Building Serverless Microservices in Python
eBook - ePub

Building Serverless Microservices in Python

A complete guide to building, testing, and deploying microservices using serverless computing on AWS

  1. 168 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Building Serverless Microservices in Python

A complete guide to building, testing, and deploying microservices using serverless computing on AWS

About this book

A practical guide for developing end-to-end serverless microservices in Python for developers, DevOps, and architects.

Key Features

  • Create a secure, cost-effective, and scalable serverless data API
  • Use identity management and authentication for a user-specific and secure web application
  • Go beyond traditional web hosting to explore the full range of cloud hosting options

Book Description

Over the last few years, there has been a massive shift from monolithic architecture to microservices, thanks to their small and independent deployments that allow increased flexibility and agile delivery. Traditionally, virtual machines and containers were the principal mediums for deploying microservices, but they involved a lot of operational effort, configuration, and maintenance. More recently, serverless computing has gained popularity due to its built-in autoscaling abilities, reduced operational costs, and increased productivity.

Building Serverless Microservices in Python begins by introducing you to serverless microservice structures. You will then learn how to create your first serverless data API and test your microservice. Moving on, you'll delve into data management and work with serverless patterns. Finally, the book introduces you to the importance of securing microservices.

By the end of the book, you will have gained the skills you need to combine microservices with serverless computing, making their deployment much easier thanks to the cloud provider managing the servers and capacity planning.

What you will learn

  • Discover what microservices offer above and beyond other architectures
  • Create a serverless application with AWS
  • Gain secure access to data and resources
  • Run tests on your configuration and code
  • Create a highly available serverless microservice data API
  • Build, deploy, and run your serverless configuration and code

Who this book is for

If you are a developer with basic knowledge of Python and want to learn how to build, test, deploy, and secure microservices, then this book is for you. No prior knowledge of building microservices is required.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Building Serverless Microservices in Python by Richard Takashi Freeman in PDF and/or ePUB format, as well as other popular books in Computer Science & Bioinformatics. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2019
Print ISBN
9781789535297
eBook ISBN
9781789533422
Edition
1
Topic
Computer Science
Subtopic
Bioinformatics
Index
Computer Science

Creating Your First Serverless Data API

In this chapter, we will build a complete serverless microservice, accessible via a REST API, and capable of querying a NoSQL database. We will start by discussing and creating the Amazon Web Services (AWS) security infrastructure to ensure restricted access to AWS resources. We will then create, add records to, and query a NoSQL database, first using the Management Console, then using Python. Then, we will go over the code used in the Lambda function in Python and API Gateway integration. Finally, we will deploy it and test that the API is working.
The following topics will be covered in this chapter:
  • Overview of security in AWS
  • Securing your serverless microservice
  • Building a serverless microservice data API
  • Setting up Lambda security in the AWS management console
  • Creating and writing to a NoSQL database called DynamoDB using AWS
  • Creating and writing to a NoSQL database called DynamoDB using Python
  • Creating a Lambda to query DynamoDB
  • Setting up API Gateway and integrating it with a Lambda Proxy
  • Connecting API Gateway, Lambda, and DynamoDB
  • Cleaning-up

Overview of security in AWS

We will start with a discussion on security and how to set it up correctly in AWS.

Why is security important?

You might have heard of ransomware, cyber attacks, or security breaches recently and you would not want your organization to be affected by these. Some of these are shown as follows:
Systems not being configured correctly, missing updates, or using insecure communication can lead to them being hacked or being subject to a ransomware demand. This can result in litigation costs, data loss or leaks, and financial costs to your organization.
There are many reasons for ensuring your systems are secure, including the following:
  • Compliance: Compliance with the law, regulations, and standards, for example, the EU General Data Protection Regulation (GDPR), the Health Information Portability and Accountability Act (HIPAA), and the Federal Trade Commission Act.
  • Data integrity: If systems aren't secure, data could be stripped or tampered with, meaning you can no longer trust the customer data or financial reporting.
  • Personally Identifiable Information (PII): Consumers and clients are aware of your privacy policy. Data should be securely protected, anonymized, and deleted when no longer required.
  • Data availability: Data is available to authorized users, but if, for example, a natural disaster occurred in your data center, what would happen in terms of accessing data?
A lot of security in AWS stems from configuration and having the correct architecture, so it's important to understand the following subset of important security related terms:
  • Security in transit: For example, HTTPS SSLā€”think of it as the padlock on your browser
  • Security at rest: For example, data encryption, where only a user with a key can read the data in a data store
  • Authentication: For example, a process to confirm the user or system are who they are meant to be
  • Authorization: For example, permissions and control mechanisms to access specific resources

Security by design principles

There are many security standards, principles, certifications, and guidanceā€”probably enough to fill a few books. Here is one that I found practical and useful, from the Open Web Application Security Project (OWASP) at https://www.owasp.org. The OWASP security by design principles (https://www.owasp.org/index.php/Security_by_Design_Principles) apply to any system, application, or service, helping to make them more secure by design, and that includes serverless computing. Even if there are no servers that need managing with serverless, you still need to ensure your architecture, integration, configuration, and code adhere to the following principles:
  • Minimize attack surface area: Every added feature is a riskā€”ensure they are secure, for example, delete any Lambdas that are no longer being used.
  • Establish secure defaults: These have defaults for every user, Identity and Access Management policy, and serverless stack component.
  • Principle of least privilege: The account or service has the least amount of privilege required to perform its business processes, for example, if a Lambda only needs read access to a table, then it should have no more access than that.
  • Principle of defense in depth: Have different validation layers and centralized audit controls.
  • Fail securely: This ensures that if a request or transformation fails, it is still secure.
  • Don't trust services: Especially third parties, external services, or libraries, for example, JavaScipt and Node.js libraries infected with malware.
  • Separation of duties: Use a different role for a different task, for example, administrators should not be users or system users.
  • Avoid security by obscurity: This is generally a bad idea and a weak security control. Instead of relying on the architecture or source code being secret, instead rely on other factors, such as good architecture, limiting requests, and audit controls.
  • Keep security simple: Don't over-engineer; use simple architectures and design patterns.
  • Fix security issues correctly: Fix issues promptly and add new tests.
Keep these principles in mind when building any serverless microservices.

AWS Identity and Access Management

Identity and Access Management (IAM), is a central location where you can manage users' security credentials, such as passwords, access keys, and permission policies, that control access to the AWS services and resources. We are going to talk about the most relevant IAM resourcesā€”policies, users, groups, and rolesā€”but first, we will talk about the JSON (https://www.json.org/) format as it is used in IAM policies.

JavaScript object notation

JSON, or JavaScript object notation, is a standard data format that is used in REST APIs and microservices. It can be read by humans but also by machines. So, humans can actually understand the values and, also, machines can automatically parse the data. The data objects consist of attribute-value pairs and array data types. The data type values supported are number, string, Boolean, array, object, and null, as shown in the following code:
{ "firstName": "John", "lastName": "Smith", "age": 27, "address": { "city": "New York", "postalCode": "10021" }, "phoneNumbers": [ { "type": "home", "number": "212 555-1234" }, { "type": "...

Table of contents

  1. Title Page
  2. Copyright and Credits
  3. About Packt
  4. Dedication
  5. Contributors
  6. Preface
  7. Serverless Microservices Architectures and Patterns
  8. Creating Your First Serverless Data API
  9. Deploying Your Serverless Stack
  10. Testing Your Serverless Microservice
  11. Securing Your Microservice
  12. Summary and Future Work
  13. Other Books You May Enjoy