Podcasts about aws cloudformation

Dax talks about the launch of SST Ion, a video he shot to promote it and get ahead of the q's people ask, what the migration path is like, should companies still do a launch week, the benefits of an SQLite production, catching up on Astro DB, should Adam take a detour into Zed land, Dax goes Mac, finding time to watch movies or play video games, and physical limitations overcome with neural implants.Want to carry on the conversation? Join us in Discord.SST Ion is finally hereIonsst/ion: ❍ — a new engine for SSTExperience up to 40% faster stack creation with AWS CloudFormationHow we sped up AWS CloudFormation deployments with optimistic stabilization | AWS DevOps BlogNavigate the AWS Maze with Confidence | Pro AWSAstro DBTurso — SQLite for ProductionPrettier DaemonZed Coding SpeedArch LinuxRaycastAlacritty Terminal EmulatorTinker Tailor SoldierAI Business AppsNeuralink enables chess playTopics:(00:00) - 10 years of Arch will do it to you (00:39) - Launching SST Ion (13:49) - What's the migration path right now? (15:30) - Should companies still do a launch week? (18:39) - What are the benefits of SQLite based development? (25:26) - Catching up on Astro DB? (31:18) - What is SST competing with? (34:07) - Should Adam take a detour into Zed land? (35:31) - Dax goes Mac (44:20) - Finding time to game or watch movies (01:06:14) - Did you remember Neural Link? (01:12:19) - Physical limitations of getting older

Join Dave in this enlightening conversation with Dan Blanco, Senior Developer Advocate for the AWS Infrastructure as Code (IaC) team, as they dive deep into the transformative world of IaC. In an era where manual processes no longer suffice, IaC emerges as a pivotal technology, enabling developers to provision and manage computing infrastructure through code, streamlining the setup, update, and maintenance of essential infrastructure components for application development, testing, and deployment. In this episode, Dan unveils the latest innovations from his team, including the groundbreaking AWS CloudFormation Git sync, CDK Migrate, and the IaC Generator. Discover how the IaC Generator revolutionizes template creation, allowing developers to automatically generate CloudFormation templates for resources in their accounts, enhancing efficiency and control over cloud environments. Beyond the technical, Dave and Dan explore the unique journey of being a developer in the gaming industry, the transition to cloud careers, and share a feast of food analogies along with insider knowledge from culinary school. This episode is a must-listen for anyone looking to understand the future of cloud infrastructure management, control costs, reduce risks, and seize new business opportunities with agility and speed. Dan on Twitter: https://twitter.com/thedanblanco Dan on LinkedIn: https://www.linkedin.com/in/thedanblanco/ Dave on Twitter: https://twitter.com/thedavedev Dave on LinkedIn: https://www.linkedin.com/in/davidisbitski [BLOG] AWS DevOps Blog: https://aws.amazon.com/blogs/devops [BLOG] Dan's Blog Post on IaC Generator- Import entire applications into AWS CloudFormation: https://aws.amazon.com/blogs/devops/import-entire-applications-into-aws-cloudformation/ [BLOG] Announcing CDK Migrate: A Single Command to Migrate to the AWS CDK - https://aws.amazon.com/blogs/devops/announcing-cdk-migrate-a-single-command-to-migrate-to-the-aws-cdk/ [DOCS] Generating templates for existing resources - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html [DOCS] Working with AWS CloudFormation Git Sync - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/git-sync.html [TRAINING] AWS IaC Workshops: https://cdkworkshop.com and https://catalog.workshops.aws/cfn101/en-US Subscribe: Spotify: https://open.spotify.com/show/7rQjgnBvuyr18K03tnEHBI Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-developers-podcast/id1574162669 Stitcher: https://www.stitcher.com/show/1065378 Pandora: https://www.pandora.com/podcast/aws-developers-podcast/PC:1001065378 TuneIn: https://tunein.com/podcasts/Technology-Podcasts/AWS-Developers-Podcast-p1461814/ Amazon Music: https://music.amazon.com/podcasts/f8bf7630-2521-4b40-be90-c46a9222c159/aws-developers-podcast Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGNsb3VkLmNvbS91c2Vycy9zb3VuZGNsb3VkOnVzZXJzOjk5NDM2MzU0OS9zb3VuZHMucnNz RSS Feed: https://feeds.soundcloud.com/users/soundcloud:users:994363549/sounds.rss

Cloud Phishing Attacks are on the rise globally. In this episode, you will learn from cybersecurity and cloud security expert, Ruchira Pokhriyal. Ask me a question here: https://topmate.io/ken_underhill Ruchira is a member of Amazon AWS's incident response (IR) team, where she plays a crucial role in maintaining security. Her impressive background includes expertise in web app penetration testing, cloud security, incident response, and digital forensics. Ruchira is a well-rounded professional in the cybersecurity

Last week in security news: Barracuda thought it drove 0-day hackers out of customers' networks, A terrific guide for getting started with AWS security research, “Zukey” or “Amazon Basics Yubikey”, and more!Links: Barracuda thought it drove 0-day hackers out of customers' networks. A terrific guide for getting started with AWS security research.  Amazon Basics Yubikey Two real-life examples of why limiting permissions works: Lessons from AWS CIRT Validate IAM policies by using IAM Policy Validator for AWS CloudFormation and GitHub Actions From the world of tools: wapalyzer

In this episode, Dave and Emily catch up with Elad Ben-Israel, CEO at Wing Cloud and original creator of the AWS CDK. Winglang is new programming language and toolchain designed for the cloud from the ground up. It gives developers a unified way of accessing their cloud infrastructure and code using a single language, while still being able to run and test inside a local simulator for high speed iterations. Elad takes on a historical journey to the original creation of the AWS CDK, the shift from coding for single machines to modern distributed cloud-based systems, the power of open source, and the continued evolution of writing software. There may even be an analogy to burning man and building software as a community. Elad on Twitter: https://twitter.com/emeshbi Winglang on Twitter: https://twitter.com/winglangio Winglang Slack: https://t.winglang.io/slack Winglang GitHub: https://github.com/winglang/wing Emily on Twitter: https://twitter.com/editingemily Dave on Twitter: https://twitter.com/thedavedev Dave on LinkedIn: https://www.linkedin.com/in/davidisbitski/ [BOOK] The CDK Book Forward by Elad - https://www.thecdkbook.com/foreword.html [DOCS] What is AWS CloudFormation? - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html [PODCAST] Alexa Developers Podcast - Episode 004 - Cloud Development Kit with Elad Ben-Israel: https://open.spotify.com/episode/55P0F7lWxRBCoDTK7xVhCX [PODCAST] Alexa Developers Podcast - Episode 005 - Future of Cloud Development Kit with Elad Ben-Israel: https://open.spotify.com/episode/6G0R9H2S7VPBxdJI81FJQV [PORTAL] AWS Cloud Development Kit (CDK) - https://aws.amazon.com/cdk/ [PORTAL] Winglang.io - https://www.winglang.io/ [PORTAL] Wing Cloud - https://www.wing.cloud/ [YOUTUBE] A Quick Intro to Winglang with Elad https://www.youtube.com/watch?v=wzqCXrsKWbo [WIKIPEDIA] POSIX - https://en.wikipedia.org/wiki/POSIX Subscribe: Spotify: https://open.spotify.com/show/7rQjgnBvuyr18K03tnEHBI Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-developers-podcast/id1574162669 Stitcher: https://www.stitcher.com/show/1065378 Pandora: https://www.pandora.com/podcast/aws-developers-podcast/PC:1001065378 TuneIn: https://tunein.com/podcasts/Technology-Podcasts/AWS-Developers-Podcast-p1461814/ Amazon Music: https://music.amazon.com/podcasts/f8bf7630-2521-4b40-be90-c46a9222c159/aws-developers-podcast Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGNsb3VkLmNvbS91c2Vycy9zb3VuZGNsb3VkOnVzZXJzOjk5NDM2MzU0OS9zb3VuZHMucnNz RSS Feed: https://feeds.soundcloud.com/users/soundcloud:users:994363549/sounds.rss

On this episode of The Cloud Pod, the team talks about the possible replacement of CEO Sundar Pichai after Alphabet stock went up by just 1.9%, the new support feature of Amazon EKS for Kubernetes, three partner specializations just released by Google, and how clients have responded to the AI Powered Bing and Microsoft Edge. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

 I talk about how to learn cloud computing from scratch.  Welcome to part 2 of this series with the host of The Big bald azure guy and we are talking about everything cloud and how to become a cloud engineer. In part one linked down in the description, we talked about what is the cloud and how you can benefit from it. In this video, we talk about everything you need to know when it comes to training, the different resources you can use, and What you should focus on learning to become a successful cloud engineer. Check out The Big Bald Azure Guy here on YouTube: https://www.youtube.com/c/TheBigBaldAzureGuy☁One of the best E-Learning platforms in my opinion to learn about the cloud is INE !!! ☁

On this episode of The Cloud Pod, the team discusses the AWS systems manager default enablement option for all EC2 instances in an account, different ideas from leveraging innovators plus subscription using $500 Google credits, the Azure Open Source Day, the new theme for the Oracle OCI Console, and lastly, different ways to migrate to a cloud provider. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

AI Products & Earnings On this episode of The Cloud Pod, the team talks about the announcement of Amazon VPC resource map, Google's new AI product, the new Bing AI-powered search engine, and why multiple accounts are necessary for data centers to carry out work seamlessly in the cloud. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure.  This week's highlights

CDK é o framework da AWS para interagir com o CloudFormation. Com o CDK você ganha ainda mais flexibilidade na composição e execução dos seus templates de infra-estrutura na AWS, elevando ainda mais sua capacidade de escalabilidade e de economia.Infra as code e CDK são sinônimos, praticamente irmãos que gostam muito de brincar juntos ;)Inscreva-se para o pré-lançamento do curso AWS:https://www.uminventorqualquer.com.br/curso-aws/Canal Wesley Milan: https://bit.ly/3LqiYwgInstagram: https://bit.ly/3tfzAj0LinkedIn: https://www.linkedin.com/in/wesleymilan/Podcast: https://bit.ly/3qa5JH1

