Daniel Ancuta

As you might have noticed by the title, Soft Skills by John Z. Sonmez is not a typical book for developers. But is it? Even though this book doesn’t talk about technical aspects like the structure of your code,

Logging is part of every application, at least they should, but often logs contain sensitive information. PII (Personally Identifiable Information), PHI (Protected Health Information), and other confidential data often end up in logs - often unintentionally.

The easiest way to configure your CI/CD pipeline with AWS is to just create long-lived credentials, access and secret key, and store them in GitHub Actions. While this method works, it has several security risks:

Sharing secrets across microservices creates security risks. Not only when one of the microservices is compromised, as then during rotation of single secret all of your microservices will be affected. Leading to potential downtimes.

Regardless of whether you’re working on a product in a regulated industry like healthcare or finance, or building products that do not require such strict rules, maintaining control over your repositories is essential.

Regardless of whether you just need to make a quick manual change or it’s part of your CI/CD process, AWS CLI can be very useful for both scenarios. Let’s dig into updating AWS CloudFront with AWS CLI!

Streaming GitHub audit log to one centralized place is quite often used to maintain compliance or improve security within the organization, or both. If you are reading this post, you are having trouble setting up this stream to your AWS S3.

AWS Amplify is a great tool when you’re building web and mobile apps, and you want to integrate them easily with the backend. In a few simple steps, you can have a working GraphQL endpoint, storage on the backend, authentication, and authorization through Cognito.

We might argue about what is the important aspect of good communication. But what are the few basic principles of communication where, at least, two parties will understand each other? Use of the same Glossary, happens in Real Time and uses Same language.

Many people do not like to write documentation, or if they do, it’s often detached from the source code, leading to it quickly becoming outdated. This is a common problem I’ve noticed in the majority of closed-source codebases I’ve had the chance to work with.

There are multiple strategies to mitigate the number of bugs and problems with the app in production. Some teams focus on unit tests, functional tests, integration tests, manual tests, multiple environments to run those, and build the artifact of the app.

If you work in the AWS ecosystem, sooner or later, you will deal with AWS Cognito. AWS Cognito is meant to help you with customer identity and access management. So you’ve decided to use AWS Cognito for the first time, or you’ve used it already.

If you use GitHub to store your repositories, you may also be utilizing GitHub Actions. I’ve been using it for several years across multiple projects. There have been a few instances where I had to debug a failing workflow.

What is PostgREST? # As the authors themselves say: PostgREST is a standalone web server that transforms your PostgreSQL database directly into a RESTful API. The structural constraints and permissions in the database determine the API endpoints and operations.

When you’re building an API that is used by either a mobile or desktop app, you will eventually encounter a situation where you need to confirm how the app uses your API.

Every, well respected, tech blog has to have “First post”. Place where you can check if plugin for syntax is working as expected, peaking of which: print("Hello World") It does work, at least on my machine.