tag: Cloudformation

The AWS Cognito product enables developers to build web or API based applications without worrying about authentication and authorisation. When setting up an applications authentication I try to keep in mind a few goals: Keep my users data as safe as possible. Try and find something which is standards based, or supports integrating with standard protocols such as openid, oauth2 and SAML. Evaluate the authentication flows I need and avoid increasing scope and risk. Try to use a service to start with, or secondarily, an opensource project with a good security process and a healthy community. Limit any custom development to extensions, rather than throwing out the baby with the bath water. As you can probably tell, my primary goal is to keep authentication out of my applications, I really don’t have the time or inclination to manage a handcrafted authentication solution. ...

Early this year amazon web services released the Cloud Development Kit (CDK) which is best summed up by a quote from the GitHub project. The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Before I go recommending this new project to anyone I most certainly need to road test it myself. This post provides a bit of background on where I work, and why I am looking into CDK, and what I love to see in the future. ...