⚡️ Dropbox has been hacked - change your password and revoke your tokens.
📅 Date of Breach: April 24, 2024
What’s At Risk?
◘Emails & Usernames
◘Phone Numbers
◘Hashed Passwords
◘API Keys
◘OAuth Tokens
◘Multi-Factor Authentication Details
https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/dbx-20240429.htm
Immediate actions recommended:
1️⃣ Change your password NOW
2️⃣ Revoke and renew API keys and OAuth tokens
3️⃣ Review and strengthen MFA settings
📅 Date of Breach: April 24, 2024
What’s At Risk?
◘Emails & Usernames
◘Phone Numbers
◘Hashed Passwords
◘API Keys
◘OAuth Tokens
◘Multi-Factor Authentication Details
https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/dbx-20240429.htm
Immediate actions recommended:
1️⃣ Change your password NOW
2️⃣ Revoke and renew API keys and OAuth tokens
3️⃣ Review and strengthen MFA settings
Karpenter at Slack
https://aws.amazon.com/blogs/containers/how-slack-adopted-karpenter-to-increase-operational-and-cost-efficiency/
🔹 Efficiency boosted - Optimal instance selection for improved cluster utilization.
🔹 Cost reduction - Achieved a 12% savings on EKS compute costs.
🔹 Rapid scaling - Faster node provisioning directly via Amazon EC2 API.
🔹 Simplified management - Fewer Autoscaling Groups and streamlined operations.
🔹 Enhanced upgrades - Quicker, more efficient system upgrades.
🔹 Flexibility - Custom NodePool and EC2NodeClass across 200+ clusters.
#Karpenter #EKS
https://aws.amazon.com/blogs/containers/how-slack-adopted-karpenter-to-increase-operational-and-cost-efficiency/
🔹 Efficiency boosted - Optimal instance selection for improved cluster utilization.
🔹 Cost reduction - Achieved a 12% savings on EKS compute costs.
🔹 Rapid scaling - Faster node provisioning directly via Amazon EC2 API.
🔹 Simplified management - Fewer Autoscaling Groups and streamlined operations.
🔹 Enhanced upgrades - Quicker, more efficient system upgrades.
🔹 Flexibility - Custom NodePool and EC2NodeClass across 200+ clusters.
#Karpenter #EKS
Amazon
How Slack adopted Karpenter to increase Operational and Cost Efficiency | Amazon Web Services
Bedrock – Slack’s internal Kubernetes platform Slack is the AI-powered platform for work that connects people, conversations, apps, and systems together in one place. Slack adopted Amazon Elastic Kubernetes Service (Amazon ) to build “Bedrock,” the codename…
6️⃣ CloudWatch Agent можно установить в виртуалку прямо из AWS Console. Но это не точно.
Коллеги, подскажите, у кого-то работает сие чудо?
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-and-configure-cloudwatch-agent-using-ec2-console.html#install-and-configure-cw-agent-procedure
Всю жизнь мечтал. Вопрос каждого первого начинающего работать с AWS — а где нагрузка по процессам и свободное место на диске? Неужели свершилось?
Кто пропустил, краткая история предыдущих серий CloudWatch Agent.
1️⃣ Ничего не было,выживали мониторили, как могли.
2️⃣ Скрипт на Perl, ура, спасибо, что не Fortran! Установка ручками через SSH.
3️⃣ Везде Docker. Вдеревне Гадюкино CloudWatch Agent — скрипт на Perl, установка через SSH.
4️⃣ Везде Kubernetes и Serverless, в CloudWatch Agent — скрипт на Perl, установка через CloudFormation.
5️⃣ CloudWatch Agent переписали на Go, установка через SSM.
#CloudWatch
Коллеги, подскажите, у кого-то работает сие чудо?