Cloud giant Amazon Web Services manages the largest number of Kubernetes clusters in the world, according to the company.  In this podcast recording, AWS Senior Engineer Jay Pipes discusses AWS' use of Kubernetes, as well as the company's contribution to the Kubernetes code base. The interview was recorded at KubeCon North America last month.The Difference Between Kubernetes and AWSKubernetes is an open source container orchestration platform. AWS is one of the largest providers of cloud services. In 2021, the company generated $61.1 billion in revenue, worldwide. AWS provides a commercial Kubernetes service, called the Amazon Elastic Kubernetes Service (EKS). It simplifies the Kubernetes experience by adding a control plane and worker nodes. In addition to providing a commercial Kubernetes service, AWS supports the development of Kubernetes, by dedicating engineers to the work on the open source project. "It's a responsibility of all of the engineers in the service team to be aware of what's going on and the upstream community to be contributing to that upstream community, and making it succeed," Pipes said. "If the upstream open source projects upon which we depend are suffering or not doing well, then our service is not going to do well. And by the same token, if we can help that upstream project or project to be successful, that means our service is going to be more successful."What is Kubernetes in AWS?In addition to EKS, AWS has also a number of other tools to help Kubernetes users. One is Karpenter, an open-source, flexible, high-performance Kubernetes cluster autoscaler built with AWS. Karpenter provides more fine-grained scaling capabilities, compared to Kubernetes' built-in Cluster Autoscaler, Pipes said. Instead of using Cluster Autoscaler, Karpenter deploys AWS' own Fleet API, which offers superior scheduling capabilities. Another tool for Kubernetes users is cdk8s, which is an open-source software development framework for defining Kubernetes applications and reusable abstractions using familiar programming languages and rich object-oriented APIs. It is similar to the AWS Cloud Development Kit (CDK), which helps users deploy applications using AWS CloudFormation, but instead of the output being a CloudFormation template, the output is a YAML manifest that can be understood by Kubernetes.AWS and KubernetesIn addition to providing open source development help to Kubernetes, AWS has offered to help defray the considerable expenses of hosting the Kubernetes development and deployment process. Currently, the Kubernetes upstream build process is hosted on the Google Cloud Platform, and artifact registry is hosted in Google's container registry, and totals about 1.5TB worth of storage. Each month, AWS alone was paying $90-$100,000 a month for egress costs, just to have the Kubernetes code on an AWS-hosted infrastructure, Pipes said. AWS has been working on a mirror of the Kubernetes assets that would reside on the company's own cloud servers, thereby eliminating the Google egress costs typically borne by the Cloud Native Computing Foundation. "By doing that we completely eliminate the egress costs out of Google data centers and into AWS data centers," Pipes said.

По запросу от наших слушателей рассказываем про AWS Cloud Development Kit (AWS CDK), Антон Коваленко SA AWS c богатым опытом в IaC с использованием CDK, поделился своими знаниями по внедрения CDK в несколько проектов. Мы начали с самого начала, что такое вообще CDK, какая разница CDK и CloudFormation и конечно Terraform? Антон рассказал историей, про то что пока искали DevOps специалиста по работе с IaC, команда разработки довольно легко и быстро освоила CDK и проект не простаивал, а девелоперы сами писали IaC используя CDK. Не забыли проговорить концепты самого CDK construct - L1,L2,L3. А также как CDK поддерживает такое количество языков, и какая глубина знаний нужна для начала работы с CDK. Полезные ссылки CDK Workshop AWS re:Invent 2021 - What's new with AWS CloudFormation and AWS CDK The CDK Book - A Comprehensive Guide to the AWS Cloud Development Kit Если у вас есть вопросы, предложения или темы для будущих подборок, пишите мне в Linkedin - https://www.linkedin.com/in/vedmich/ или телеграмм https://t.me/VictorVedmich

On The Cloud Pod this week, AWS Enterprise Support adds incident detection and response, the announcement of Google Cloud Spanner, and Oracle expands to Spain. Thank you to our sponsor, Foghorn Consulting, which provides top notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you're having trouble hiring? Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week. Episode Highlights ⏰ AWS Enterprise Support adds incident detection and response ⏰ You can now get a 90-day free trial of Google Cloud Spanner ⏰ Oracle opens its newest cloud infrastructure region in Spain Top Quote

