Andres Moreno Profile Pictrue

Andres Moreno

I'm Andres Moreno, Principal Software Engineer at Tyler Technologies. I focus on serverless techonology in AWS

Using Amazon Cognito with the user-password flow

In May I released a post on how to secure APIs using machine-to-machine authentication. Exactly one day after that AWS Cognito changed their pricing model and now my proposed solution would generate cost for me. In this post I will go through a different setup using the user-password auth flow. This will still allow us to authenticate from automations and from Postman while keeping us in the free tier.

9-Minute Read

On my post called Secure API Gateway with Amazon Cognito using SAM I talked about different Auth terms and walked through a setup to use the Client Credentials Flow, but Cognito recently introduced pricing changes for machine-to-machine authentication that will make this cost us and my main goal is to do this while staying in the free tier for personal projects that will not be generating any income. That is why in this post I am going to setup Amazon Cognito using a different flow called user…

Creating users in Amazon Cognito programmatically

Short post to walk through the steps to create users in Amazon Cognito for automation

4-Minute Read

Title of the blog post and user icons with two of them with a picture of Andres

When you have CI/CD pipelines that run automated tests against your APIs you might need to dynamically create users in Amazon Cognito to run them. If that is the case you are in the right place. In this post we’ll be going over what you need to do to create a valid user in Cognito to be used by your automation.

Secure API Gateway with Amazon Cognito using SAM

Getting basic authentication for your API is not as hard as it sounds. In this post we'll be going through the steps to secure your APIs with Amazon Cognito

8-Minute Read

I create a lot of APIs, these are for blog posts, for playing around with new functionality or tools that I’ve created for myself. All of these have been created without authentication in place. Not securing APIs can create data exposures for you, but it can also pose a financial risk to your accounts if a malicious user gets your endpoints. This is why I want to secure any API I create but I want this to be with minimal setup so that it’s simple to replicate many times.

Using YAML anchors and aliases in a SAM template

Learn how you can setup your SAM template to reuse common pieces of config by using anchors and aliases without introducing any problems.

5-Minute Read

Image of me looking at a big text that says 'YAML Anchors in SAM

Last month I wrote a post about getting rid of Lambda Layers by using ESBuild. What I quickly learned is that the Metadata attribute has to be copied and pasted for EVERY Lambda function in your stack. I tried using the Global section in the SAM template and it turns out it’s not supported. I started thinking about how I could reuse the same configuration across my template and found that YAML already has a functionality that does this called YAML Anchors and Aliases. In this post I will…

Drop the layers, bundle up with ESBuild instead

Learn how you can structure your serverless projects to share code between Lambda Functions using ESBuild instead of Lambda Layers.

5-Minute Read

Image of a person removing a jacket into a stack of other jackets the person has already removed

I’ve seen a lot of posts around the problems that Lambda Layers bring. A very good one is called You shouldn’t use Lambda Layers by AJ Stuyvenberg. In this post AJ explains the myths and cons of using Lambda Layers. What is not easy to find is examples on how to actually get rid of Lambda Layers by using a bundler. In this post we will go through a structure and configuration that allows us to remove Layers by using ESBuild to bundle the dependencies and shared code for our…

Recent Posts