DEV Community: Sanket Saxena

amazon q cli

Sanket Saxena — Mon, 16 Jun 2025 07:11:56 +0000

amazon nova sonic

Sanket Saxena — Fri, 23 May 2025 06:09:10 +0000

My Journey as a Mentor in the "Future AWS Community Builders Mentoring Series"

Sanket Saxena — Thu, 06 Mar 2025 12:15:25 +0000

Being an AWS Community Builder has been a great experience for me. It has helped me grow, learn, and connect with amazing people in the AWS community. Recently, I had the opportunity to join the panel as a mentor in the "Future AWS Community Builders Mentoring Series" held at AWS Office Kuala Lumpur, Malaysia on 12th November 2024. This experience allowed me to guide aspiring community builders, answer their queries, and share insights on how this program can benefit their careers.

My Experience as a Mentor

During the mentoring session, I had the chance to interact with many enthusiastic attendees who were eager to know more about the program.

The moderator asked very interesting questions which all the panelists loved to answer.
Some of the questions were:

Why did you join the AWS Community?
How has being a part of the AWS Community helped your career?
How did you get to know about the CB program? And what did you do to join the program?
What's the benefit you like the most from the CB program?
What advice do you have for the audience who is interested in joining the AWS Community Builders program?

I tried to answer all the questions and also try to create a positive impact on the attendees by keeping real-life experiences and benefits.

Note: Happy to see a few of the attendees applied and now became the Community Builder this year

The Impact of Being an AWS Community Builder

Joining this program has changed my career in many ways. It has helped me build a strong professional network, gain hands-on experience with AWS services, and contribute to the community in meaningful ways.

If you have a passion for AWS and love sharing knowledge, I highly encourage you to apply for the AWS Community Builder program. It’s a journey of learning, growing, and giving back to the community.

Let’s keep building and inspiring others!

My Experience at AWS Cloud Day Malaysia 2024: A Speaker and Community Advocate’s Perspective

Sanket Saxena — Sat, 28 Dec 2024 06:14:52 +0000

On October 29, 2024, I had the incredible opportunity to attend and actively participate in AWS Cloud Day Malaysia at the iconic KLCC Convention Center. This event brought together a dynamic mix of cloud enthusiasts, developers, architects, and industry leaders, highlighting the strength of Malaysia’s tech ecosystem.

Speaking at the Developer Lounge: “AWS Serverless Design for IoT”

One of the highlights was delivering a talk in the Developer Lounge on “AWS Serverless Design for IoT.” As a passionate advocate for IOT, Networking, and serverless architectures, I was thrilled to share my insights on how AWS’s serverless offerings can revolutionize IoT solutions.

During the session, I covered:

The fundamentals of AWS IOT Thing, How to connect with AWS IOT Core, AWS Lambda, Amazon API Gateway, and Amazon DynamoDB, and especially about MQTT Protocol.
Practical design patterns for IoT applications, showcasing how serverless architecture can enhance scalability, cost-efficiency, and ease of management.
Real-world use cases demonstrating the seamless integration of AWS services in building end-to-end IoT solutions.
The session was well-received, with engaging discussions and insightful questions from the audience. It was incredibly fulfilling to see attendees leave with actionable takeaways for their IoT projects.

Representing AWS User Group Malaysia

As one of the organizers and AWS User Group Leader Malaysia, another highlight of my day was setting up a booth with all my volunteer team to promote AWS Community Day Malaysia on behalf of AWS User Group Malaysia. The booth served as a hub for community members to connect, learn about upcoming events, and explore how the AWS User Group fosters knowledge-sharing and collaboration. Engaging with attendees at the booth was a rewarding experience, as it provided a platform to share the group’s mission and inspire others to join our thriving community.

A Heartfelt Thank You

I am immensely grateful to the AWS Malaysia team for organizing such a phenomenal event and for providing platforms like the Developer Lounge and the AWS User Group booth to contribute meaningfully. It was an honor to represent AWS User Group Malaysia, share my knowledge, and learn from the experiences of others.

