Tagged with

Security

Serverless self-service IoT certificate management - Part 2.

Serverless self-service IoT certificate management - Part 2.

Secure communication is a important in IoT systems, where certificates and trust play a vital role. In this post we extend the API introduced in part 1, we will add functionality to create device certificates, introduce an inventory, add some event-driven parts, and the possibility to list and get certificates. This hands-on approach is great for learning purposes and development environments, production setups however require robust managed solutions.

aws, iot, security, serverless · 2024-12-22
Serverless self-service IoT certificate management - Part 1.

Serverless self-service IoT certificate management - Part 1.

Secure communication is a important in IoT systems, where certificates and trust play a vital role. In this post, I explore the foundations of certificate management, including PKI, certificate chains, and trust. Also I introduce a serverless self-service API using Amazon API Gateway and Lambda for an easy way to create certificates. This hands-on approach is great for learning purposes and development environments, production setups however require robust managed solutions.

aws, iot, security, serverless · 2024-11-27
Serverless AI powered content moderation service

Serverless AI powered content moderation service

In this post, I extend the File Manager service I built previously by adding content moderation capabilities. The original service stores files in S3 and records them in a DynamoDB table, using a serverless, event-driven approach. Now, with AWS GuardDuty and Rekognition, I’ve enhanced the service with malware scanning and image moderation.

aws, ai, security, serverless · 2024-10-31
Protect API Gateway with Amazon Verified Permissions

Protect API Gateway with Amazon Verified Permissions

In this post we'll look at Amazon Verified Permissions (AVP) a serverless service for easy management and enforcement of application permissions, and how to use it to secure Amazon API gateway API together with Cognito User Pools.

serverless, aws · 2024-04-10
Protecting a Static Website with JWT and Lambda@Edge

Protecting a Static Website with JWT and Lambda@Edge

Post about how to use Amazon Cognito together with Lambda@Edge to add protection and authorization to static content hosted with Amazon S3 and CloudFront.

serverless, security · 2023-10-04
AWS IAM Anywhere

AWS IAM Anywhere

How to setup and use AWS IAM Anywhere, using IAM Roles in on-premises workload authenticating using x.509 certificates.

IAM Security · 2022-07-22
Secure your API Gateway APIs with Lambda Authorizer

Secure your API Gateway APIs with Lambda Authorizer

How to secure your Amazon API Gateway REST based api using a custom AWS Lambda authorizer.

API Gateway · 2022-02-28
Secure your API Gateway APIs mutual TLS

Secure your API Gateway APIs mutual TLS

How to secure your Amazon API Gateway REST based api using certificates and mutual TLS (MTLS).

API Gateway · 2022-01-12
Secure your API Gateway APIs with Auth0

Secure your API Gateway APIs with Auth0

How to secure your Amazon API Gateway REST based api using Auth0 and API Gateway JWT Authorizer.

API Gateway · 2021-07-04
Temporary credentials, made easy

Temporary credentials, made easy

IAM Credentials · 2020-03-06
This is not the bastion host you are looking for

This is not the bastion host you are looking for

Security · 2019-04-01