SLIDE 1
Build a Modern API with AWS
Nathaniel Beckstead
2 API Gateway Lambda S3 Dynamo DB
scriptingis.life/glimpseid
Build a Modern API with AWS Nathaniel Beckstead 2 S3 API Gateway - - PowerPoint PPT Presentation
Build a Modern API with AWS Nathaniel Beckstead 2 S3 API Gateway - - PowerPoint PPT Presentation
Build a Modern API with AWS Nathaniel Beckstead 2 S3 API Gateway Lambda Dynamo DB scriptingis.life/glimpseid 3 $whoami Nathaniel Beckstead C L O U D D E V O P S C Y B E R scriptingis.life 4 Background Interned in KeyBank
SLIDE 2
SLIDE 3
$whoami
Nathaniel Beckstead ▫ C L O U D ▫ D E V O P S ▫ C Y B E R scriptingis.life
3
SLIDE 4
Background
▫ Interned in KeyBank SOC ▫ Automated parts of phishing response ▫ URLScan.io
- Screenshot
- HTTP Requests
- IPs/ASNs contacted
4
SLIDE 5
Background
5
SLIDE 6
6
SLIDE 7
7
SLIDE 8
HTTP Info
8
▫ Runs in a Docker container ▫ Selenium
- Drive the browser
- Screenshot
▫ Browsermob Proxy
- Record HTTP requests and responses
- Export to CSV
SLIDE 9
HTTP Info
9
SLIDE 10
Selenium
▫ Web browser automation primarily designed for testing ▫ Render a page and interact with elements
10
SLIDE 11
11 API Gateway Lambda S3 Dynamo DB
SLIDE 12
Lambda
Serverless Computing
SLIDE 13
Lambda
▫ Serverless Computing ▫ Only charged for execution time and resources used ▫ Run when triggered by
- AWS IoT
- DynamoDB, S3
- API Gateway
- Time
13
SLIDE 14
Limitations
▫ Need to include all resources in upload
- ZIP - 50MB
- S3 - 250MB
▫ Small compute power
- 128MB - 3GB memory
- CPU power scales with memory limit
▫ No root access
- Limited OS privileges
14
SLIDE 15
Lambda Cost
▫ 1,000,000 requests free ▫ 400,000 GB-seconds of compute resources free ▫ 800,000 seconds of runtime with 512MB memory
- ~40,000 20-second scans
15
SLIDE 16
Lambda
▫ Python script with Selenium driving Chromium
- 1. Load webpage
- 2. Screenshot
- 3. Upload image to S3
16
21Buttons/pychromeless
SLIDE 17
Lambda
▫ Python script with Selenium driving Chromium
17
21Buttons/pychromeless
SLIDE 18
18
SLIDE 19
Lambda
▫ Lambda invokes a function in your code ▫ Parameters passed as a dictionary
19
SLIDE 20
Lambda Deployment
▫ Makefile ▫ AWS CLI
20
SLIDE 21
Storage
Simple Storage Service (S3) and DynamoDB
SLIDE 22
S3
▫ Key-Value Storage ▫ Host publicly accessible images ▫ Uploading done through boto Python module
22
SLIDE 23
S3 Cost
▫ Storage
- First 50TB - $0.023 per GB
▫ Access
- PUT
- Data added $0.002 per GB
- $0.005 per 1,000 requests
- GET
- Data returned $0.0007 per GB
- $0.0004 per 1,000 requests
23
SLIDE 24
DynamoDB
▫ NoSQL Database
- No set structure = No normalizing!
▫ No setup, maintenance, or clustering ▫ Cost
- $0.25 per GB of storage
- $1.25 per million writes
- $0.25 per million reads
- Free Tier - 25GB storage, 2.5 million reads, 1GB data transfer
- ut
24
SLIDE 25
API Gateway
REST API Development and Management
SLIDE 26
API Gateway
26
▫ Visual API development ▫ Proxy for other AWS services
- DynamoDB queries
▫ Convert between HTTP requests and Lambda execution
SLIDE 27
API Gateway
27
SLIDE 28
API Gateway Cost
▫ $3.50 per million API calls ▫ Caching
- 0.5GB for $0.020 per hour
- $15 per month
28
SLIDE 29
Website
Frontend is hard :(
SLIDE 30
Github Pages
▫ Host a static site for free
- 1. Make a new repository
- 2. Add an index.html
- 3. Settings -> GitHub Pages -> master branch
- 4. Struggle with CSS
- 5. Profit
30
SLIDE 31
Conclusions
SLIDE 32
Why Use The Cloud?
▫ Easy
- Heavy lifting done by AWS
- Graphical interfaces for everything
- Logging and dashboards built in
▫ Cheap
- Free tiers
- Charge by the millions
▫ Scalable
- Duplicate and automate
32
SLIDE 33
Easy
33
SLIDE 34
Dashboards
34
SLIDE 35
Cheap
35
SLIDE 36
Next Up
▫ Continuous Integration ▫ Network Activity Logging ▫ Support Multiple Regions, User-Agents ▫ ...
36
SLIDE 37
Questions?
scriptingis.life/glimpseid
37
SLIDE 38
Resources
▫ Boto 3 Documentation
- Dynamo DB
- S3
▫ AWS Blog - Project Ideas! ▫ Open Guide to AWS ▫ Using Python on Lambda ▫ More on urlscan.io ▫ /r/aws
38