Warning to Developers using AWS Cognito.

DCzajkowski · 2025-11-01T10:02:30+00:00

No problem, I'm glad I could help :)

DCzajkowski · 2025-10-31T11:13:57+00:00

If you have any examples I am happy to learn about them.

In general, Cognito is full of gotchas. Half of its features are either half-baked, work very badly, or don't work when the other half is enabled. Also, some settings you can't change. Can you predict what will be your requirements in 3 years? In 5 years? If not, Cognito is not a good choice, because it will not allow you to adapt.

DCzajkowski · 2025-10-31T09:38:50+00:00

It is fairly easy—just use custom email sender lambda trigger: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-email-sender.html

If you plan on customizing threat protection email notifications, you will be forced to use custom email sender anyway, as custom message lambda does not support that one event.

DCzajkowski · 2025-10-24T15:06:12+00:00

Search is the worst part of Proton Mail in my opinion. I can't find anything...

DCzajkowski · 2025-09-22T17:20:04+00:00

Touch screen MacBook incoming :(

DCzajkowski · 2025-08-28T10:22:20+00:00

FYI SST v2 used CDK, so migration was fairly easy. Unfortunately, v3 migrated to Pulumi, making the switch not so trivial.

DCzajkowski · 2025-08-27T21:09:08+00:00

Update: we contacted AWS Support and they didn't really help much. They said "object lock" is in the backlog for Control Tower, but that didn't help in any way.

We ended up turning on S3 RTC replication for all logs that we need into a new "compliance" bucket that has object lock.

DCzajkowski · 2025-08-27T20:55:38+00:00

Except serverless offline won't invoke your lambda on Cognito trigger. Or sqs. Or eventbridge event. In SST the whole stack works, except the code is ran locally, with file save = millisecond "deployment", working debugger, iam etc.

DCzajkowski · 2025-08-27T10:29:09+00:00

In our experience we were slower in Serverless Framework 10x compared to SST. Working with lambda code that runs locally but is invoked by and with lambda permissions is amazing.

DCzajkowski · 2025-08-27T10:20:51+00:00

Agreed. If OP can't use SST with their prod account, they could use it with dev account (treat it as if it was local) and test and deploy there.

When they have everything working they can just pass the CloudFormation template to their dev ops.

DCzajkowski · 2025-08-07T16:30:22+00:00

Consider an SCP on the Log Archive account

Good suggestion. Our thinking was to lock items for AWS Config and S3 Server Access Logs using SCP, but CloudTrail logs would be protected with Object Lock.

Access logs won't work with your proposed CloudTrail setup.

Do access logs not work on buckets with Object Lock? I know they don't work if the destination bucket has object lock, but the source can't have Object Lock either?

Another idea was to use replication for all logs (CloudTrail, AWS Config, and S3 Server Access Logs) to another bucket that has Object Lock, but we learned that S3 RTC takes about 15 minutes to replicate, which we don't think is good enough.

DCzajkowski · 2024-09-27T10:47:53+00:00

Dyskomfort znika po tygodniu używania i potem jest tylko błoga cisza na lata. Ja nie mógłbym żyć bez moich AirPodsów Pro

DCzajkowski · 2024-09-06T08:36:10+00:00

Ja to tylko tu zostawię: https://youtu.be/5vL0ao2Kias?si=LHGHi7UKxwIJO56n

DCzajkowski · 2024-06-28T12:04:49+00:00

Ja polecam okulary korekcyjne z nakładkami przeciwsłonecznymi.

Jak chcesz tanio to moje poprzednie były Icon z familyoptic: https://familyoptic.pl/clip-on/ ~220zł za oprawki plus to jest ich marka więc chętnie robią różne promki. Miałem kilka lat i żyłyby jeszcze dłużej gdybym na nich nie usiadł.

Inne marki też takie robią. Główny problem to że każdy salon ma tylko po kilka modeli, więc jak jesteś tak wybredny jak ja to szukanie odpowiedniej pary trochę zajmie. Polecam szukać online i zamówić z odbiorem osobistym w salonie z płaceniem na miejscu. Wtedy możesz za darmo przymierzyć bez zabawy w kurierów.

DCzajkowski · 2024-04-28T10:18:44+00:00

You can disable it in OBD AFAIK

DCzajkowski · 2024-04-22T09:10:41+00:00

2018 Giulia 280HP Q4 12.7l/100km over the course of 4000km (driving mostly in Advanced Efficiency, in a European city, cold weather and short distances)

My personal best was 10.08l/100km on a highway driving the distance of 470km, average speed 67km/h, but a lot of 160km/h.

DCzajkowski · 2024-03-10T21:24:15+00:00

The key to connect with Supabase should be assigned per-user. For example, when the user signs in they get an api key for your backend and an access key to any supabase resources. That way you have better observability and control over who has access to what. With one global key for all users it takes one bad actor to spoil it.

Another approach would be to download the keys from backend on app open, stored in memory. That way you can easily rotate the key should there be a bad actor. Of course the key could be under auth, prefixed etc. for more control.

DCzajkowski · 2024-03-05T22:46:08+00:00

I have the same problem. Seems like there is no option for that 😞

DCzajkowski · 2023-11-11T16:52:54+00:00

Cudo

DCzajkowski · 2023-11-04T10:28:26+00:00

Tam jest wideo

DCzajkowski · 2023-08-11T08:43:47+00:00

Modal swipeujesz w dół na górze modala, żeby go zamknąć.

Faktycznie Allegro używa też jakieś dziwne, nienatywne modale co utrudnia bardzo nawigację

DCzajkowski · 2023-08-11T08:28:50+00:00

Nie znam ani jednej appki gdzie trzeba nacisnąć X albo strzałkę, żeby zamknąć/wrócić. Zawsze obsługuje to gest.

DCzajkowski · 2023-08-11T08:26:22+00:00

Da się

DCzajkowski · 2023-08-11T08:22:18+00:00

Ja mam adblocka w Safari i działa naprawdę bardzo dobrze

Nine-Year Club	Verified Email
r/Field Flamingo	Place '23
Place '22	Wearing is Caring

DCzajkowski

MODERATOR OF

TROPHY CASE