[00:00.000 --> 00:04.560] All right, so I'm here with 52 weeks of AWS[00:04.560 --> 00:07.920] and still continuing to do developer certification.[00:07.920 --> 00:11.280] I'm gonna go ahead and share my screen here.[00:13.720 --> 00:18.720] All right, so we are on Lambda, one of my favorite topics.[00:19.200 --> 00:20.800] Let's get right into it[00:20.800 --> 00:24.040] and talk about how to develop event-driven solutions[00:24.040 --> 00:25.560] with AWS Lambda.[00:26.640 --> 00:29.440] With Serverless Computing, one of the things[00:29.440 --> 00:32.920] that it is going to do is it's gonna change[00:32.920 --> 00:36.000] the way you think about building software[00:36.000 --> 00:39.000] and in a traditional deployment environment,[00:39.000 --> 00:42.040] you would configure an instance, you would update an OS,[00:42.040 --> 00:45.520] you'd install applications, build and deploy them,[00:45.520 --> 00:47.000] load balance.[00:47.000 --> 00:51.400] So this is non-cloud native computing and Serverless,[00:51.400 --> 00:54.040] you really only need to focus on building[00:54.040 --> 00:56.360] and deploying applications and then monitoring[00:56.360 --> 00:58.240] and maintaining the applications.[00:58.240 --> 01:00.680] And so with really what Serverless does[01:00.680 --> 01:05.680] is it allows you to focus on the code for the application[01:06.320 --> 01:08.000] and you don't have to manage the operating system,[01:08.000 --> 01:12.160] the servers or scale it and really is a huge advantage[01:12.160 --> 01:14.920] because you don't have to pay for the infrastructure[01:14.920 --> 01:15.920] when the code isn't running.[01:15.920 --> 01:18.040] And that's really a key takeaway.[01:19.080 --> 01:22.760] If you take a look at the AWS Serverless platform,[01:22.760 --> 01:24.840] there's a bunch of fully managed services[01:24.840 --> 01:26.800] that are tightly integrated with Lambda.[01:26.800 --> 01:28.880] And so this is another huge advantage of Lambda,[01:28.880 --> 01:31.000] isn't necessarily that it's the fastest[01:31.000 --> 01:33.640] or it has the most powerful execution,[01:33.640 --> 01:35.680] it's the tight integration with the rest[01:35.680 --> 01:39.320] of the AWS platform and developer tools[01:39.320 --> 01:43.400] like AWS Serverless application model or AWS SAM[01:43.400 --> 01:45.440] would help you simplify the deployment[01:45.440 --> 01:47.520] of Serverless applications.[01:47.520 --> 01:51.960] And some of the services include Amazon S3,[01:51.960 --> 01:56.960] Amazon SNS, Amazon SQS and AWS SDKs.[01:58.600 --> 02:03.280] So in terms of Lambda, AWS Lambda is a compute service[02:03.280 --> 02:05.680] for Serverless and it lets you run code[02:05.680 --> 02:08.360] without provisioning or managing servers.[02:08.360 --> 02:11.640] It allows you to trigger your code in response to events[02:11.640 --> 02:14.840] that you would configure like, for example,[02:14.840 --> 02:19.200] dropping something into a S3 bucket like that's an image,[02:19.200 --> 02:22.200] Nevel Lambda that transcribes it to a different format.[02:23.080 --> 02:27.200] It also allows you to scale automatically based on demand[02:27.200 --> 02:29.880] and it will also incorporate built-in monitoring[02:29.880 --> 02:32.880] and logging with AWS CloudWatch.[02:34.640 --> 02:37.200] So if you look at AWS Lambda,[02:37.200 --> 02:39.040] some of the things that it does[02:39.040 --> 02:42.600] is it enables you to bring in your own code.[02:42.600 --> 02:45.280] So the code you write for Lambda isn't written[02:45.280 --> 02:49.560] in a new language, you can write things[02:49.560 --> 02:52.600] in tons of different languages for AWS Lambda,[02:52.600 --> 02:57.600] Node, Java, Python, C-sharp, Go, Ruby.[02:57.880 --> 02:59.440] There's also custom run time.[02:59.440 --> 03:03.880] So you could do Rust or Swift or something like that.[03:03.880 --> 03:06.080] And it also integrates very deeply[03:06.080 --> 03:11.200] with other AWS services and you can invoke[03:11.200 --> 03:13.360] third-party applications as well.[03:13.360 --> 03:18.080] It also has a very flexible resource and concurrency model.[03:18.080 --> 03:20.600] And so Lambda would scale in response to events.[03:20.600 --> 03:22.880] So you would just need to configure memory settings[03:22.880 --> 03:24.960] and AWS would handle the other details[03:24.960 --> 03:28.720] like the CPU, the network, the IO throughput.[03:28.720 --> 03:31.400] Also, you can use the Lambda,[03:31.400 --> 03:35.000] AWS Identity and Access Management Service or IAM[03:35.000 --> 03:38.560] to grant access to what other resources you would need.[03:38.560 --> 03:41.200] And this is one of the ways that you would control[03:41.200 --> 03:44.720] the security of Lambda is you have really guardrails[03:44.720 --> 03:47.000] around it because you would just tell Lambda,[03:47.000 --> 03:50.080] you have a role that is whatever it is you need Lambda to do,[03:50.080 --> 03:52.200] talk to SQS or talk to S3,[03:52.200 --> 03:55.240] and it would specifically only do that role.[03:55.240 --> 04:00.240] And the other thing about Lambda is that it has built-in[04:00.560 --> 04:02.360] availability and fault tolerance.[04:02.360 --> 04:04.440] So again, it's a fully managed service,[04:04.440 --> 04:07.520] it's high availability and you don't have to do anything[04:07.520 --> 04:08.920] at all to use that.[04:08.920 --> 04:11.600] And one of the biggest things about Lambda[04:11.600 --> 04:15.000] is that you only pay for what you use.[04:15.000 --> 04:18.120] And so when the Lambda service is idle,[04:18.120 --> 04:19.480] you don't have to actually pay for that[04:19.480 --> 04:21.440] versus if it's something else,[04:21.440 --> 04:25.240] like even in the case of a Kubernetes-based system,[04:25.240 --> 04:28.920] still there's a host machine that's running Kubernetes[04:28.920 --> 04:31.640] and you have to actually pay for that.[04:31.640 --> 04:34.520] So one of the ways that you can think about Lambda[04:34.520 --> 04:38.040] is that there's a bunch of different use cases for it.[04:38.040 --> 04:40.560] So let's start off with different use cases,[04:40.560 --> 04:42.920] web apps, I think would be one of the better ones[04:42.920 --> 04:43.880] to think about.[04:43.880 --> 04:46.680] So you can combine AWS Lambda with other services[04:46.680 --> 04:49.000] and you can build powerful web apps[04:49.000 --> 04:51.520] that automatically scale up and down.[04:51.520 --> 04:54.000] And there's no administrative effort at all.[04:54.000 --> 04:55.160] There's no backups necessary,[04:55.160 --> 04:58.320] no multi-data center redundancy, it's done for you.[04:58.320 --> 05:01.400] Backends, so you can build serverless backends[05:01.400 --> 05:05.680] that lets you handle web, mobile, IoT,[05:05.680 --> 05:07.760] third-party applications.[05:07.760 --> 05:10.600] You can also build those backends with Lambda,[05:10.600 --> 05:15.400] with API Gateway, and you can build applications with them.[05:15.400 --> 05:17.200] In terms of data processing,[05:17.200 --> 05:19.840] you can also use Lambda to run code[05:19.840 --> 05:22.560] in response to a trigger, change in data,[05:22.560 --> 05:24.440] shift in system state,[05:24.440 --> 05:27.360] and really all of AWS for the most part[05:27.360 --> 05:29.280] is able to be orchestrated with Lambda.[05:29.280 --> 05:31.800] So it's really like a glue type service[05:31.800 --> 05:32.840] that you're able to use.[05:32.840 --> 05:36.600] Now chatbots, that's another great use case for it.[05:36.600 --> 05:40.760] Amazon Lex is a service for building conversational chatbots[05:42.120 --> 05:43.560] and you could use it with Lambda.[05:43.560 --> 05:48.560] Amazon Lambda service is also able to be used[05:50.080 --> 05:52.840] with voice IT automation.[05:52.840 --> 05:55.760] These are all great use cases for Lambda.[05:55.760 --> 05:57.680] In fact, I would say it's kind of like[05:57.680 --> 06:01.160] the go-to automation tool for AWS.[06:01.160 --> 06:04.160] So let's talk about how Lambda works next.[06:04.160 --> 06:06.080] So the way Lambda works is that[06:06.080 --> 06:09.080] there's a function and there's an event source,[06:09.080 --> 06:10.920] and these are the core components.[06:10.920 --> 06:14.200] The event source is the entity that publishes events[06:14.200 --> 06:19.000] to AWS Lambda, and Lambda function is the code[06:19.000 --> 06:21.960] that you're gonna use to process the event.[06:21.960 --> 06:25.400] And AWS Lambda would run that Lambda function[06:25.400 --> 06:29.600] on your behalf, and a few things to consider[06:29.600 --> 06:33.840] is that it really is just a little bit of code,[06:33.840 --> 06:35.160] and you can configure the triggers[06:35.160 --> 06:39.720] to invoke a function in response to resource lifecycle events,[06:39.720 --> 06:43.680] like for example, responding to incoming HTTP,[06:43.680 --> 06:47.080] consuming events from a queue, like in the case of SQS[06:47.080 --> 06:48.320] or running it on a schedule.[06:48.320 --> 06:49.760] So running it on a schedule is actually[06:49.760 --> 06:51.480] a really good data engineering task, right?[06:51.480 --> 06:54.160] Like you could run it periodically to scrape a website.[06:55.120 --> 06:58.080] So as a developer, when you create Lambda functions[06:58.080 --> 07:01.400] that are managed by the AWS Lambda service,[07:01.400 --> 07:03.680] you can define the permissions for the function[07:03.680 --> 07:06.560] and basically specify what are the events[07:06.560 --> 07:08.520] that would actually trigger it.[07:08.520 --> 07:11.000] You can also create a deployment package[07:11.000 --> 07:12.920] that includes application code[07:12.920 --> 07:17.000] in any dependency or library necessary to run the code,[07:17.000 --> 07:19.200] and you can also configure things like the memory,[07:19.200 --> 07:23.200] you can figure the timeout, also configure the concurrency,[07:23.200 --> 07:25.160] and then when your function is invoked,[07:25.160 --> 07:27.640] Lambda will provide a runtime environment[07:27.640 --> 07:30.080] based on the runtime and configuration options[07:30.080 --> 07:31.080] that you selected.[07:31.080 --> 07:36.080] So let's talk about models for invoking Lambda functions.[07:36.360 --> 07:41.360] In the case of an event source that invokes Lambda function[07:41.440 --> 07:43.640] by either a push or a pool model,[07:43.640 --> 07:45.920] in the case of a push, it would be an event source[07:45.920 --> 07:48.440] directly invoking the Lambda function[07:48.440 --> 07:49.840] when the event occurs.[07:50.720 --> 07:53.040] In the case of a pool model,[07:53.040 --> 07:56.960] this would be putting the information into a stream or a queue,[07:56.960 --> 07:59.400] and then Lambda would pull that stream or queue,[07:59.400 --> 08:02.800] and then invoke the function when it detects an events.[08:04.080 --> 08:06.480] So a few different examples would be[08:06.480 --> 08:11.280] that some services can actually invoke the function directly.[08:11.280 --> 08:13.680] So for a synchronous invocation,[08:13.680 --> 08:15.480] the other service would wait for the response[08:15.480 --> 08:16.320] from the function.[08:16.320 --> 08:20.680] So a good example would be in the case of Amazon API Gateway,[08:20.680 --> 08:24.800] which would be the REST-based service in front.[08:24.800 --> 08:28.320] In this case, when a client makes a request to your API,[08:28.320 --> 08:31.200] that client would get a response immediately.[08:31.200 --> 08:32.320] And then with this model,[08:32.320 --> 08:34.880] there's no built-in retry in Lambda.[08:34.880 --> 08:38.040] Examples of this would be Elastic Load Balancing,[08:38.040 --> 08:42.800] Amazon Cognito, Amazon Lex, Amazon Alexa,[08:42.800 --> 08:46.360] Amazon API Gateway, AWS CloudFormation,[08:46.360 --> 08:48.880] and Amazon CloudFront,[08:48.880 --> 08:53.040] and also Amazon Kinesis Data Firehose.[08:53.040 --> 08:56.760] For asynchronous invocation, AWS Lambda queues,[08:56.760 --> 09:00.320] the event before it passes to your function.[09:00.320 --> 09:02.760] The other service gets a success response[09:02.760 --> 09:04.920] as soon as the event is queued,[09:04.920 --> 09:06.560] and if an error occurs,[09:06.560 --> 09:09.760] Lambda will automatically retry the invocation twice.[09:10.760 --> 09:14.520] A good example of this would be S3, SNS,[09:14.520 --> 09:17.720] SES, the Simple Email Service,[09:17.720 --> 09:21.120] AWS CloudFormation, Amazon CloudWatch Logs,[09:21.120 --> 09:25.400] CloudWatch Events, AWS CodeCommit, and AWS Config.[09:25.400 --> 09:28.280] But in both cases, you can invoke a Lambda function[09:28.280 --> 09:30.000] using the invoke operation,[09:30.000 --> 09:32.720] and you can specify the invocation type[09:32.720 --> 09:35.440] as either synchronous or asynchronous.[09:35.440 --> 09:38.760] And when you use the AWS service as a trigger,[09:38.760 --> 09:42.280] the invocation type is predetermined for each service,[09:42.280 --> 09:44.920] and so you have no control over the invocation type[09:44.920 --> 09:48.920] that these events sources use when they invoke your Lambda.[09:50.800 --> 09:52.120] In the polling model,[09:52.120 --> 09:55.720] the event sources will put information into a stream or a queue,[09:55.720 --> 09:59.360] and AWS Lambda will pull the stream or the queue.[09:59.360 --> 10:01.000] If it first finds a record,[10:01.000 --> 10:03.280] it will deliver the payload and invoke the function.[10:03.280 --> 10:04.920] And this model, the Lambda itself,[10:04.920 --> 10:07.920] is basically pulling data from a stream or a queue[10:07.920 --> 10:10.280] for processing by the Lambda function.[10:10.280 --> 10:12.640] Some examples would be a stream-based event service[10:12.640 --> 10:17.640] would be Amazon DynamoDB or Amazon Kinesis Data Streams,[10:17.800 --> 10:20.920] and these stream records are organized into shards.[10:20.920 --> 10:24.640] So Lambda would actually pull the stream for the record[10:24.640 --> 10:27.120] and then attempt to invoke the function.[10:27.120 --> 10:28.800] If there's a failure,[10:28.800 --> 10:31.480] AWS Lambda won't read any of the new shards[10:31.480 --> 10:34.840] until the failed batch of records expires or is processed[10:34.840 --> 10:36.160] successfully.[10:36.160 --> 10:39.840] In the non-streaming event, which would be SQS,[10:39.840 --> 10:42.400] Amazon would pull the queue for records.[10:42.400 --> 10:44.600] If it fails or times out,[10:44.600 --> 10:46.640] then the message would be returned to the queue,[10:46.640 --> 10:49.320] and then Lambda will keep retrying the failed message[10:49.320 --> 10:51.800] until it's processed successfully.[10:51.800 --> 10:53.600] If the message will expire,[10:53.600 --> 10:56.440] which is something you can do with SQS,[10:56.440 --> 10:58.240] then it'll just be discarded.[10:58.240 --> 11:00.400] And you can create a mapping between an event source[11:00.400 --> 11:02.960] and a Lambda function right inside of the console.[11:02.960 --> 11:05.520] And this is how typically you would set that up manually[11:05.520 --> 11:07.600] without using infrastructure as code.[11:08.560 --> 11:10.200] All right, let's talk about permissions.[11:10.200 --> 11:13.080] This is definitely an easy place to get tripped up[11:13.080 --> 11:15.760] when you're first using AWS Lambda.[11:15.760 --> 11:17.840] There's two types of permissions.[11:17.840 --> 11:20.120] The first is the event source and permission[11:20.120 --> 11:22.320] to trigger the Lambda function.[11:22.320 --> 11:24.480] This would be the invocation permission.[11:24.480 --> 11:26.440] And the next one would be the Lambda function[11:26.440 --> 11:29.600] needs permissions to interact with other services,[11:29.600 --> 11:31.280] but this would be the run permissions.[11:31.280 --> 11:34.520] And these are both handled via the IAM service[11:34.520 --> 11:38.120] or the AWS identity and access management service.[11:38.120 --> 11:43.120] So the IAM resource policy would tell the Lambda service[11:43.600 --> 11:46.640] which push event the sources have permission[11:46.640 --> 11:48.560] to invoke the Lambda function.[11:48.560 --> 11:51.120] And these resource policies would make it easy[11:51.120 --> 11:55.280] to grant access to a Lambda function across AWS account.[11:55.280 --> 11:58.400] So a good example would be if you have an S3 bucket[11:58.400 --> 12:01.400] in your account and you need to invoke a function[12:01.400 --> 12:03.880] in another account, you could create a resource policy[12:03.880 --> 12:07.120] that allows those to interact with each other.[12:07.120 --> 12:09.200] And the resource policy for a Lambda function[12:09.200 --> 12:11.200] is called a function policy.[12:11.200 --> 12:14.160] And when you add a trigger to your Lambda function[12:14.160 --> 12:16.760] from the console, the function policy[12:16.760 --> 12:18.680] will be generated automatically[12:18.680 --> 12:20.040] and it allows the event source[12:20.040 --> 12:22.820] to take the Lambda invoke function action.[12:24.400 --> 12:27.320] So a good example would be in Amazon S3 permission[12:27.320 --> 12:32.120] to invoke the Lambda function called my first function.[12:32.120 --> 12:34.720] And basically it would be an effect allow.[12:34.720 --> 12:36.880] And then under principle, if you would have service[12:36.880 --> 12:41.880] S3.AmazonEWS.com, the action would be Lambda colon[12:41.880 --> 12:45.400] invoke function and then the resource would be the name[12:45.400 --> 12:49.120] or the ARN of actually the Lambda.[12:49.120 --> 12:53.080] And then the condition would be actually the ARN of the bucket.[12:54.400 --> 12:56.720] And really that's it in a nutshell.[12:57.560 --> 13:01.480] The Lambda execution role grants your Lambda function[13:01.480 --> 13:05.040] permission to access AWS services and resources.[13:05.040 --> 13:08.000] And you select or create the execution role[13:08.000 --> 13:10.000] when you create a Lambda function.[13:10.000 --> 13:12.320] The IAM policy would define the actions[13:12.320 --> 13:14.440] of Lambda functions allowed to take[13:14.440 --> 13:16.720] and the trust policy allows the Lambda service[13:16.720 --> 13:20.040] to assume an execution role.[13:20.040 --> 13:23.800] To grant permissions to AWS Lambda to assume a role,[13:23.800 --> 13:27.460] you have to have the permission for IAM pass role action.[13:28.320 --> 13:31.000] A couple of different examples of a relevant policy[13:31.000 --> 13:34.560] for an execution role and the example,[13:34.560 --> 13:37.760] the IAM policy, you know,[13:37.760 --> 13:39.840] basically that we talked about earlier,[13:39.840 --> 13:43.000] would allow you to interact with S3.