Using Azure API Management to prevent Denial of Wallet attacks

While it would be high near impossible to DDoS a solution running on a serverless platform (scaling would just continue to handle all the requests it needed to), somebody still has to pay for the execution. Most (good) serverless implementations use what is often called “micro-billing” whereby you are billed only for each *actual execution* of your code. But, if we think of this nefariously and I send a few thousand requests/second to your endpoints guess what happens. Yup, one hefty bill. This has become known as a Denial of Wallet attack.

Monitoring the Nuget feed using Azure Functions

Serverless approaches are great for quick, simple jobs that need to run periodically – let’s explore using Azure Functions for just one such application; to poll the Nuget feed for updates to a package we’re interested in.