2024-04-16 00:00
(Read this article on the blog)Thinking about encryption
When talking about a software architecture I often get this question: "Is it encrypted?". A "No" is the bad answer as everybody assum… Read More
Blog Directory > Software Blogs > Programming Blogs > Blog - Advanced Web Machinery programming Blog >
Blog - Advanced Web Machinery Blog
advancedweb.hu
Written by two tech-savvy software developers, you can find our recent challenges and interests in this blog.
2024-04-02 00:00
(Read this article on the blog)Working with DynamoDB
DynamoDB is a key-value store which means that every item needs a unique key and operations are per item. Because of this, what operation… Read More
2024-03-19 00:00
(Read this article on the blog)Migrate to Nix
The premise of Nix shell is that it makes available a fixed version of tools. This solves a common problem: how to make sure that all developers… Read More
2024-03-05 00:00
(Read this article on the blog)Unhandled rejections
In one of my projects I'm building a cache that works across workers. With that library, I can turn any function
into a cached one where t… Read More
2024-02-20 00:00
(Read this article on the blog)postMessage calls
Worker communication uses postMessage calls, and values passed to it will be cloned using the structured clone
algorithm. This makes it easy… Read More
2024-02-06 00:00
(Read this article on the blog)Why workers
JavaScript has a single thread model, which means that whatever code you write will be run by only one CPU core. It is nicely encapsulated in this… Read More
2024-01-23 00:00
(Read this article on the blog)Publishing a library
Back then when I wanted to write and publish a JavaScript library, all I had to do is to create a new GitHub project, write a package.json… Read More
2024-01-09 00:00
(Read this article on the blog)
Signed URLs
Signed URLs is a mechanism to securely give access to protected content. It works by the backend generating a signature that the clients then can… Read More
2023-12-26 00:00
(Read this article on the blog)
Resource creation failures
In the previous article we looked into a case where a resource was created implicitly, preventing the CDK from
creating it. In tha… Read More
2023-12-12 00:00
(Read this article on the blog)
Logging for services
Some resources in AWS are helpfully created when needed. The prime example for this is CloudWatch Log Groups: when the service, for exam… Read More
2023-11-28 00:00
(Read this article on the blog)
Content distribution
URL signing is a way to provide controlled access to protected content. The backend contains custom code that decides whether a user can… Read More
2023-11-14 00:00
(Read this article on the blog)
When working with DynamoDB I found that one of the main challenges is how to maintain consistency when multiple processes are accessing the database. I wrote… Read More
2023-10-31 00:00
(Read this article on the blog)
IAM identities
Generally, it’s a bad idea to use IAM users in cases when roles are also an option. This is because roles provide a secret-less way for… Read More
2023-10-17 00:00
(Read this article on the blog)
Environment information
Sometimes I need to make a small static file available via a web URL. For example, to communicate pieces of information about the env… Read More
2023-10-03 00:00
(Read this article on the blog)
CloudFront signed URLs
CloudFront signed URLs rely on a private key to calculate a signature that is added to the URL. This makes them secure: only the backe… Read More
2023-09-22 00:00
(Read this article on the blog)
Last updated on 2023/09/22 to include changes up to JDK 21.
This article is also available in Chinese by Alex Tan.
Since the release of version 8, up to ver… Read More
2023-09-22 00:00
(Read this article on the blog)
Last updated on 2023/09/22 to include changes up to JDK 21.
This article is also available in Chinese by Alex Tan.
