Go Serverless: Securing Cloud via Serverless Design Patterns
Review
Authors have a security background and paper aims at utilizing serverless design patterns in security applications. They solely focus on AWS Lambda, and assume that all the responsibility to secure lambda execution lies on the cloud provider. However, customers are also responsible to secure their communication. They briefly describe six design patterns and how one can use them to develop a security oriented application.
Periodic Invocation Pattern represents the kind of models that invoke lambda functions periodically by using schedulers. Each function carries out a simple task and reports the execution results to notification channels.
Event-Driven Pattern is where a set of lambda functions subscribe to events from cloud resources. These events trigger the execution of the subscribed lambda function passing the necessary context. It minimizes the cost by invoking lambda functions only when an event occurs and functions scale automatically based on the number of events, providing a scalable design.
Data Transformation Pattern. The ETL(extract-transform-load) data processing pipelines usually requires three steps: 1) extract data from a data source, 2) transform data by using frameworks such as Apache Spark or Flink, 3) load the transformed data into a database. Using lambda architecture, data processing tasks can be implemented as lambda functions.
Data Streaming Pattern. A lambda function sits in the path of the data stream and functions either as an aggregator or data partitioner. For example, a lambda can separate an incoming data stream into multiple streams(partition) or merge several incoming streams into one large data stream(aggregation).
State Machine Pattern enables building a complex, stateful procedure by coordinating a collection of discrete Lambda functions using a tool such as AWS Step Functions. It shouldn’t scale the entire pattern as tasks defined for each state can be scaled up/down individually, Furthermore, the state machine offers a try/catch mechanism so that different or the same functions can be invoked depending on the failure reason.
Bundled Pattern combines two or more of the previously described patterns together by easily passing events sequentially between them. It resembles UNIX pipelines, where each function is small, precise and does one thing, but true power comes from chaining these together.
Authors show the time to start a lambda function(50-100ms) as a primary disadvantage. But lower prices for short running functions and better scalability are advantages.
In later sections of the paper they describe a threat intelligence platform built upon the above mentioned design patterns, which is not interesting for our purpose.
Authors also discuss some restrictions of current lambda design and offer possible solutions. Time bound execution is highlighted as one of the resource constraints and it can be avoided by splitting the original task across the multiple executions, but it is not possible for all workloads. They describe a proper solution as to either increase the execution time or to automatically pass state between executions so that the task can continue in another execution with the previous state. Lambda also suffers from lack of computing power. They argue that it would be better to have CPU limits configurable and support for GPUs in AWS Lambda. Moreover, lack of event tracing is emphasized by the authors.