Building a serverless web application with AWS AppSync and Amazon Cognito for the health sector

We were challenged by a health-tech startup to build a secure and scalable solution on AWS.

The combination of health-data and a startup meant that we had to build a solution with very strict data protection and isolation requirements, with a relatively short-time to market, while remaining economically efficient.

By using Amazon Cognito and AWS AppSync (both deployed with CDK), we leave most of the heavy lifting to AWS, in accordance with the shared responsibility model. Minimising the amount of custom code and relying on implicit security mechanisms provided by these services, we can move quickly and easily adapt to changes, all while staying compliant. AWS Amplify CLI and JS/UI components enable us to easily integrate a React SPA with Amazon Cognito and AWS AppSync services, all while following a schema-first approach.

In this session, we share and discuss the technical insights that went into designing and implementing such a solution. Expect code samples.

Scalable automation of CICD at Norwegian ASA

At Norwegian we do all provisioning and updates via CodePipeline and IaaC (CloudFormation/CDK). The console is for ReadOnly operations only. During the past years we have implemented a scalable framework making it possible to maintain over 400 CodePipelines across many teams and accounts with very little effort. All the pipelines are ofcourse also maintained by IaaC. This presentation will go through how we have designed it to keep things easy, scalable and secure.

Using Serverless@Edge to keep spam-bots out of the system

In this session, we look at the timeline, analysis, and solution implemented for a sudden attack by spammers. Suddenly, the number of newly registered users in our system spiked. We could see that these new users were likely spam-bots. It was a more sophisticated attack than earlier seen as captcha and email-verification were bypassed. We already had some countermeasures in place, but needed a quick and cost-effective solution. Running on AWS we used lambda@edge and Web Application Firewall to stop 99% of the spammers within a very short time-frame without changes to the original system.

Design hyperscaling of CI-CD at Norwegian ASA

Everyone is using CI-CD-pipelines to deploy code, but do you use CI-CD-pipelines to deploy your cloud-infrastructure, your CI-CD-tooling and access-control?

At Norwegian we have implemented a scalable framework making it possible to maintain over 500 CI-CD-pipelines across many teams and accounts with very little effort. We control access to teams and what they can deploy through the same framework.

This presentation will go through an overview of how we have designed it to keep things easy, scalable and secure when we deploy infrastructure, applications and tools.

Duration: 30-45 mins
Target audience: devops role, cloud engineers