When Java 8 introduced Streams and Lambda… Read More
2023-09-19 00:00
(Read this article on the blog)
Overview
CloudFront signed URLs allow access to a path under a distribution. The backend has access to the private part of a key pair and its public counterp… Read More
2023-09-05 00:00
(Read this article on the blog)
Origin paths
CloudFront routing is based on path patterns. There are ordered cache behaviors that define a pattern that CloudFront will try to match with the… Read More
2023-08-26 00:00
(Read this article on the blog)
I’m happy to announce the first publicly available version of my next book! While there are a lot of topics
that are work-in-progress, I feel that it is… Read More
2023-08-22 00:00
(Read this article on the blog)
Lambda response type
Lambda recently added support for streaming responses that lets functions send data to clients while they are still running. Originally… Read More
2023-08-08 00:00
(Read this article on the blog)
CloudFront URL signing
CloudFront URL signing relies on a public/private key pair where the public part is added to the CloudFront distribution as a trusted… Read More
2023-07-26 00:00
(Read this article on the blog)
Handling secrets in the cloud
The recommended way to handle secrets in AWS is to put them either into SSM Parameter Store or into Secrets Manager. Then whate… Read More
2023-07-11 00:00
(Read this article on the blog)
Webapp hosting in AWS
A common setup is to host static files for a web application in an S3 bucket and then add CloudFront for HTTPS and custom domain suppor… Read More
2023-06-28 00:00
(Read this article on the blog)
Environment informations on the frontend
A common challenge with applications with a backend-frontend separation (which is most apps out there) is how to com… Read More
2023-06-13 00:00
(Read this article on the blog)
Building on AWS IoT Core
In the course of this article we’ll build a stack on AWS IoT Core that implements a simple echo functionality. Whenever a devi… Read More
2023-06-03 00:00
(Read this article on the blog)
I’m happy to announce that the book has now reached 1.0!
This means it is content complete and contains everything I wanted to include in it. It does n… Read More
2023-05-30 00:00
(Read this article on the blog)
Device lifecycle events
Connected devices can push data to AWS IoT Core via MQTT. Then the backend can react to these messages via topic rules. This forms th… Read More
2023-05-18 00:00
(Read this article on the blog)
PureScript is a statically typed general-purpose programming language inspired by Haskell, compiled into JavaScript. The vision of the language is to make fro… Read More
2023-05-02 00:00
(Read this article on the blog)
Files with AppSync
AppSync, as all serverless solutions, builds on the “small and quick” response model. This means the response size and the tim… Read More
2023-04-18 00:00
(Read this article on the blog)
Certificates in IoT Core
AWS IoT Core requires TLS mutual authentication and that relies on certificates. This means that even the simple use-case of connect… Read More
2023-04-04 00:00
(Read this article on the blog)
File uploads to a serverless API
Uploading files directly to a serverless API only works for small sizes. This is because these APIs enforce the “small… Read More
2023-03-21 00:00
(Read this article on the blog)
Paginating responses
Pagination is necessary almost every time when an endpoint returns a list of items. While there are exceptions to this, for example when… Read More
2023-03-07 00:00
(Read this article on the blog)
AppSync Javascript resolver runtime
The new Javascript runtime is an alternative to the original VTL for writing resolvers. It is a new addition to the the p… Read More
2023-02-21 00:00
(Read this article on the blog)
MQTT messages on the backend
IoT topic rules provide an event-driven mechanism for the cloud to react to incoming MQTT messages. When a device connects to th… Read More
2023-02-07 00:00
(Read this article on the blog)
Generating IoT certificates
A certificate in IoT Core is a resource on the cloud-side that identifies the connected device. This has to be added in advance a… Read More
2023-01-24 00:00
(Read this article on the blog)
Policies in IoT Core
In AWS IoT Core, a device connects using a certificate with a policy attached and that defines what operations the device can do. Since… Read More
2023-01-10 00:00
(Read this article on the blog)
MQTT client application
In the previous article we discussed the backend side for the resources we need to configure on AWS IoT Core to allow a
device to con… Read More
2022-12-27 00:00
(Read this article on the blog)
In the previous article we discussed the basic building blocks of AWS IoT Core that you need to use to connect a device
via MQTT. Now we’ll look into ho… Read More
2022-12-20 00:00
(Read this article on the blog)
