Wanted to try out deploying a simple FastAPI API to AWS API Gateway using the Serverless Framework
I really liked the magic eight ball swag from Whiz I got at fwdcloudsec so decided to implement an API endpoint that returns curated messages from the magic eight ball at random
A UI could be created for calling the endpoint by spinning a ball (can't code UI stuff at the pain of death; wasn't born with that part of the brain -:) )
- Review the infrastructure that the serverless framework creates for from a security perspective
- Try building all the components using Terraform to highlight how much using the Serverless framework abstracts and simplifies the process.
- Any security anti-patterns or unsafe default settings?
- Implement API Key authentication and rate limiting on the endpoint
# Clone the repository
$
# Install npm, serverless framework and the plugins
$
# Set your AWS account credentials and run sls deploy
$