Posts

Introduction AWS App Runner makes it incredibly easy to deploy and scale web applications directly from your code repository or container image — no infrastructure management required. It’s a great fit for developers who want simplicity without giving up the power of AWS. But things start to get tricky when you want to securely connect App Runner to other AWS services inside a private VPC — especially when you need to expose your backend through Amazon API Gateway. ...

Introduction When building modern applications, authentication and authorization play a crucial role. Traditionally, these checks happen on the application backend, introducing latency and extra load on your origin servers. With Lambda@Edge, you can run custom auth logic at CloudFront edge locations, stopping unauthorized requests before they ever reach your application or S3 bucket in the first place. In this guide, I’ll walk you through setting up Lambda@Edge to authenticate users, validate JWT tokens issued by Amazon Cognito as a Federated Identity Broker, and handle authorization. This practical, step-by-step approach will help you secure your application globally while keeping latency low by handling authentication and authorization at the edge. ...