Wind extinguishes a candle and energizes fire.
Likewise with randomness, uncertainty, chaos; you want to use them, not hide from them.
Thus begins the prologue to Antifragile by Nassim Nicholas Taleb, one of the most popular authors of recent years.
What does the randomness have to do with our work as engineers? What does chaos have to do with cloud computing? Much more than you can imagine and in this story, we will understand why.
Il vento spegne la candela e alimenta il fuoco.
Lo stesso vale per il caso, l’incertezza e il caos: vogliamo usarli, non nasconderci da loro.
Inizia così il prologo ad Antifragile di Nassim Nicholas Taleb, uno degli autori più apprezzati degli ultimi anni.
Cosa c’entra il caso con il nostro lavoro da ingegneri? Cosa ha a che fare il caos con il cloud? Molto più di quanto possiate immaginare e in questo articolo capiremo il perché.
Amazon API Gateway is a fully managed service that makes it easy to handle REST APIs. The main task of this service is to bind an HTTP endpoint to a given backend service, like a Lambda function.
Amazon Cognito is an AWS service that lets you easily add users’ management to web and mobile apps. It supports social identity providers, such as Facebook, Google and enterprise identity providers via SAML 2.0.
A powerful service.
At first, hard to understand.
One of the things that generate the biggest confusion is the fact that Amazon Cognito comes with two main components:
This is the first blocker because, in the common language, users and identities are almost the same things. In this brief story, we will try to clarify…
When Coronavirus starts hitting the world of businesses, a lot of job activities were stopped. One of the first cancelled activities, it goes without saying, was the so-called workplace learning.
According to a report by Pearson, in those months, more than 300 million learners worldwide have been affected by the spread of the pandemic and, according to McKinsey, workplace learners were the ones who suffered the most.
Based on our observations as of early March, roughly one-half of in-person programs through June 30, 2020, have been postponed or canceled in North America; in parts of Asia and Europe, the figure…
This is the italian version of a story originally in English that you will find here. Thanks to my colleague Paolo D’Incau for the Italian translation and invaluable feedback.
Per chi non lo conoscesse, AWS Lambda è una servizio che permette di eseguire della business logic senza la necessità di dover gestire un server. Una volta caricato il codice sorgente, la piattaforma si occuperà di tutto il necessario per eseguirlo, garantendone la scalabilità in base al numero di richieste.
Una volta rilasciato, l’esecuzione di tale codice potrà essere avviata da altri servizi AWS (Amazon S3, Amazon SNS/SQS e così via)…
For those of you who might not be familiar with, AWS Lambda is a service platform that let us run our code without provisioning or managing servers. We just upload the source code and the platform takes care of everything required to run and scale it.
Once deployed, that code can be automatically triggered by other AWS services like Amazon S3, Amazon SNS/SQS and so on. To make these integrations as seamless as possible, there are some assumptions and conventions that we need to use.
Since these conventions are peculiar to AWS Lambda, sometimes you may hear of people that…
With good reason, unit tests are seen as a guiding light by every good developer. As the name suggests, this type of test involves just a unit of the overall codebase, without any external dependencies like databases, HTTP calls, queues, topics or something like that. This characteristic makes unit testing deterministic and, above all, fast; so we could run an entire suite of thousands of tests in a bunch of seconds.
Back in the days of big fat monolithic projects, a good suite of unit tests may validate the entire system right after a refactoring work.
Today, with the rise…
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a way for transmitting information – like authentication and authorization facts – between two parties: an issuer and an audience. Communication is safe because each token issued is digitally signed, so a consumer can verify if the token is authentic or has been forged.
In a previous story, we talk in depth about it: how it is built, what problems it solves, what is the theory behind signature’s validation and, finally, how we can protect our resource.
Hold on tight: the HTTP protocol is terribly flawed(*) and when it comes to user authentication this problem screams loudly.
For a long time we, as developers, fought with it: sometimes with good results, sometimes not, but we thought we were happy.
Unfortunately, the web moves fast and many of these solutions were getting old too quickly.
He who hesitates is lost…
Later on, a group of people realised that it was time to stop fighting with the “problem” and try to embrace it. …