In this chapter, you learned a few best practices and recommendations for building a secure serverless application based on Lambda functions. We covered how Amazon Cognito can be used as an authentication provider and how it can be integrated with API Gateway to secure API endpoints. Then, we looked at Lambda function code practices such as encrypting sensitive data using AWS KMS and input validation. Moreover, other practices can be useful and life saving, such as applying quotas and throttling to prevent a consumer from consuming all of your Lambda function capacity and use of one IAM role per function to leverage the principle of least privilege.
In the next chapter, we will discuss the Lambda pricing model and how to estimate pricing based on the expected load.
