A3. Addendum: Azure Function Specificities

Due to Azure Function concept of ephemeral containers, pyrasp behavior is slighlty different and has a few limitations compared to other platforms.

Limitations

Beacons

Beacon is implemented in a different way for in pyrasp as containers are ephemeral.

Consequently beacons are sent in 2 specific cases:

At agent startup
When a request is received and the last beacon was sent in a time period greater than the value specified in the BEACON_DELAY parameter

Therefore, on low traffic functions, monitoring may report agents as down while they remain active (but didn't process any request in the BEACON_DELAY timeframe).

Latency

With all security modules enabled, the processing of a request doesn't add noticeable latency. However, when the instance is in "cold" state (meaning the container needs to be restarted), the processing of the request requires restart of the pyrasp module. This adds about 5 seconds latency to the global processing if the request.

Logs

Country of source IP is not resolved in security logs, this prevents from additional latency in the requests processing. The field in logs is set to an empty string.

PreviousA2. Addendum: Google Cloud Functions Specificities NextA4. Contact & Support

Last updated 5 months ago