Posts

How to Reduce Cost of SAM Artifact Storage using S3 & CloudFormation

Image
One subtle thing that you do when working AWS SAM is that you upload the Lambda deployment packages (artifacts) to a staging bucket where Lambda service retrieve these packages. After the artifacts were retrieved by AWS Lambda from s3, those packages often stay in the staging bucket and may build up over time especially for large projects with tons of Lambda functions. This often lead to a slow and steady increase in S3 bills over time. In this article, we will explored what are the common ways on to reduce the cost generated by SAM deployment artifacts over time. Option 1: Add a 1-day Expiry Rule for Dev Environment Artifacts Deployment artifacts for development environments are basically non-valuable to an organization, it doesn't allow developers to extract useful debugging information out of them except from cases where you really need to inspect the packages. To help your organization reduce cost, you can configure your development artifact storage for S3 bucket to im…

Serverless Ninja: Reporting Errors via ChatOps using AWS Lambda & NodeJS

Image
This article explains how to inject an error reporting module using ChatOps and how it helps organizations react faster to issues arising from applications that were running inside AWS Lambda Functions. In this demo, I will be using NodeJS and will utilise Slack to deliver alarms to important stakeholders: Application DevelopersSoftware ManagersSoftware TestersSecurity Response TeamWhoever needs to be awake when something is brokenBenefits Before we start coding, I think that its necessary to understand the good things that ChatOps bring to the table so that we can explain to our software development teams the importance of the effort we are putting in building this alarm mechanisms. Early Detection of Software IssuesHey, catching bugs in development environment is the best thing a developer could be aiming for when making mistakes in the code. This allows you to peacefully google the application error and find the right way to fix it. Rapid Response to Production IssuesRaising alarm…

Serverless Ninja: Serverless = Efficiency

Image
This article aims to explain how organizations and individuals can benefit from the efficiency that serverless architectures offer. It contains the top 4 cost centers where serverless can help in eliminating cost. Elimination of Server Management Cost Serverless architectures do not require developers neither organizations to manage underlying infrastructure. On the other hand, AWS handles the server management activities on our behalf so that we can focus on writing our application's features and capabilities. Since serverless-based systems do not require organizations to manage servers. Organizations achieve cost-efficiency in spending money involved in the following activities: Managing Cluster ScalabilityImplementing Risk MitigationImplementing Disaster Recovery StrategyPatching Security VulnerabilitiesInstalling Operating System UpdatesHiring Server Management StaffReduced Security Risk & Cost One cool side-effect of letting AWS manage the underlying infrastructur…

Why do you need an API Gateway

Image
The microservice architecture have encouraged the splitting of large scale applications into smaller services that are good at performing single task to take advantage of the following benefits: Independent service deploymentsFaster release cyclesEasier maintenanceGranular scalability However, this microservices don't come without its own set of problems. Splitting of services meant that APIs needed to be grouped into smaller sets (Bounded contexts) and this offloaded problems to client-side and API applications. Client-side Issues Leaking domain knowledge Since client-side applications now have to deal with multiple APIs, this means that domain knowledge is now scattered across consumers thus, making them harder to maintain. Multiple attack points The number of APIs exposed publicly is relative to the increase of potential attack points of an application. Requires to purchase multiple domain names and SSLs In order to expose multiple groups of APIs publicly, owne…

Containerizing API Gateways using Alpine Base Image

Image
In the previous article, we've learned how to containerize an API Gateway built using ASP.net Core and Ocelot. Today, we'll explore the cool things that Alpine Linux images bring when containerizing microservices and API gateways. Articles in the Series This article belongs to a series of articles that explains the importance of API gateways and how to build them using ASP.net Core. If you're interested to learn more about API gateways, it might be a good idea to spend some time reading the articles listed below. Part 1: API Gateway in a Nutshell.Part 2: Building Simple API Gateways with Ocelot.Part 3: API Response Aggregation using OcelotPart 4: API Defense using Rate Limiting and Ocelot.Part 5: Containerizing API Gateways Part 6: Containerizing API Gateways using Alpine Base ImageAbstract In the previous article, we've identified several areas of improvement from the approach we've used for containerizing our API…

Containerizing ASP.net core API Gateways

Image
In the previous article, we've learned how to utilize rate limiting for establishing a basic defense mechanism against DDOS attacks. In this article, we will explore how to containerize ASP.net core web APIs and the value that it adds when working with API gateways. Articles in the Series This article belongs to a series of articles that explains the importance of API gateways and how to build them using ASP.net Core. If you're interested to learn more about API gateways, it might be a good idea to spend some time reading the articles listed below. Part 1: API Gateway in a Nutshell.Part 2: Building Simple API Gateways with Ocelot.Part 3: API Response Aggregation using OcelotPart 4: API Defense using Rate Limiting and Ocelot.Part 5: Containerizing API GatewaysPart 6: Containerizing API Gateways using Alpine Base ImageAbstract Building huge software platforms using microservi…

Defending Microservices using Rate Limiting and API gateways.

Image
In the previous article, we've learned about API response aggregation and how it reduces the rate of communication between client-side components and API gateways. In this article, we will learn how to defend API gateways from DOS-based attacks using rate limiting. Articles in the Series This article belongs to a series of articles that explains the importance of API gateways and how to build them using ASP.net Core. If you're interested to learn more about API gateways, it might be a good idea to spend some time reading the articles listed below. Part 1: API Gateway in a Nutshell.Part 2: Building Simple API Gateways with Ocelot.Part 3: API Response Aggregation using OcelotPart 4: API Defense using Rate Limiting and Ocelot.Part 5: Containerizing API GatewaysPart 6: Containerizing API Gateways using Alpine Base ImageAbstractDenial of Service (aka DoS) is a popular type of cyber-attack that aims to limit the capabi…

API Gateway: Response Aggregation with Ocelot and ASP.net Core

Image
In the previous article, we've learned how to setup an API gateway using ASP.net Core and Ocelot. This article supplements the previous article by introducing downstream response aggregation through the use of API gateways. You can download the application used in this article by cloning it from GITHUB. Articles in the Series This article belongs to a series of articles that explains the importance of API gateways and how to build them using ASP.net Core. If you're interested to learn more about API gateways, it might be a good idea to spend some time reading the articles listed below. Part 1: API Gateway in a Nutshell. Part 2: Building Simple API Gateways with Ocelot. Part 3: API Response Aggregation using Ocelot Part 4: API Defense using Rate Limiting and Ocelot. Part 5: Containerizing API Gateways