AWS Transfer: SFTP rename Fails with Permission Denied

Just hit this little fun thing. Using the rename command for SFTP seems to use the s3:CopyObject action, which attempts to copy any object tags as well as the actual object itself. The IAM Permission associated with the SFTP user must allow s3:GetObjectTagging and s3:PutObjectTagging or a rename command will get an Access Denied message… Continue reading AWS Transfer: SFTP rename Fails with Permission Denied

Using Org-Wide Secrets in Shared Github Actions Workflows

This was suprisingly hard to find the answer too. TL;DR: you cannot use org-wide secrets in a shared workflow without secrets: inherit Take a shared workflow like this: name: shared test workflow on: workflow_call: jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: node-version: 16 - name: NPM Auth run: echo '//registry.npmjs.org/:_authToken=${{… Continue reading Using Org-Wide Secrets in Shared Github Actions Workflows

Using AWS Transfer with a Custom Lambda Identity Provider

This week I got a chance to work on implementing AWS Transfer as an SFTP server backed by a set of S3 buckets. Authentication in this new system is handled by another, self-serve SFTP application. Users can create an manage SFTP users there and AWS Transfer uses their usernames, passswords, and public keys to authenticate… Continue reading Using AWS Transfer with a Custom Lambda Identity Provider

Posted in AWS

Give Modals, Drawers, and other Overlay Elements URLs with React Router

One of my pet peeves about webapps is that actions that happen in things like a modal or other popover are often not linkable. This makes sharing those actions with others hard: send a link to the original URL along with instructions about what to do in order to trigger the overlay. A much better… Continue reading Give Modals, Drawers, and other Overlay Elements URLs with React Router

How to Paginate Query & Scan Results with the DynamoDB PHP Client

This bit of AWS Docs has all the info you could possible need on DynamoDB pagination, but it's wordy. So here's a quick summary and code sample for PHP. DynamoDB respects a Limit argument in both Scan and Query, but it will also stop if the retrieved items exceed one megabyte regarldess of Limit. If… Continue reading How to Paginate Query & Scan Results with the DynamoDB PHP Client

The Lowest Value Stage of Software: Getting Early Feedback

In High Output Management, Andrew Grove mentions the term lowest value stage quite a bit. It's a term from the manufacturing world: manufacturing adds value to things by taking raw materials and turning them into something else that can be sold. The lowest value stage is where you want to catch issues. Problem with a… Continue reading The Lowest Value Stage of Software: Getting Early Feedback