We’re using several serverless.com projects now on AWS and I wonder if its possible to avoid DDOS/Brute force attacks by using AWS products, or built in features.
What we for example want to avoid:
- Huge invoices because someone floods an endpoint (to be solved by AWS budgets, or is there a better way?)
- Same for brute forcing a specific route, for example calling the login route 100 times a minute. of course also here (1) applies, but here more in terms of security
Any thoughts appreciated, best would be to get this all configured by serverless.yml itself, if possible