Update 06/04/2023: AWS announced that S3 now enables the “block public access” and “disable ACL” settings for all new buckets. It’s great to see these being enabled by default. But the points I raised in the post still stand. The default encryption (SSE-S3) only protects against situations when someone has stolen data from AWS servers/disks …
Yes, S3 now encrypts objects by default, but your job is not done yet Read More »
Update 24/05/2023: As Lee James Gilmore pointed out on Twitter, the unit of deployment of CDK is the CDK app. A CDK app can contain multiple CloudFormation stacks and they can be changed together (in a single commit) and deployed together. And that’s absolutely fine and compatible with what I’m advocating for in this post. …
This is why you should keep stateful and stateless resources together Read More »
Testing Step Functions can be a daunting task. However, with a little preparation and effort, the testing process can be simplified and streamlined. In this article, we will provide a practical strategy on how to test Step Functions. So let’s start by setting the stage and introducing the players. What makes Step Functions hard to test? …
re:Invent is almost upon us. Judging by the things that had been announced ahead of re:Invent, one can’t help but be excited about the main event itself! Here is a list of the serverless-related announcements so far that you should know about. Payload-based message filtering for Amazon SNS Here’s the official announcement. This is arguably the …
The biggest preinvent serverless announcements you may have missed Read More »
AWS announced a new feature this week that lets you enable WAF protection for Cognito user pools. And one of the things you can do with this is to implement geo-fencing and IP allow/deny lists. Geo-fencing and IP allow/deny lists are usually implemented in the frontend as well as the backend APIs. But users (and …
How to setup geofencing and IP allow-list for Cognito user pool Read More »
Update 04/08/2022: turns out there are some valid reasons (analytics and potentially SEO) for redirecting from the apex domain to www. Please see comments from Michael Hart, Mike Lamb and Tyler Love to my tweet here for more details. I have used Amplify to host all my single-page applications, including the newly revamped sites …
Amplify: you shouldn’t allow redirect from apex to www Read More »
How Lambda pricing works When it comes to cost, Lambda charges you based on the amount of memory you allocate to the function and how long this function runs for by the millisecond. And it also charges you a fixed fee of 20 cents per million invocations. source: https://aws.amazon.com/lambda/pricing There can be other costs involved, …
Testing serverless architectures doesn’t have to be hard, and it doesn’t have to be slow.
Let me share my approach with you, and show you how I achieve a fast feedback loop by writing remocal tests against ephemeral environments, and how you can turbocharge your workflow as well. Once you “get it”, serverless testing can be a joy :-)
It’s been two years since I last wrote about Lambda layer and when you should use it. Most of the problem I discussed in that original post still stands: It makes it harder to test your functions locally. You will still need those dependencies to execute your function code locally as part of your tests. …
Lambda layer: not a package manager, but a deployment optimization Read More »
An interesting question came up in a conversation today: “How should I manage the Route53 DNS records in a multi-account environment?” Suppose you have configured an AWS Organization with different accounts for dev, staging and production environments. And you have registered the root domain for your application in the master AWS account. When working with …
How to manage Route53 hosted zones in a multi-account environment Read More »
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.