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-and-configure-cloudwatch-agent-using-ec2-console.html#install-and-configure-cw-agent-procedure
Всю жизнь мечтал. Вопрос каждого первого начинающего работать с AWS — а где нагрузка по процессам и свободное место на диске? Неужели свершилось?
Кто пропустил, краткая история предыдущих серий CloudWatch Agent.
1️⃣ Ничего не было,
2️⃣ Скрипт на Perl, ура, спасибо, что не Fortran! Установка ручками через SSH.
3️⃣ Везде Docker. В
4️⃣ Везде Kubernetes и Serverless, в CloudWatch Agent — скрипт на Perl, установка через CloudFormation.
5️⃣ CloudWatch Agent переписали на Go, установка через SSM.
#CloudWatch
Amazon
Install and configure the CloudWatch agent using the Amazon EC2 console to add additional metrics - Amazon Elastic Compute Cloud
By default, Amazon CloudWatch provides basic metrics, such as CPUUtilization and NetworkIn , for monitoring your Amazon EC2 instances. To collect additional metrics, you can install the CloudWatch agent on your EC2 instances, and then configure the agent…
Latency numbers every frontend developer should know
https://vercel.com/blog/latency-numbers-every-web-developer-should-know
В списке определённо не хватает:
▪️ Загрузить все шрифты сразу, включая "нужно посмотреть как будет", "этот тоже прикольный" и "пусть будет на всякий" —
▪️ Выкачать пол-интернета, чтобы подгрузить библиотеку для отрисовки обычной формы —
▪️ Добавить падающие бесящие снежинки на главный экран "ну, ведь зима же" —
▪️ "Не знаю, у меня локально всё работает" —
#latency #frontend
https://vercel.com/blog/latency-numbers-every-web-developer-should-know
В списке определённо не хватает:
▪️ Загрузить все шрифты сразу, включая "нужно посмотреть как будет", "этот тоже прикольный" и "пусть будет на всякий" —
800 ms
.▪️ Выкачать пол-интернета, чтобы подгрузить библиотеку для отрисовки обычной формы —
2400 ms
.▪️ Добавить падающие бесящие снежинки на главный экран "ну, ведь зима же" —
3600 ms
.▪️ "Не знаю, у меня локально всё работает" —
Access has been blocked by CORS policy
.#latency #frontend
HTTP GET /comfort-zone?exist=vote
Anonymous Poll
7%
Error 301: Moved Permanently.
3%
Error 401: Unauthorized.
10%
Error 402: Payment Required.
9%
Error 404: Comfort Zone Not Found.
6%
Error 410: Gone.
7%
Error 429: Too Many Requests.
5%
Error 451: Unavailable For Legal Reasons.
4%
Error 500: Internal Comfort Error.
7%
Error 503: Service Unavailable.
43%
👀 See results.
☒ Beating the CAP Theorem Checklist
Your blog/presentation/post/comment advocates a way to beat the CAP theorem. Your idea will not work.
Here is why it won't work:
✖ you are assuming that software/network/hardware failures will not happen
✖ you pushed the actual problem to another layer of the system
✖ your solution is equivalent to an existing one that doesn't beat CAP
✖ you're actually building an AP system
✖ you're actually building a CP system
✖ you are not, in fact, designing a distributed system
Specifically, your plan fails to account for:
❌ latency is a thing that exists
❌ high latency is indistinguishable from splits or unavailability
❌ network topology changes over time
❌ there might be more than 1 partition at the same time
❌ split nodes can vanish forever
❌ a split node cannot be differentiated from a crashed one by its peers
❌ clients are also part of the distributed system
❌ stable storage may become corrupt
❌ network failures will actually happen
❌ hardware failures will actually happen
❌ operator errors will actually happen
❌ deleted items will come back after synchronization with other nodes
❌ clocks drift across multiple parts of the system, forward and backwards in time
❌ things can happen at the same time on different machines
❌ side effects cannot be rolled back the way transactions can
❌ failures can occur while in a critical part of your algorithm
❌ designing distributed systems is actually hard
❌ implementing them is harder still
And the following technical objections may apply:
Furthermore, this is what I think about you:
❎ nice try, but blatantly false advertising
❎ you are badly reinventing existing concepts and should do some research
❎ in particular, you should read the definition of the word 'theorem'
❎ also you should read the definition of 'distributed system'
❎ you have no idea what you are doing
❎ do you even know what a logical clock is?
