Why You Should Use the Principle of Least Privilege to Secure Serverless Applications

Originally published by Contino.

Written by Mark Faiers, AWS Practice Lead, Contino.

Serverless is a really interesting concept—it allows you to build scalable applications while simultaneously reducing your costs and decreasing your management overheads.

During my time at Contino, I've helped a range of clients get the most out of their serverless applications using different AWS architectures and services. When it comes to securing serverless applications, it’s worth taking the time to understand the benefits and best practices around the principle of least privilege.

What Is the Principle of Least Privilege?

AWS describes the principle of least privilege as “granting only the permissions required to complete a task,” and this should apply to any entity, whether you’re dealing with people or applications.

If you’re working in an office, you wouldn't have the username and password credentials to everyone's laptop in the office; you would only have those credentials to your laptop because you don't need to access other people's laptops to do your work. So you shouldn't have access—that's the least privilege.

What Are the Benefits of Achieving Least Privilege?

1. It’s more difficult to successfully attack a system

A system that implements least privilege well is quite simply harder to attack and cause damage to. If you've got a resource in the cloud that allows significant access to it, then it's much easier to misuse that resource to carry out an attack.

2. Smaller blast radius in the event of a successful attack

If the principle of least privilege is applied effectively, the blast radius of a successful attack is reduced, meaning there’s less damage and less data loss. In a serverless application, or a serverless system, you typically have many different resources that are part of that application or system, and if those components or resources have very open permissions that allow a lot of access to them, they typically need to communicate with one another. So it allows you an entry point into that system or that application. This means that the act of compromising, or misusing one of those resources potentially gives you an entry route to be able to misuse other resources, e.g. a database.

3. Reduced risk of financial or reputational damage for an enterprise

When customer data confidentiality is broken, achieving least privilege to a good extent can help to reduce the risk of financial reputational damage for an enterprise. When a company has had a data breach, they’ve not only lost customer data, they’ve also probably lost money through a fine and most importantly they’ve likely lost customer trust, which takes a lot to rebuild.

4. It defines a clear standard for developers

With least privilege, there's no confusion over what the standards are that you need to develop to. This allows developers and engineers to focus on the functional task at hand, rather than having unclear requirements, and then having several meetings to discuss those requirements, which delays the building of the actual application.

While the principle is straightforward and the benefits are obvious, it’s not always clear how we can use and implement least privilege when working on the major cloud platforms.

There’s a range of literature available but it seems that guidance on the best way to achieve least privilege is somewhat lacking—any specific guidelines tend to focus more on the people using the cloud rather than the applications running on it.

With that in mind, it’s worth diving into the ‘how’ in more detail. For the full blog on how to use the principle of least privilege to secure your serverless applications, head to the Contino Insights page.

About the Author

Mark Faiers started out as a software engineer and later transitioned into DevOps and Cloud. He’s worked across numerous technology stacks and industries, including Healthcare, FinTech, and Logistics. Mark is currently working as an AWS consultant to some of the biggest Financial and Insurance firms in the UK, as well as running the AWS Practice at Contino. He is especially passionate about serverless and sustainability.