Yan Cuiintheburningmonk.comFine-grained access control in API Gateway with Cognito access token and scopesIn security and access control, authentication and authorization are two distinct yet interconnected concepts.Sep 14Sep 14
Yan Cuiintheburningmonk.comIs it safe to use ID tokens with Cognito authorizers?A common narrative is that one should always use access tokens to call your APIs, while ID tokens are strictly for identifying users.Sep 3Sep 3
Yan Cuiintheburningmonk.comFine-grained access control in API Gateway with Cognito groups & Lambda authorizerIn security and access control, authentication and authorization mean two distinct but related things.Aug 29Aug 29
Yan Cuiintheburningmonk.comWhat’s the best way to do fan-out/fan-in serverlessly in 2024?Back in 2018, I shared [1] several ways to implement fan-out/fan-in with Lambda. A lot has changed since, so let’s explore the solution…Aug 4Aug 4
Yan Cuiintheburningmonk.comI’m sorry, but the way you adopt serverless is wrongThere is often the sense that going serverless means going microservices and event-driven architectures, too.Jul 3Jul 3
Yan Cuiintheburningmonk.comHow to handle execution timeouts in AWS Step FunctionsStep Functions lets you set a timeout on Task states and the whole execution.Apr 211Apr 211
Yan Cuiintheburningmonk.comHow to apply the TDD mindset to serverlessTesting is an integral part of software development. Your tests are a living documentation of your system. They inform others how to use…Apr 9Apr 9
Yan Cuiintheburningmonk.comHere are four ways you can implement WebSockets using serverlessThe myth that “you can’t do WebSockets with serverless” still persists today, even though we have some very good ways to implement…Apr 31Apr 31
Yan Cuiintheburningmonk.comDynamoDB now supports resource-based policies. But is that a good idea?DynamoDB announced support for resource-based policies [1] a few days ago. It makes cross-account access to DynamoDB tables easier. You no…Mar 231Mar 231
Yan Cuiintheburningmonk.comWhen to use Step Functions vs. doing it all in a Lambda functionI’m a big fan of AWS Step Functions. I use it to orchestrate all sorts of workflows, from payment processing to map-reduce jobs.Mar 10Mar 10