Today we’ll look at handling application settings in build and deployment pipelines.

An application normally has several settings that are stored outside of main application codebase. Database Connection strings, external SaaS API Keys, credentials are examples of settings and other environment specific settings will be stored in appsettings.json for a DotNetCore app, web.xml for a Java app, or settings.yml for Ruby.

If you have hardcoded connection strings or parameters inside your application, it is highly recommended to extract these out to a file so that you can easily update these without having to store sensitive information inside the source code and stored as part of your version control repository.

AWS SSM Parameter Store (AWS Systems Manager Parameter Store) is a service and it’s importance should not be underestimated. It provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, and license codes as parameter values.

[Read more…]

Amazon CloudFront is a Global Content Distribution Network. Essentially, this is a global caching system that delivers your website and app content really fast and low latency to your end users.

This is one of my favourite AWS services because you can increase the responsiveness, resiliency and scalability with minimal effort or cost – without even re-configuring your web servers!

Today, I’ll show you how to leverage some of the advanced protection functionality that is available within CloudFront.

[Read more…]

AWS Cognito is a fantastic product that handles everything to do with your app’s users, so you don’t have to. You don’t have to think about authentication, user profiles, user management, or ensuring that passwords are handled properly. AWS Cognito also handles federation with other systems.

I was asked a question recently;

I’ve used the Serverless framework to create a small app to support internal business functions. It’s a private application and we’re using AWS Cognito to secure it, but we need to use our Office365 logins. Is it possible to set this up?

In this post, we look at implementing AWS Cognito with federation against Office365. I’m assuming that you are already using API Gateway, AWS Lambda and AWS Cognito to provide login functionality. It’s not immediately obvious to federate Cognito with Office365, so I thought it would be good to put together a short tutorial.

Let’s get started!

[Read more…]

It’s been an exciting time with a whole stack of new features coming out of the 2017 Amazon re:Invent conference. Today I thought I’d focus on one of the newly released Machine Learning services, which really excites me – Amazon Comprehend.  It’s a powerful tool to help facilitate your decisions and understanding.

The AWS Website describes it like this:

Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to find insights and relationships in text. Amazon Comprehend identifies the language of the text; extracts key phrases, places, people, brands, or events; understands how positive or negative the text is; and automatically organizes a collection of text files by topic.

Essentially what it means is that you can feed Amazon Comprehend qualitative data for processing. For example, Online Store reviews, Customer Surveys, to perform an analysis and understanding at scale!

[Read more…]

Organisations constantly produce information and data at a rate like never before. This data can unlock secrets in your business which in turn can help you make intelligent decisions.

But how?

Previously, it’s been very difficult because of the availability of compute and storage constraints. Big Data is a large volume of structured and unstructured data that can be analysed for insights. We use an analogy to help describe Big Data and the process of data gathering to clients.

We call it the ‘Data Spider’.

[Read more…]