AWS Bites

This is a special episode recorded live during a live coding session on YouTube (2022-09-16). The audio-only experience might not be the best one, so if you are curious to see the video and enjoy our diagrams and screen sharing, please check this episode on YouTube: https://www.youtube.com/watch?v=vVic3oqqqfY. How can you build a WeTransfer or a Dropbox Transfer clone on AWS?  This is our fourth live coding stream. In this episode, we started looking into adding some security to our application. Specifically, we started implementing a device auth flow on top of AWS Cognito to allow our file upload CLI application to get some credentials.  All our code is available in this repository: https://github.com/awsbites/weshare.click In this episode we mentioned the following resources: Content-Disposition Header on MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition OAuth 2 Device Auth flow RFC8628: https://www.rfc-editor.org/rfc/rfc8628  XKCD Comic about password security: https://xkcd.com/936/ crypto-random-string package: https://www.npmjs.com/package/crypto-random-string Dash offline documentation app: https://kapeli.com/dash You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS:  https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #AWS #livecoding #transfer

This is a special episode recorded live during a live coding session on YouTube (2022-08-31). The audio-only experience might not be the best one, so if you are curious to see the video and enjoy our diagrams and screen sharing, please check this episode on YouTube: https://www.youtube.com/watch?v=hlW_RwRgskI How can you build a WeTransfer or a Dropbox Transfer clone on AWS?  This is our third live coding stream. In this episode, we made our lambdas better by adding observability best practices (structured logs, metrics and tracing) through Lambda Power Tools for TypeScript and Middy. We also created a simple Node.js CLI to easily upload files from the command line. All our code is available in this repository: https://github.com/awsbites/weshare.click Some of the resources we mentioned: Lambda power tools for TypeScript: https://awslabs.github.io/aws-lambda-powertools-typescript/latest/ Middy: Node.js middleware framework for AWS Lambda: https://middy.js.org/ Getting to Well Architected Faster with AWS Lambda Powertools (article): https://www.fourtheorem.com/blog/aws-lambda-powertools You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS:  https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #AWS #livecoding #transfer

This is a special episode recorded live during a live coding session on YouTube (2022-08-24). The audio-only experience might not be the best one, so if you are curious to see the video and enjoy our diagrams and screen sharing, please check this episode on YouTube: https://youtu.be/4wCX32YUtMk How can you build a WeTransfer or a Dropbox Transfer clone on AWS?  This is our second live coding stream. In this episode, we revisited our architecture and added a custom domain to our APIs, and created a new API endpoint that allows us to have download URLs that are much nicer (shorter and branded).    We also added support for the Content-Disposition header to make sure that uploads can specify a file name and that downloads will retain the same file name (regardless of the file key in S3). All our code is available in this repository: https://github.com/awsbites/weshare.click You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS:  https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #AWS #livecoding #transfer

This is a special episode recorded live during a live coding session on YouTube (2022-08-17). The audio-only experience might not be the best one, so if you are curious to see the video and enjoy our diagrams and screen sharing, please check this episode on YouTube: https://www.youtube.com/watch?v=EfRElTYilyY How can you build a WeTransfer or a Dropbox Transfer clone on AWS?  This is our first live coding stream. In this episode, we started a new challenge: building a product live on AWS!  In this first issue, we managed to implement a very simple MVP using S3, API Gateway, and Lambda.  All our code is available in this repository: https://github.com/awsbites/weshare.click You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS:  https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #AWS #livecoding #transfer

In this special episode we announce our next initiative: starting some YouTube coding live streams where we build something on AWS. Specifically we are going to build a file transfer service, just like WeTransfer or Dropbox Transfer! In this episode we announce why we decided to start this, the logistic and some of the details of the product we are going to build. We are really looking forward to pairing with you all live on this build! Make sure you are subscribed to our YouTube channel so you are notified when we go live on Wednesday 17 August! In this episode, we mentioned the following resources: - The YouTube channel that we are going to use to live stream: https://www.youtube.com/AWSBites You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS: https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #AWS #livecoding #transfer

The public cloud gives you amazing machine learning powers with a low barrier to entry. Once you know where to begin, you can quickly build solutions to process images, video, text and audio, as well as structured data. In this episode we talk about the managed AI services that are available on AWS and that require zero machine learning expertise (Rekognition, Polly, Transcribe, Forecast, Personalise, Comprehend, Lex, Textract, Translate). We will also talk about services you can use to create and run your own custom models (SageMaker). We will finally cover some different use cases and some of the things you need to consider before you do machine learning in production. In this episode, we mentioned the following resources: - AI as a Service book https://www.manning.com/books/ai-as-a-service - Julien Simon’s YouTube channel: https://www.youtube.com/c/juliensimonfr - Article by MIT researchers “Amazon’s Rekognition shows gender and ethnic bias”: https://venturebeat.com/2019/01/24/amazon-rekognition-bias-mit/ - Article “One year moratorium on police use of Rekognition”: https://www.aboutamazon.com/news/policy-news-views/we-are-implementing-a-one-year-moratorium-on-police-use-of-rekognition This episode is also available on YouTube: https://www.youtube.com/AWSBites You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS: ​​https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige

