Samuel Tucker

Samuel Tucker


DAY 38 - 100 Days Of AWS | X-Ray

Lets have this 100DaysOfAWS challenge with me on Twitter and LinkedIn
Explore more on Day 38 learning

Github Repository for the Progress:

Discord server

๐ŸŒŸ Premium Courses ๐ŸŒŸ
Check out 32 hours of Laravel Content at

Get $100 in credit for 60 days

๐ŸŒŸ Gadgets I use ๐ŸŒŸ
Blue Yeti Mic
Blue Yeti Mic Foam Cover
Capture Card

๐ŸŒŸ Support Me ( I am full time YouTube) ๐ŸŒŸ

Subscribe for New Releases!

Twitter -
Twitter -
Facebook -
Instagram -
(ask me questions!)

โ€” QUESTIONS? โ€”

Leave a comment below and I or someone else can help you.
For quick questions you may also want to ask me on Twitter, I respond almost immediately.

Email me
Thanks for all your support


What is GEEK

Buddha Community

DAY 38 - 100 Days Of AWS | X-Ray

A Deep Dive into Serverless Tracing with AWS X Ray & Lambda

Image for post

Over the past few weeks Iโ€™ve been experimenting with building a Serverless API on AWS with the goal of having everything needed to run a production system. One necessary piece was distributed tracing. While Iโ€™d seen a bit of what some non-AWS options had to offer, the extra cost of the services themselves, along with actually getting the data to them, was a bit prohibitive for what I imagined should be possible (and cheaper) with only AWS, which brought me to X Ray. So, I wanted to see if I could use AWS X Ray to get everything I wanted out of a tracing solution. First, Iโ€™ll set some expectations of what I need in a production tracing solution as a goal to orient the research process.


  1. Distributed tracing. On a high level, I want to see the path of a request from service to service, along with location of errors and details on latency.
  2. Internal tracing, or a โ€œflame graphโ€. I want to be able to see the breakdown of a request inside of a lambda, along with a stack trace when an error occurs. This will also help me spot any parts of my lambda that are running particularly inefficiently.


First, a standard Serverless project setup and code walk-through. By the way, all the code I used in this post is available here.

npm i -g serverless
sls create --template aws-nodejs --path lambda-demo-api
cd lambda-demo-api && npm init && npm i --save-dev serverless-offline

The file structure of the lambda weโ€™re going to deploy looks like this:

โ”œโ”€โ”€ anotherFile.js
โ”œโ”€โ”€ index.js
โ”œโ”€โ”€ logger.js
โ”œโ”€โ”€ node_modules
โ”œโ”€โ”€ package-lock.json
โ”œโ”€โ”€ package.json
โ”œโ”€โ”€ serverless.yml
โ””โ”€โ”€ utils.js

Iโ€™ll be explaining each of these files later on. For now, letโ€™s check out the initial serverless config.

#nodejs #aws-lambda #aws-x-ray #aws #serverless

Seamus  Quitzon

Seamus Quitzon


AWS Cost Allocation Tags and Cost Reduction

Bob had just arrived in the office for his first day of work as the newly hired chief technical officer when he was called into a conference room by the president, Martha, who immediately introduced him to the head of accounting, Amanda. They exchanged pleasantries, and then Martha got right down to business:

โ€œBob, we have several teams here developing software applications on Amazon and our bill is very high. We think itโ€™s unnecessarily high, and weโ€™d like you to look into it and bring it under control.โ€

Martha placed a screenshot of the Amazon Web Services (AWS) billing report on the table and pointed to it.

โ€œThis is a problem for us: We donโ€™t know what weโ€™re spending this money on, and we need to see more detail.โ€

Amanda chimed in, โ€œBob, look, we have financial dimensions that we use for reporting purposes, and I can provide you with some guidance regarding some information weโ€™d really like to see such that the reports that are ultimately produced mirror these dimensions โ€” if you can do this, it would really help us internally.โ€

โ€œBob, we canโ€™t stress how important this is right now. These projects are becoming very expensive for our business,โ€ Martha reiterated.

โ€œHow many projects do we have?โ€ Bob inquired.

โ€œWe have four projects in total: two in the aviation division and two in the energy division. If it matters, the aviation division has 75 developers and the energy division has 25 developers,โ€ the CEO responded.

