OJT

 Week 7 at Strastan This week was a full-on backend workout no WFH distractions, just focused days in the campus lab filled with debugging, deploying, and finally watching things click into place. Thoughts It’s wild how much goes into making a system feel “secure.” Swapping hardcoded LinkedIn credentials for Secrets Manager wasn’t just a cleanup it was a mindset shift. Suddenly, every token, every permission, every authorizer felt like part of a bigger trust chain. And once we saw the OpenID flow working end-to-end, it felt like unlocking a new level of backend maturity. The Content Calendar orchestration was another eye-opener. Building the LinkedIn Publisher Lambda to consume SQS messages and trigger updates across DynamoDB and EventBridge made me realize how powerful and fragile event-driven systems can be. One misnamed field or missing IAM permission, and the whole flow breaks. But when it works? It’s magic. Challenges Migrating the repo broke more things than expected C...

 Week 6 at Strastan This week was a deep dive into LinkedIn integration and backend documentation. With our usual rooms occupied by graduation rehearsals, we set up camp in the school’s computer lab where coffee, fast Wi-Fi, and focused coding sessions kept us moving. We started by building the /linkedin/auth Lambda, which securely generates the LinkedIn OAuth URL using Cognito identity and a nonce-based state. From there, we deployed a full suite of LinkedIn endpoints covering profile data, publishing, insights, articles, and connections. Each function was modularized, secured via Cognito, and wired into API Gateway with proper IAM permissions. Midweek, we refactored everything into a dedicated LinkedInStack , resolving deployment issues and confirming OpenID flows worked as expected. Once the stack was stable, we shifted gears to documentation compiling an audit-ready spreadsheet of all AWS serverless resources used in our Inventory and Workforce systems. By Friday, we added ...

 Week 5 at Strastan This week was all about chasing down bugs, securing credentials, and finally watching our LinkedIn OAuth2 flow behave like it was supposed to. Between graduation prep buzz and lab sessions, I managed to wrestle the last pieces of the integration into place.  Thoughts OAuth2 sounds simple until you’re knee-deep in token exchanges, redirect URLs, and CSRF protection. Getting /linkedin/auth to return a clean 302 felt like a small victory especially after hours of decoding CloudWatch logs and patching handler logic. Once the callback started accepting both GET and POST, parsing the authorization code, and saving tokens to DynamoDB, it finally felt like the system was breathing on its own. Adding the state parameter was a turning point. Encoding the Cognito ID and nonce, storing it with a TTL, and validating it on callback made the whole flow feel airtight. And pulling user profile data from LinkedIn’s /v2/userinfo endpoint? That was the cherry on top. Ch...

 Week 4 at Strastan This week was all about securing the GenAI backend from user authentication to event-driven architecture. With our usual OJT rooms occupied for graduation rehearsals, we worked from the school’s computer lab, which turned out to be the perfect base for rapid iteration and testing. We finalized the Cognito setup, deployed Lambda functions for sign-up and user retrieval, and integrated a custom authorizer to protect sensitive routes. The registration flow was refined to encrypt user profiles post-confirmation, and token validation was tested thoroughly using Postman. Midweek, we shifted gears to IAM and EventBridge. Each Lambda was scoped with least-privilege access, and a custom event bus was deployed with strict filtering rules to ensure only trusted events were processed. CORS policies were enforced, and API Gateway endpoints were hardened to reject unauthorized requests. By Friday, we completed a full security audit verifying token behavior, reviewing logs...

Week 3 at Strastan This week was all about locking down our backend authentication, authorization, and event orchestration took center stage. We worked from the school’s computer lab since our usual rooms were reserved for graduation prep, but that didn’t slow us down. We finalized the Cognito User Pool setup and wired in Lambda functions for sign-up and user retrieval. The authorizer was integrated to guard protected routes, and CDK deployments finally hit zero remaining tasks. From there, we refined the registration flow to encrypt user profiles post-confirmation and validated everything through Postman. Midweek, we shifted focus to IAM roles and EventBridge. Each Lambda was scoped with least-privilege permissions, and we spun up a custom event bus with filtering rules to ensure only trusted events were processed. CORS policies were enforced, and API Gateway endpoints were hardened to reject unauthorized requests. By Friday, we had a fully secured backend: tokens were validated, ...

 Week 2 at Strastan We spent the week turning our Attendance List API into an AWS CDK project. Bootstrapping the environment, installing Node.js packages, and wrestling with npm errors laid the groundwork each fix felt like clearing another hurdle on the road to a reliable infrastructure-as-code setup. Deploying the stack to the Osaka region brought its own drama: expired tokens, missing credentials, and AWS SSO misconfigurations. Chasing down those errors, reconfiguring the CLI, and finally seeing a successful deploy felt like conquering a boss fight in an epic cloud-adventure game. Cognito then took center stage. We wired up Lambda functions, API Gateway routes, and DynamoDB tables under Cognito’s protection. Postman became our best ally as we tested token issuance, validated bearer tokens, and hammered out authorization errors until endpoints behaved exactly as intended. By week’s end, we archived a fully documented Postman collection complete with JSON payloads, headers, an...

🗓️ My First Week of OJT at Strastan My first week at Strastan blended orientation, setup, and hands-on coding into one whirlwind of learning and discovery. We kicked things off with a company introduction and buddy assignment, which immediately made the whole experience feel supportive rather than overwhelming. Next, we tackled the essentials: installing tools, creating accounts, and configuring our laptops so we could hit the ground running. Once our environment was ready, we dove into our inaugural project an Attendance Management API. We built out basic CRUD operations, added the ability to mark students present or absent, and even had the freedom to extend the model with extra fields like timestamps or remarks. A mid-week holiday gave us a chance to pause and reflect, and before we knew it, we were back enhancing that same API with encryption and decryption capabilities exploring how to protect sensitive data in a real-world scenario. Key Takeaways Orientation and buddy pair...