Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

AWS Lambda

Max room.

Learn the security aspects of Amazon's serverless service

medium

60 min

322

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

According to , is "a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers."

While that's a mouthful of marketing jargon, what does that mean?

"Serverless" is the concept that you, as the end-user, do not need to build or deploy any infrastructure to run a function. manages all that for you. claims you can "Simply write and upload code as a .zip file." In reality, each is a function that runs in its own with multiple isolation layers between customers. But all of that is abstracted away from the customer by .

supports a number of languages (opens in new tab), called runtime environments. The most popular are NodeJS, Python, Java, and Go. 

"Event-driven (opens in new tab)" is what happens after you upload your code. All functions are triggered by an event. That event can be a manual invocation of the function or tied to other activities in the account, such as a console login or a user writing an object to an bucket. This event-driven nature allows you to create complex applications based on multiple services. 

Because functions are event-driven, they have a few limitations. The most significant limitation is that a function can run for no longer than 15 minutes before it times out. 

is one of the next frontiers of cloud-native applications, so it's important to know how they work, how to create them securely, and how they can be attacked. Additionally, many cloud security tools leverage to manage security events, so as a cloud security practitioner, you will need to be able to build with .

Learning Objectives

  • Understand the benefits and limitations of service and functions
  • Learn about the various components and settings for a function
  • Understand the multiple ways a developer or operator can misconfigure a function to make it less secure.

Answer the questions below
I'm ready to get started