Issue #1 – Leak proofing S3 buckets – F1 + AWS – NanoID
For the teams of developers/creators worldwide, there’s no doubt that the last 2 years have propelled us ten years into the future. There is a lot to explore and break down.
This will hopefully be a newsletter that generates the insights you need as a developer to stay on pace with the fast-moving world we find ourselves living in today.
Extending your application’s capabilities is a lot easier today because of the cloud. It has allowed developers to move so much faster. But with that power comes great responsibility, which hasn’t been fully understood and resulting in the poor implementation of these technologies.
In the last week, news broke, thousands of sensitive documents on a public s3 bucket owned by Backnine (insurtech startup) were exposed.
AWS S3 service is one of the more widely used services in the AWS ecosystem. From analytics, hosting to disaster recovery and backup. Incidents like the BackNine breach more than they should. Resulting in S3 being the biggest culprit in several major data breaches found in the past.
With regulations like GDPR and POPI popping up worldwide, it is more important than ever that teams enforce best practices in the cloud. Here are a few ways you could start implementing:
You can do other things to make interacting with s3 more secure, like setting up Cloud Trail logs to track events (e.g. GetObject) or enabling MFA, Versioning or VPC endpoint access. Read more about it here.
However, the world of motor racing might not be for everyone, however, reference the technology working behind the scenes, and you catch the attention of cloud enthusiasts everywhere.
To summarise, F1 machines produce a lot of unwanted air due to concepts in aerodynamics and the way the vehicles are designed. That air makes it more challenging for the person behind. The closer they get to the vehicle in front, the more downforce is lost (the force that keeps the car to the ground).
This is not what you want when trying to formulate a more competitive, wheel to wheel racing experience. The F1 team sort out to redesign the base of the car using Computational Fluid Dynamics (CFD).
It’s all explained in this video, but in short, CFD requires heaving computing to do what it does (simulations). With 2,500 compute cores provided by AWS, the F1 team could reduce four days per compute cycle to just 6-8 hours.
The AWS console hosts a huge number of managed services, 200 to be exact. Every week we look at one and give a brief breakdown. Taking you from a novice to a console hero.
Communication is key when designing a robust and scalable microservice. Operations (like order hand-bag) are carried through messages and powered by middleware that intercepts those messages to perform actions (check stock, etc.).
Amazon MQ is a managed service that hosts two messages-brokers Apache ActiveMQ and RabbitMQ. These protocols don’t require the client and server to be available simultaneously for communication to happen.
Instead, the broker will take any incoming messages and them to a queue. MQ makes it simpler to set up and maintain your broker. Here’s an in-depth article if you considering adopting one in your system.
The idea of #Geeking-it-up in the Scrums.com engineering ecosystem is about sharing. Whether it’s open-source tech, articles or events, every week, we will take those picks and share them here.
There’s a new kid on the block; it’s smaller, faster, more portable and has been around long enough to warrant some serious bragging rights. NanoID is a tiny, secure, URL-friendly, unique string ID generator for Javascript libraries.
From use cases in auth to labelling, UUID, which Microsoft developed in the 1980s, has long been the unique identifier for developers. This article details why that could be changing.
Check out this proposal for self-invoking functions in Javascript. Building of another proposal for the do expression. (cleaner code and better looking React useEffect hooks
).