❎ you shouldn't be in charge of people's data
Source: https://ferd.ca/beating-the-cap-theorem-checklist.html
#architecture #distributed_system
Your blog/presentation/post/comment advocates a way to beat the CAP theorem. Your idea will not work.
Here is why it won't work:
✖ you are assuming that software/network/hardware failures will not happen
✖ you pushed the actual problem to another layer of the system
✖ your solution is equivalent to an existing one that doesn't beat CAP
✖ you're actually building an AP system
✖ you're actually building a CP system
✖ you are not, in fact, designing a distributed system
Specifically, your plan fails to account for:
❌ latency is a thing that exists
❌ high latency is indistinguishable from splits or unavailability
❌ network topology changes over time
❌ there might be more than 1 partition at the same time
❌ split nodes can vanish forever
❌ a split node cannot be differentiated from a crashed one by its peers
❌ clients are also part of the distributed system
❌ stable storage may become corrupt
❌ network failures will actually happen
❌ hardware failures will actually happen
❌ operator errors will actually happen
❌ deleted items will come back after synchronization with other nodes
❌ clocks drift across multiple parts of the system, forward and backwards in time
❌ things can happen at the same time on different machines
❌ side effects cannot be rolled back the way transactions can
❌ failures can occur while in a critical part of your algorithm
❌ designing distributed systems is actually hard
❌ implementing them is harder still
And the following technical objections may apply:
✕
your solution requires a central authority that cannot be unavailable✕
read-only mode is still unavailability for writes✕
your quorum size cannot be changed over time✕
your cluster size cannot be changed over time✕
using 'infinite timeouts' is not an acceptable solution to lost messages✕
your system accumulates data forever and assumes infinite storage✕
re-synchronizing data will require more bandwidth than everything else put together✕
acknowledging reception is not the same as confirming consumption of messages✕
you don't even wait for messages to be written to disk✕
you assume short periods of unavailability are insignificant✕
you are basing yourself on a paper or theory that has not yet been provenFurthermore, this is what I think about you:
❎ nice try, but blatantly false advertising
❎ you are badly reinventing existing concepts and should do some research
❎ in particular, you should read the definition of the word 'theorem'
❎ also you should read the definition of 'distributed system'
❎ you have no idea what you are doing
❎ do you even know what a logical clock is?
❎ you shouldn't be in charge of people's data
Source: https://ferd.ca/beating-the-cap-theorem-checklist.html
#architecture #distributed_system
Amplify Gen 2
https://aws.amazon.com/blogs/mobile/amplify-gen2-ga/
With Amplify Gen 2, every part of your app’s cloud backend is defined in TypeScript. Need an Auth backend? TypeScript. Data backend? TypeScript. Storage backend? TypeScript. Everything is defined in TypeScript. What’s not changing? Amplify is built by and on AWS, giving you the ability to add any of the 200+ AWS services when you need to. Including generative AI services such as Amazon Bedrock? You guessed it: TypeScript.
#Amplify
https://aws.amazon.com/blogs/mobile/amplify-gen2-ga/
With Amplify Gen 2, every part of your app’s cloud backend is defined in TypeScript. Need an Auth backend? TypeScript. Data backend? TypeScript. Storage backend? TypeScript. Everything is defined in TypeScript. What’s not changing? Amplify is built by and on AWS, giving you the ability to add any of the 200+ AWS services when you need to. Including generative AI services such as Amazon Bedrock? You guessed it: TypeScript.
