Serverless on Mysterious Code - Senior AWS, DevOps & security engineeringhttps://mysteriouscode.com/blog/category/serverless/Recent content in Serverless on Mysterious Code - Senior AWS, DevOps & security engineeringHugoen-gbTue, 18 Jul 2017 09:42:49 +0000Enabling global API Gateway stage logging using CloudFormationhttps://mysteriouscode.com/blog/enabling-global-api-gateway-stage-logging-using-cloudformation/Tue, 18 Jul 2017 09:42:49 +0000https://mysteriouscode.com/blog/enabling-global-api-gateway-stage-logging-using-cloudformation/<p>Enabling logging in API Gateway for your stage is fairly easy. You go into the Console, setup a role for API Gateway to use for logging, find the stage and enable logs. It will enable logging for all methods within that stage. Doing the same configuration using CloudFormation is not completely obvious though, as the <a href="http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html">stage object&rsquo;s</a> <code>MethodSettings</code> property seems to allow you to only do that for a specific resource and method.</p>Intrusion detection and prevention with AWS Lambda and DynamoDB streamshttps://mysteriouscode.com/blog/intrusion-detection-and-prevention-with-aws-lambda-and-dynamodb-streams/Wed, 05 Apr 2017 10:00:07 +0000https://mysteriouscode.com/blog/intrusion-detection-and-prevention-with-aws-lambda-and-dynamodb-streams/<p>Intrusion detection system (IDS) and intrusion prevention system (IPS) tend to be expensive and complicated. In AWS, you can go for much simpler solution - WAF. But that requires you to use Application Load Balancer or CloudFront. But even with WAF, you have to manage a list IP addresses of attackers that should be blocked. Or, if you only ever need to block single IPs for short periods of time, NACLs may be a much easier option! Here&rsquo;s a walkthrough on how you can implement a terribly simple (yet very powerful) intrusion detection and prevention in AWS with Lambda and DynamoDB Streams for a web application.</p>Deploying API Gateway and Lambda with CloudFormationhttps://mysteriouscode.com/blog/deploying-apigateway-and-lambda-with-cloudformation/Mon, 21 Nov 2016 10:00:32 +0000https://mysteriouscode.com/blog/deploying-apigateway-and-lambda-with-cloudformation/<p>Combination of AWS API Gateway and Lambda functions is a flag example of every &ldquo;serverless infrastructure&rdquo;. When deploying API Gateway with CloudFormation there are two different ways you can define your API: via Swagger template or by directly defining your methods in CloudFormation template.</p>What's broken when deploying Lambda and API Gateway via CloudFormationhttps://mysteriouscode.com/blog/whats-broken-when-deploying-lambda-and-api-gateway-via-cloudformation/Mon, 14 Nov 2016 19:22:45 +0000https://mysteriouscode.com/blog/whats-broken-when-deploying-lambda-and-api-gateway-via-cloudformation/<p>AWS Lambda and API Gateway are becoming synonymous with &ldquo;serverless infrastructure&rdquo; and getting more and more popular. To deploy them in repeatable way, one of the tools I recommend is CloudFormation. There are many ways you can define your API and your Lambda, but when connecting the two with CloudFormation there&rsquo;s usually something that many people miss, and only notice when <code>{&quot;message&quot;: &quot;Internal server error&quot;}</code> is thrown from their API Gateway endpoint.</p>