We don’t usually revisit and discuss Encryption (at least at a low level) much. Usually, Encryption and Decryption are abstracted through libraries, methods and protocols we use. However, last week, I had the chance to look at a feature that required a bit of work around Encryption and had to…

When selecting a tool to perform API testing, it’s natural to pick one that’s built for this purpose, such as Postman, SoapUI, RestAssured, etc. There are many other similar tools in the market. Also, it’s possible to leverage Http Client libraries to perform API testing. Here are some of these…

If you’ve built a website, whether for personal or commercial use, you probably researched web hosting options. Lots of companies provide this kind of services. In this post, we will build a very simple website, and host it on Amazon S3 (Amazon storage service), which can be used to…

It is common to use multiple accounts in AWS to split up environments, group workload based on the business function, or apply tighter security measures… That’s a correct way to do it, but it comes with the pain and overhead of managing multiple AWS accounts. Should we create a user…

Commits form one of the core concepts in git. They are snapshots of your branch at a certain point, recording your code changes. When you create a new commit, you usually add a message that describes your code changes. The commit messages are the logs of your changes. In multiple…

How to protect your AWS secrets — I accidentally published my AWS credentials online. I got an immediate email from AWS explaining the exposure of AWS secrets and the importance of securing these keys. …

This post is the second and final of the series where we talk about Encryption. We went over some encryption theory in the first post and introduced how Encryption works in AWS (server-side Encryption). In this post, we will go over client-side Encryption, which is the technique of encrypting data…

Assume you’ve been asked to create a VM on AWS to run some critical operations for your business; it needs to access the internet, but only can be accessed by the maintainers (e.g. people/services who would want to install/upgrade the software). How would you do it? This is a series…