AWS CloudFormation Custom Resource

AWS & cloud are the two words you will hear together in the area of cloud.

And one awesome thing which I interacted recently with was AWS custom resources for the AWS CloudFormation.

This story/ article is going to focus mainly on custom resource for the AWS CloudFormation & AWS Lambda Functions using the AWS CDK & Serverless framework respectively.

  1. Zeal to learn & explore 😄.
  2. Experience with NodeJS, Typescript, Serverless framework(some knowledge), AWS CDK(some little knowledge should be fine).
  3. Experience with AWS and some components like, AWS Cognito, AWS Lambda Functions, Dynamo DB, CloudFormation.
  4. And most important one AWS…


Integration with AWS Dynamo DB using typescript and mapper
Integration with AWS Dynamo DB using typescript and mapper

It is very painful to map the Dynamo DB data as per the parameters that is standardized by the AWS.

And that grows to be more complex when there is a scenario of complex structure of column data like a List, Object, etc.

Doing that with plain code is really hard and that way maintenance goes very hauntingly weird and the best part about AWS is that they do provide us a kind of library/ utility to overcome that.

And this article is going to cover most of the integration with Dynamo DB using typescript and mapper provided by AWSLabs…


Continuing from the previous article here to setup VM on the local for the Windows server 2019, we will continue with the instructions for the ADFS setup now

We need ssl connection end to end so that would require — ssl certs and we will use mkcert for that part

Part 1 — Setup the IIS server.

  1. Click on Add roles and features.

Requirement are as basic as the title of the page i.e. setting up the windows server for playing with Windows 2019 server with ADFS on the local system using the Hyper V.

  1. Open the Hyper V Manager. (Google for how to enable Hyper V etc. on your windows machine)
  2. On the right side click on the New & then Virtual Machine icon.

Introduction

Continuing from the previous blog only which is here. This one will cover the same thing only but for multiple AWS accounts. And it is better that you go through the previous article to co-relate the things.

Prerequisites

  1. You should have the real urge to do federation between an identity provider and AWS Multiple Accounts using SAML based setup.
  2. Have some knowledge of — AWS, AWS IAM, SAML, Access and Identity Management as general topic, Keycloak, etc.

Scope.

  1. Configuration setup of Identity Provider on the AWS side.
  2. Role management on the AWS IAM side.
  3. Configuration setup on the Keycloak side.
  4. And mapping…


This one is just a hobby docker image to view/ look out for the ec2 instance’s metadata using a UI/ html hosted inside/ via nginx docker image.

While managing the AWS ec2 instances checking the instance metadata via curl is very manual and very repetitive work. So to fetch the same using some UI would be very easy for most us.

So here I was with the same challenge of removing the unwanted repeated stuff via curls and commands.

Prerequisites

  1. AWS knowledge, AWS ec2 instance, etc. ❕
  2. Docker installed on ec2 instance (obviously) ❕
  3. ⚠️Be Aware of the fact that your…

Agenda

The main requirement is generating the Open API 3 specifications for the spring boot webflux based APIs and exposing the same using the swagger UI.

  • Spring boot, Java, and webflux knowledge.
  • Basic knowledge of the API specification.

The pom.xml for the dependencies is shared as a gist below, the most important parts are:-

We will use the springdoc for OpenAPI support of configuration, annotations etc..

Configuration. The gist is shared below —

Controller and Model class

URL for swagger ui is http://localhost:8080/swagger-ui.html and that should be rendering your OpenAPI documentation which will automatically get generated. …


Agenda

While going through the previous code at the article here people must have gone through the toughest scenario for loading mutual TLS authenticated JWKS(Json Web Key Store) URL.
It was little tricky at first but not impossible because of the so great framework Spring Boot is.

Technical Notes

  1. Your resource server internally has a auto configuration for loading the JWKS from the provided endpoint.
  2. That URL provided is provided using the property
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=<BASE>/.well-known/jwks.json

3. Internally that configuration loads a WebClient(Reactive in nature) and loads the JWKS for you

4. And this the main area we can lookout some option for

Solution to override the WebClient & JWTDecoder

  1. Construct the…


Continuing things from the previous article here, I felt what if the Authorization Server’s token URL endpoint is Mutual TLS protected, how to make that work?
The findings were little tricky but figured that out based on Spring Boot’s customization it supports.

Prerequisites(same as previous article only)

  1. Knowledge of Spring Boot, Java.
  2. Good understanding of the Oauth2 Concepts.
  3. Some understanding of the reactive programming
  4. JDK 11 installed(tried using JDK 11 only). Though JDK 8 should also work.
  5. Authorization Server setup is out of context.
  6. Resource server is out of context but can be referred from previous article here

There can be three scenarios

Scenario 1 — Only the resource server…


Spring 5.0, had introduced huge changes(major one was supporting reactive programming) and part of it was re-writing the Oauth2 Client to support the reactive paradigm.

And I would love to share knowledge around the same. In this article I will focus on the Oauth2 Client part only.

  1. Knowledge of Spring Boot, Java.
  2. Good understanding of the Oauth2 Concepts.
  3. Some understanding of the reactive programming
  4. JDK 11 installed(tried using JDK 11 only). Though JDK 8 should also work.
  5. Authorization Server setup is out of context.
  6. Resource server is out of context but can be referred from previous article here
  • It will…

Karanbir Singh

API developer + Web Application developer + Devops Engineer = Full Stack Developer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store