AWS SAM CLI + TypeScript:

https://aws.amazon.com/blogs/compute/building-typescript-projects-with-aws-sam-cli/

This post reviews several new features that can improve the development experience for TypeScript developers. I show how to create a sample TypeScript project using sam init. I build and deploy a TypeScript project using the AWS SAM CLI. I show how to use AWS SAM Accelerate with your TypeScript project. Last, I measure the impact of bundling, tree shaking, and minification on a sample project.

#SAM #TypeScript

Тримайтеся! 🇺🇦 Все буде гаразд.

🔶 Top 2021 AWS Security service launches security professionals should review - Part 1

An overview of some of the most important 2021 AWS Security launches that security professionals should be aware of.

https://aws.amazon.com/ru/blogs/security/top-2021-aws-security-service-launches-part-1

#aws

​​Weekly Summary on AWS (February 20-26)

🔸 Amplify + The Authenticator UI Library for Flutter
🔸 AppSync + custom response headers
🔸 App Mesh + Agent for Envoy
🔸 App Runner + Java
🔸 Billing + Payment Profiles
🔸 CloudWatch Agent
➖ Configurable Log Group Retention
➖ NVIDIA GPU Metrics
🔸 Connect Customer Profiles + high-volume ingestion of customer data
🔸 EC2 Auto Scaling Warm Pools + hibernating and returning instances to Warm Pools on scale-in
🔸 Firewall Manager + AWS Network Firewall Centralized Deployment Model
🔸 Glue Job Run Insights
🔸 Glue DataBrew + choose single or multiple output files
🔸 Glue Schema Registry + Protobuf
🔸 Lambda + .NET 6
🔸 QuickSight’s new community hub
🔸 RDS for MariaDB + IAM authentication
🔸 Redshift + PIVOT and UNPIVOT SQL operators
🔸 S3 + additional checksum algorithms
🔸 SageMaker + 322 popular ML models
🔸 SAM CLI + TypeScript
🔸 Transfer Family + enhancements to workflows
🔹 NICE DCV version 2022.0 and Web Client SDK version 1.1.0

#AWS_week

Ждём всех желающих погрузиться в AI сервисы AWS. Сделаем небольшой обзор на каждый из семейства AI сервис и научимся решать практические задачи в онлайне вместе с нашими архитекторами.

Какие AI сервисы мы изучим на AWS Интенсиве? 
✅Amazon Rekognition
✅Amazon Comprehend
✅Amazon Forecast 
✅Amazon Translate
и другие

Ждём!


https://softline.ru/events/sem_2022_ai_servisy_220301?tab=program&utm_source=emailBDM&utm_medium=mail&utm_campaign=5821-AI

​​SCP Best Practices

🔹 Deny list strategy
🔹 Allow list strategy

🔹 https://aws.amazon.com/blogs/mt/codify-your-best-practices-using-service-control-policies-part-1/

🔸 Organizational Units

🔸 https://aws.amazon.com/blogs/mt/best-practices-for-organizational-units-with-aws-organizations/

▪️ Deny Changes to CloudWatch monitors
▪️ Deny Changes to CloudWatch Logs
▪️ Deny Changes to Config
▪️ Deny accounts from leaving the organization
▪️ Deny all actions
▪️ Deny access to IAM with role exception
▪️ Deny actions outside approved regions
▪️ Deny ability to pass IAM roles
▪️ Deny changes to GuardDuty
▪️ Deny changes to AWS Budget Actions
▪️ Limit changes to Cost Anomaly Detection, except when using a specific IAM Role

▪️ https://aws.amazon.com/blogs/mt/codify-your-best-practices-using-service-control-policies-part-2/

☮️

#SCP #security #best_practices

#машины_aws

Я продолжаю издеваться на Code* сервисами… Хотя скорее они надо мной.

В этой части разбираюсь с поведением CodeDeploy в Blue/Green развертываниях, а так же с тем, что не умеет CodePipeline и CDK.