[13:43.000 --> 13:45.360] Another example would be to make it interact[13:45.360 --> 13:49.240] with CloudWatch logs and to create a log group[13:49.240 --> 13:51.640] and stream those logs.[13:51.640 --> 13:54.800] The trust policy would give Lambda service permissions[13:54.800 --> 13:57.600] to assume a role and invoke a Lambda function[13:57.600 --> 13:58.520] on your behalf.[13:59.560 --> 14:02.600] Now let's talk about the overview of authoring[14:02.600 --> 14:06.120] and configuring Lambda functions.[14:06.120 --> 14:10.440] So really to start with, to create a Lambda function,[14:10.440 --> 14:14.840] you first need to create a Lambda function deployment package,[14:14.840 --> 14:19.800] which is a zip or jar file that consists of your code[14:19.800 --> 14:23.160] and any dependencies with Lambda,[14:23.160 --> 14:25.400] you can use the programming language[14:25.400 --> 14:27.280] and integrated development environment[14:27.280 --> 14:29.800] that you're most familiar with.[14:29.800 --> 14:33.360] And you can actually bring the code you've already written.[14:33.360 --> 14:35.960] And Lambda does support lots of different languages[14:35.960 --> 14:39.520] like Node.js, Python, Ruby, Java, Go,[14:39.520 --> 14:41.160] and.NET runtimes.[14:41.160 --> 14:44.120] And you can also implement a custom runtime[14:44.120 --> 14:45.960] if you wanna use a different language as well,[14:45.960 --> 14:48.480] which is actually pretty cool.[14:48.480 --> 14:50.960] And if you wanna create a Lambda function,[14:50.960 --> 14:52.800] you would specify the handler,[14:52.800 --> 14:55.760] the Lambda function handler is the entry point.[14:55.760 --> 14:57.600] And a few different aspects of it[14:57.600 --> 14:59.400] that are important to pay attention to,[14:59.400 --> 15:00.720] the event object,[15:00.720 --> 15:03.480] this would provide information about the event[15:03.480 --> 15:05.520] that triggered the Lambda function.[15:05.520 --> 15:08.280] And this could be like a predefined object[15:08.280 --> 15:09.760] that AWS service generates.[15:09.760 --> 15:11.520] So you'll see this, like for example,[15:11.520 --> 15:13.440] in the console of AWS,[15:13.440 --> 15:16.360] you can actually ask for these objects[15:16.360 --> 15:19.200] and it'll give you really the JSON structure[15:19.200 --> 15:20.680] so you can test things out.[15:21.880 --> 15:23.900] In the contents of an event object[15:23.900 --> 15:26.800] includes everything you would need to actually invoke it.[15:26.800 --> 15:29.640] The context object is generated by AWS[15:29.640 --> 15:32.360] and this is really a runtime information.[15:32.360 --> 15:35.320] And so if you needed to get some kind of runtime information[15:35.320 --> 15:36.160] about your code,[15:36.160 --> 15:40.400] let's say environmental variables or AWS request ID[15:40.400 --> 15:44.280] or a log stream or remaining time in Millies,[15:45.320 --> 15:47.200] like for example, that one would return[15:47.200 --> 15:48.840] the number of milliseconds that remain[15:48.840 --> 15:50.600] before your function times out,[15:50.600 --> 15:53.300] you can get all that inside the context object.[15:54.520 --> 15:57.560] So what about an example that runs a Python?[15:57.560 --> 15:59.280] Pretty straightforward actually.[15:59.280 --> 16:01.400] All you need is you would put a handler[16:01.400 --> 16:03.280] inside the handler would take,[16:03.280 --> 16:05.000] that it would be a Python function,[16:05.000 --> 16:07.080] it would be an event, there'd be a context,[16:07.080 --> 16:10.960] you pass it inside and then you return some kind of message.[16:10.960 --> 16:13.960] A few different best practices to remember[16:13.960 --> 16:17.240] about AWS Lambda would be to separate[16:17.240 --> 16:20.320] the core business logic from the handler method[16:20.320 --> 16:22.320] and this would make your code more portable,[16:22.320 --> 16:24.280] enable you to target unit tests[16:25.240 --> 16:27.120] without having to worry about the configuration.[16:27.120 --> 16:30.400] So this is always a really good idea just in general.[16:30.400 --> 16:32.680] Make sure you have modular functions.[16:32.680 --> 16:34.320] So you have a single purpose function,[16:34.320 --> 16:37.160] you don't have like a kitchen sink function,[16:37.160 --> 16:40.000] you treat functions as stateless as well.[16:40.000 --> 16:42.800] So you would treat a function that basically[16:42.800 --> 16:46.040] just does one thing and then when it's done,[16:46.040 --> 16:48.320] there is no state that's actually kept anywhere[16:49.320 --> 16:51.120] and also only include what you need.[16:51.120 --> 16:55.840] So you don't want to have a huge sized Lambda functions[16:55.840 --> 16:58.560] and one of the ways that you can avoid this[16:58.560 --> 17:02.360] is by reducing the time it takes a Lambda to unpack[17:02.360 --> 17:04.000] the deployment packages[17:04.000 --> 17:06.600] and you can also minimize the complexity[17:06.600 --> 17:08.640] of your dependencies as well.[17:08.640 --> 17:13.600] And you can also reuse the temporary runtime environment[17:13.600 --> 17:16.080] to improve the performance of a function as well.[17:16.080 --> 17:17.680] And so the temporary runtime environment[17:17.680 --> 17:22.280] initializes any external dependencies of the Lambda code[17:22.280 --> 17:25.760] and you can make sure that any externalized configuration[17:25.760 --> 17:27.920] or dependency that your code retrieves are stored[17:27.920 --> 17:30.640] and referenced locally after the initial run.[17:30.640 --> 17:33.800] So this would be limit re-initializing variables[17:33.800 --> 17:35.960] and objects on every invocation,[17:35.960 --> 17:38.200] keeping it alive and reusing connections[17:38.200 --> 17:40.680] like an HTTP or database[17:40.680 --> 17:43.160] that were established during the previous invocation.[17:43.160 --> 17:45.880] So a really good example of this would be a socket connection.[17:45.880 --> 17:48.040] If you make a socket connection[17:48.040 --> 17:51.640] and this socket connection took two seconds to spawn,[17:51.640 --> 17:54.000] you don't want every time you call Lambda[17:54.000 --> 17:55.480] for it to wait two seconds,[17:55.480 --> 17:58.160] you want to reuse that socket connection.[17:58.160 --> 18:00.600] A few good examples of best practices[18:00.600 --> 18:02.840] would be including logging statements.[18:02.840 --> 18:05.480] This is a kind of a big one[18:05.480 --> 18:08.120] in the case of any cloud computing operation,[18:08.120 --> 18:10.960] especially when it's distributed, if you don't log it,[18:10.960 --> 18:13.280] there's no way you can figure out what's going on.[18:13.280 --> 18:16.560] So you must add logging statements that have context[18:16.560 --> 18:19.720] so you know which particular Lambda instance[18:19.720 --> 18:21.600] is actually occurring in.[18:21.600 --> 18:23.440] Also include results.[18:23.440 --> 18:25.560] So make sure that you know it's happening[18:25.560 --> 18:29.000] when the Lambda ran, use environmental variables as well.[18:29.000 --> 18:31.320] So you can figure out things like what the bucket was[18:31.320 --> 18:32.880] that it was writing to.[18:32.880 --> 18:35.520] And then also don't do recursive code.[18:35.520 --> 18:37.360] That's really a no-no.[18:37.360 --> 18:40.200] You want to write very simple functions with Lambda.[18:41.320 --> 18:44.440] Few different ways to write Lambda actually would be[18:44.440 --> 18:46.280] that you can do the console editor,[18:46.280 --> 18:47.440] which I use all the time.[18:47.440 --> 18:49.320] I like to actually just play around with it.[18:49.320 --> 18:51.640] Now the downside is that if you don't,[18:51.640 --> 18:53.800] if you do need to use custom libraries,[18:53.800 --> 18:56.600] you're not gonna be able to do it other than using,[18:56.600 --> 18:58.440] let's say the AWS SDK.[18:58.440 --> 19:01.600] But for just simple things, it's a great use case.[19:01.600 --> 19:06.080] Another one is you can just upload it to AWS console.[19:06.080 --> 19:09.040] And so you can create a deployment package in an IDE.[19:09.040 --> 19:12.120] Like for example, Visual Studio for.NET,[19:12.120 --> 19:13.280] you can actually just right click[19:13.280 --> 19:16.320] and deploy it directly into Lambda.[19:16.320 --> 19:20.920] Another one is you can upload the entire package into S3[19:20.920 --> 19:22.200] and put it into a bucket.[19:22.200 --> 19:26.280] And then Lambda will just grab it outside of that S3 package.[19:26.280 --> 19:29.760] A few different things to remember about Lambda.[19:29.760 --> 19:32.520] The memory and the timeout are configurations[19:32.520 --> 19:35.840] that determine how the Lambda function performs.[19:35.840 --> 19:38.440] And these will affect the billing.[19:38.440 --> 19:40.200] Now, one of the great things about Lambda[19:40.200 --> 19:43.640] is just amazingly inexpensive to run.[19:43.640 --> 19:45.560] And the reason is that you're charged[19:45.560 --> 19:48.200] based on the number of requests for a function.[19:48.200 --> 19:50.560] A few different things to remember would be the memory.[19:50.560 --> 19:53.560] Like so if you specify more memory,[19:53.560 --> 19:57.120] it's going to increase the cost timeout.[19:57.120 --> 19:59.960] You can also control the memory duration of the function[19:59.960 --> 20:01.720] by having the right kind of timeout.[20:01.720 --> 20:03.960] But if you make the timeout too long,[20:03.960 --> 20:05.880] it could cost you more money.[20:05.880 --> 20:08.520] So really the best practices would be test the performance[20:08.520 --> 20:12.880] of Lambda and make sure you have the optimum memory size.[20:12.880 --> 20:15.160] Also load test it to make sure[20:15.160 --> 20:17.440] that you understand how the timeouts work.[20:17.440 --> 20:18.280] Just in general,[20:18.280 --> 20:21.640] anything with cloud computing, you should load test it.[20:21.640 --> 20:24.200] Now let's talk about an important topic[20:24.200 --> 20:25.280] that's a final topic here,[20:25.280 --> 20:29.080] which is how to deploy Lambda functions.[20:29.080 --> 20:32.200] So versions are immutable copies of a code[20:32.200 --> 20:34.200] in the configuration of your Lambda function.[20:34.200 --> 20:35.880] And the versioning will allow you to publish[20:35.880 --> 20:39.360] one or more versions of your Lambda function.[20:39.360 --> 20:40.400] And as a result,[20:40.400 --> 20:43.360] you can work with different variations of your Lambda function[20:44.560 --> 20:45.840] in your development workflow,[20:45.840 --> 20:48.680] like development, beta, production, et cetera.[20:48.680 --> 20:50.320] And when you create a Lambda function,[20:50.320 --> 20:52.960] there's only one version, the latest version,[20:52.960 --> 20:54.080] dollar sign, latest.[20:54.080 --> 20:57.240] And you can refer to this function using the ARN[20:57.240 --> 20:59.240] or Amazon resource name.[20:59.240 --> 21:00.640] And when you publish a new version,[21:00.640 --> 21:02.920] AWS Lambda will make a snapshot[21:02.920 --> 21:05.320] of the latest version to create a new version.[21:06.800 --> 21:09.600] You can also create an alias for Lambda function.[21:09.600 --> 21:12.280] And conceptually, an alias is just like a pointer[21:12.280 --> 21:13.800] to a specific function.[21:13.800 --> 21:17.040] And you can use that alias in the ARN[21:17.040 --> 21:18.680] to reference the Lambda function version[21:18.680 --> 21:21.280] that's currently associated with the alias.[21:21.280 --> 21:23.400] What's nice about the alias is you can roll back[21:23.400 --> 21:25.840] and forth between different versions,[21:25.840 --> 21:29.760] which is pretty nice because in the case of deploying[21:29.760 --> 21:32.920] a new version, if there's a huge problem with it,[21:32.920 --> 21:34.080] you just toggle it right back.[21:34.080 --> 21:36.400] And there's really not a big issue[21:36.400 --> 21:39.400] in terms of rolling back your code.[21:39.400 --> 21:44.400] Now, let's take a look at an example where AWS S3,[21:45.160 --> 21:46.720] or Amazon S3 is the event source[21:46.720 --> 21:48.560] that invokes your Lambda function.[21:48.560 --> 21:50.720] Every time a new object is created,[21:50.720 --> 21:52.880] when Amazon S3 is the event source,[21:52.880 --> 21:55.800] you can store the information for the event source mapping[21:55.800 --> 21:59.040] in the configuration for the bucket notifications.[21:59.040 --> 22:01.000] And then in that configuration,[22:01.000 --> 22:04.800] you could identify the Lambda function ARN[22:04.800 --> 22:07.160] that Amazon S3 can invoke.[22:07.160 --> 22:08.520] But in some cases,[22:08.520 --> 22:11.680] you're gonna have to update the notification configuration.[22:11.680 --> 22:14.720] So Amazon S3 will invoke the correct version each time[22:14.720 --> 22:17.840] you publish a new version of your Lambda function.[22:17.840 --> 22:21.800] So basically, instead of specifying the function ARN,[22:21.800 --> 22:23.880] you can specify an alias ARN[22:23.880 --> 22:26.320] in the notification of configuration.[22:26.320 --> 22:29.160] And as you promote a new version of the Lambda function[22:29.160 --> 22:32.200] into production, you only need to update the prod alias[22:32.200 --> 22:34.520] to point to the latest stable version.[22:34.520 --> 22:36.320] And you also don't need to update[22:36.320 --> 22:39.120] the notification configuration in Amazon S3.[22:40.480 --> 22:43.080] And when you build serverless applications[22:43.080 --> 22:46.600] as common to have code that's shared across Lambda functions,[22:46.600 --> 22:49.400] it could be custom code, it could be a standard library,[22:49.400 --> 22:50.560] et cetera.[22:50.560 --> 22:53.320] And before, and this was really a big limitation,[22:53.320 --> 22:55.920] was you had to have all the code deployed together.[22:55.920 --> 22:58.960] But now, one of the really cool things you can do[22:58.960 --> 23:00.880] is you can have a Lambda function[23:00.880 --> 23:03.600] to include additional code as a layer.[23:03.600 --> 23:05.520] So layer is basically a zip archive[23:05.520 --> 23:08.640] that contains a library, maybe a custom runtime.[23:08.640 --> 23:11.720] Maybe it isn't gonna include some kind of really cool[23:11.720 --> 23:13.040] pre-trained model.[23:13.040 --> 23:14.680] And then the layers you can use,[23:14.680 --> 23:15.800] the libraries in your function[23:15.800 --> 23:18.960] without needing to include them in your deployment package.[23:18.960 --> 23:22.400] And it's a best practice to have the smaller deployment packages[23:22.400 --> 23:25.240] and share common dependencies with the layers.[23:26.120 --> 23:28.520] Also layers will help you keep your deployment package[23:28.520 --> 23:29.360] really small.[23:29.360 --> 23:32.680] So for node, JS, Python, Ruby functions,[23:32.680 --> 23:36.000] you can develop your function code in the console[23:36.000 --> 23:39.000] as long as you keep the package under three megabytes.[23:39.000 --> 23:42.320] And then a function can use up to five layers at a time,[23:42.320 --> 23:44.160] which is pretty incredible actually,[23:44.160 --> 23:46.040] which means that you could have, you know,[23:46.040 --> 23:49.240] basically up to a 250 megabytes total.[23:49.240 --> 23:53.920] So for many languages, this is plenty of space.[23:53.920 --> 23:56.620] Also Amazon has published a public layer[23:56.620 --> 23:58.800] that includes really popular libraries[23:58.800 --> 24:00.800] like NumPy and SciPy,[24:00.800 --> 24:04.840] which does dramatically help data processing[24:04.840 --> 24:05.680] in machine learning.[24:05.680 --> 24:07.680] Now, if I had to predict the future[24:07.680 --> 24:11.840] and I wanted to predict a massive announcement,[24:11.840 --> 24:14.840] I would say that what AWS could do[24:14.840 --> 24:18.600] is they could have a GPU enabled layer at some point[24:18.600 --> 24:20.160] that would include pre-trained models.[24:20.160 --> 24:22.120] And if they did something like that,[24:22.120 --> 24:24.320] that could really open up the doors[24:24.320 --> 24:27.000] for the pre-trained model revolution.[24:27.000 --> 24:30.160] And I would bet that that's possible.[24:30.160 --> 24:32.200] All right, well, in a nutshell,[24:32.200 --> 24:34.680] AWS Lambda is one of my favorite services.[24:34.680 --> 24:38.440] And I think it's worth everybody's time[24:38.440 --> 24:42.360] that's interested in AWS to play around with AWS Lambda.[24:42.360 --> 24:47.200] All right, next week, I'm going to cover API Gateway.[24:47.200 --> 25:13.840] All right, see you next week.If you enjoyed this video, here are additional resources to look at:Coursera + Duke Specialization: Building Cloud Computing Solutions at Scale Specialization: https://www.coursera.org/specializations/building-cloud-computing-solutions-at-scalePython, Bash, and SQL Essentials for Data Engineering Specialization: https://www.coursera.org/specializations/python-bash-sql-data-engineering-dukeAWS Certified Solutions Architect - Professional (SAP-C01) Cert Prep: 1 Design for Organizational Complexity:https://www.linkedin.com/learning/aws-certified-solutions-architect-professional-sap-c01-cert-prep-1-design-for-organizational-complexity/design-for-organizational-complexity?autoplay=trueEssentials of MLOps with Azure and Databricks: https://www.linkedin.com/learning/essentials-of-mlops-with-azure-1-introduction/essentials-of-mlops-with-azureO'Reilly Book: Implementing MLOps in the EnterpriseO'Reilly Book: Practical MLOps: https://www.amazon.com/Practical-MLOps-Operationalizing-Machine-Learning/dp/1098103017O'Reilly Book: Python for DevOps: https://www.amazon.com/gp/product/B082P97LDW/O'Reilly Book: Developing on AWS with C#: A Comprehensive Guide on Using C# to Build Solutions on the AWS Platformhttps://www.amazon.com/Developing-AWS-Comprehensive-Solutions-Platform/dp/1492095877Pragmatic AI: An Introduction to Cloud-based Machine Learning: https://www.amazon.com/gp/product/B07FB8F8QP/Pragmatic AI Labs Book: Python Command-Line Tools: https://www.amazon.com/gp/product/B0855FSFYZPragmatic AI Labs Book: Cloud Computing for Data Analysis: https://www.amazon.com/gp/product/B0992BN7W8Pragmatic AI Book: Minimal Python: https://www.amazon.com/gp/product/B0855NSRR7Pragmatic AI Book: Testing in Python: https://www.amazon.com/gp/product/B0855NSRR7Subscribe to Pragmatic AI Labs YouTube Channel: https://www.youtube.com/channel/UCNDfiL0D1LUeKWAkRE1xO5QSubscribe to 52 Weeks of AWS Podcast: https://52-weeks-of-cloud.simplecast.comView content on noahgift.com: https://noahgift.com/View content on Pragmatic AI Labs Website: https://paiml.com/

