The Old Faithful: Why SSM Parameter Store still reigns over Secrets Manager

Managing and securing application secrets is a crucial part of any cloud-native application. AWS offers two primary services: the Systems Manager (SSM) Parameter Store and the more recent Secrets Manager. You might think Secrets Manager is the better choice for managing secrets because it’s a newer service and offers more advanced features such as cross-region …

The Old Faithful: Why SSM Parameter Store still reigns over Secrets Manager Read More »

Implementing Magic Links with Amazon Cognito: A Step-by-Step Guide

Last week, we looked at implementing passwordless authentication using one-time passwords (OTPs) using Cognito. Another popular passwordless authentication method is magic links where: The user initiates the sign-in process by entering their email in your application. They receive an email with a time-limited URL. The user clicks on the URL and is authenticated into the …

Implementing Magic Links with Amazon Cognito: A Step-by-Step Guide Read More »

Passwordless Authentication made easy with Cognito: a step-by-step guide

Password-based authentication has long been the norm for securing user accounts. However, it is becoming increasingly clear that password-based authentication has several drawbacks. Such as the risk of password theft, the need for users to remember complex passwords, and the time and effort required to reset forgotten passwords. Fortunately, more and more websites have started …

Passwordless Authentication made easy with Cognito: a step-by-step guide Read More »

The biggest problem with EventBridge Scheduler and how to fix it

The launch of EventBridge Scheduler was one of the highlights for me for re:Invent 2022. Finally, we have a scalable service that lets us schedule ad-hoc, one-off tasks in a serverless way! For longtime followers of my work, you might have read “Serverless Architectures on AWS, 2nd Edition”. In the book, I spent an entire …

The biggest problem with EventBridge Scheduler and how to fix it Read More »

3 ways to manage concurrency in serverless applications

Many software engineering concepts show up in different contexts. Modularity, the single-responsibility principle and separation of concerns are just a few examples that come to mind. They are equally applicable to how we write code, architect our systems and organize our teams. Similarly, there are many parallels between multithreaded programming and event-driven architectures. For example, …

3 ways to manage concurrency in serverless applications Read More »

How to handle serverful resources when using ephemeral environments

I’m a big fan of using ephemeral (or temporary) environments when I’m building serverless architectures. I have written about this practice before and I believe it’s one of the most important practices that have co-evolved with the rise of serverless technologies. It takes advantage of the pay-per-use pricing model offered by many serverless technologies such …

How to handle serverful resources when using ephemeral environments Read More »

Yes, S3 now encrypts objects by default, but your job is not done yet

Encryption at rest has long been a cornerstone in data security and it’s something that everyone should take seriously. If an attacker is able to get a hold of your data, encryption at rest becomes your last line of defence. For instance, in the recent LastPass security breach, the attacker was able to steal customers’ …

Yes, S3 now encrypts objects by default, but your job is not done yet Read More »

This is why you should keep stateful and stateless resources together

Loose coupling and high cohesion are two of the most essential software engineering principles. Unrelated things should stay apart, while related elements should be kept together. These principles apply at all levels of our application — from the system-level architecture all the way down to individual modules or functions. With this simple principle in mind, …

This is why you should keep stateful and stateless resources together Read More »

Year in review, 2022

As the curtain draws on 2022, here’s my year in numbers: 1 book 2 on-demand video courses 1023 students enrolled in my video courses 4 public workshops 118 workshop students 21 blog posts 4 YouTube videos 14 podcast episodes 16 public speaking engagements Serverless Architectures on AWS In February 2022, after nearly two years of hard …

Year in review, 2022 Read More »

A practical guide to testing AWS Step Functions

Testing Step Functions can be a daunting task. However, with a little preparation and effort, the testing process can be simplified and streamlined. In this article, we will provide a practical strategy on how to test Step Functions. So let’s start by setting the stage and introducing the players. What makes Step Functions hard to test? …

A practical guide to testing AWS Step Functions Read More »

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close