IoT Core is the service to use when you want to connect devices, usually something physical and small, to the cloud. The platform provides a lot of
functional… Read More
2022-12-15 00:00
(Read this article on the blog)
SNS is a pub-sub service that can fan-out notifications in AWS. Many services can publish messages to it, and you can add implement logic in your own
applicat… Read More
2022-12-06 00:00
(Read this article on the blog)
TOTP (short for Time-Based One-Time-Password) is the most used MFA solution. It’s when you need to enter 6 digits generated by your phone during a login… Read More
2022-11-29 00:00
(Read this article on the blog)
Bundled SDK
The NodeJs 18 Lamba runtime comes with the usual updates to the language and the standard library. But this time, it also brings one huge improve… Read More
2022-11-22 00:00
(Read this article on the blog)
Arguments-based subscription filtering
Originally, AppSync only supported arguments-based filtering for subscriptions. There, the arguments the clients send… Read More
2022-11-15 00:00
(Read this article on the blog)
Sensitive inputs
While IAM Roles provide a great way to remove secrets from the architecture, there are still many cases when they needed. For example, the a… Read More
2022-11-08 00:00
(Read this article on the blog)
Abstract types in GraphQL
GraphQL supports abstract types where a field references a type that can be one of multiple concrete types when the resolver return… Read More
2022-11-01 00:00
(Read this article on the blog)
VTL with JSON
AppSync resolvers use VTL, a general-purpose templating language. During the transformation it gets a template file and a context variable then… Read More
2022-10-25 00:00
(Read this article on the blog)
Generating HTTPS certificates
Many times I need to generate an HTTPS certificate for a development server. For example, I can use the https module to start a… Read More
2022-10-18 00:00
(Read this article on the blog)
Caller identity
AppSync supports different authorization methods and it makes the user information available for the resolvers. This is the $ctx.identity obj… Read More
2022-10-11 00:00
(Read this article on the blog)
Calling mutations from AppSync
If you use a notify mutation to trigger a subscription you often need to call a mutation from some part of the AppSync API. Th… Read More
2022-10-04 00:00
(Read this article on the blog)
JWT
JWTs (JSON Web Token) are tokens that one component can generate, sign, and optionally encrypt and pass to other components. The standard defines a broad… Read More
2022-09-27 00:00
(Read this article on the blog)
Protecting S3 buckets
AWS recently announced the new Origin Access Control (OAC)
feature for CloudFront. This is a successor of the Origin Acccess Identity (… Read More
2022-09-20 00:00
(Read this article on the blog)
IoT Core shadows
Devices connect to AWS IoT Core via MQTT and use the protocol to publish and subscribe to topics. For example, a thermometer can report the… Read More
2022-09-13 00:00
(Read this article on the blog)
Lucene is a Java library for indexing and searching that you can embed into your Java application to build a Search Engine. Also, you can find many popular to… Read More
2022-09-06 00:00
(Read this article on the blog)
Storing secrets in AWS
For IAM credentials, AWS provides a secret-less way to retrieve and use keys. This is how Lambda functions and EC2 instances automagic… Read More
2022-08-30 00:00
(Read this article on the blog)
With the HTTP data source AppSync can interact directly with HTTP-based APIs. All (or all I know of) AWS services provide HTTP APIs exposing all possible
oper… Read More
2022-08-23 00:00
(Read this article on the blog)
DynamoDB is all about access patterns. Since it is a NoSQL database, it does not support arbitrary queries that extract just the necessary data. DynamoDB&rsqu&hell…Read More
2022-08-16 00:00
(Read this article on the blog)
Private API endpoints
With AppSync’s HTTP data source it’s possible to call HTTP endpoints directly from a resolver without adding a Lambda funct… Read More
2022-08-09 00:00
(Read this article on the blog)
Calling protected APIs
The AppSync HTTP data source can invoke any HTTP-based API. Since many services offer such APIs, this opens a lot of integration possi… Read More
2022-08-02 00:00
(Read this article on the blog)
HTTP data source
The HTTP data source provides a way to send an HTTP request directly from AppSync. This is a versatile approach as most things on the Web of… Read More
2022-07-26 00:00
(Read this article on the blog)
SQL-based resolvers in AppSync
RDS is the relational database managed by AWS, boasting a ton of features such as multi-AZ deployment, automatic failover, bac… Read More
2022-07-19 00:00
(Read this article on the blog)
Filter expressions
