When I stumbled across An introduction to medieval cities and cloud security I wondered why anyone still uses the castle model seriously to discuss security. I’m fairly certain this is not a suitable mental model anymore. In today’s cloud how can we for sure say what’s inside and what’s outside? In a micro-services architecture do you build lots of small castles? Can you even do this sensibly on the network layer?

Reading it again I realized it should probably be more read as metaphors for the different security mechanisms available in a cloud environment and how to combine them. This makes a lot more sense. However it’s still mainly applicable to IaaS type environments where you basically build the complete infrastructure.

If you look at serverless applications there’s typically no VPC and all which remains are access control checks and checks within the application.

Therefore I still think we should stop describing architectures or security approaches using this metaphor. It limits our thinking and may even prevent us from choosing the proper security controls for cloud native applications.