AWS Serverless Simple Storage Service (S3) Compliance Tool Demo

Serverless architecture is a software design strategy to leverage Backends as a Service (BaaS) and Functions as a Service (FaaS). This allows deployment of solutions or applications while separating the requirement of managing the underlying infrastructure. Instead, the underlying infrastructure is managed by the Cloud Provider via their services. These services can be defined in an Infrastructure-as-Code (IaC) manner using declarative languages (such as CloudFormation) to further add automation, version control, and ease of deployment updates.

The ATC environment facilitates use case based demonstrations targeting the following focus areas:

In this demonstration, we deploy an AWS CloudFormation template which builds a serverless infrastructure within AWS. Separately, a Python created application bundle has been created and uploaded to Simple Storage Service (S3). CloudFormation executes by extracting the application bundle to AWS Lambda as well as setting up the necessary services for the solution to execute properly. The solution monitors S3 API calls and enforces security at rest automatically of all newly created buckets. In addition, the tool maintains Public bucket policy enforcement by preventing full buckets from being public automatically, or by alerting personnel if objects within the bucket are public without exception.