Skip to main content
Daniel Ancuta

Daniel Ancuta

Backend team lead, with 16+ years of hands-on experience with modern technologies, as well as 4+ years of experience in leading of development teams. Let us get in touch!

Recent

Book: Soft Skills by John Z. Sonmez
·255 words·2 mins
books book review career productivity learning
As you might have noticed by the title, Soft Skills by John Z. Sonmez is not a typical book for developers. But is it? Even though this book doesn’t talk about technical aspects like the structure of your code,
Protect Sensitive Data in Logs with AWS CloudWatch Data Masking
·499 words·3 mins
aws cloudwatch security data compliance data masking logs pii phi devops security hardening
Logging is part of every application, at least they should, but often logs contain sensitive information. PII (Personally Identifiable Information), PHI (Protected Health Information), and other confidential data often end up in logs - often unintentionally.
GitHub Actions: Security Hardening With OpenID Connect
·772 words·4 mins
github actions openid connect aws ci/cd security iam devops enterprise security security hardening
The easiest way to configure your CI/CD pipeline with AWS is to just create long-lived credentials, access and secret key, and store them in GitHub Actions. While this method works, it has several security risks:
Secrets Management in AWS: Using Secrets Manager
·695 words·4 mins
aws secrets manager devops microservices security aws lambda kms ci/cd
Sharing secrets across microservices creates security risks. Not only when one of the microservices is compromised, as then during rotation of single secret all of your microservices will be affected. Leading to potential downtimes.
GitHub Rulesets: Your Safeguard for Your Repositories
·427 words·3 mins
github pull requests code quality devops version control best practices code review secure coding compliance healthcare tech enterprise security
Regardless of whether you’re working on a product in a regulated industry like healthcare or finance, or building products that do not require such strict rules, maintaining control over your repositories is essential.
Update AWS CloudFront configuration using AWS CLI
·218 words·2 mins
aws cloudfront aws cli
Regardless of whether you just need to make a quick manual change or it’s part of your CI/CD process, AWS CLI can be very useful for both scenarios. Let’s dig into updating AWS CloudFront with AWS CLI!
Streaming GitHub audit log to S3 with OpenID Connect - Troubleshooting
·440 words·3 mins
github s3 audit log streaming
Streaming GitHub audit log to one centralized place is quite often used to maintain compliance or improve security within the organization, or both. If you are reading this post, you are having trouble setting up this stream to your AWS S3.
AWS Amplify Override Amplify-generated resources. On example with resolvers.
·1066 words·6 mins
aws amplify aws appsync appsync resolver override amplify TypeScript aws cdk
AWS Amplify is a great tool when you’re building web and mobile apps, and you want to integrate them easily with the backend. In a few simple steps, you can have a working GraphQL endpoint, storage on the backend, authentication, and authorization through Cognito.
Protocol Buffers RPC calls through WebSockets on AWS Lambda with API Gateway
·1126 words·6 mins
protocol buffers websockets aws lambda python devops
We might argue about what is the important aspect of good communication. But what are the few basic principles of communication where, at least, two parties will understand each other? Use of the same Glossary, happens in Real Time and uses Same language.
Docs Like Code by Anne Gentle
·304 words·2 mins
github books book review
Many people do not like to write documentation, or if they do, it’s often detached from the source code, leading to it quickly becoming outdated. This is a common problem I’ve noticed in the majority of closed-source codebases I’ve had the chance to work with.
Error tracking and incident response on production with Sentry + Squadcast + Linear + Slack
·997 words·5 mins
sentry squadcast linear slack production incident error monitoring devops
There are multiple strategies to mitigate the number of bugs and problems with the app in production. Some teams focus on unit tests, functional tests, integration tests, manual tests, multiple environments to run those, and build the artifact of the app.
Strategies to Migrate Users to AWS Cognito Pool
·1397 words·7 mins
aws aws cognito devops
If you work in the AWS ecosystem, sooner or later, you will deal with AWS Cognito. AWS Cognito is meant to help you with customer identity and access management. So you’ve decided to use AWS Cognito for the first time, or you’ve used it already.
Debugging GitHub Actions Remotely
·174 words·1 min
github tools github actions ci/cd devops
If you use GitHub to store your repositories, you may also be utilizing GitHub Actions. I’ve been using it for several years across multiple projects. There have been a few instances where I had to debug a failing workflow.
PostgREST - Write Your REST Server in SQL
·330 words·2 mins
postgresql rest tools
What is PostgREST? # As the authors themselves say: PostgREST is a standalone web server that transforms your PostgreSQL database directly into a RESTful API. The structural constraints and permissions in the database determine the API endpoints and operations.
Use of HTTP proxy (Charles Proxy) to debug mobile/desktop apps.
·631 words·3 mins
http tools debug http proxy
When you’re building an API that is used by either a mobile or desktop app, you will eventually encounter a situation where you need to confirm how the app uses your API.
First post
·97 words·1 min
Every, well respected, tech blog has to have “First post”. Place where you can check if plugin for syntax is working as expected, peaking of which: print("Hello World") It does work, at least on my machine.