#Amplify
Amazon
Fullstack TypeScript: Reintroducing AWS Amplify | Amazon Web Services
We are thrilled to announce the general availability of AWS Amplify Gen 2, a fullstack TypeScript experience for building cloud-connected apps. AWS Amplify helps you accomplish two jobs: Host your web app Build and connect to a cloud backend With Amplify…
Forwarded from Rinat Uzbekov
Календарь AWS Hands-on Workshops на ближайшее время
https://aws-experience.com/emea/smb/events/series/aws-cloudboost
https://aws-experience.com/emea/smb/events/series/aws-cloudboost
AWS Connected Community
AWS CloudBoost
Gain hands-on AWS cloud experience through our exciting series of webinars and workshops. From foundational to specialist topics, put theory into practice as you build your cloud skills.
Forwarded from Viktor Vedmich (AWS)
Вот и вышло наше новое видео! Совместно с архитектором Anton Kovalenko мы рассматриваем Amazon CodeCatalyst. Подробно разбираемся в его возможностях и функционале. https://youtu.be/WEK7lTsL7ek
В этом видео вы узнаете:
- Зачем нужен CodeCatalyst и почему он появился
- Как авторизоваться и начать работу
- Создание нового проекта с нуля
- Обзор основных возможностей и функционала
- Работа с Dev Environment
- Создание собственных Workflows
- Настройка Production окружений
- Использование секретов (Secrets)
- Демонстрация полного цикла разработки - от изменения кода до деплоя
- Интеграция с Amazon Q - ассистент теперь может решать задачи сам
В этом видео вы узнаете:
- Зачем нужен CodeCatalyst и почему он появился
- Как авторизоваться и начать работу
- Создание нового проекта с нуля
- Обзор основных возможностей и функционала
- Работа с Dev Environment
- Создание собственных Workflows
- Настройка Production окружений
- Использование секретов (Secrets)
- Демонстрация полного цикла разработки - от изменения кода до деплоя
- Интеграция с Amazon Q - ассистент теперь может решать задачи сам
YouTube
Разбираем Amazon CodeCatalyst за 50 минут
В этом видео мы вместе с архитектором Антоном Коваленко подробно разбираем новый облачный сервис Amazon CodeCatalyst: • Зачем нужен CodeCatalyst и почему он ...
Forwarded from AWS User Group 3City
Kick Off Infoshare 2024 with AWS User Group 3city! 🚀
Before diving into the excitement of Infoshare, the largest tech and startup conference in CEE, why not warm up with our AWS User Group 3city meetup? We're hosting a special meetup, offering the perfect prelude to the conference days. Two technical sessions and a networking pizza break await you.
📅 When: May 21, 17:00 (GMT)
📍 Where: Amazon Development Center Office
al. Grunwaldzka 472E, Gdańsk Olivia Prime A, Floor 2
📺 Can't make it in person? Join our online stream on YouTube (exclusive access for registered participants)
This meetup is an ideal opportunity to set the stage for two days of learning and networking. Join us to share knowledge, connect with peers, and gain insights from industry experts. Let’s build momentum together and make the most out of the upcoming Infoshare conference!
Check the detailed agenda and register now ➡️https://epa.ms/Cygfr
Don’t forget to use our discount code for Infoshare conference ISC24-AWS3city to get 10% off any ticket on https://infoshare.pl/ . 😉
See you there! 👋
Before diving into the excitement of Infoshare, the largest tech and startup conference in CEE, why not warm up with our AWS User Group 3city meetup? We're hosting a special meetup, offering the perfect prelude to the conference days. Two technical sessions and a networking pizza break await you.
📅 When: May 21, 17:00 (GMT)
📍 Where: Amazon Development Center Office
al. Grunwaldzka 472E, Gdańsk Olivia Prime A, Floor 2
📺 Can't make it in person? Join our online stream on YouTube (exclusive access for registered participants)
This meetup is an ideal opportunity to set the stage for two days of learning and networking. Join us to share knowledge, connect with peers, and gain insights from industry experts. Let’s build momentum together and make the most out of the upcoming Infoshare conference!