Ваше прокрастинационное чтиво.

​​Weekly Summary on AWS (February 27 - March 5)

🔸 Aurora PostgreSQL + cipher suites
🔸 AWS Health Dashboard
🔸 Billing
➖ Customer Carbon Footprint Tool
➖ Chinese yuan payments
🔸 CloudFormation + AWS::MSK::BatchScramSecret
🔸 CloudWatch Container Insights + Helm chart using ADOT
🔸 Detective + wildcard & CIDR
🔸 FinSpace + AWS SDK and CLI
🔸 FIS (Fault Injection Simulator)
➖ Stop ECS tasks
➖ Sending logs to CloudWatch Logs or S3
🔸 FSx for OpenZFS
➖ LZ4 compression
➖ Record size
🔸 GameLift + three updates to FlexMatch
🔸 IoT SiteWise + IoT Application Kit
🔸 Kendra + spell checker for queries
🔸 Keyspaces (Cassandra) + AWS SDK
🔸 PrivateLink + AWS Backup
🔸 RDS for MySQL & PostgreSQL + Multi-AZ Deployment Option With Two Readable Standby Instances
🔸 RDS for Oracle + ALLOW_WEAK_CRYPTO* parameters
🔸 SageMaker Serverless and Asynchronous Inference + SageMaker Python SDK
🔸 Trusted Advisor Priority

🔹 Aurora PostgreSQL 13.5, 12.9, 11.14, and 10.19
🔹 AWS JDBC Driver for MySQL v1.0.0
🔹 AWS QnABot version 5.1.1
🔹 Data Provider for SAP + 4.1 (JDK11 & r6i/m6i instances)
🔹 MGN (AWS Application Migration Service) + Windows Server 2003, 2008, 2022, and Windows 10
🔹 MQ for RabbitMQ + 3.8.27
🔹 RDS for MariaDB + 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
🔹 RDS for Oracle + October 2021 PSU

#AWS_week

'Dirty Pipe' Linux vulnerability that allows an attacker to overwrite data in arbitrary read-only files:

https://www.zdnet.com/article/dirty-pipe-linux-vulnerability-discovered-fixed/

The vulnerability CVE-2022-0847:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847

#security #linux

​​There are some problems - Spotify, Discord, AWS, Cloudflare etc.

https://downdetector.com/

Fix CVE-2022-0847 for Amazon Linux:

https://alas.aws.amazon.com/cve/html/CVE-2022-0847.html

#security #AmazonLinux

Пояснение по новым ограничениям со стороны AWS:
1) Ограничения, которые AWS объявили относятся к работе напрямую и оплаты счетов с карты (они и так не могут т.к. карточки не работают).
2) На данный момент для клиентов из РФ и РБ отсутствует возможность создание новых аккаунтов AWS и привязки карт местных банков

Для клиентов, использующих сервисы AWS из РФ и РБ остаётся возможность оплаты сервисов AWS через партнёра.
Также, возможна локализация контракта за пределами РФ и РБ и оплата счетов в валюте.

Если у вас остались вопросы и вам требуется помощь в оплате счетов от AWS, напишите в лс или на email:
svyatoslav.ustyugov@softline.com

Network Infrastructure Security Guidance:

https://media.defense.gov/2022/Mar/01/2002947139/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDANCE_20220301.PDF

Contents
1. Introduction
2. Network architecture and design
3. Security maintenance
4. Authentication, authorization, and accounting
5. Administrator accounts and passwords
6. Remote logging and monitoring
7. Remote administration and network services
8. Routing
9. Interface ports
10. Notification banners
11. Conclusion

