LIST

AWS Cognito - user pool vs identity pool

User pools stores user data basic authentication - JWT tokens -> authenticated - yes or no Identity pools fine grained access control - user assumes an identity can directly call AWS SDK commands User Pools (1) Get Auth Token User -> Cognito username password <- response– session object JWT token … (2) Get data User –> Secured API JWT token <-response– data Identity Pools (1) Get Auth Token User -> Cognito...

September 15, 2022

AWS & Typescript Masterclass - 7. Securing APIs with AWS Cognito

44-53 (44) Section intro cognito user pools JWT tokens groups (45) AWS Cognito AWS Cognito - user pool vs identity pool (46) Cognito in AWS console create user pool create app integration create app client command line force set password for user for dev aws cognito-idp admin-set-user-password --user-pool-id ${USER_POOL_ID} --username ${TEST_USER_NAME} --password "${TEST_USER_PASSWORD}" --permanent or with 1password cli op run -- bash -c 'aws cognito-idp admin-set-user-password --user-pool-id ${USER_POOL_ID} --username ${TEST_USER_NAME} --password "${TEST_USER_PASSWORD}" --permanent' (47) Generating JWT tokens with AWS Amplify (for dev within the playground)...

September 14, 2022

AWS & Typescript Masterclass - 8. AWS Cognito Identity pools

54-61 (54) Section intro AWS Cognito - user pool vs identity pool (55) AWS Cognito Identity pools in the console Authenticated role selection A) use default role authenticated unauthenticated B) choose role with rules ??? C) choose role from token (-> this app) user -> group -> role (56) Getting AWS temporary credentials // skipped (57-59) Identity pools in CDK link to userPoolGroup via roleArn new CfnUserPoolGroup(this.scope, 'admins', { groupName: 'admins', userPoolId: this....

September 14, 2022

AWS & Typescript Masterclass - 14. Typescript recap

100-123 (103) Types inferred type var a = 'hello' // inferred string explicit type var a:string = 'hello' // explicit string var arr: string[] = [] arr.push('hello') // ok arr.push(123) // nok ANY - last resort var a:any = 'hello' a = 3; //ok a = true //ok (104) User defined types objects have types functions have types interface interface Person { firstName: string, lastName: string, } type type job = string type specificJob = 'Engineer' | 'Programmer' combining types > found in AWS sdk...

September 12, 2022

AWS & Typescript Masterclass - 6. AWS DynamoDb with CDK and Lambda

32-43 (32) section intro (33) put item npm i @types/aws-lambda (34) getting data from ApiGateway const item = typeof event.body == 'object' ? event.body : JSON.parse(event.body) >? why this check for parsing? is this testing only, or is this random in prod? (35-36) DynamoDB + lambda // create table const table = new Table(this.stack, this.props.tableName, { partitionKey: { name: this.props.primaryKey, type: AttributeType.STRING, }, tableName: this.props.tableName }) // create lambda const id = `${this....

September 12, 2022

CDK commands

cdk commands cdk init app --language typescript cdk synth # create cloudformation files cdk bootstrap # create stack in cloudformation cdk deploy # synth + deploy cdk deploy [<stack-name>] cdk deploy --all cdk list cdk diff # cf terraform plan cdk destroy <stack-name> # cf terraform down https://docs.aws.amazon.com/cdk/api/v2/docs/aws-construct-library.html

September 12, 2022

AWS & Typescript Masterclass - 2. CDK & CloudFormation

(6) intro (7) CDK (8) CloudFormation (9) install CDK (10) base project deployment (11) project exploration (12) CDK types and commands (13) CDK Outputs (cf terraform output) (14) CDK Deployment Parameters (15) CDK core - recap (6) intro (7) CDK abstraction of aws resources reusable components use AWS CDK to: create and deploy AWS resources configure those resources link together resources into constructs uses JSII (javascript interop interface) (8) CloudFormation...

September 9, 2022

AWS & Typescript Masterclass - 3. Serverless project

API gateway Lambda DynamoDb Cognito https://github.com/barosanuemailtest/space-finder-backend.git https://github.com/barosanuemailtest/space-finder-frontend.git git init npm init -y npm i -D aws-cdk aws-cdk-lib constructs ts-node typescript mkdir infra touch infra/Launcher.ts touch infra/SpaceStack.ts # echo '{"app":"npx infra/Launcher.ts"}' > cdk.json echo '{"app": "npx ts-node --prefer-ts-exts infra/Launcher.ts"}' > cdk.json cdk synth # error related to tsconfig target npx tsc --init # change tsconfig.json "target": "es2016", -> "target": "ES2018", # copy tsconfig.json from generated project infra/Launcher.ts import {App} from "aws-cdk-lib"; import {SpaceStack} from "....

September 9, 2022

AWS & Typescript Masterclass - 4. Lambda - bundling, testing and debugging

(23) Section Intro (24) Why Bundling? (25) Bundling with CDK Node Lambda (26)Webpack intro (27)Webpack setup (23) Section Intro (24) Why Bundling? options deploy all node_modules NOPE Node Lambda - with esbuild (integrated with CDK) YES webpack (hard to configure) NOPE why? growing list of dependencies typescript needs compilation to node_js (25) Bundling with CDK Node Lambda integrated with CDK uses esbuild npm install --save-dev esbuild@0 example dependency npm i uuid @types/uuid services/node-lambda/hello....

September 9, 2022

AWS & Typescript Masterclass - 5. Testing and debugging Lambdas

(28) section intro (29) CloudWatch logs (30) using AWS SDK (30) using AWS SDK npm i aws-sdk services/node-lambda/hello.ts import {S3} from "aws-sdk"; const s3Client = new S3() ... const buckets = await s3Client.listBuckets().promise(); ... body: 'here are your buckets' + JSON.stringify(buckets.Buckets) infra/SpaceStack.ts const s3PolicyStatement = new PolicyStatement(); s3PolicyStatement.addActions('s3:ListAllMyBuckets'); s3PolicyStatement.addResources('*'); // anti-pattern ; use specific! helloLambdaNodeJs.addToRolePolicy(s3PolicyStatement); (31) run lambda locally in debug mode run config (in VSCode) { "version": "0.2.0", "configurations":[ { "type": "node" "request": "launch" "name":"Debug local file", "runtimeArgs":["-r", "ts-node/register"] "args":"${relativeFile}" "env":{"AWS_REGION":"eu-west-2"} } ] } (you can add AWS credentials to env if you’re not logged in locally)...

September 9, 2022