Looking Ahead

AWS Cloud Day Malaysia 2024 was not just an event; it was an experience that reinforced my belief in the transformative power of cloud technology and the value of community-driven initiatives. I look forward to participating in more such events and continuing to share, learn, and grow with the AWS community.

If you’d like to connect or discuss more about AWS serverless and IoT, feel free to reach out. Let’s innovate together!

Linkedin: Sanket Saxena

Cross-account Lambda to Lambda calling - Same Region

Sanket Saxena — Wed, 27 Dec 2023 15:47:10 +0000

When we are working on a decoupled system that is managed in a Multi-Account environment sometimes we have to call the resources of another account to achieve the goal.

Let's try to understand by a metaphor

Assume a System (Content Manager) hosted in Account A whose job is to create the movies and publish them to the S3 bucket via calling a LAMBA function. Once the movie is published a catalog will be ready on an S3 bucket.
There is another System (Web App) hosted in Account B which will read the file by scheduling a Lambda and run periodically (EventBridge Rule) to display the movies on their Web Application.

Problem:
Both the systems are decoupled (Hosted on different AWS Accounts) and don't have any real-time connection to let each other know about the operations they are performing.
Example: CMS publishing will generate the files that the Web App doesn't know.

The user can publish the movie which has to start at Midnight and be available on the Web Application for purchase but the EventBridge Rule will be run at 12:30 AM considering the publishing can be completed in 30 minutes.

No one can purchase the movie for 30 minutes.
Someone always has to check the Scheduler runs and completes successfully.

Solution: Call the LAMBDA hosted in the Web App account (Account B) from (Account A) to Create a near real-time connection so the movie publishing and displaying on the web will be quick and ready for purchase.

Account A -Where the Lambda calling originates

1. Create an IAM Role in Account A:

In the IAM console, create a new role.
Choose the type of trusted entity as AWS service, and select Lambda as the use case.
Attach a policy that allows the Lambda function to assume roles in the other account.

2. Assume the Role in Lambda Function:

In your Lambda function code, use the AWS SDK to assume the role that was created in step 1.
Obtain temporary security credentials (STS) after assuming the role.

3. Invoke Lambda in Account B:

Use the temporary security credentials to invoke the Lambda function in Account B.
Ensure the Lambda function in Account B has the necessary IAM role and policies allowing the invocation from Account A.

Account B - Where the Lambda is invoked

1. Create an IAM Role in Account B:

In the IAM console, create a new role.
Define a trust relationship that allows the role to be assumed by the account in which the Lambda function in Account A resides.

2. Define IAM Policies for Lambda Execution:

Attach policies to the IAM role in Account B that allow the Lambda function to execute.

3. Configure Trust Relationship in Lambda Execution Role:

Edit the trust relationship of the Lambda execution role to allow Account A's IAM role to assume the role.

4. Ensure Lambda Function Permissions:

Ensure that the Lambda function in Account B has the necessary IAM role and policies allowing invocation by Account A.

By following the above steps, you establish secure cross-account access.

Note: Ensure that both accounts have the appropriate permissions and trust relationships configured.

Reference:
AWS Documentation
re:Post knowledge center

Concept of Cache HIT and Cache MISS: In-Memory Cache

Sanket Saxena — Sat, 21 Oct 2023 06:32:43 +0000

“Caching is the concept of saving commonly/ frequently used data in memory and using them on behalf of the actual data source when the same types of operations or data are requested.”

Two key terms in the world of caching are "Cache Hit" and "Cache Miss." Here we will see a super simple analogy to understand the concept of Cache HIT and Cache MISS in terms of In-Memory Cache.

You can assume you are using AWS ElastiCache or AWS DynamoDB DAX for better understanding.

Analogy

Think about a classroom having some Students and a Teacher.

CACHE MISS
Step 1: One of the students asks a question about which the Teacher was not confident or didn't know the answer.
Step 2: The teacher checks it on the Internet to get the answer.
Step 3: The teacher responds to the student who asks this question.

