DEV Community: Mehdi Hassan Jony

I Couldn't Afford AWS Cognito Experience — So I Built It Myself

Mehdi Hassan Jony — Tue, 28 Apr 2026 06:33:45 +0000

How open-source alternatives can land you the cloud job you're not "qualified" for

The job posting said "AWS Cognito experience required." I had never touched Cognito. I had never paid an AWS bill above the free tier. I almost closed the tab and moved on.

Two weeks later, I got called into the interview anyway. And I was ready.

Here's the uncomfortable truth about tech hiring: companies post aspirational requirement lists. They know the talent pool is wider than their wishlist. They shortlist you anyway. The question isn't whether you'll face that room — it's whether you'll be prepared when you do.

The concepts are what matter. The brand name is just packaging.

I'm going to show you the exact open-source alternatives I used to build enterprise-level knowledge without an enterprise budget. By the end of this, you'll have a map, a 30-day plan, and the exact words to use in your next interview.

What Interviewers Are Actually Asking

When someone asks "Have you used AWS Cognito?", they're really asking:

Do you understand OAuth2, SAML, SSO, MFA, and RBAC?
Can you reason about authentication flows in a distributed system?
Have you actually built something that handles identity?

I've been on both sides of this table. When a candidate says "I haven't used Cognito, but I self-hosted Keycloak, configured OAuth2/OIDC flows, set up LDAP federation, and implemented MFA" — that answer impresses me more than "Yes, I clicked through the Cognito wizard once."

Open source teaches you what managed services hide. You're not just consuming abstractions — you're wrestling with the actual systems.

The Stack: Enterprise Cloud → Open Source Alternative

🔐 Identity & Auth

You need to know	You can build with
AWS Cognito	Keycloak, Authentik, ZITADEL
Auth0, Okta	SuperTokens, Ory

I started with Keycloak. One Docker command. Within an hour I had OAuth2 SSO running against a test app with MFA enabled. The concepts map 1:1 to Cognito.

Fun fact: Cognito isn't natively multi-tenant — you need a dedicated user pool per tenant. Keycloak handles this through realms. Understanding that architectural difference alone puts you ahead of candidates who just clicked "Create User Pool."

🗄️ NoSQL Databases

Enterprise	Open Source
DynamoDB	Apache Cassandra, ScyllaDB Alternator
Firestore	Supabase, PocketBase

Here's the thing about DynamoDB: it's built on the same research paper as Cassandra. The partition key model, the consistency levels, the distributed architecture — it's the same DNA.

ScyllaDB's Alternator goes a step further. It offers an actual DynamoDB-compatible API. I ran my AWS SDK code against it locally. Zero changes. That's legitimate DynamoDB development experience without touching an AWS account.

📨 Message Queues

Enterprise	Open Source
AWS SQS / SNS	RabbitMQ, NATS
AWS Kinesis	Apache Kafka, Redpanda

I configured RabbitMQ with dead-letter queues, topic exchanges, and consumer acknowledgments. When the interviewer asked about SQS, I could talk about every pattern they cared about — because they're the same patterns.

🔥 Backend-as-a-Service

Enterprise	Open Source
Firebase, AWS Amplify	Supabase, Appwrite, PocketBase

Supabase is the open-source Firebase. Postgres database, authentication, real-time subscriptions, file storage, edge functions — all runnable with a single docker compose up. I built a full-stack app on my laptop. When they asked if I understood the BaaS model, I could walk them through every layer.

🪣 Object Storage

Enterprise	Open Source
AWS S3, Azure Blob	MinIO

MinIO is S3-API compatible. Not metaphorically — literally. My SDK calls, presigned URL generation, bucket policies — identical surface. MinIO to S3 is a config change, not a rewrite.

⚡ The Nuclear Option: LocalStack

LocalStack simulates 45+ AWS services on your machine. DynamoDB, S3, SQS, Lambda, API Gateway, Cognito — same SDK calls, same Terraform configs, same everything. Point your endpoint to localhost instead of amazonaws.com.

This was how I built "AWS experience" without an AWS bill.

