AWS re:Invent 2025 - Securing event-driven architectures: from sync to async security (SPS323)

Securing Event-Driven Architectures: From Sync to Async Security

Introduction to Event-Driven Architectures

• Event-driven architectures are becoming increasingly popular as they offer several benefits over traditional synchronous architectures:
  • Loose coupling between system components
  • Improved scalability and performance
  • Asynchronous processing for better user experience
  • Event sourcing for tracking system state changes
  • Increased flexibility for updating and evolving applications

Migrating to an Event-Driven Architecture: The Noville Mer Case Study

• Noville Mer, an e-commerce company, decided to migrate from a synchronous to an event-driven architecture using AWS Event Bridge.
• The initial synchronous architecture had several issues, including scalability problems and impact on the user experience.
• The new event-driven architecture leveraged Event Bridge to decouple the different components and improve overall performance.

Securing Event-Driven Architectures: Challenges and Solutions

External Access Control

• The initial version of the Event Bridge policy had a wildcard that allowed any account to write events, leading to security issues.
• The team updated the policy to restrict access to only accounts within the organization, improving the first line of defense.

Internal Access Control

• Even with the updated policy, the team discovered that other teams were able to write events to the Event Bridge, leading to integrity issues.
• The team implemented a more granular policy, restricting access to specific IAM roles and validating the event content to ensure only authorized producers could write events.

Message Integrity

• The team identified issues with message standardization, where different producers were sending events with inconsistent data formats.
• They leveraged the AWS Event Schema Registry to define and enforce a common schema for the events, ensuring message integrity and enabling easier evolution of the event structure.

Monitoring and Auditing

• To detect any unauthorized changes to the Event Bridge configuration or policies, the team implemented AWS Config rules and custom Lambda functions to continuously monitor and audit the environment.
• This allowed them to receive notifications and take action whenever changes were detected that could potentially compromise the security of the event-driven architecture.

Key Takeaways and Recommendations

1. Organizational-level Controls: Use Service Control Policies (SCPs) to enforce security controls at the organization level.
2. Account-level Controls: Implement least-privilege IAM permissions and use resource policies to control access to Event Bridge.
3. Service-level Controls: Specify event patterns in Event Bridge rules to ensure only authorized events are processed.
4. Schema Validation: Use the AWS Event Schema Registry to define and enforce a common schema for events, ensuring message integrity.
5. Monitoring and Auditing: Leverage AWS Config and custom rules to detect and alert on any changes to the Event Bridge configuration or policies.
6. Network Isolation: Use VPC endpoints to isolate Event Bridge access and control connectivity.
7. Behavioral Analytics: Implement rules and metrics to detect anomalous behavior and potential security incidents.

Conclusion

By addressing the security challenges at the organizational, account, service, and monitoring levels, organizations can effectively secure their event-driven architectures and ensure the integrity, reliability, and scalability of their systems.