Episode Description:Brian Terry is a senior solutions architect on the ISV Integrations team at AWS (formerly with the Cloud Formation team). We hear about his unique journey from being a star athlete, to racing motorcycles, and eventually completing 2 master's degrees and landing his dream job.   Connect with Brian:Twitter: https://twitter.com/Ineedhelpbrian LinkedIn: https://www.linkedin.com/in/brian-t-b3276250/ GitHub: https://github.com/brianterry Mentioned in today's episode:AWS Cloudformation: https://aws.amazon.com/cloudformation/ AWS On Air: https://aws.amazon.com/developer/community/live-video/aws-on-air/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses: https://ardanlabs.com/education/ Live Events: https://www.ardanlabs.com/live-training-events/ Blog: https://www.ardanlabs.com/blog Github: https://github.com/ardanlabs 

Continuing their conversation from Episode 40, Dave chats with Matteo Rinaudo, a Senior Developer Advocate for AWS CloudFormation (CFN). Matteo dives deeper into CloudFormation, walks through the CloudFormation Hook GitHub repo, and discusses real world advice on how to code with CloudFormation today. Matteo on Twitter: https://twitter.com/mrinaudo Dave on Twitter: https://twitter.com/thedavedev AWS CloudFormation: https://go.aws/3zgjyZ7 AWS CloudFormation CLI: https://go.aws/3Mi7Ujw AWS CloudFormation Quotas: https://go.aws/3ayBa8l AWS CloudFormation Hooks User Guide: https://go.aws/3NTZeRo CloudFormation Hooks Examples: https://bit.ly/3Q2s6Zy Additional CloudFormation Hooks Java and Python Examples: https://bit.ly/3MgI4fC Flake8 for Python Style Guide Enforcement: https://flake8.pycqa.org/ Subscribe: Amazon Music: https://music.amazon.com/podcasts/f8bf7630-2521-4b40-be90-c46a9222c159/aws-developers-podcast Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-developers-podcast/id1574162669 Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGNsb3VkLmNvbS91c2Vycy9zb3VuZGNsb3VkOnVzZXJzOjk5NDM2MzU0OS9zb3VuZHMucnNz Spotify: https://open.spotify.com/show/7rQjgnBvuyr18K03tnEHBI TuneIn: https://tunein.com/podcasts/Technology-Podcasts/AWS-Developers-Podcast-p1461814/ RSS Feed: https://feeds.soundcloud.com/users/soundcloud:users:994363549/sounds.rss

