When hosting workload with AWS, one of the key security principles we follow is — Least Privilege Access. The idea is to give the minimum set of permissions required for the service to perform the business. But when you work with Kubernetes to host your containerised workload, this principle at times goes for a toss. How??? Let’s see —

Assume Example Corp. has 2 applications which needs different permission set to execute their business logic.


More or less every application you develop has sensitive data that it uses to execute some business logic. It could be username and password to connect to a Database, or an application key and secret to connect to a 3rd party service. Using these secrets in the code is straight forward but keeping these secrets secure is a big challenge.

If your workload is containerized and you are using Kubernetes (k8s) as an orchestration engine, then there is some relief. k8s has a native resource called Secret which lets you manage and store sensitive data. It sores secrets as unencrypted…


This blog gives you a high-level overview of exposing services running inside a private Kubernetes cluster @AWS Public Cloud using EKS managed service to the external world. You will get a taste of Architecting the system given a set of constraints. So, if you want to go beyond “Hello World Kubernetes”, continue reading!!!

A company has some services running in AWS Cloud and some in On-Premise Data Center. The company is looking to close its On-Premise data centre for cost reason and has asked the application team to move all the services to AWS.

The blog does not focus on…


Serverless architecture is a way to build and run applications and services without having to manage infrastructure. The approach helps the teams to focus on the actual business value add and forget about the Infrastructure management. There are many other advantages with Serverless based architecture and you could find blogs covering the same.

The focus of this blog is to cover some of the Serverless Architecture patterns that I have used in real life projects. Let’s take a look at them —

Pattern 1 — This is the simplest architecture pattern that you would come across the moment you search…


Workload migration from On-Premise to Cloud is getting common now a days. Teams are migrating their workloads because of multiple reasons. They prepare a huge migration checklist but one area where I generally see Teams having question is — How do we dial the traffic from On-Premise to Cloud — what all options do I have?

To be very honest, every Cloud Migration is unique in some or the other way. It comes with its own set of challenges. So, there is no silver bullet for the problem.

In this blog, I have tried to summarize some of the common…


Everyone is loving Serverless. It supports more or less all the use cases, be it creating Web based application, Exposing Rest APIs with Rate limit, Event based Asynchronous processing and many more. But one thing that generally force people to think about is — Executing long running tasks in Serverless?

In almost all the Enterprise applications, there is a high probability of having a use case which needs long running tasks. For example —

With the limitations we have with…


Continuing with our Design Journey of YAFDP Application using AWS Serverless Stack from earlier parts —

Part 1How to structure Microservices using AWS Serverless stack and using Synchronous Request-Response pattern with API Gateway and Lambda

Part 2Covers Designing of Asynchronous event submission using API Gateway, SQS and Lambda. And how to implement Saga Orchestration Pattern with Serverless Step Function service.

Part 3Covers approach of sending the status of asynchronous task submission, in our case New Food Order Placement, to the client.

Part 4 — Covers Placing New Food Delivery Order using Choreograph Saga Event…


Continuing with our Design Journey of YAFDP Application using AWS Serverless Stack from earlier parts —

Part 1How to structure Microservices using AWS Serverless stack and using Synchronous Request-Response pattern with API Gateway and Lambda

Part 2Covers Designing of Asynchronous event submission using API Gateway, SQS and Lambda. And how to implement Saga Orchestration Pattern with Serverless Step Function service.

Part 3Covers approach of sending the status of asynchronous task submission, in our case New Food Order Placement, to the client.

Part 4 (This blog) — Covers Placing New Food Delivery Order using Choreograph…


Continuing with our Design Journey of YAFDP Application using AWS Serverless Stack from earlier parts —

Part 1How to structure Microservices using AWS Serverless stack and using Synchronous Request-Response pattern with API Gateway and Lambda

Part 2Covers Designing of Asynchronous event submission using API Gateway, SQS and Lambda. And how to implement Saga Orchestration Pattern with Serverless Step Function service.

Part 3 (This blog) — Covers approach of sending the status of asynchronous task submission, in our case New Food Order Placement, to the client.

Part 4 — Covers Placing New Food Delivery Order using Choreograph…


Continuing with our Design Journey of YAFDP Application using AWS Serverless Stack from earlier parts —

Part 1 How to structure Microservices using AWS Serverless stack and using Synchronous Request-Response pattern with API Gateway and Lambda

Part 2 (This blog) — Covers Designing of Asynchronous event submission using API Gateway, SQS and Lambda. And how to implement Saga Orchestration Pattern with Serverless Step Function service.

Part 3Covers approach of sending the status of asynchronous task submission, in our case New Food Order Placement, to the client.

Part 4 — Covers Placing New Food Delivery Order using Choreograph…

Naresh Waswani

#AWS #CloudArchitect #CloudMigration #Microservices #Mobility #IoT

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store