

Recent
Book: Soft Skills by John Z. Sonmez
·255 words·2 mins
books
book review
career
productivity
learning
As you might have noticed by the title, Soft Skills by John Z. Sonmez is not a typical book for developers.
But is it?
Even though this book doesn’t talk about technical aspects like the structure of your code,
Protect Sensitive Data in Logs with AWS CloudWatch Data Masking
·499 words·3 mins
aws
cloudwatch
security
data compliance
data masking
logs
pii
phi
devops
security hardening
Logging is part of every application, at least they should, but often logs contain sensitive information.
PII (Personally Identifiable Information), PHI (Protected Health Information), and other confidential data often end up in logs - often unintentionally.
GitHub Actions: Security Hardening With OpenID Connect
·772 words·4 mins
github actions
openid connect
aws
ci/cd
security
iam
devops
enterprise security
security hardening
The easiest way to configure your CI/CD pipeline with AWS is to just create long-lived credentials, access and secret key, and store them in GitHub Actions.
While this method works, it has several security risks:
Secrets Management in AWS: Using Secrets Manager
·695 words·4 mins
aws
secrets manager
devops
microservices
security
aws lambda
kms
ci/cd
Sharing secrets across microservices creates security risks. Not only when one of the microservices is compromised, as then during rotation of single secret all of your microservices will be affected. Leading to potential downtimes.
GitHub Rulesets: Your Safeguard for Your Repositories
·427 words·3 mins
github
pull requests
code quality
devops
version control
best practices
code review
secure coding
compliance
healthcare tech
enterprise security
Regardless of whether you’re working on a product in a regulated industry like healthcare or finance, or building products that do not require such strict rules, maintaining control over your repositories is essential.
Update AWS CloudFront configuration using AWS CLI
·218 words·2 mins
aws
cloudfront
aws cli
Regardless of whether you just need to make a quick manual change or it’s part of your CI/CD process, AWS CLI can be very useful for both scenarios.
Let’s dig into updating AWS CloudFront with AWS CLI!
Streaming GitHub audit log to S3 with OpenID Connect - Troubleshooting
·440 words·3 mins
github
s3
audit log
streaming
Streaming GitHub audit log to one centralized place is quite often used to maintain compliance or improve security within the organization, or both.
If you are reading this post, you are having trouble setting up this stream to your AWS S3.
AWS Amplify Override Amplify-generated resources. On example with resolvers.
·1066 words·6 mins
aws
amplify
aws appsync
appsync resolver
override amplify
TypeScript
aws cdk
AWS Amplify is a great tool when you’re building web and mobile apps, and you want to integrate them easily with the backend.
In a few simple steps, you can have a working GraphQL endpoint, storage on the backend, authentication, and authorization through Cognito.
Protocol Buffers RPC calls through WebSockets on AWS Lambda with API Gateway
·1126 words·6 mins
protocol buffers
websockets
aws
lambda
python
devops
We might argue about what is the important aspect of good communication.
But what are the few basic principles of communication where, at least, two parties will understand each other? Use of the same Glossary, happens in Real Time and uses Same language.
Docs Like Code by Anne Gentle
·304 words·2 mins
github
books
book review
Many people do not like to write documentation, or if they do, it’s often detached from the source code, leading to it quickly becoming outdated.
This is a common problem I’ve noticed in the majority of closed-source codebases I’ve had the chance to work with.
Error tracking and incident response on production with Sentry + Squadcast + Linear + Slack
·997 words·5 mins
sentry
squadcast
linear
slack
production incident
error monitoring
devops
There are multiple strategies to mitigate the number of bugs and problems with the app in production. Some teams focus on unit tests, functional tests, integration tests, manual tests, multiple environments to run those, and build the artifact of the app.
Strategies to Migrate Users to AWS Cognito Pool
·1397 words·7 mins
aws
aws cognito
devops
If you work in the AWS ecosystem, sooner or later, you will deal with AWS Cognito.
AWS Cognito is meant to help you with customer identity and access management.
So you’ve decided to use AWS Cognito for the first time, or you’ve used it already.
Debugging GitHub Actions Remotely
·174 words·1 min
github
tools
github actions
ci/cd
devops
If you use GitHub to store your repositories, you may also be utilizing GitHub Actions. I’ve been using it for several years across multiple projects. There have been a few instances where I had to debug a failing workflow.
PostgREST - Write Your REST Server in SQL
·330 words·2 mins
postgresql
rest
tools
What is PostgREST? # As the authors themselves say:
PostgREST is a standalone web server that transforms your PostgreSQL database directly into a RESTful API. The structural constraints and permissions in the database determine the API endpoints and operations.
Use of HTTP proxy (Charles Proxy) to debug mobile/desktop apps.
·631 words·3 mins
http
tools
debug
http proxy
When you’re building an API that is used by either a mobile or desktop app, you will eventually encounter a situation where you need to confirm how the app uses your API.
First post
·97 words·1 min
Every, well respected, tech blog has to have “First post”. Place where you can check if plugin for syntax is working as expected, peaking of which: print("Hello World") It does work, at least on my machine.