Upgrade to Pro — share decks privately, control downloads, hide ads and more …

API Security Challenges for Cloud-native Archit...

Pierre Versali
January 04, 2024
Programming
1
65

API Security Challenges for Cloud-native Architects

This presentation was help at Apidays Paris 2023 and APISec CON track on December 2023.

The presentation is about the evolution of software architecture to match the modern requirements of digital platforms and the associated software design patterns, with a special focus on APIs and API security.

It provides some tips to avoid the common traps and pitfalls of distributed cloud software and emphasis on the evolving role of software architects.

Pierre Versali

January 04, 2024
Tweet

Other Decks in Programming

See All in Programming
Beyond ORM
77web
5
660
Scalaから始めるOpenFeature入門 / Scalaわいわい勉強会 #4
arthur1
1
330
PHPUnitしか使ってこなかった 一般PHPerがPestに乗り換えた実録
mashirou1234
0
180
生成AIでGitHubソースコード取得して仕様書を作成
shukob
0
350
CSC305 Lecture 26
javiergs
PRO
0
140
Webエンジニア主体のモバイルチームの 生産性を高く保つためにやったこと
igreenwood
0
330
Jakarta EE meets AI
ivargrimstad
0
240
クリエイティブコーディングとRuby学習 / Creative Coding and Learning Ruby
chobishiba
0
3.9k
PHPとAPI Platformで作る本格的なWeb APIアプリケーション(入門編) / phpcon 2024 Intro to API Platform
ttskch
0
220
range over funcの使い道と非同期N+1リゾルバーの夢 / about a range over func
mackee
0
110
情報漏洩させないための設計
kubotak
1
130
アクターシステムに頼らずEvent Sourcingする方法について
j5ik2o
4
260

Featured

See All Featured
Embracing the Ebb and Flow
colly
84
4.5k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
Designing Experiences People Love
moore
138
23k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
2
170
Bash Introduction
62gerente
608
210k
Visualization
eitanlees
146
15k
Making Projects Easy
brettharned
116
5.9k
It's Worth the Effort
3n
183
28k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Faster Mobile Websites
deanohume
305
30k
How to Think Like a Performance Engineer
csswizardry
22
1.2k

Transcript

  1. Pierre Versali pierre-versali.bitbucket.io API Security Challenges for Cloud-Native Architects

  2. Pierre Versali Cloud-Native Software Architect Principal Consultant | Team Coach

  3. Agenda Software Architecture Cloud-Native Software API Security Challenges

  4. Monolith Application Software Architecture

  5. Monolith Application Distributed Monoliths Software Architecture

  6. Monolith Distributed Monoliths Service Oriented Architecture Software Architecture

  7. Monolith Distributed Monoliths Service Oriented Architecture Microservices Software Architecture

  8. From Monolith Application to Digital Platforms

  9. Digital Platform – Data Flows

  10. Cloud Models

  11. Cloud Models

  12. Evolution of Delivery Models

  13. Strategic Efficient Secure Flexible Cost-effective Benefits of Cloud

  14. Containers APIs Microservices Cloud-native Software Cloud Infrastructure Dev Ops

  15. HIGHLY-AVAILABLE SCALABLE COST-EFFECTIVE Cloud-native Software

  16. API – Application Programming Interface

  17. ü Loose Coupling ü Integration ü Collaboration ü Standardization ü

    Developer Experience ü Testability API Benefits

  18. API Protocol Message Format Specification Synchronous SOAP XML SOAP REST

    over HTTP JSON OpenAPI GraphQL GraphQL GraphQL gRPC over HTTP/2 Protobuf gRPC Asynchronous Event Broker Pub / Sub Kafka / MQTT JSON Protobuf Avro Thrift AsyncAPI WebSockets API – Protocols | Message Formats | Specification Standards and Best Practices

  19. ü Separation of Concern ü Diversity in Technology Stack ü

    Isolation ü Reusability ü Flexibility / Scalability ü Reliability Microservices Benefits

  20. • Complexity • Security • Performance • Evolutivity • Deployment

    • Data Consistency • Resilience • Fault Tolerance • … 🤯 Microservices concerns

  21. Service Orchestration

  22. Reactive Programming / Message-Driven

  23. Event Sourcing & CQRS

  24. Domain-Driven Design

  25. API Conversation Pattern Synch Graph Async Messaging (Pub/Sub) Processes Data

    Consistency Eventual Consistency Choreography / Orchestration Event-Sourcing CQRS Fault-Tolerance Process Management State Management Retry / Rollback Data storage Relational Data Key-Value Event-Driven Microservices problems

  26. Identity and Access Management

  27. Containers

  28. Node 2 Node 3 Node 1 … Container Orchestration Configuration

    Availability Provisionning Scaling Automation Resource Allocation Load Balancing Health Monitoring

  29. DevSecOps

  30. Quality Gate & Test Automation

  31. Infrastructure as Code

  32. • Key Vault • GitOps • Platform Engineering • SRE

    • FinOps Infrastructure as Code – Going further

  33. Containers Orchestration API-First Development Reactive Microservices Cloud-native Software on Steroïds

    IaC / GitOps / FinOps Platform / SRE Dev Ops Security Domain Driven Design Observability MFA IAM

  34. Accelerate delivery Speed-up time-to-market Enable modularity Enable Agility Continuous Delivery

    Cloud-native Software Benefits

  35. There is not a single or clear way for designing

    Software Architecture Software Architecture is at the edge between Business Goals, Functional Requirements, Hardware Capabilities and… your Budget! Takeaway

  36. • Architecture decisions are tough • Architecture decisions always come

    with trade-offs • Architecture decisions always require effort (and sometimes pain) • Architecture decisions require compromise • Architecture decisions should always be balanced • Changes require to adapt Takeaway

  37. What problem are you trying to solve? A Software Architect

    Takeaway

  38. Here are the options: … A Software Architect Takeaway

  39. Pierre Versali pierre-versali.bitbucket.io Any question? 🙋 Thank you! 🙏