How to enable CORS on API Gateway with Lambda proxy integration?
When building single-page applications (SPA), you will sooner or later stumble upon Cross-Origin Resource Sharing (CORS). In short, a browser does only allow requests to the same same origin (domain, protocol and port), that was used for the initial req...Read more
Unboxing Amazon Timestream
My first job after graduation in 2011 was all about time-series data. My first task was to connect an exchange data feed with our on-premises time-series database (we used kdb+ by KX Systems). Whenever the exchange matches a buyer and seller, a trade is...Read more
Caching on AWS 101
Oftentimes, the idea of adding a caching layer arises when users start complaining about the performance of an application. Adding a cache to your architecture does not solve all problems — especially when implementing that change under pressure to fix ...Read more
Have you replaced IAM Users with AWS SSO yet?
The most secure option to isolate workloads from each other is to use multiple AWS accounts. Many organizations use different AWS accounts for testing and production, for example. The more AWS accounts you use, the more complicated it gets to manage use...Read more
Amazon ECR vs. Docker Hub vs. GitHub Container Registry
Have you worked with a Linux package manager like apt or yum before? A container registry is similar, but instead of packages, it distributes container images. A container registry is a crucial aspect of a containerized workflow and infrastructure. This...Read more
I'm losing trust in AWS. SNS is broken for 24 days.
I’m frustrated. A major service of AWS is broken for 24 days. The Simple Notification Service (SNS) delivers messages to HTTPS subscriptions with a delay of more than 30 minutes. That issue impacts our SaaS business. But AWS did not fix the problem yet ...Read more
AWS needs a bug bounty program
A few weeks ago, while evaluating an AWS service, I stumbled upon an issue with the way the AWS API evaluates IAM policies for a particular IAM action. I contacted firstname.lastname@example.org about that and was positively surprised about the professionalism...Read more
Record AWS API calls to improve IAM Policies
Have you ever looked at an IAM policy and wondered: Is it really necessary to grant access to this specific action? Or do you need to know which API calls a legacy or 3rd party application is actually sending to come up with a secure IAM policy? CloudTr...Read more
NoSQL on AWS: Document-Oriented Databases
A document-oriented database stores keys mapped to JSON documents. You can query all documents in such a document-oriented database and retrieve only parts of documents to save network bandwidth. This is a cross-post from the Cloudcraft blog. A data ...Read more
Review: AWS App Mesh – A service mesh for EC2, ECS, and EKS
It seems to me like everyone is talking about service meshes these days - definetly a hot topic in the world of containers and microservices. A service mesh promises reducing latency, increasing observability, and simplifying security within microservic...Read more