CACHE HIT
Step 4: The next day another student asks the SAME question to the teacher and this time the teacher knows the answer because the Answer was saved in his Memory.
Step 5: The teacher responds to the student who asks this question without going to check on the Internet.

In the above example:
Students are the USERS | The teacher is the CACHE | Internet is the SOURCE

Now Technically

CACHE MISS
Whenever your application requests data and If the data doesn't exist in the cache or has expired, your application requests the data from your data store. Your data store then returns the data to your application. Your application next writes the data received from the store to the cache. This is known as Cache Miss.

CACHE HIT
Whenever your application requests data, it first requests the In-Memory cache. If the data exists in the cache and is current, Cache returns the data to your application. This is known as a Cache Hit.

IMPORTANT: There is a concept of ADD TTL to the cached data means when the data is written to the cache it has a TTL value example: 12hrs which means after 12hrs the cached data will be removed from the cache and the request for that data will again direct to the SOURCE.

Thanks!

Exploring the Power of AWS EC2 Instance Connect Endpoint

Sanket Saxena — Sat, 21 Oct 2023 05:29:43 +0000

Access EC2 with Temporary Credentials

Before starting about EC2 Instance connect I would like you to assume that you have an Amazon EC2 Instance (Linux) launched in a private subnet (private IP address).

Ideally, if you want to connect to this EC2 instance you will have two choices below:

Bastion Host
VPN

The problem with the above two choices is introducing a new service in your infrastructure and then paying for it and doing the maintenance, patching, etc.

AWS announced a feature where you can connect to your instances launched in a private subnet using Amazon EC2 Instance connect Endpoint.

Note: When writing this article this feature is available only for the Amazon Linux and Unbuntu AMI only.

EC2 Instance Connect comes preinstalled on the following AMIs:

Amazon Linux 2 2.0.20190618 or later
Ubuntu 20.04 or later

What is AWS EC2 Instance Connect?

AWS EC2 Instance Connect Endpoint is a powerful feature provided by Amazon Web Services (AWS) that enhances the security and accessibility of EC2 instances. By leveraging this feature, users can establish secure connections to their instances without exposing SSH ports to the public internet.

AWS EC2 Instance Connect Endpoint acts as a bridge between the AWS Management Console and the EC2 instances, facilitating secure SSH connections. It provides a dedicated endpoint for managing SSH access to instances, ensuring a streamlined and secure connection experience.

Features:

Improved Security
Simplified Access Management
Streamlined Connection Process
No Bastion Host Required

How to Connect to your Linux Instance using Amazon EC2 Instance Connect Endpoint (Browser-based AWS Console)

Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
In the navigation pane, choose Instances.
Select the instance and see the details pane containing the information about the instance.

Refer to the below screen where you can see the Pubic IPV4 address is empty and the instance has only a private IP address.

Click on Connect will redirect to the EIC section.

Choose the option Connect using the EC2 Instance Connect Endpoint.

Username: ec2-user (default username)

Max tunnel duration (seconds): 3600 (up to your requirement)

EC2 Instance Connect Endpoint: Click on the textbox will ask you to create an endpoint (click on that link)

From the Create Endpoint section you can:

Enter the name of the Endpoint.

Select EC2 Instance Connect Endpoint.

Select the VPC and then select the Security group and the Subnet.

Click on Create.

Once the Endpoint is created select that endpoint from the EC2 Instance Connect section and click on Connect and see the magic.

Oops, what is this? why my instance is unable to connect?

If you also face this issue please go to the Security group of the instance and check if the SSH is allowed in the Inbound rule or not.

If not please add the rule. For this example, I have allowed 0.0.0.0/0 but practically you should assign the valid CIDR range or IP address for SSH.

Save the rules.

Connect again to the Instance and WOW! you can connect your EC2 Instance using Amazon EC2 Instance Connect Endpoint.

Happy to see this!!

Thank you for reading this article.