DynamoDB provides support for filter expressions that you can use with operations that return a list of items. As a starting point, this q… Read More
2022-07-12 00:00
(Read this article on the blog)
DynamoDB uses token-based pagination. This means when a query or a scan operation potentially return more results then the result contains a
LastEvaluatedKey… Read More
2022-07-05 00:00
(Read this article on the blog)
Resolving fields in GraphQL
In GraphQL, resolvers can be added for any fields. These can be top-level, such as Queries and Mutations, a type defined in the s… Read More
2022-06-29 00:00
(Read this article on the blog)
Initialize an RDS cluster
When you create an RDS database it does not contain tables and data. In a production environment this is the expected behavior: the… Read More
2022-06-22 00:00
(Read this article on the blog)
Sensitive data in the state
The Terraform state file usually does not contain sensitive data. When you create a Lambda function, it will contain its configur… Read More
2022-06-15 00:00
(Read this article on the blog)
AppSync follows most other AWS services in terms of how it gets permissions to use resources in an account. By default, it can not access anything and you nee… Read More
2022-06-07 00:00
(Read this article on the blog)
Database passwords in the state file
When you create an RDS cluster you need to define a username and a master password. This is not a problem when a trusted… Read More
2022-06-03 00:00
(Read this article on the blog)
Syncthing monitoring
Syncthing is an awesome way to keep files synchronized between devices. It is designed to run in the background, so you configure it onc… Read More
2022-05-24 00:00
(Read this article on the blog)
Custom domain with AppSync
By default, AppSync creates a domain at https://.appsync-api..amazonaws.com/graphql. This is good if the API endpoint is an
&ldquo&hell…Read More
2022-05-17 00:00
(Read this article on the blog)
Input values
I use a dotfiles folder that sets up my development environment with all the tools and config I need for my work. One thing it does is it sets u… Read More
2022-05-10 00:00
(Read this article on the blog)
Hashing passwords
Hashing is an algorithm that gets a text (or other data) and returns a different, often long and random-looking, text. It’s usually a… Read More
2022-05-03 00:00
(Read this article on the blog)
Scheduling tasks in Linux
I have a Linux system and I wanted a monitoring script to run periodically. Easy, right? Just use Cron. Well, after a bit of search… Read More
2022-04-26 00:00
(Read this article on the blog)
Last updated on 2022/04/26 to include changes up to JDK 18.
This article is also available in Chinese by Alex Tan.
When Java 8 introduced Streams and Lambda… Read More
2022-04-26 00:00
(Read this article on the blog)
Last updated on 2022/04/26 to include changes up to JDK 18.
This article is also available in Chinese by Alex Tan.
Since the release of version 8, up to ver… Read More
2022-04-19 00:00
(Read this article on the blog)
Telegram chatbots
I started experimenting with Telegram chatbots only recently, and I’m amazed by how versatile they can be. With commands, a webhook… Read More
2022-04-12 00:00
(Read this article on the blog)
AppSync rate limiting
Rate limiting is an effective mitigation strategy for some types of attacks. For example, when a single source does an enumeration atta… Read More
2022-04-05 00:00
(Read this article on the blog)
Authorization in AppSync
AppSync supports several ways for authorization, such as Cognito, AWS IAM, API key, and a custom Lambda
function. The last one allow… Read More
2022-03-29 00:00
(Read this article on the blog)
Access control for Telegram bots
In the previous article we built a Telegram bot that forwarded messages to chats sent to an SNS topic. We looked into
how to… Read More
2022-03-22 00:00
(Read this article on the blog)
OpenID Connect with AppSync
AppSync supports multiple types of authorization providers, and one of them is OpenID Connect. It is an open standard and many us… Read More
2022-03-15 00:00
(Read this article on the blog)
NPM dependencies in Lambda
You can define Lambda code inline in an archive_file data source, but that works only for simple functions without any dependencie… Read More
2022-03-09 00:00
(Read this article on the blog)
AppSync subscriptions allow you to push events to clients in real-time when a change happened. This is great for applications that show data that can change
w… Read More
2022-03-01 00:00
(Read this article on the blog)
Event-driven Telegram bot
In the previous article we looked into how to get started with Telegram bot development. The bot that we implemented
there was reac… Read More
2022-02-22 00:00
(Read this article on the blog)
AppSheet is a no-code platform on Google Cloud to create desktop and mobile apps that are based on Google Sheets or other data sources.