In this episode, Dave chats with Matteo Rinaudo, a Senior Developer Advocate for AWS CloudFormation (CFN). In this episode, Matteo walks through his career start, the beginnings of Infrastructure as Code (IaC), why CloudFormation is useful for developers, and the recent launch of CloudFormation Hooks. CloudFormation Hooks is a new way to create executable custom logic that will automatically inspect your cloud resources before provisioning. Matteo on Twitter: https://twitter.com/mrinaudo Dave on Twitter: https://twitter.com/thedavedev AWS CloudFormation: https://go.aws/3zgjyZ7 AWS CloudFormation CLI: https://go.aws/3Mi7Ujw AWS CloudFormation Quotas: https://go.aws/3ayBa8l AWS CloudFormation Hooks User Guide: https://go.aws/3NTZeRo CloudFormation Hooks Examples: https://bit.ly/3Q2s6Zy Additional CloudFormation Hooks Java and Python Examples: https://bit.ly/3MgI4fC Flake8 for Python Style Guide Enforcement: https://flake8.pycqa.org/ Subscribe: Amazon Music: https://music.amazon.com/podcasts/f8bf7630-2521-4b40-be90-c46a9222c159/aws-developers-podcast Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-developers-podcast/id1574162669 Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGNsb3VkLmNvbS91c2Vycy9zb3VuZGNsb3VkOnVzZXJzOjk5NDM2MzU0OS9zb3VuZHMucnNz Spotify: https://open.spotify.com/show/7rQjgnBvuyr18K03tnEHBI TuneIn: https://tunein.com/podcasts/Technology-Podcasts/AWS-Developers-Podcast-p1461814/ RSS Feed: https://feeds.soundcloud.com/users/soundcloud:users:994363549/sounds.rss

In this month's episode Arjen, JM, and Guy discuss the news from January 2022. Well, everything announced after re:Invent really, but that's mostly from January. There are good announcements all over; from a new Console Home to unpronounceable instance types, but there is also some news around the podcast that's either good or bad depending on how you interpret it. Find us at melb.awsug.org.au or as @AWSMelb on Twitter. News Finally in Sydney Amazon EC2 R6i instances are now available in 8 additional regions Amazon EC2 C6i instances are now available in 10 additional regions AWS Panorama is now available in Asia Pacific (Sydney), and Asia Pacific (Singapore) AWS Resilience Hub expands to 13 additional AWS Regions AWS Direct Connect announces new location in Australia Serverless AWS Lambda now supports Internet Protocol Version 6 (IPv6) endpoints for inbound connections Amazon Virtual Private Cloud (VPC) now supports Bring Your Own IPv6 Addresses (BYOIPv6) - Old announcement mentioned in show Announcing AWS Serverless Application Model (SAM) CLI support for local testing of AWS Cloud Development Kit (CDK) AWS Lambda now supports ES Modules and Top-Level Await for Node.js 14 AWS Lambda now supports Max Batching Window for Amazon MSK, Apache Kafka, Amazon MQ for Apache Active MQ and RabbitMQ as event sources Containers Amazon EKS now supports Internet Protocol version 6 (IPv6) Amazon Elastic Kubernetes Service Adds IPv6 Networking | AWS News Blog EBS CSI driver now available in EKS add-ons in preview Amazon ECS launches new simplified console experience for creating ECS clusters and task definitions ACM Private CA Kubernetes cert-manager plugin is production ready Amazon EMR on EKS adds support for customized container images for AWS Graviton-based EC2 instances Amazon ECR adds the ability to monitor repository pull statistics Amazon ECS now supports Amazon ECS Exec and Amazon Linux 2 for on-premises container workloads EC2 & VPC Introducing Amazon EC2 Hpc6a instances New – Amazon EC2 Hpc6a Instance Optimized for High Performance Computing | AWS News Blog New – Amazon EC2 X2iezn Instances Powered by the Fastest Intel Xeon Scalable CPU for Memory-Intensive Workloads Instance Tags now available on the Amazon EC2 Instance Metadata Service Amazon EC2 On-Demand Capacity Reservations now support Cluster Placement Groups AWS Compute Optimizer makes it easier to optimize by leveraging multiple EC2 instance architectures AWS Announces New Launch Speed Optimizations for Microsoft Windows Server Instances on Amazon EC2 Amazon EC2 customers can now use ED25519 keys for authentication with EC2 Instance Connect Metrics now available for AWS PrivateLink Dev & Ops Amazon Corretto January Quarterly Updates Amazon CloudWatch Logs announces AWS Organizations support for cross account Subscriptions AWS Toolkit for JetBrains IDEs adds support for ECS-Exec for troubleshooting ECS containers AWS Systems Manager Automation now enables you to take action in third-party applications through webhooks Security AWS Secrets Manager now automatically enables SSL connections when rotating database secrets AWS announces phone number enrichments for Amazon Fraud Detector Models Announcing AWS CloudTrail Lake, a managed audit and security lake AWS Firewall Manager now supports AWS Shield Advanced automatic application layer DDoS mitigation Amazon SNS now supports Attribute-based access controls (ABAC) Amazon GuardDuty now detects EC2 instance credentials used from another AWS account Amazon GuardDuty Enhances Detection of EC2 Instance Credential Exfiltration | AWS News Blog Amazon GuardDuty now protects Amazon Elastic Kubernetes Service clusters AWS Security Hub integrates with AWS Health AWS Trusted Advisor now integrates with AWS Security Hub AWS Client VPN now supports banner text and maximum session duration Data Storage & Processing Databases AWS Migration Hub Strategy Recommendations adds support for Babelfish for Aurora PostgreSQL Now DynamoDB can return the throughput capacity consumed by PartiQL API calls to help you optimize your queries and throughput costs Amazon DocumentDB (with MongoDB compatibility) adds support for $mergeObjects and $reduce Amazon DocumentDB (with MongoDB compatibility) adds additional Geospatial query capabilities Amazon DocumentDB (with MongoDB compatibility) now offers a free trial Amazon RDS Performance Insights now supports query execution plan capture for RDS for Oracle Glue Introducing Autoscaling in AWS Glue jobs (Preview) Introducing AWS Glue Interactive Sessions and Job Notebooks (Preview) Announcing Personal Identifiable Information (PII) detection and remediation in AWS Glue (Preview) EMR Introducing real-time collaborative notebooks with EMR Studio Introducing SQL Explorer in EMR Studio Amazon EMR now supports Apache Iceberg, a highly performant, concurrent, ACID-compliant table format for data lakes Amazon EMR on EKS adds error message details in DescribeJobRun API response to simplify debugging Amazon EMR on EKS adds support for customized container images for interactive jobs run using managed endpoints Amazon EMR now supports Apache Spark SQL to insert data into and update Glue Data Catalog tables when Lake Formation integration is enabled OpenSearch Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now supports OpenSearch version 1.1 Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now supports anomaly detection for historical data Fine grained access control now supported on existing Amazon OpenSearch Service domains Redshift Announcing AWS Data Exchange for Amazon Redshift Amazon Redshift Spectrum now offers custom data validation rules Other New – Replication for Amazon Elastic File System (EFS) Amazon ElastiCache adds support for streaming and storing Redis engine logs AWS Storage Gateway management console simplifies gateway creation and management Amazon S3 File Gateway adds schedule-based network bandwidth throttling Amazon FSx for NetApp ONTAP now provides performance and capacity metrics in Amazon CloudWatch AI & ML SageMaker Amazon SageMaker Pipelines now offers native EMR integration for large scale data processing Amazon SageMaker Pipelines now supports concurrency control Amazon SageMaker JumpStart adds LightGBM and CatBoost Models for Tabular Data Amazon SageMaker Feature Store connector for Apache Spark for easy batch data ingestion Announcing SageMaker Training support for ml.g5 instances Other Amazon Kendra launches support for query language Amazon Forecast now supports AWS CloudFormation for managing dataset and dataset group resources Amazon Rekognition improves accuracy of Content Moderation for Video AWS Panorama Appliances now available for purchase on Amazon.com and Amazon Business Amazon Textract adds synchronous support for single page PDF documents and support for PDF documents containing JPEG 2000 encoded images Other Cool Stuff Now Open – AWS Asia Pacific (Jakarta) Region | AWS News Blog Announcing the new Console Home in AWS Management Console A New AWS Console Home Experience | AWS News Blog Amazon Nimble Studio launches the ability to validate launch profile configurations via the Nimble Studio console AWS Elastic Disaster Recovery now supports failback automation Amazon Interactive Video Service adds thumbnail configuration Announcing matrix routing for Amazon Location Service Amazon Location Service enables request-based pricing for all customer use cases IoT AWS IoT Device Management launches Automated Retry capability for Jobs to improve success rates of large scale deployments AWS IoT Core for LoRaWAN Launches Two New Features to Manage and Monitor Communications Between Device and Cloud AWS IoT SiteWise Edge supports new data storage and upload prioritization strategies for intermittent cloud connectivity Sponsors CMD Solutions Silver Sponsors Cevo Versent

