How To Dev

Introduction Current issues In previous articles, I have provided instructions on using AWS access tokens and secret tokens to utilize Amazon services, but there is an issue where these tokens do not have an expiration time. Thus, if your tokens are somehow leaked, an attacker can use them for as long as they want until you can detect and delete these tokens. This is a user-side issue, but there are still ways to limit the impact of this by granting temporary tokens during use. Naturally, these temporary tokens will have a short lifespan (about a few hours, or you can change the duration to suit your security level). Therefore, even if this token is leaked, an attacker only has a limited amount of time to use it before the token expires. If you are a member created by IAM Identity Center, you are already supported with permission management and integrated security measures during use. However, if you are using a personal account or have the rights to create an IAM User, there are still...

Introduction In the previous article, I introduced the basic concepts of AWS RDS as well as how to securely connect using a tunnel; you can review it to grasp the necessary information before proceeding. In this article, I will guide you through creating an RDS Postgres with public access, meaning this database can be accessed from any computer. This method may be considered less secure than the previous one, but it is useful when you need to share database connections with many users during the development process who do not have an AWS account to connect via a tunnel. Detailed Instructions Using AWS CDK, create the file lib/rds-public-stack.ts import * as cdk from "aws-cdk-lib" import * as ec2 from "aws-cdk-lib/aws-ec2" import * as rds from "aws-cdk-lib/aws-rds" import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager" import * as ssm from "aws-cdk-lib/aws-ssm" export class RdsPublicStack extends cd...