Bob understood the problem and responded, โ€œIโ€™ll see what I can do and have some ideas. I might not be able to give you retrospective insight, but going forward, we should be able to get a better idea of whatโ€™s going on and start to bring the cost down.โ€

The meeting ended with Bob heading to find his desk. Cost allocation tags should help us, he thought to himself as he looked for someone who might know where his office is.

#aws #aws cloud #node js #cost optimization #aws cli #well architected framework #aws cost report #cost control #aws cost #aws tags

Hire AWS Developer

Looking to Hire Professional AWS Developers?

The technology inventions have demanded all businesses to use and manage cloud-based computing services and Amazon is dominating the cloud computing services provider in the world.

Hire AWS Developer from & Get the best amazon web services development. Take your business to excellence with our best AWS developer that will serve you the benefit of different cloud computing tools.

Consult with experts: Development services

#hire aws developer #aws developers #aws development company #aws development services #aws development #aws

Christa  Stehr

Christa Stehr


How To Unite AWS KMS with Serverless Application Model (SAM)

The Basics

AWS KMS is a Key Management Service that let you create Cryptographic keys that you can use to encrypt and decrypt data and also other keys. You can read more about it here.

Important points about Keys

Please note that the customer master keys(CMK) generated can only be used to encrypt small amount of data like passwords, RSA key. You can use AWS KMS CMKs to generate, encrypt, and decrypt data keys. However, AWS KMS does not store, manage, or track your data keys, or perform cryptographic operations with data keys.

You must use and manage data keys outside of AWS KMS. KMS API uses AWS KMS CMK in the encryption operations and they cannot accept more than 4 KB (4096 bytes) of data. To encrypt application data, use the server-side encryption features of an AWS service, or a client-side encryption library, such as the AWS Encryption SDK or the Amazon S3 encryption client.


We want to create signup and login forms for a website.

Passwords should be encrypted and stored in DynamoDB database.

What do we need?

  1. KMS key to encrypt and decrypt data
  2. DynamoDB table to store password.
  3. Lambda functions & APIs to process Login and Sign up forms.
  4. Sign up/ Login forms in HTML.

Lets Implement it as Serverless Application Model (SAM)!

Lets first create the Key that we will use to encrypt and decrypt password.

    Type: AWS::KMS::Key
      Description: CMK for encrypting and decrypting
        Version: '2012-10-17'
        Id: key-default-1
        - Sid: Enable IAM User Permissions
          Effect: Allow
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:root
          Action: kms:*
          Resource: '*'
        - Sid: Allow administration of the key
          Effect: Allow
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyAdmin}
          - kms:Create*
          - kms:Describe*
          - kms:Enable*
          - kms:List*
          - kms:Put*
          - kms:Update*
          - kms:Revoke*
          - kms:Disable*
          - kms:Get*
          - kms:Delete*
          - kms:ScheduleKeyDeletion
          - kms:CancelKeyDeletion
          Resource: '*'
        - Sid: Allow use of the key
          Effect: Allow
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyUser}
          - kms:DescribeKey
          - kms:Encrypt
          - kms:Decrypt
          - kms:ReEncrypt*
          - kms:GenerateDataKey
          - kms:GenerateDataKeyWithoutPlaintext
          Resource: '*'

The important thing in above snippet is the KeyPolicy. KMS requires a Key Administrator and Key User. As a best practice your Key Administrator and Key User should be 2 separate user in your Organisation. We are allowing all permissions to the root users.

So if your key Administrator leaves the organisation, the root user will be able to delete this key. As you can see **KeyAdmin **can manage the key but not use it and KeyUser can only use the key. ${KeyAdmin} and **${KeyUser} **are parameters in the SAM template.

You would be asked to provide values for these parameters during SAM Deploy.

#aws #serverless #aws-sam #aws-key-management-service #aws-certification #aws-api-gateway #tutorial-for-beginners #aws-blogs

Hire Dedicated AWS Developer

Want to Hire AWS Developer for cloud computing services?

At, we leverage maximum benefits from the AWS platform ensuring prominent Solutions for business requirements. Hire Dedicated AWS Developer and make business solutions truly global and accessible through the power of cloud environment and AWS with an extensive set of on-demand global functionality.

Consult with experts:-

#aws development company #hire dedicated aws developer #aws development services #aws development #aws developer #aws