some of these are shown as follows:
Systems not being configured correctly, missing updates, or using insecure communication can lead to them being hacked or being subject to a ransomware demand. This can result in litigation costs, data loss or leaks, and financial costs to your organization.
There are many reasons for ensuring your systems are secure, including the following:
- Compliance: Compliance with the law, regulations, and standards, for example, the EU General Data Protection Regulation (GDPR), the Health Information Portability and Accountability Act (HIPAA), and the Federal Trade Commission Act.
- Data integrity: If systems aren't secure, data could be stripped or tampered with, meaning you can no longer trust the customer data or financial reporting.
- Personally Identifiable Information (PII): Consumers and clients are aware of your privacy policy. Data should be securely protected, anonymized, and deleted when no longer required.
- Data availability: Data is available to authorized users, but if, for example, a natural disaster occurred in your data center, what would happen in terms of accessing data?
A lot of security in AWS stems from configuration and having the correct architecture, so it's important to understand the following subset of important security related terms:
- Security in transit: For example, HTTPS SSLāthink of it as the padlock on your browser
- Security at rest: For example, data encryption, where only a user with a key can read the data in a data store
- Authentication: For example, a process to confirm the user or system are who they are meant to be
- Authorization: For example, permissions and control mechanisms to access specific resources
Security by design principles
There are many security standards, principles, certifications, and guidanceāprobably enough to fill a few books. Here is one that I found practical and useful, from the Open Web Application Security Project (OWASP) at https://www.owasp.org. The OWASP security by design principles (https://www.owasp.org/index.php/Security_by_Design_Principles) apply to any system, application, or service, helping to make them more secure by design, and that includes serverless computing. Even if there are no servers that need managing with serverless, you still need to ensure your architecture, integration, configuration, and code adhere to the following principles:
- Minimize attack surface area: Every added feature is a riskāensure they are secure, for example, delete any Lambdas that are no longer being used.
- Establish secure defaults: These have defaults for every user, Identity and Access Management policy, and serverless stack component.
- Principle of least privilege: The account or service has the least amount of privilege required to perform its business processes, for example, if a Lambda only needs read access to a table, then it should have no more access than that.
- Principle of defense in depth: Have different validation layers and centralized audit controls.
- Fail securely: This ensures that if a request or transformation fails, it is still secure.
- Don't trust services: Especially third parties, external services, or libraries, for example, JavaScipt and Node.js libraries infected with malware.
- Separation of duties: Use a different role for a different task, for example, administrators should not be users or system users.
- Avoid security by obscurity: This is generally a bad idea and a weak security control. Instead of relying on the architecture or source code being secret, instead rely on other factors, such as good architecture, limiting requests, and audit controls.
- Keep security simple: Don't over-engineer; use simple architectures and design patterns.
- Fix security issues correctly: Fix issues promptly and add new tests.
Keep these principles in mind when building any serverless microservices.
AWS Identity and Access Management
Identity and Access Management (IAM), is a central location where you can manage users' security credentials, such as passwords, access keys, and permission policies, that control access to the AWS services and resources. We are going to talk about the most relevant IAM resourcesāpolicies, users, groups, and rolesābut first, we will talk about the JSON (https://www.json.org/) format as it is used in IAM policies.
JavaScript object notation
JSON, or JavaScript object notation, is a standard data format that is used in REST APIs and microservices. It can be read by humans but also by machines. So, humans can actually understand the values and, also, machines can automatically parse the data. The data objects consist of attribute-value pairs and array data types. The data type values supported are number, string, Boolean, array, object, and null, as shown in the following code:
{ "firstName": "John", "lastName": "Smith", "age": 27, "address": { "city": "New York", "postalCode": "10021" }, "phoneNumbers": [ { "type": "home", "number": "212 555-1234" }, { "type": "...Table of contents
- Title Page
- Copyright and Credits
- About Packt
- Dedication
- Contributors
- Preface
- Serverless Microservices Architectures and Patterns
- Creating Your First Serverless Data API
- Deploying Your Serverless Stack
- Testing Your Serverless Microservice
- Securing Your Microservice
- Summary and Future Work
- Other Books You May Enjoy