Application Security provides serverless capability for the following platforms and libraries:

AWS Lambda

Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.

Supported trigger types

Threat Detection supports HTTP requests as function input only, as that channel has the highest likelihood of attackers exploiting a serverless application. HTTP requests typically come from AWS services such as:

• Application Load Balancer (ALB)
• API Gateway v1 (Rest API)
• API Gateway v2 (HTTP API)
• Function URL

Additional language specific compatibility information

Node.js

If you are bundling using webpack or esbuild, follow the specific bundler instructions.

Python

Java

To fully instrument your serverless application with distributed tracing, your Java Lambda functions must use the Java 8 Corretto (java8.al2), Java 11 (java11) or Java 17 (java17) runtimes with at least 1024MB of memory.

If you use the Datadog Lambda layers dd-trace-java:4 (or older) and Datadog-Extension:24 (or older), follow the instructions in Upgrade Instrumentation for Java Lambda Functions.

Go

.NET

Google Cloud Run

Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.

Azure App Service

Only web applications are supported. Azure Functions are not supported.

Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.