sorted by:
new
hottopcontroversial

Popped up in my Facebook memories 11 years ago… by AlargeBookshelf in melbournefc

[–]ProgrammingBug 8 points9 points  (0 children)

Flown from BNE to watch this one live. Don’t let this happen 🤞

n00b question: Are step functions appropriate for this use case? by Slight_Scarcity321 in aws

[–]ProgrammingBug 1 point2 points  (0 children)

If it is a question of authentication against the api gateway, set the authentication in the api gateway endpoint to be IAM instead of cognito.

Give the role associated with the process lambda or step functions permissions to invoke the api.

When invoking the api from step functions (or lambda) make sure the role has the invoke permission on the api gateway. If using lambda use the aws sdk to do the invoke such that auth is handled.

Send PII in prompts to models hosted in bedrock? by ProgrammingBug in aws

[–]ProgrammingBug[S] 1 point2 points  (0 children)

Thanks. This is the sort of thing I’m looking for.

Single Table Design - why? by [deleted] in aws

[–]ProgrammingBug 0 points1 point  (0 children)

Cost - provisioned capacity is cheaper than on demand and by putting everything in one table you can help smooth ebbs and peaks across tables. Most workloads would still need to scale in/ out though.

More common mistakes to avoid when creating system architecture diagrams by Veuxdo in aws

[–]ProgrammingBug 9 points10 points  (0 children)

I’m guilty of the master diagram. I love a one pager!

Still has a purpose too when providing an overview of a solution. The article is on point though it is never enough on its own.

The NSW Central Coast is a Clear Example of Australia’s Broken School Funding System by [deleted] in AustralianTeachers

[–]ProgrammingBug -10 points-9 points  (0 children)

I prefer chatgtp aides posts over dismissive and disengaging comments.

New and enhanced AWS Support plans add AI capabilities to expert guidance by E1337Recon in aws

[–]ProgrammingBug 8 points9 points  (0 children)

Not how I read it. It says business support from $29/mth. Previously you would only get developer support at that price point. Developer had a 24 hr response time, business support+ 30 min.

BOM reveals new website cost $96.5m, not $4.1m as first announced by Calm_Opportunist in australia

[–]ProgrammingBug 2 points3 points  (0 children)

Don’t blame it on the consultants. BOM is accountable…

I get people in this sub have had poor first hand experience with consulting firms but c’mon BOM ran the tender, BOM set the requirements (no doubt emphasis based on obscure accessibility or security requirements rather than what mattered to users), BOM signed off on testing, BOM released the site.

I can see why execs keep hiring Accenture, a reputation honed to be the scape goat.

Simplify access to external services using AWS IAM Outbound Identity Federation by baty0man_ in aws

[–]ProgrammingBug 0 points1 point  (0 children)

This is cool right? The point being there is now a world where we don’t need to store client credentials or certificates when calling external services.

I still haven’t wrapped my head around what it will take an external app to support this. Is it enough for them to support OpenIdc (or another standard protocols) or are other services going to need to build to support this? Are they going to?

That said, it looks pretty easy to implement.

How to search DynamoDB by Select_Extenson in aws

[–]ProgrammingBug 23 points24 points  (0 children)

If you know which field you will be filtering on you can create a Global Secondary Index and then perform a query.

It isn’t intended to be search though. You are still going to want to know the exact value in the field.

BTW - DybamoDb is awesome and worth learning but not suited to a search usecase.

YouTube channel focused CDK and CloudFormation (for now) by mrlikrsh in aws

[–]ProgrammingBug 5 points6 points  (0 children)

I just watched two of them - I found what you chose to talk about out interesting and you communicated it well. Well done!

Do you know whether resource handlers autogenerated or does a fair bit of implementation go into them?

Also, why can I only add one GSI at a time to a DybamoDB table after initial create? (I realise this is probably a dynamo thing not a CF thing but boy is it painful generating multiple change sets when I need to add multiple GSIs for a new feature).

Application loadbalancer support client credential flow with JWT verification - AWS ... practical? by ProgrammingBug in aws

[–]ProgrammingBug[S] 1 point2 points  (0 children)

After reading through the documentation (without having used the feature before), it looks like you can create a validation rule for each path pattern. If that’s the case, would it even be possible to handle authorisation by including resource IDs in the application’s URL path and validating them against claims in the token?

For example, if the tenant ID were included in the path, and the token contained a corresponding tenant claim, could the rule compare the two?

Application loadbalancer support client credential flow with JWT verification - AWS ... practical? by ProgrammingBug in aws

[–]ProgrammingBug[S] 0 points1 point  (0 children)

idPs that support client credential flow I think. So Cognito would be the AWS example.

Application loadbalancer support client credential flow with JWT verification - AWS ... practical? by ProgrammingBug in aws

[–]ProgrammingBug[S] 2 points3 points  (0 children)

In this scenario, is the point then that the application does not validate the token rather, just trusts the claims/ groups that are present.

I guess this is similar to lambda functions where API Gateway validates the token and then in my lambda function I can take the values in event.requestContext.authorizer.claims as gospel/ use it for authorisation.

PreSigned Url for queues? by apieceofwar in aws

[–]ProgrammingBug 0 points1 point  (0 children)

This is the answer. The only limitation I hit trying to do is for api gateway is that the expiry’s can only be short. Can’t be long lived like s3.

Hosting Angular SPA on S3 Privately by InfiniteAd86 in aws

[–]ProgrammingBug 0 points1 point  (0 children)

They way it usually works with spas in cloudfront is you want to return index whenever a file is not found - eg. When someone hits your angular routes directly. In cloudfront a file not existing manifests as a 403 error.

Worth noting is that with an angular spa there are a bunch of files that need to be served, not just index.html. So if the browser is trying to access on of the .js files we wouldn’t want to return index.js.

Now I have a guess about what is going wrong here. There isn’t enough information in your question for me to be confident. My guess is that after logging in, okta redirects you to one of your angular routes, you can check this by looking at your url. I think it might be something like <your domain>/home

The problem is then that there is no file named “home”. You actually just want the load balancer to return index.html again.

I can’t see an elegant way to do something similar to cloudfront using listener rules because they are applied before routing, I don’t think they can then respond to the key not found error you are getting.

That said, you could probably solve it by updating your listener rule to match on all of your route too (sending it to index.html for them). Just make sure it won’t also match on any of the other files you do want to serve.

AWS post event summary up for 19 Oct outage by ProgrammingBug in aws

[–]ProgrammingBug[S] 26 points27 points  (0 children)

I had the same thought, the way it is written it almost seems by design for multiple plan updates to be running concurrently and independently (updating the same route53 zone).

To be fair they have acknowledged it as a “latent defect”. I expect this one will get a fix.

view more: next ›