MICHAEL MOUSSA

GitHub icon Twitter icon LinkedIn icon
Avatar

AWS Application Load Balancer Authentication with SAML IdP

December 31, 2018

User authentication is a common application requirement that has been solved numerous times in the past - why trouble yourself with implementing and managing it yet again, when you could be working on exciting new features in your application instead? The AWS Application Load Balancer (ALB) can greatly simplify user authentication with several different social media, SAML 2.0, and OpenID Connect identity providers (IdP). In this post, we'll walk through the entire process of setting up ALB authentication using Amazon Cognito against a Microsoft Active Directory Federation Services SAML IdP.

Read more

AWS Lambda Custom Runtime for PHP: A Practical Example

December 14, 2018

This year's AWS re:Invent was a nonstop, high-powered firehose of exciting new features and products. Native PHP support on Lambda wasn't one of those features, but the new AWS Lambda runtime API and layers capabilities gives us the ability to build a clean, supportable implementation of PHP on Lambda of our own. In this post, we'll take a brief look at the overall workflow and runtime lifecycle, and then I will show you one way to build a PHP runtime to start powering your PHP applications on AWS Lambda.

Read more

Securing Application Secrets With EC2 Parameter Store

June 17, 2017

When developing a non-trivial application, an important early step is to decide what to do with your application secrets. These can be API keys, database passwords, or other special configuration values your application needs to function, but that you don't want everyone to have access to. Very often, developers wind up taking an insecure or difficult-to-manage (or both) approach to application secret storage, either due to time constraints or uncertainty around best practices. In this article, we'll learn about the best way to secure your application secrets - EC2 Parameter Store. But first, let's take a look at a few less secure methods for managing application secrets that are still commonly used.

Read more