Rosetta Salt

Executive Summary

This article introduces the problems we each face, with passwords for many accounts, and describes an alternative password manager that improves upon some of the cost and security shortcomings of existing password managers. It then goes on to describe how to build your own password manager and deploy it into the AWS cloud. This password manager itself, which is named Rosetta Salt, is made up of a serverless server-side component that is written in Python, deployed in the API Gateway and Lambda services via the chalice framework, and that interacts with the AWS Cognito, Dynamo, and SES services at runtime. It is also made up of two client-side components that interact with that server-side component: a React application for browser platforms that is deployed with the Amplify service and a React Native application for mobile platforms that is deployed with the Expo framework. In combination, these client-side components and the server-side component provide a free or low-cost way to manage a unique and secure password for each of your cloud accounts.

Table of Contents

• Introduction

• Python Serverless Server

  • Validate Cognito Token
  • Create Rosetta Token
  • Claim Rosetta Token
  • Validate Rosetta Token
  • Get Cloud Accounts
  • Get Cloud Account
  • Maintain Cloud Accounts
  • Deploy Serverless Server

• React Browser Client

  • React Cognito Token
  • React Rosetta Token
  • React Cloud Account
  • Deploy Browser Client

• React Native Mobile Client

  • React Native Cognito Token
  • React Native Rosetta Token
  • React Native Cloud Account
  • Deploy Mobile Client

Authors

Steve Bannerman

Reviewers

Andrew Martin
Jaime Ellis