If you are thinking of using an external CICD tool to deploy to AWS you are probably wondering how to securely connect your pipelines to your AWS account. You could create a user for your CICD tool of choice and copy some hard coded credentials into it, but, let’s face it: this doesn’t feel like the right - or at least the most secure - approach! In the previous episode we discussed how AWS and GitHub solved this problem by using OIDC identity providers and this seems to be a good solution to the problem. In this episode of AWS Bites we will try to demystify the secrets of OIDC identity providers and explain how they work and what’s the trust model between AWS and an OIDC provider like GitHub actions. We will also explain all the steps required to integrate AWS with GitHub, how JWT works in this particular scenario and other use cases where you could use OIDC providers. In this episode, we mentioned the following resources: - GitHub docs explaining how to integrate with AWS as an OIDC provider: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect - Article “What’s in a JWT” https://loige.co/whats-in-a-jwt - jwtinfo, CLI tool to inspect JWT: https://github.com/lmammino/jwtinfo - AWS action to assume a role from a GitHub Pipeline: https://github.com/aws-actions/configure-aws-credentials#assuming-a-role - Great post by Elias Brange detailing how to setup GitHub OIDC integration for AWS: https://www.eliasbrange.dev/posts/secure-aws-deploys-from-github-actions-with-oidc/ - Previous episode on why you should consider GitHub Actions rather than AWS CodePipeline: https://awsbites.com/44-do-you-use-codepipeline-or-github-actions/ This episode is also available on YouTube: https://www.youtube.com/AWSBites You can listen to AWS Bites wherever you get your podcasts. See https://awsbites.com for all the links. Do you have any AWS questions you would like us to address? Connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige

Discover the essentials of automated continuous build and delivery in modern app development on AWS. Delve into a comparison of AWS CodePipeline and GitHub Actions, including their unique advantages and challenges. Learn how to efficiently use GitHub Actions with YAML configurations and explore the security safeguards against supply chain attacks. Unpack the nuances between self-hosted and managed runners in GitHub Actions, and navigate the often confusing pricing models for CI/CD tools to make informed decisions!

We do love AWS, but sometimes we have to admit that it’s not always a silver bullet. There are definitely use cases where it might be worth considering alternatives to AWS. In this episode we will discuss some of these use cases and try to highlight what are the advantages that other platforms or services can have over AWS in very specific circumstances. First of all we clarify why we like AWS and why (and when) it’s worth sticking with it. Then, we discuss what are some of the reasons why it might be worth considering alternatives to AWS. At this point we go into the specifics and talk about authentication services (Auth0), search services (ElasticSearch, Algolia), CDN Services (GitHub Pages, Netlify, Vercel, CloudFlare, Fastly, Akamai), Databases (MongoDB Atlas, Digital Ocean managed databases, IBM Compose, CloudFlare D1, Upstash, Confluent Kafka), Headless CMS services (ContentFul, Storyful, AirTable, Google Spreadsheet), Virtual Machine services (Digital Ocean, Linode). In this episode, we mentioned the following resources: - Episode 3. "​​How do you deploy a static website on AWS?”: https://awsbites.com/3-how-do-you-deploy-a-static-website-on-aws/ - Auth0: https://auth0.com/ - Amazon OpenSearch: https://aws.amazon.com/opensearch-service/the-elk-stack/what-is-opensearch/ - Elastic Cloud: https://www.elastic.co/cloud/ - Algolia: https://www.algolia.com/ - Vercel: https://vercel.com/ - Netlify: https://www.netlify.com/ - MongoDB Atlas: https://www.mongodb.com/atlas/database - Digital Ocean managed database: https://try.digitalocean.com/managed-databases/ - Compose (now IBM Cloud Databases): https://www.compose.com/ - Upstash: https://upstash.com/ - Confluent: https://www.confluent.io/ - AirTable: https://airtable.com/ - Linode: https://www.linode.com/ This episode is also available on YouTube: https://www.youtube.com/AWSBites You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS: ​​https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige

We recently talked about migrating a monolithic application to AWS, using EC2, load balancers, S3 and RDS. In this episode we want to talk about a slightly different setup, where we are going for containers instead of EC2 and we want to deploy them in Fargate. In this We are going to cover all the components you will need in your architecture, the reasons to choose Fargate over any alternatives and discuss some CDK tricks to get started in a quick way (and the pitfalls that might come with them). In this episode, we mentioned the following resources: - CDK ECS Patterns: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs_patterns-readme.html - How to fine tune the health checks to speed up the deployment process: https://www.qovery.com/blog/how-to-speed-up-amazon-ecs-container-deployments - Previous Episode “37. How do you migrate a monolith to AWS without the drama?”: https://awsbites.com/37-how-do-you-migrate-a-monolith-to-aws-without-the-drama/ This episode is also available on YouTube: https://www.youtube.com/AWSBites You can listen to AWS Bites wherever you get your podcasts: - Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017 - Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q - Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw== - Breaker: https://www.breaker.audio/aws-bites - RSS: ​​https://anchor.fm/s/6a3312a0/podcast/rss Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on Twitter: - https://twitter.com/eoins - https://twitter.com/loige #aws #docker #fargate