Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/damoresa/aws-secure-websockets
Secure web socket implementation using AWS products and serverless framework
https://github.com/damoresa/aws-secure-websockets
aws aws-apigateway aws-cognito aws-dynamodb aws-lambda aws-lambda-node jwt medium nodejs secure serverless serverless-framework websocket
Last synced: 3 months ago
JSON representation
Secure web socket implementation using AWS products and serverless framework
- Host: GitHub
- URL: https://github.com/damoresa/aws-secure-websockets
- Owner: damoresa
- Created: 2019-08-01T07:44:55.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-05-06T10:36:52.000Z (almost 2 years ago)
- Last Synced: 2024-08-01T22:03:36.306Z (6 months ago)
- Topics: aws, aws-apigateway, aws-cognito, aws-dynamodb, aws-lambda, aws-lambda-node, jwt, medium, nodejs, secure, serverless, serverless-framework, websocket
- Language: JavaScript
- Size: 425 KB
- Stars: 52
- Watchers: 3
- Forks: 15
- Open Issues: 13
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## AWS Secure Websocket
Secured _web socket_ deployed on _AWS_ infrastructure using
the [serverless] framework.
This repository serves as an example for this
[medium article]. Please, invest a few minutes reading it
in case you need further detail.
All services have been implemented using [NodeJS].
### Serverless service user policies
_serverless_ documentation recommends creating a service user
with restricted permissions in order to avoid security issues;
for example, user leaking and having admin rights could be
devastating for your _AWS_ bill.
However, the policies provided on the official example do not
provide access to _AWS Cognito_. In order to use proper
permissions, check the _sls-policies.json_ file within this
repository.
### Infrastructure
The required _AWS_ infrastructure is as follows:
* _Lambda_: used to host our services.
* _API Gateway_: used to expose our services to the outer
world. Also provides authentication using _AWS Cognito_
generated _JWT_ tokens.
* _API WebSocket_: used to expose our services as _near
realtime connections_, allowing _bi directional_ communication.
It also helps us secure our connections using _AWS
Cognito_ generated _JWT_ tokens.
* _DynamoDB_: used to track active _web socket_ connections
and what they're subscribed to.
* _Cognito_: user pool which allows us create and validate
user credentials.
### Deploying it
First of all, you need an _AWS_ account. Then it is
mandatory to [configure serverless locally] with your
credentials.
Once you've set your environment up, you can deploy the
entire stack using the following command:
```bash
serverless deploy -v
```
In case you want to deploy an specific _lambda_, you can
use this other command:
```bash
serverless deploy function -f -v
```
You can also remove all the allocated resources by executing
this command:
```bash
serverless remove -v
```
[medium article]: https://medium.com/@damoresac/implementing-secure-web-sockets-with-aws-api-gateway-cognito-dynamodb-and-lambda-b38e02314b42
[NodeJS]: https://nodejs.org/
[serverless]: https://serverless.com/
[configure serverless locally]: https://serverless.com/framework/docs/providers/aws/guide/credentials/