Posted Security11 minutes read (About 1680 words)

Securing AWS Step Functions

AWS Step Function is a serverless orchestration service that allows you to integrate with various services like AWS Lambda functions to build event-driven workflows using state machines and tasks.

In AWS Step Functions, a task represents a state(each step) in a workflow(state machine) that corresponds to a unit of work performed by another AWS service.

A State Machine/WorkFlow can be defined as:

  • Describes a collection of computational steps split into discrete states.
  • Has one starting state and always one active state (while executing).
  • The active state receives input, takes some action, and generates output.
  • Transitions between states are based on state outputs and rules that we define.

Workflows can run concurrently in parallel or be designed to wait for the completion of other workflows.

Types of Step Functions:

Standard vs Express Workflows   [AWS Docs](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html)

Basic Step Function

You can define a State Machine, which is a collection of states, using the Amazon States Language, a structured, JSON-based language used to specify various state types such as Task states for performing work, Choice states for determining state transitions, and Fail states for stopping an execution with an error.

You can refer — https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information

Example State Machine using Amazon State Language --- [Source](https://docs.aws.amazon.com/step-functions/latest/dg/amazon-states-language-state-machine-structure.html)

Types of Invoking a Step Function:

  1. Run a job: This type of invocation involves invoking a Step Function to run a job and waiting for the request to complete. Once the request is completed, the next step in the workflow, such as joining data, can be executed. 
  2. Request-Response*: In this approach, a client sends a request to a Step Function, which coordinates the execution of the request and returns a response to the client. For example, a Step Function can be integrated with AWS Simple Notification Service (SNS) in the express mode, where the function waits for the response from SNS before proceeding to the next step in the workflow.
  3. Await Callback: This type of invocation involves waiting for a callback, which can be either a success or a failure callback. In this approach, the Step Function invokes a service and waits for the response before proceeding to the next step in the workflow.
  4. Saga Orchestration Pattern: This pattern manages long-running transactions across multiple services.

*Express Workflows only support the Request-Response method of invocation.

Securing a Step Function

Securing a Step Function can be divided into the following categories:

Read more
Follow

Links

Categories

Archives

Tags

AWS1
Android1
BurpSuite1
Cloud1
Fingerprinting1
Firewall1
Google1
IAM1
JA31
Open Source1
Remote Work1
Security1
Statemachines1
Step-Functions1
TLS1
Trackers1

Recents

Your browser is out-of-date!

Update your browser to view this website correctly.&npsb;Update my browser now

×

×