Managing secrets for your backend application and keeping them secure is a tough matter. In this article, I will discuss how we approached and solved this problem, using the power of CodeDeploy scripts and S3 storage.
CodeDeploy: AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers.
The official AWS WAF (Web Application Firewall) definition by AWS:
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.
In other words, setting up a WAF would not only help you monitor and track the requests reaching your AWS resources, but could let you block or allow them to pass based on a set of rules you specify. That would lead to cleaner server application logs, common attacks mitigation, less traffic on the server instances and most importantly, cost cutting.
In this article, I will show you how we used AWS WAF at Interactive Life on an application that was already in production. We had discovered a bug on the frontend that was draining our EC2 instances. After research, a WAF seemed to be the most reasonable approach to implement as we needed a quick yet efficient solution that’s also cost effective. …