Check the detailed agenda and register now ➡️https://epa.ms/Cygfr
Don’t forget to use our discount code for Infoshare conference ISC24-AWS3city to get 10% off any ticket on https://infoshare.pl/ . 😉
See you there! 👋
Forwarded from Rinat Uzbekov
Installing, Configuring, & Using Amazon Q Developer with JetBrains IDEs (How-to)
https://youtu.be/-iQfIhTA4J0
https://youtu.be/-iQfIhTA4J0
YouTube
Installing, Configuring, & Using Amazon Q Developer with JetBrains IDEs (How-to)
🤘 Learn more about Amazon Q: https://aws.amazon.com/developer/generative-ai/amazon-q/
Are you interested in leveraging the full power of Amazon Q Developer inside your JetBrains IDEs? Wojtek Gawroński (Senior Developer Advocate at AWS) will show you how…
Are you interested in leveraging the full power of Amazon Q Developer inside your JetBrains IDEs? Wojtek Gawroński (Senior Developer Advocate at AWS) will show you how…
AWS Notes
Installing, Configuring, & Using Amazon Q Developer with JetBrains IDEs (How-to) https://youtu.be/-iQfIhTA4J0
Всем привет!
На видео выше, можно видеть как сейчас выглядит интеграция/аутентификация. Честно говоря расстроен тем, как неудобно сделано.
Я хочу публично собрать пожелания клиентов по упрощению интеграции. А именно прямой интеграции JetBrains AI assistant Platform (через нее работают все продукты JetBrains) с Amazon Q for Developers - без этой лишней шняги с аутентификацией в AWS и SSO.
Всех кому интересно получить более удобную интеграцию прошу добавить +1 и коменты к моему коменту/посту в LinkedIn. Там протэганы руководство сервисной команды Amazon Q for Developers и я также все ваши пожелания донесу до руководства и сервисных команд JetBrains.
https://www.linkedin.com/feed/update/urn:li:activity:7194289034846760960?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7194289034846760960%2C7194293080072552448%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287194293080072552448%2Curn%3Ali%3Aactivity%3A7194289034846760960%29
Надеюсь на поддержку Community!
На видео выше, можно видеть как сейчас выглядит интеграция/аутентификация. Честно говоря расстроен тем, как неудобно сделано.
Я хочу публично собрать пожелания клиентов по упрощению интеграции. А именно прямой интеграции JetBrains AI assistant Platform (через нее работают все продукты JetBrains) с Amazon Q for Developers - без этой лишней шняги с аутентификацией в AWS и SSO.
Всех кому интересно получить более удобную интеграцию прошу добавить +1 и коменты к моему коменту/посту в LinkedIn. Там протэганы руководство сервисной команды Amazon Q for Developers и я также все ваши пожелания донесу до руководства и сервисных команд JetBrains.
https://www.linkedin.com/feed/update/urn:li:activity:7194289034846760960?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7194289034846760960%2C7194293080072552448%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287194293080072552448%2Curn%3Ali%3Aactivity%3A7194289034846760960%29
Надеюсь на поддержку Community!
Linkedin
Rinat U. on LinkedIn: Installing, Configuring, & Using Amazon Q Developer with JetBrains IDEs…
Installing, Configuring, & Using Amazon Q Developer with JetBrains IDEs
Wojtek Gawroński 🥑
Doug Seven Deepak Singh
Amazon Web Services (AWS)
#JetBrains…
Wojtek Gawroński 🥑
Doug Seven Deepak Singh
Amazon Web Services (AWS)
#JetBrains…
Всем кому интересно продолжение темы с Amazon Q for Developers в JetBrains IDE - приглашаем на Workshop с нашим архитектором @antkovalenko. Тема будет интересна в первую очередь девелоперам кто постоянно работает в JetBrains IDE и DevOps кто использует IDE для IaaC. Так что приглашайте ваших девелоперов.