En la píldora 18 del podcast de Entre Dev y Ops hablaremos sobre las aportaciones de la comunidad de EDyO. Blog Entre Dev y Ops - https://www.entredevyops.es Telegram Entre Dev y Ops - https://t.me/entredevyops Twitter Entre Dev y Ops - https://twitter.com/entredevyops LinkedIn Entre Dev y Ops - https://www.linkedin.com/in/entre-dev-y-ops-a7404385/ Patreon Entre Dev y Ops - https://www.patreon.com/edyo Amazon Entre Dev y Ops - https://amzn.to/2HrlmRw Enlaces comentados: How to select from 12 Database types - https://towardsdatascience.com/datastore-choices-sql-vs-nosql-database-ebec24d56106  Vulnerabilidad de Log4j - https://www.lunasec.io/docs/blog/log4j-zero-day/  Sistema de control de costes en AWS - https://aws.amazon.com/es/blogs/aws-cloud-financial-management/a-detailed-overview-of-the-cost-intelligence-dashboard/  Vídeo de youtube sobre cómo ahorrar costes en entornos Kubernetes - https://youtu.be/YIPF_a2t4H8  Compañía que se dedica a control de costes - https://www.apptio.com/products/cloudability/  Artículo de Charity Majors sobre CI/CD donde hace una reflexión sobre que Continuous deployment es el gran olvidado: https://stackoverflow.blog/2021/12/20/fulfilling-the-promise-of-ci-cd/  Generador de sonidos de datacenter - https://mynoise.net/NoiseMachines/dataCenterNoiseGenerator.php  How we designed Ubuntu Pro for Confidential Computing on Azure - https://ubuntu.com/blog/how-we-designed-ubuntu-pro-for-confidential-computing-on-azure Más consecuencias del Y2K22 que también afecta a Microsoft - https://www.xataka.com/automovil/algunos-propietarios-honda-tienen-problemas-reloj-su-coche-consecuencias-y2k22-que-tambien-afecta-a-microsoft  Why does Unix store timestamps in a signed integer? - https://unix.stackexchange.com/questions/25361/why-does-unix-store-timestamps-in-a-signed-integer  Post sobre  Oracle Cloud Always Free services - https://blogs.oracle.com/cloud-infrastructure/post/oracle-builds-out-their-portfolio-of-oracle-cloud-infrastructure-always-free-services  Artículo de Genbeta sobre faker.js - https://www.genbeta.com/actualidad/sabotear-tu-propio-proyecto-open-source-grandes-empresas-dejen-beneficiarse-supone-que-github-te-bloquee-todo  FOSDEM 2022 - https://fosdem.org/2022/?s=09  Post sobre la vulnerabilidad 0 day de AWS CloudFormation - https://orca.security/resources/blog/aws-cloudformation-vulnerability/  Dependency Risk and Funding - https://lucumr.pocoo.org/2022/1/10/dependency-risk-and-funding/  Bargain Hardware - https://www.bargainhardware.co.uk/ Servidores en Amazon - https://www.amazon.es/Servidores-Inform%C3%A1tica/s?srs=10675217031&rh=n%3A938009031&tag=entredevyops-21  Digalco - https://digalco.com/  The Google Drive/OneDrive/etc alternative using Telegram API - https://teledriveapp.com/ Brendan Gregg gritando en el datacenter -  https://www.youtube.com/watch?v=tDacjrSCeq4 Amadeus - https://amadeus-resto.be/amadeus-brussel/ Twitter de Charity Majors - https://twitter.com/mipsytipsy Web de Charity Majors - https://charity.wtf/

On The Cloud Pod this week, the team decides 2022 is already a long, cursed year — bring on 2023. Plus nuggets of wisdom from Gartner, Orca discovers breaksformation and Glue vulnerabilities, and 10 questions to help boards (and others) maximize cloud opportunities. A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. JumpCloud, which offers a complete platform for identity, access, and device management — no matter where your users and devices are located.  This week's highlights

