Week 2

 Week 2 at Strastan

We spent the week turning our Attendance List API into an AWS CDK project. Bootstrapping the environment, installing Node.js packages, and wrestling with npm errors laid the groundwork each fix felt like clearing another hurdle on the road to a reliable infrastructure-as-code setup.

Deploying the stack to the Osaka region brought its own drama: expired tokens, missing credentials, and AWS SSO misconfigurations. Chasing down those errors, reconfiguring the CLI, and finally seeing a successful deploy felt like conquering a boss fight in an epic cloud-adventure game.

Cognito then took center stage. We wired up Lambda functions, API Gateway routes, and DynamoDB tables under Cognito’s protection. Postman became our best ally as we tested token issuance, validated bearer tokens, and hammered out authorization errors until endpoints behaved exactly as intended.

By week’s end, we archived a fully documented Postman collection complete with JSON payloads, headers, and authentication steps so any teammate can replay our setup in seconds.

Reflections & Challenges

This week was a crash course in secure API deployment. Battling setup quirks, authentication headaches, and real-world debugging showed me how many interlocking pieces power a modern backend. It’s wild how much effort goes into making an API simply “just work” in the cloud. Surviving these challenges and watching our system run securely was as rewarding as it was intense.


Comments

Post a Comment

Popular posts from this blog

Week 5

 Week 5 at Strastan This week was all about chasing down bugs, securing credentials, and finally watching our LinkedIn OAuth2 flow behave like it was supposed to. Between graduation prep buzz and lab sessions, I managed to wrestle the last pieces of the integration into place.  Thoughts OAuth2 sounds simple until you’re knee-deep in token exchanges, redirect URLs, and CSRF protection. Getting /linkedin/auth to return a clean 302 felt like a small victory especially after hours of decoding CloudWatch logs and patching handler logic. Once the callback started accepting both GET and POST, parsing the authorization code, and saving tokens to DynamoDB, it finally felt like the system was breathing on its own. Adding the state parameter was a turning point. Encoding the Cognito ID and nonce, storing it with a TTL, and validating it on callback made the whole flow feel airtight. And pulling user profile data from LinkedIn’s /v2/userinfo endpoint? That was the cherry on top. Ch...
Read more

Week 3

Week 3 at Strastan This week was all about locking down our backend authentication, authorization, and event orchestration took center stage. We worked from the school’s computer lab since our usual rooms were reserved for graduation prep, but that didn’t slow us down. We finalized the Cognito User Pool setup and wired in Lambda functions for sign-up and user retrieval. The authorizer was integrated to guard protected routes, and CDK deployments finally hit zero remaining tasks. From there, we refined the registration flow to encrypt user profiles post-confirmation and validated everything through Postman. Midweek, we shifted focus to IAM roles and EventBridge. Each Lambda was scoped with least-privilege permissions, and we spun up a custom event bus with filtering rules to ensure only trusted events were processed. CORS policies were enforced, and API Gateway endpoints were hardened to reject unauthorized requests. By Friday, we had a fully secured backend: tokens were validated, ...
Read more