Serverless: hidden costs, lock-in fears & security best practices

Arpit Mohan - Nov 14 '19 - - Dev Community

TL;DR style notes from articles I read today.

The hidden costs of serverless

  • API Gateways tend to be a huge chunk of your serverless costs when you connect to a lot of APIs.
  • The switch to serverless may not be worth it if data storage and networking are the largest chunks of your application’s costs.
  • Two unknown costs of moving to serverless come in the shape of code maintenance and cold starts.
  • Assess the cost of extra code maintenance and the extra time spent switching to serverless.
  • Look for the pricing advantages of serverless providers that suit you best.
  • Utilize the free tiers from vendors. Sometimes they will be enough for you to run smaller workloads.

Full post here, 6 mins read

Mitigating serverless lock-in fears


  • Think lock-in cost = migration cost - opportunity gain from the migration. Maximize opportunity gain and minimize migration costs.
  • To maximize opportunity gain, deploy existing tools such as serverless framework, apex, claudia.js & be as cloud-native as possible using the backend service provided by your cloud vendor.
  • To minimize migration costs, choose a programming language that's supported by multiple vendors. Separate application domain from the platform and invest in a good architecture pattern. 
  • Avoid integration tests heavily dependent on the cloud vendor and think of reusable abstractions instead.
  • Use standardized technology such as HTTP and SQL. 

Full post here, 6 mins read

9 serverless security best practices

  • Map your application - consider the data involved, its value and services that access it.
  • Keep using your WAF and API Gateway but apply perimeter security at the function level too.
  • Secure application dependencies to prevent new vulnerable packages from being used.
  • Look out for bad code that can trigger a self-inflicted denial-of-service attack from within your application.
  • Add tests for service configuration to CI/CD & PROD.
  • Make FaaS containers refresh to limit the lifetime of function instances.

Full post here, 4 mins read

Get these notes directly to your inbox every weekday by signing up for my newsletter, in.snippets(), here.

Image
Custom Embroidered Sweatshirts as Unique Promotional Items
Image
Situs Judi Yang Bagus Menurut Player Ahli
Image
Spokój w Twoim Domu: Sztuka Wyciszania Ścian
Image
20 Resources To Make You More Efficient At Bifold Door Repairs
Image
Panduan Simpel Temukan Keuntungan Bandar Judi Online Sah
Image
Disk space management in Linux: 3 Easy steps

linux, devops, cli, cloud
Image
Captive Portal IPv6 Support
Image
Bifold Repairs Near Me Tips From The Top In The Industry
Image
apa yang memberi keuntungan dari slots online?
Image
Creating a Free AI voice-to-text transcription Program using Whisper

ai, python, tutorial, whisper
Image
Daftar Penyiapan Dalam Situs Bandar Judi Online Buat Anda
Image
beberapa hal utama perihal judi slots online
Image
12 Statistics About Bi-Fold Door Repair To Get You Thinking About The Water Cooler
Image
Hacktoberfest Adventure: Adding Weather Magic to 100LinesOfPythonCode 🌦️✨
Image
Why Bi Fold Door Repairs Isn't A Topic That People Are Interested In.
Image
Cisza w Mieszkaniu: Jak Wyciszyć Swoje Otoczenie i Znaleźć Spokój?
Image
20 Up-And-Comers To Watch In The Bi-Fold Door Repair Industry
Image
tutorial menunjuk situs slots online dari penawaran bonusnya
Image
What's Holding Back This Bi Fold Door Repair Industry?
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player