This session explores how to think about security from the front to the back of a typical serverless application. How do you configure AWS serverless services to provide least privilege access while ensuring functionality? How should you think about managing IAM policies for your AWS Lambda functions? This session covers all of this and more, leaving you with concrete examples that are applicable to almost any workload.