The Interview Framework That Works

When they ask about a tool you haven't used commercially:

1. Acknowledge.
"I haven't used Cognito in production."

2. Bridge.
"But I've built authentication systems with Keycloak — OAuth2/OIDC, multi-tenant realms, LDAP federation."

3. Go deeper.
"I configured MFA with TOTP and WebAuthn, and set up fine-grained authorization policies. These map directly to Cognito's user pool features."

I've watched interviewers visibly recalibrate their assessment after this kind of answer. You're no longer "the candidate without Cognito." You're "the candidate who understands identity systems at a depth most Cognito users don't."

My 30-Day Zero-Cost Roadmap

Here's exactly what I did. You can start today.

Week 1 — Identity

docker run keycloak
Configure a realm, users, OAuth2 client
Add MFA
Build a simple login flow in your preferred language

Week 2 — Messaging

docker run rabbitmq
Producer/consumer app with dead-letter queue
Then try Kafka, understand the difference
Be able to explain when you'd choose each

Week 3 — Data

MongoDB and Cassandra, both on Docker
CRUD API against each
Design partition keys for different access patterns
Try DynamoDB-compatible queries against ScyllaDB

Week 4 — Full Stack

docker compose with Supabase
Build a small app using auth, database, storage
Then simulate S3, SQS, DynamoDB with LocalStack
Push everything to GitHub with good READMEs

The Bottom Line

The developer who says "I built this with Keycloak, RabbitMQ, Cassandra, and MinIO — here's my repo" is demonstrating something better than managed service familiarity.

They're demonstrating that they seek understanding over convenience. That they build rather than configure wizards. That they'll know why something works, not just that a button exists.

The cloud services you're being asked about were built on open-source concepts. Cognito implements the standards Keycloak speaks. DynamoDB evolved from the same paper as Cassandra. S3's API is so dominant MinIO cloned it.

The knowledge transfers. It always does.

Start building. Document everything. Walk into that interview with something real.

What open-source alternative has been most useful in your career? I'm genuinely curious — drop it in the comments and I'll check it out.

I built a CLI that installs a production-ready Auth system into any NestJS project in < 5 mins

Mehdi Hassan Jony — Mon, 27 Apr 2026 03:41:26 +0000

The "Day One" NestJS Fatigue

Every time I start a new NestJS project, I get a brief moment of excitement... followed by the realization that I have to build Auth again.

We’ve all been there. You spend 3 days setting up:

JWT strategies and refresh token rotation.
Password hashing with Bcrypt or Argon2.
Passport strategies for Google/GitHub.
Database schemas for Users and Roles.
Docker Compose for Redis and Postgres.
Swagger docs so the frontend team stops asking for endpoints.

It’s the same 80% of code every time. So, I decided to automate it.

Introducing `@mehdijony/nestjs-user-service`

I built a CLI tool that doesn't just scaffold a new project—it installs a complete, high-performance user management engine into your existing project.

⚡️ The 5-Minute Setup

In your terminal, just run:

npx @mehdijony/nestjs-user-service init

The CLI kicks off an interactive session. It’s smart enough to detect your stack:

Package Manager: npm, yarn, pnpm, or bun.
ORM: Prisma, TypeORM, Mongoose, or Drizzle.
Environment: It reads your .env and docker-compose.yml to ensure zero conflicts.

🛠 What's under the hood?

I didn't want this to be "just another boilerplate." It’s built for senior-level requirements:

1. The Modular Architecture

It generates a src/user-service/ directory with a clean separation of concerns. It even injects the UserServiceModule into your AppModule automatically.

2. Multi-Driver Support

Whether you are a Prisma fan or a TypeORM veteran, the CLI generates the correct entities and repositories for your chosen database (Postgres, MySQL, MongoDB, etc.).

3. Safety First (The Rollback Engine)

This is my favorite feature. Modifying source code is scary.
Before the CLI touches a single line, it creates a Restore Point.

If you don't like the result, or something goes wrong:

npx @mehdijony/nestjs-user-service rollback

It uninstalls the packages, deletes the generated files, and restores your app.module.ts and .env to their exact original state. Zero footprint.

