So you’ve developed a snazzy new Serverless API on AWS and everything is going great. That is until you realize that there might eventually be production data behind it that you don’t want someone with Postman and 20 minutes on their hands to have access to. That’s where Lambda Authorizers come in. They’re a way to make sure that your API will only respond to authorized callers. Let’s look at how to implement authorizers for ourselves using an example application called Serverless Jams - where we vote on our favorite coding-related music.
I have a new three-hour long course on building serverless applications from the perspective of a frontend developer. Some of the things you’ll learn include:
- How to deploy serverless frontends on AWS with SSL, a custom domain, and the CloudFront CDN
- How to spin up your first backend APIs with the Serverless Framework
- How to integrate Auth0 into your frontend
- How to use Auth0 to secure your backend APIs
2019 was a year. In usual fashion I’ve decided to post a review of some of the things you may or may not have seen from me that I finished up along the way.
One of my few possessions is an abundance of poorly-chosen Amazon Route 53 domain names with outdated contact addresses from moving between overpriced apartments - I am what you might call a tech typical millennial.
So I wrote a Python package called
awsmailman to help do this for me and now you can use it too.
During AWS re:Invent this year AWS announced a new way to make HTTP APIs with API Gateway v2. It now includes things like native support for JSON Web Tokens (JWTs) and a vastly simplified number of AWS resources to get an API up and running. You can read about all the updates here in my post on the Serverless Blog.