#security #network #design

CNCF Kubernetes and Cloud Native Associate Certification Course (KCNA) from Andrew Brown:

https://www.youtube.com/watch?v=AplluksKvzI

⭐️ Course Contents ⭐️
☁️ 0:00:00 Introduction
☁️ 0:22:31 Cloud Native Kubernetes Concepts
☁️ 1:36:41 Selectors
☁️ 1:42:33 Kubelet
☁️ 1:50:15 KubeCTL
☁️ 1:59:20 Distrubutions
☁️ 2:26:25 Runtimes
☁️ 2:37:04 Storage
☁️ 2:51:34 Service
☁️ 3:06:52 Networking
☁️ 3:33:05 Cluster Networking
☁️ 3:50:50 Security
☁️ 4:23:51 Autoscaling
☁️ 4:28:23 Open Standards
☁️ 4:31:17 Goverance
☁️ 5:01:37 Serverless
☁️ 5:10:29 Observability
☁️ 5:24:45 Cloud Native Application Delivery
☁️ 5:44:03 Deployment Strategies
☁️ 5:58:59 Follow Along
🎤 5:58:59 Review of Light Weight Containers
🎤 6:05:14 Building an App Using Docker
🎤 6:29:29 Minkube
🎤 6:55:36 Kind
🎤 7:03:41 Microk8s
🎤 7:27:10 Kubectl Fix
🎤 7:28:38 Pod Communication via IP
🎤 7:36:44 Service ClusterIP
🎤 7:51:20 Service NodePort
🎤 7:59:14 Service LoadBalancer
🎤 8:09:19 Service Externalname
🎤 8:24:53 Ingress
🎤 8:38:51 Jobs
🎤 8:46:35 ReplicaSets
🎤 8:50:56 Scale and Autoscale
🎤 9:00:39 Configmap
🎤 9:23:29 Secrets
🎤 9:34:08 PV and PVC
🎤 9:56:30 NetPolicy
🎤 10:20:29 Knative
🎤 10:34:30 OpenFaaS
🎤 10:46:11 Helm
🎤 10:55:19 LinkerD
🎤 11:32:49 Google Kubernetes Engine
🎤 11:47:25 Azure Kubernetes Service
🎤 12:03:09 AWS Elastic Kuberenetes Service
🎤 12:35:47 IBM Cloud
🎤 12:48:18 Digital Ocean
🎤 13:10:22 CIVO
🎤 13:26:14 Namespaces
🎤 13:30:59 RBAC
🎤 13:58:00 KubeCTL Extra Commands

#Kubernetes

AWS SAA-C02 vs AWS SAA-C03:

https://tutorialsdojo.com/the-new-aws-certified-saa-c03-2022/

Video:

https://www.youtube.com/watch?v=u8Eg86a306Q

#AWS_Certification

AWS Certificate Manager problems for Russia and Belarus:

We are reaching out to inform you about a change to supported top level domains for public certificates. Amazon relies on a third party as part of our process for issuing and renewing certificates issued by Amazon Trust Services. As of March 10, 2022, and until further notice, due to changes implemented by that third party to disallow the issuance and renewal of certificates from the domains specified later, we will no longer be able to issue or renew certificates from the domains specified through ACM. All Amazon certificates for these domains will remain functional until expiration, but will not be renewable and no new certificates from these domains will be issued. Certificates within these domains can still be created by another recognized certificate authority and imported to Amazon:

* .RU
* .BY
* Бел - Belarus
* Рф - Russian Federation
* .moscow
* .москва - Moscow
* .SU - Soviet Union
* (http://ru.com/) .RU.COM
* .РУС
* .RU.NET

#ACM

​​Weekly Summary on AWS (March 6 - 12)

🔸 Amplify iOS Library + Swift
🔸 Aurora PostgreSQL + Multi Major Version Upgrade
🔸 Braket + OpenQASM 3.0
🔸 Chime SDK + live transcription with automatic language identification
🔸 Comprehend + Targeted Sentiment
🔸 DevOps Guru + CodeGuru Profiler for Lambda
🔸 DynamoDB
➖ Limit request option for PartiQL
➖ Tables Per Account 256 → 2,500
➖ Еnable management operations 50 → 500
🔸 EC2 AMI + LastLaunchedTime
🔸 EC2 + X2idn/X2iedn instances 💥
🔸 ECS Update Service API + loadBalancers, propagateTags, enableECSManagedTags, and serviceRegistries 👀
🔸 Glue DataBrew + cross-account Glue Data Catalog S3 access
🔸 Lambda + PrincipalOrgID 💪
🔸 Lightsail + S3 block public access 🎉
🔸 MSK Connect + Secrets Manager
🔸 Personalize + CloudFormation
🔸 QuickSight + auto refresh
🔸 SSM Change Manager + approve/reject multiple change requests together

