使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款

Looking for a best-practice for building serverless application with amplify and api gateway and lambda

0

A customer is building a trivia app for sporting events. One component of the system is a mobile app that communicates with a back-end to get the questions.

They are building the app using Amplify. This will communicate with API Gateway which will in turn call Lambda functions. They are aware that people may try to break the game and are looking for some security best-practices for building the app.

So far, we have been talking about

  • Use WAF with API Gateway
  • Store secrets (such as DB connection strings) using Secrets Manager
  • use Cognito or similar authentication to secure connections with API Gateway

Are there other services or approaches that people would recommend?

1 個回答
1
已接受的答案

Also worth looking at Building an Serverless Airline booking application series on Twitch. All sessions are recorded.

Architect an Airline Booking Application, End-to-End

aws-serverless-airline-booking

AWS
專家
已回答 5 年前
profile picture
專家
已審閱 6 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南