📦 Feature Checklist

Category	Features
Auth	JWT, Refresh Tokens, Magic Links, OTP, Social OAuth
Security	2FA (TOTP), RBAC, Rate Limiting, Account Lockout
Infra	Redis Caching, BullMQ/Kafka, S3 File Uploads
DevOps	Auto-Swagger, Health Checks, Docker Compose Merge

🚀 Why I built this

As a Backend Engineer, I want to spend my time on unique business logic, not re-writing the same AuthService for the 10th time. This tool is for the solo dev who needs to ship fast and the agency team that wants a standardized auth foundation across all projects.

Give it a spin

I'd love to get the community's feedback on this. If it saves you a few days of work, drop a star on GitHub!

NPM: [https://www.npmjs.com/package/@mehdijony/nestjs-user-service]
GitHub: [https://www.github.com/mehdijony/nestjs-user-service]

What feature should I add next? LDAP support? SAML? Let me know in the comments! 👇

How Claude Code Built My Dashboard with Almost No Effort

Mehdi Hassan Jony — Mon, 20 Apr 2026 03:31:58 +0000

I’ve built dashboards before. Usually, it means hours of structuring components, managing state, wiring APIs, and refining UI behavior.

This time was different.

I used Claude Code and reduced the entire process to a few precise prompts.

What I did

I described the system at a high level:

Backend: NestJS
Data source: APIs / database
Frontend: dashboard with analytics, charts, and tables

Then I iterated with small corrections instead of writing everything manually.

What changed

Instead of:

Writing boilerplate
Structuring folders manually
Debugging repetitive code

I focused on:

System design
Data flow
Edge cases

The AI handled:

Component scaffolding
API integration patterns
Basic UI logic
Where it actually helps

This approach is not magic. It works well when:

You already understand architecture
You can detect wrong outputs instantly
You guide the system with constraints

Without that, it breaks quickly.

What still matters
Code review is still mandatory
Security and validation are not guaranteed
Performance tuning still requires manual work
Final thought

The shift is real:
Development is moving from writing code → directing code generation.

Tools like Claude Code don’t replace engineers.
They compress execution time.

The bottleneck is no longer typing speed.
It’s clarity of thought.

Most developers rely on cloud AI tools. I switched to running AI locally using Ollama.

Mehdi Hassan Jony — Thu, 16 Apr 2026 05:07:17 +0000

No API cost. No latency. No data exposure.

I use it daily for:

code generation
debugging
SQL queries
documentation

Full breakdown:
https://medium.com/@shoyshab/using-ollama-locally-how-it-changed-my-daily-development-workflow-9a07045dcd6c

Building a Scalable Backend Architecture with NestJS, Kafka, and PostgreSQL

Mehdi Hassan Jony — Wed, 15 Apr 2026 09:37:03 +0000

Most backend systems collapse under scale not because of traffic, but because of poor architectural decisions made early. Tight coupling, synchronous dependencies, and weak data strategies create bottlenecks that are expensive to fix later.

Problem

Typical backend issues at scale:

API latency increases under load
Services become tightly coupled
Failures cascade across the system
Database becomes a bottleneck

Architecture Overview

An event-driven microservices architecture:

API Gateway (NestJS)
Microservices (NestJS)
Kafka (message broker)
PostgreSQL (database)

Flow:

Client hits API Gateway
Event is produced
Kafka distributes it
Consumers process independently
Data persists

Why This Stack

NestJS

Modular architecture
Dependency injection
Scalable structure

Kafka

High-throughput messaging
Decouples services
Enables async workflows

PostgreSQL

Strong consistency
Reliable transactions
Powerful querying

Event-Driven Communication

Producer:

this.kafkaClient.emit('order_created', data);

Consumer:

@MessagePattern('order_created')
handle(data: any) {
  // process event
}

Key Strategies

Failure Handling

Retry with backoff
Dead Letter Queues

Idempotency

Track processed events
Prevent duplication

Scaling

Horizontal scaling for consumers
Read replicas for DB

Real-World Use Case

In systems like logistics or trading platforms:

Orders trigger multiple services
Payments, inventory, notifications run independently
Failures don’t block the system

Takeaways

Design async-first
Avoid tight coupling
Plan for failure
Scale consumers, not just APIs

Full Article

https://medium.com/@shoyshab/building-a-scalable-backend-architecture-with-nestjs-kafka-and-postgresql-ae938465b39b