Simple yet powerful API authorization scheme leveraging transport layer trust

X.509 certificates are at the core of Mutual TLS (MTLS) based authentication. Essentially a certificate represents the identity of clients/partners and is used to authenticate a trusted party. This post will attempt to describe an API authorization scheme that leverages…


On-boarding trusted clients and partners on Amazon API Gateway gets more secure with Mutual TLS

Photo by Liane Metzler on Unsplash

Mutual TLS or MTLS is the de-facto transport layer security standard used in critical Business-to-Business (B2B) and Internet of Things (IoT) integrations. Essentially Mutual TLS establishes a two-way trust in a client-server communication channel. So…


Photo by Freddie Collins on Unsplash

Simple yet elegant batch processing with S3, Lambda, DynamoDB and SNS

An interesting way to process a batch of records in the AWS Serverless world is to leverage the event triggering capabilities of S3, the power of Lambda, backed by a database service like DynamoDB and finally SNS for notifications. For simple batch processing scenarios, this solution could be very effective…


Photo by Silas Köhler on Unsplash

“The only secrets are the secrets that keep themselves”- George Bernard Shaw

Leveraging a service like AWS Secrets Manager, to outsource secured storage and life-cycle management of secrets (like passwords, API keys, tokens, encryption keys, etc.) is becoming quite commonplace. Essentially, this practice keeps the application code clean and devoid…


Photo by freestocks on Unsplash

In this post, we will go through the steps to expose a SOAP service as a RESTful API using AWS API Gateway and Lambda. The primary driver for such a solution is often incompatibilities of systems involved in the integration. …


Photo by CJ Dayrit on Unsplash

If you are a Kubernetes enthusiast but have not yet experimented with MicroK8s, then this post is for you.

MicroK8s is CNCF certified upstream Kubernetes deployment that can run on your laptop, workstation or on edge devices. It runs all the Kubernetes services natively and unlike Minikube, doesn’t require a…


Photo by John Cameron on Unsplash

LAMBDA AUTHORIZER ON STEROIDS

Use Lambda context to perform more than just authorization

Lambda authorizers are used to control access to APIs published in AWS API Gateway. They help to implement custom authorization schemes that either use token based authentication strategies (like OIDC, SAML, etc.), or use one or more request parameters to establish the API caller’s identity.

There are essentially two types…

Adrin Mukherjee

Solutions architect by profession, programmer by passion and photographer by choice…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store