It can be good for ra… Read More
2022-02-15 00:00
(Read this article on the blog)
AppSync provides two ways to signal an error: $util.error and $util.appendError. They behave differently and they allow different use-cases.
In this article… Read More
2022-02-08 00:00
(Read this article on the blog)
Telegram bots
Telegram, one of the biggest messenger platform, offers a Bot API that allows third-party automation. Users can start chatting with bots and th… Read More
2022-02-01 00:00
(Read this article on the blog)
Modules in Lambda
The Node14 Lambda runtime recently got support to ES6
modules and top-level await. Using them, the handler can support more modern structur… Read More
2022-01-25 00:00
(Read this article on the blog)
Delaying
Lambda is event-driven, meaning it starts running when an event triggers it. Because of this, it does not support delaying that event and start proc… Read More
2022-01-18 00:00
(Read this article on the blog)
The basic purpose of a GraphQL API is the same as any other API: provide an interface where clients can get and change data. As most real-world APIs are used… Read More
2022-01-11 00:00
(Read this article on the blog)
Timing events
Serverless architectures are event-driven, things start processing when there is something that triggers them. This makes it great to react to… Read More
2022-01-04 00:00
(Read this article on the blog)
Access control in AppSync
AWS AppSync provides a managed GraphQL API that you can use to implement backend functionality for users. AppSync integrates with C… Read More
2021-12-28 00:00
(Read this article on the blog)
Cognito with AppSync
When you have an AppSync API that you want users to access, you need to add authentication. Cognito User Pools is the AWS-native solutio… Read More
2021-12-21 00:00
(Read this article on the blog)
The previous posts were about Elastic Stack and its integration possibilities with
Logstash. This post is about how to fine-tune the processing of the log ent… Read More
2021-12-14 00:00
(Read this article on the blog)
GraphQL resolvers define how AppSync (or any other GraphQL server) produces the response for a field. It needs a data source that allows interfacing with
othe… Read More
2021-12-07 00:00
(Read this article on the blog)
AppSync natively supports reading and writing data from/to DynamoDB tables. This is done through the DynamoDB data source that defines the data structure for… Read More
2021-11-30 00:00
(Read this article on the blog)
Lambda with AppSync
A resolver defines how a GraphQL field gets its value, such as what database query should AppSync run when a query needs that field, or w… Read More
2021-11-23 00:00
(Read this article on the blog)
Resolvers define how to provide the data for a GraphQL field. They provide the implementation behind the schema and as such they are important to get right… Read More
2021-11-16 00:00
(Read this article on the blog)
Transactions in DynamoDB
DynamoDB supports transactions with full ACID (Atomicity, Consistency, Isolation, Durability) properties. ACID is the gold standard… Read More
2021-11-09 00:00
(Read this article on the blog)
Resolvers in GraphQL
Resolvers provide the implementation for how AppSync processes queries and mutations. They connect the GraphQL schema, the abstract defi… Read More
2021-11-02 00:00
(Read this article on the blog)
What are foreign keys
A foreign key is a property in a table that references items in another table. That’s why they are called “foreign”:… Read More
Subscribe to Blog - Advanced Web Machinery
Get updates delivered right to your inbox!