🔹 Bottlerocket + NVIDIA GPUs 👍
🔹 Genomics CLI + Snakemake
🔹 RDS for MySQL + 5.7.37 and 8.0.28
🔹 RDS for Oracle + Oracle Database 21c
🔹 RDS for PostgreSQL + 14.2, 👈 13.6, 12.10, 11.15, and 10.20
🔹 RDS for SQL Server + M6i/R6i instances

#AWS_week

Видео по SageMaker Studio Lab от Александра Патрушева (Sr. AI/ML Specialist SA, AWS).

https://www.youtube.com/watch?v=jrNs6c0E0A8

00:00:00 Представление
00:03:30 Что такое Amazon SageMaker Studio Lab
00:06:25 Для чего подходит Amazon SageMaker Studio Lab
00:07:12 Demo
00:25:03 В чем разница между SageMaker Studio Lab и SageMaker

#SageMakerStudioLab #video

Всем привет! Сообщение для тех, кому нужно сохранить доступ к AWS.

Selectel — официальный партнер AWS в России. Через нас можно оплачивать сервисы зарубежного провайдера, получая все отчетные документы РФ (при условии потребления от $1000/мес). Также мы предоставляем выделенный канал в обход публичного интернета, который связывает инфраструктуру AWS и Selectel.

Наши сертифицированные специалисты настроят связь с зарубежным провайдером, а также помогут с построением гибридного облака и/или миграцией. Предложение актуально как для представителей бизнеса, так и для физических лиц.

По всем вопросам пишите на почту — sales@selectel.ru. На все ответим и попробуем придумать эффективное в вашей ситуации решение.

Узнать подробнее об услуге — https://slc.tl/2gPx2

Hello all!

The EMEA Specialist Solutions Architects team is organizing an EMEA Analytics Learning series. These series will be comprised of 5 different tracks covering the key analytics technologies:

The first three sessions belonging to the MSK, Redshift and Quicksight tracks are already planed and awaiting for you to join!!

Below you can find the dates and registration links for each of the sessions:

• 22 March – 15:45 – 16:30 GMT: Introduction to Amazon Managed Streaming for Apache Kafka (Amazon MSK) – Registration link here - https://emea-introduction-amazon-managed-streaming.splashthat.com/

[LEVEL 200 - Webinar] Introduction to Amazon Managed Streaming for Apache Kafka (Amazon MSK). Amazon MSK makes it easy to ingest and process streaming data in real time with fully managed Apache Kafka. This is an introductory webinar to MSK, explaining what it is, why it is useful, and how it can help organizations.

• 29 March – 9:00 – 16:45 GMT: Redshift Immersion day – Registration link here - https://emea-redshift-immersion-day.splashthat.com/

[LEVEL 200 - Workshop] A Redshift Immersion Day provides our customers with a deeper understanding of the Amazon Redshift service through presentations and hands-on experience, and is specifically designed to help us accelerate a customer opportunity or further enable an existing Redshift customer.

• 30 March – 9:00 – 10:00 GMT: Discover Amazon QuickSight - Scalable, serverless, cloud-native Business Intelligence – Registration Link here - https://emea-discover-amazon-quicksight.splashthat.com/

[LEVEL 200 - Webinar] This session, will be an introductory level session 150/200 ideal for customers that may not familiar with Quicksight but have BI use cases in AWS. During the session we will be describing the different features of Quicksight along with a live demo where customers will be able to see the service in action.