I build things.

Static Site Security Posture

Using Lambda@Edge to Implement OWASP Secure Headers for S3 Hosted Websites

The combination of S3 and CloudFront offers a low cost and easy way to deliver static and client side websites. In this blog post I’ll explore how to use Lambda@Edge to improve the security posture of your S3 hosted site through the addition of the OWASP recommended browser security headers. There are some aspects of control that you don’t have, when using S3 and CloudFront, compared to serving your content from a more typical server environment.

Basic CD With CodeBuild

Automated deployment from CodeCommit to S3 through CodeBuild/Lambda

I’ve been meaning to start experimenting with CodeBuild since it’s announcement and decided to put something basic but flexible together as a proof of concept. The TL;DR was to create an environment with a CodeCommit repo and a push trigger. That trigger fires a Lambda, which invokes a CodeBuild project, depositing a set of the repo files into an S3 bucket. It is possible to include these in a CodePipeline, rather than trigger a Lambda from CodeCommit, but there are a couple reasons I decided to go the Lambda route.