Wersja polska mojej prezentacji na Code Europe
Oto moja prezentacja wygłoszona na konferencji Code Europe przetłumaczona na język polski. Zapraszam do oglądania.
AWS
AWS Rekognition and light fakes
In my previous post, I explored the capabilities of AWS Rekognition as a Digital Identity Verification provider. Now, let’s investigate whether AWS Rekognition, like Onfido and BioID, can detect deepfakes. According to the documentation, AWS Rekognition employs AI and machine learning within the Face Liveness feature to effectively detect spoofing attacks. Let’s generate one light … Read more
AWS Rekognition as Digital Identity Verification Provider
While preparing for my Code Europe presentation on Digital Identity Verification, I had the opportunity to explore what AWS Rekognition offers in this field. I was particularly interested in the Face Comparison functionality. In the screenshot, you can see uploaded photos of Julia and myself. AWS easily recognizes that the images depict different individuals. I … Read more
Recording of the rehearsal before the presentation at Code Europe.
Here you can watch the recording of my rehearsal before my lecture at Code Europe conference. This is a slightly extended version, which I will need to shorten a bit to fit within the allotted time. I warmly invite you to watch :).
Lambda Inactive state
Recently, I have got 500 HTTP response from my API Gateway endpoint integrated with lambda function. I found integration error in logs Lambda invocation failed with status: 409. Lambda request id: f272af2a-2631-48b8-b0b2-3f5e1193a393 Execution failed due to configuration error: Lambda is initializing your function.It will be ready to invoke once your function state becomes ACTIV It … Read more
Parsing CloudFront real-time logs
Recently I have been working on a task to enable CloudFront real-time logs and add them to CloudWatch. I have had already enabled Standard logs but found them useless as they are stored in S3 and therefore not easy searchable. It was desirable to be able to query logs in CloudWatch. Real-time logs configuration CloudFront … Read more
SAML Assertion doesn’t contain the requested Role and Metadata in the attributes
Today I was struggling with exception It was thrown by piece of code sAMLAssertion is as AWS javadoc states: The base64 encoded SAML authentication response provided by the IdP. I was getting sAMLAssertion by calling ADFS Saml provider with service account credentials.After decoding base64 sAMLAssertion looked like So it turned out that I was trying … Read more
SQS access policy which denies receiving messages except one lambda
Yesterday, I had a task to setup SQS access policy to allow reading messages from queue only by one lambda. Another part of this task was to allow sending messages only by Api Gateway. I tried following access policies with Deny + Principal to restrict SQS:ReceiveMessage action only to my lambda. Or Deny + NotPrincipal … Read more
Using SigV2 to sign AWS S3 requests
This week I was working on a simple task to modify S3 bucket policy to deny s3:PutObject action to anyone except services in particular vpc or AWS presigned URL. It was just a matter of adding to bucket policy AWS S3 Presigned URL is generated by lambda with execution role get-presigned-url-lambda-role. According to doc Anyone with valid security credentials … Read more
FUNCTION_ERROR_INIT_FAILURE error while deploying AWS Lamba
Today I got an error Provisioned Concurrency configuration failed to be applied. Reason: FUNCTION_ERROR_INIT_FAILURE in CloudFormation while deploying stack with Lambda And that’s all. No more details about the root cause. My SAM file configures lambda with Provisioned Concurrency. After switching off Provisioned Concurrency my stack was successfully deployed but first lambda invocation finished with exception. … Read more