https://aws-experience.com/emea/dach-cee/e/c2e17/empower-your-coding-with-generative-ai-hands-on-workshop-on-amazon-q-developer
https://aws-experience.com/emea/dach-cee/e/c2e17/empower-your-coding-with-generative-ai-hands-on-workshop-on-amazon-q-developer
AWS Experience DACH & CEE
Empower your coding with Generative AI: hands-on workshop on Amazon Q Developer
On this hands-on workshop you will learn how to:
• Automate repetitive tasks leveraging generative AI and receive code explanations in natural language.
• Run code quality and security checks: Amazon Q scans code, identifies potential bugs, suggests alternative…
• Automate repetitive tasks leveraging generative AI and receive code explanations in natural language.
• Run code quality and security checks: Amazon Q scans code, identifies potential bugs, suggests alternative…
Добрая пятничная история
Пару недель назад AWS выкатил поддержку CloudFront OAC для Lambda function URLs, чтобы можно было удобно ходить в приватные Лямбды.
Сначала все обрадовались, полезное дело, безопасности, все дела, но после выяснилось, что работают лишь GET запросы, а на POST/PUT отдаётся ошибка.
Потом все расстроились, потому что зря обрадовались — ведь это не фича, а баг.
Но один хороший человек упоролся и выяснил, что если посчитать SHA256 хэш и добавить его в заголовок
https://twitter.com/rooToTheZ/status/1788606025265975505
Он написал запрос на обновление AWS документации для CloudFront и теперь там:
ℹ️ Note
If you use PUT or POST methods with your Lambda function URL, your user must provide a signed payload to CloudFront. Lambda doesn't support unsigned payloads.
В итоге расстроились и те, кто обрадовался, когда другие расстроились, потому что рано обрадовались.
Какая же здесь мораль? Документация — важна. Грамотно задокументированный баг всегда можно сделать фичей.
#CloudFront #Lambda
Пару недель назад AWS выкатил поддержку CloudFront OAC для Lambda function URLs, чтобы можно было удобно ходить в приватные Лямбды.
Сначала все обрадовались, полезное дело, безопасности, все дела, но после выяснилось, что работают лишь GET запросы, а на POST/PUT отдаётся ошибка.
Потом все расстроились, потому что зря обрадовались — ведь это не фича, а баг.
Но один хороший человек упоролся и выяснил, что если посчитать SHA256 хэш и добавить его в заголовок
x-amz-content-sha256
, то и POST/PUT тоже работают.https://twitter.com/rooToTheZ/status/1788606025265975505
Он написал запрос на обновление AWS документации для CloudFront и теперь там:
ℹ️ Note
If you use PUT or POST methods with your Lambda function URL, your user must provide a signed payload to CloudFront. Lambda doesn't support unsigned payloads.
В итоге расстроились и те, кто обрадовался, когда другие расстроились, потому что рано обрадовались.
Какая же здесь мораль? Документация — важна. Грамотно задокументированный баг всегда можно сделать фичей.
#CloudFront #Lambda
X (formerly Twitter)
David Behroozi (@rooToTheZ) on X
My wayward sons! Remember that CloudFront Lambda OAC release we were super sad about because it didn't support PUT/POST? IT ACTUALLY DOES! You just need to calculate the SHA256 hash of the body client side and set the x-amz-content-sha256 header to it. I…
Analysis of 3 million public AMIs for leaked secrets.
https://securitycafe.ro/2024/05/08/aws-cloudquarry-digging-for-secrets-in-public-amis/
#AMI #security
https://securitycafe.ro/2024/05/08/aws-cloudquarry-digging-for-secrets-in-public-amis/
#AMI #security