Pull your podcast player out of instant retrieval, because we're discussing re:Invent 2021 as well as the weeks before it. Lots of announcements; big, small, weird, awesome, and anything in between. We had fun with this episode and hope you do too. Find us at melb.awsug.org.au or as @AWSMelb on Twitter. News Finally in Sydney AWS Snowcone SSD is now available in the US East (Ohio), US West (San Francisco), Asia Pacific (Singapore), Asia Pacific (Sydney) and AWS Asia Pacific (Tokyo) regions Amazon EC2 M6i instances are now available in 5 additional regions Serverless Introducing Amazon EMR Serverless in preview Announcing Amazon Kinesis Data Streams On-Demand Announcing Amazon Redshift Serverless (Preview) Introducing Amazon MSK Serverless in public preview Introducing Amazon SageMaker Serverless Inference (preview) Simplify CI/CD Configuration for AWS Serverless Applications and your favorite CI/CD system – General Availability Amazon AppStream 2.0 launches Elastic fleets, a serverless fleet type AWS Chatbot now supports management of AWS resources in Slack (Preview) Lambda AWS Lambda now supports partial batch response for SQS as an event source AWS Lambda now supports cross-account container image pulling from Amazon Elastic Container Registry AWS Lambda now supports mTLS Authentication for Amazon MSK as an event source AWS Lambda now logs Hyperplane Elastic Network Interface (ENI) ID in AWS CloudTrail data events Step Functions AWS Step Functions Synchronous Express Workflows now supports AWS PrivateLink Amplify Introducing AWS Amplify Studio AWS Amplify announces the ability to override Amplify-generated resources using CDK AWS Amplify announces the ability to add custom AWS resources to Amplify-created backends using CDK and CloudFormation AWS Amplify UI launches new Authenticator component for React, Angular, and Vue AWS Amplify announces the ability to export Amplify backends as CDK stacks to integrate into CDK-based pipelines AWS Amplify expands its Notifications category to include in-app messaging (Developer Preview) AWS Amplify announces a redesigned, more extensible GraphQL Transformer for creating app backends quickly Containers Fargate Announcing AWS Fargate for Amazon ECS Powered by AWS Graviton2 Processors ECS Amazon ECS now adds container instance health information Amazon ECS has improved Capacity Providers to deliver faster Cluster Auto Scaling Amazon ECS-optimized AMI is now available as an open-source project Amazon ECS announces a new integration with AWS Distro for OpenTelemetry EKS Amazon EKS on AWS Fargate now Supports the Fluent Bit Kubernetes Filter Amazon EKS adds support for additional cluster configuration options using AWS CloudFormation Visualize all your Kubernetes clusters in one place with Amazon EKS Connector, now generally available AWS Karpenter v0.5 Now Generally Available AWS customers can now find, subscribe to, and deploy third-party applications that run in any Kubernetes environment from AWS Marketplace Other Amazon ECR announces pull through cache repositories AWS App Mesh now supports ARM64-based Envoy Images EC2 & VPC Instances New – EC2 Instances (G5) with NVIDIA A10G Tensor Core GPUs | AWS News Blog Announcing new Amazon EC2 G5g instances powered by AWS Graviton2 processors Introducing Amazon EC2 R6i instances Introducing two new Amazon EC2 bare metal instances Amazon EC2 Mac Instances now support hot attach and detach of EBS volumes Amazon EC2 Mac Instances now support macOS Monterey Announcing Amazon EC2 M1 Mac instances for macOS Announcing preview of Amazon Linux 2022 Elastic Beanstalk supports AWS Graviton-based Amazon EC2 instance types Announcing preview of Amazon EC2 Trn1 instances Announcing new Amazon EC2 C7g instances powered by AWS Graviton3 processors Announcing new Amazon EC2 Im4gn and Is4gen instances powered by AWS Graviton2 processors Introducing the AWS Graviton Ready Program Introducing Amazon EC2 M6a instances AWS Compute Optimizer now offers enhanced infrastructure metrics, a new feature for EC2 recommendations AWS Compute Optimizer now offers resource efficiency metrics Networking AWS price reduction for data transfers out to the internet Amazon Virtual Private Cloud (VPC) customers can now create IPv6-only subnets and EC2 instances Application Load Balancer and Network Load Balancer end-to-end IPv6 support AWS Transit Gateway introduces intra-region peering for simplified cloud operations and network connectivity Amazon Virtual Private Cloud (VPC) announces IP Address Manager (IPAM) to help simplify IP address management on AWS Amazon Virtual Private Cloud (VPC) announces Network Access Analyzer to help you easily identify unintended network access Introducing AWS Cloud WAN Preview Introducing AWS Direct Connect SiteLink Other Recover from accidental deletions of your snapshots using Recycle Bin Amazon EBS Snapshots introduces a new tier, Amazon EBS Snapshots Archive, to reduce the cost of long-term retention of EBS Snapshots by up to 75% Amazon CloudFront now supports configurable CORS, security, and custom HTTP response headers Amazon EC2 now supports access to Red Hat Knowledgebase Amazon EC2 Fleet and Spot Fleet now support automatic instance termination with Capacity Rebalancing AWS announces a new capability to switch license types for Windows Server and SQL Server applications on Amazon EC2 AWS Batch introduces fair-share scheduling Amazon EC2 Auto Scaling Now Supports Predictive Scaling with Custom Metrics Dev & Ops New services Measure and Improve Your Application Resilience with AWS Resilience Hub | AWS News Blog Scalable, Cost-Effective Disaster Recovery in the Cloud | AWS News Blog Announcing general availability of AWS Elastic Disaster Recovery AWS announces the launch of AWS AppConfig Feature Flags in preview Announcing Amazon DevOps Guru for RDS, an ML-powered capability that automatically detects and diagnoses performance and operational issues within Amazon Aurora Introducing Amazon CloudWatch Metrics Insights (Preview) Introducing Amazon CloudWatch RUM for monitoring applications' client-side performance IaC AWS announces Construct Hub general availability AWS Cloud Development Kit (AWS CDK) v2 is now generally available You can now import your AWS CloudFormation stacks into a CloudFormation stack set You can now submit multiple operations for simultaneous execution with AWS CloudFormation StackSets AWS CDK releases v1.126.0 - v1.130.0 with high-level APIs for AWS App Runner and hotswap support for Amazon ECS and AWS Step Functions SDKs AWS SDK for Swift (Developer Preview) AWS SDK for Kotlin (Developer Preview) AWS SDK for Rust (Developer Preview) CICD AWS Proton now supports Terraform Open Source for infrastructure provisioning AWS Proton introduces Git management of infrastructure as code templates AWS App2Container now supports Jenkins for setting up a CI/CD pipeline Other Amazon CodeGuru Reviewer now detects hardcoded secrets in Java and Python repositories EC2 Image Builder enables sharing Amazon Machine Images (AMIs) with AWS Organizations and Organization Units Amazon Corretto 17 Support Roadmap Announced Amazon DevOps Guru now Supports Multi-Account Insight Aggregation with AWS Organizations AWS Toolkits for Cloud9, JetBrains and VS Code now support interaction with over 200 new resource types AWS Fault Injection Simulator now supports Amazon CloudWatch Alarms and AWS Systems Manager Automation Runbooks. AWS Device Farm announces support for testing web applications hosted in an Amazon VPC Amazon CloudWatch now supports anomaly detection on metric math expressions Introducing Amazon CloudWatch Evidently for feature experimentation and safer launches New – Amazon CloudWatch Evidently – Experiments and Feature Management | AWS News Blog Introducing AWS Microservice Extractor for .NET Security AWS Secrets Manager increases secrets limit to 500K per account AWS CloudTrail announces ErrorRate Insights AWS announces the new Amazon Inspector for continual vulnerability management Amazon SQS Announces Server-Side Encryption with Amazon SQS-managed encryption keys (SSE-SQS) AWS WAF adds support for Captcha AWS Shield Advanced introduces automatic application-layer DDoS mitigation Security Hub AWS Security Hub adds support for AWS PrivateLink for private access to Security Hub APIs AWS Security Hub adds three new FSBP controls and three new partners SSO Manage Access Centrally for CyberArk Users with AWS Single Sign-On Manage Access Centrally for JumpCloud Users with AWS Single Sign-On AWS Single Sign-On now provides one-click login to Amazon EC2 instances running Microsoft Windows AWS Single Sign-On is now in scope for AWS SOC reporting Control Tower AWS Control Tower now supports concurrent operations for detective guardrails AWS Control Tower now supports nested organizational units AWS Control Tower now provides controls to meet data residency requirements Deny services and operations for AWS Regions of your choice with AWS Control Tower AWS Control Tower introduces Terraform account provisioning and customization Data Storage & Processing Databases Relational databases Announcing Amazon RDS Custom for SQL Server New Multi-AZ deployment option for Amazon RDS for PostgreSQL and for MySQL; increased read capacity, lower and more consistent write transaction latency, and shorter failover time (Preview) Amazon RDS now supports cross account KMS keys for exporting RDS Snapshots Amazon Aurora supports MySQL 8.0 Amazon RDS on AWS Outposts now supports backups on AWS Outposts Athena Amazon Athena adds cost details to query execution plans Amazon Athena announces cross-account federated query New and improved Amazon Athena console is now generally available Amazon Athena now supports new Lake Formation fine-grained security and reliable table features Announcing Amazon Athena ACID transactions, powered by Apache Iceberg (Preview) Redshift Announcing preview for write queries with Amazon Redshift Concurrency Scaling Amazon Redshift announces native support for SQLAlchemy and Apache Airflow open-source frameworks Amazon Redshift simplifies the use of other AWS services by introducing the default IAM role Announcing Amazon Redshift cross-region data sharing (preview) Announcing preview of SQL Notebooks support in Amazon Redshift Query Editor V2 Neptune Announcing AWS Graviton2-based instances for Amazon Neptune AWS releases open source JDBC driver to connect to Amazon Neptune MemoryDB Amazon MemoryDB for Redis now supports AWS Graviton2-based T4g instances and a 2-month Free Trial Database Migration Service AWS Database Migration Service now supports parallel load for partitioned data to S3 AWS Database Migration Service now supports Kafka multi-topic AWS Database Migration Service now supports Azure SQL Managed Instance as a source AWS Database Migration Service now supports Google Cloud SQL for MySQL as a source Introducing AWS DMS Fleet Advisor for automated discovery and analysis of database and analytics workloads (Preview) AWS Database Migration Service now offers a new console experience, AWS DMS Studio AWS Database Migration Service now supports Time Travel, an improved logging mechanism Other Database Activity Streams now supports Graviton2-based instances Amazon Timestream now offers faster and more cost-effective time series data processing through scheduled queries, multi-measure records, and magnetic storage writes Amazon DynamoDB announces the new Amazon DynamoDB Standard-Infrequent Access table class, which helps you reduce your DynamoDB costs by up to 60 percent Achieve up to 30% better performance with Amazon DocumentDB (with MongoDB compatibility) using new Graviton2 instances S3 Amazon S3 on Outposts now delivers strong consistency automatically for all applications Amazon S3 Lifecycle further optimizes storage cost savings with new actions and filters Announcing the new Amazon S3 Glacier Instant Retrieval storage class - the lowest cost archive storage with milliseconds retrieval Amazon S3 Object Ownership can now disable access control lists to simplify access management for data in S3 Amazon S3 Glacier storage class is now Amazon S3 Glacier Flexible Retrieval; storage price reduced by 10% and bulk retrievals are now free Announcing the new S3 Intelligent-Tiering Archive Instant Access tier - Automatically save up to 68% on storage costs Amazon S3 Event Notifications with Amazon EventBridge help you build advanced serverless applications faster Amazon S3 console now reports security warnings, errors, and suggestions from IAM Access Analyzer as you author your S3 policies Amazon S3 adds new S3 Event Notifications for S3 Lifecycle, S3 Intelligent-Tiering, object tags, and object access control lists Glue AWS Glue DataBrew announces native console integration with Amazon AppFlow AWS Glue DataBrew now supports custom SQL statements to retrieve data from Amazon Redshift and Snowflake AWS Glue DataBrew now allows customers to create data quality rules to define and validate their business requirements FSx Introducing Amazon FSx for OpenZFS Amazon FSx for Lustre now supports linking multiple Amazon S3 buckets to a file system Amazon FSx for Lustre can now automatically update file system contents as data is deleted and moved in Amazon S3 Announcing the next generation of Amazon FSx for Lustre file systems Backup Announcing preview of AWS Backup for Amazon S3 AWS Backup adds support for Amazon Neptune AWS Backup adds support for Amazon DocumentDB (with MongoDB compatibility) AWS Backup provides new resource assignment rules for your data protection policies AWS Backup adds support for VMware workloads Other AWS Lake Formation now supports AWS PrivateLink AWS Transfer Family adds identity provider options and enhanced monitoring capabilities Introducing ability to connect to EMR clusters in different subnets in EMR Studio AWS Snow Family now supports external NTP server configuration Announcing data tiering for Amazon ElastiCache for Redis Now execute python files and notebooks from another notebook in EMR Studio AWS Snow Family launches offline tape data migration capability AI & ML SageMaker Introducing Amazon SageMaker Canvas - a visual, no-code interface to build accurate machine learning models Announcing Fully Managed RStudio on Amazon SageMaker for Data Scientists | AWS News Blog Amazon SageMaker now supports inference testing with custom domains and headers from SageMaker Studio Amazon SageMaker Pipelines now supports retry policies and resume Announcing new deployment guardrails for Amazon SageMaker Inference endpoints Amazon announces new NVIDIA Triton Inference Server on Amazon SageMaker Amazon SageMaker Pipelines now integrates with SageMaker Model Monitor and SageMaker Clarify Amazon SageMaker now supports cross-account lineage tracking and multi-hop lineage querying Introducing Amazon SageMaker Inference Recommender Introducing Amazon SageMaker Ground Truth Plus: Create high-quality training datasets without having to build labeling applications or manage the labeling workforce on your own Amazon SageMaker Studio Lab (currently in preview), a free, no-configuration ML service Amazon SageMaker Studio now enables interactive data preparation and machine learning at scale within a single universal notebook through built-in integration with Amazon EMR Other General Availability of Syne Tune, an open-source library for distributed hyperparameter and neural architecture optimization Amazon Translate now supports AWS KMS Encryption Amazon Kendra releases AWS Single Sign-On integration for secure search Amazon Transcribe now supports automatic language identification for streaming transcriptions AWS AI for data analytics (AIDA) partner solutions Introducing Amazon Lex Automated Chatbot Designer (Preview) Amazon Kendra launches Experience Builder, Search Analytics Dashboard, and Custom Document Enrichment Other Cool Stuff In The Works – AWS Canada West (Calgary) Region | AWS News Blog Unified Search in the AWS Management Console now includes blogs, knowledge articles, events, and tutorials AWS DeepRacer introduces multi-user account management Amazon Pinpoint launches in-app messaging as a new communications channel Amazon AppStream 2.0 Introduces Linux Application Streaming Amazon SNS now supports publishing batches of up to 10 messages in a single API request Announcing usability improvements in the navigation bar of the AWS Management Console Announcing General Availability of Enterprise On-Ramp Announcing preview of AWS Private 5G AWS Outposts is Now Available in Two Smaller Form Factors Introducing AWS Mainframe Modernization - Preview Introducing the AWS Migration and Modernization Competency Announcing AWS Data Exchange for APIs Amazon WorkSpaces introduces Amazon WorkSpaces Web Amazon SQS Enhances Dead-letter Queue Management Experience For Standard Queues Introducing AWS re:Post, a new, community-driven, questions-and-answers service AWS Resource Access Manager enables support for global resource types AWS Ground Station launches expanded support for Software Defined Radios in Preview Announcing Amazon Braket Hybrid Jobs for running hybrid quantum-classical workloads on Amazon Braket Introducing AWS Migration Hub Refactor Spaces - Preview Well-Architected Framework Customize your AWS Well-Architected Review using Custom Lenses New Sustainability Pillar for the AWS Well-Architected Framework IoT Announcing AWS IoT RoboRunner, Now Available in Preview AWS IoT Greengrass now supports Microsoft Windows devices AWS IoT Core now supports Multi-Account Registration certificates on IoT Credential Provider endpoint Announcing AWS IoT FleetWise (Preview), a new service for transferring vehicle data to the cloud more efficiently Announcing AWS IoT TwinMaker (Preview), a service that makes it easier to build digital twins AWS IoT SiteWise now supports hot and cold storage tiers for industrial data New connectivity software, AWS IoT ExpressLink, accelerates IoT development (Preview) AWS IoT Device Management Fleet Indexing now supports two additional data sources (Preview) Connect Amazon Connect now enables you to create and orchestrate tasks directly from Flows Amazon Connect launches scheduled tasks Amazon Connect launches Contact APIs to fetch and update contact details programmatically Amazon Connect launches API to configure security profiles programmatically Amazon Connect launches APIs to archive and delete contact flows Amazon Connect now supports contact flow modules to simplify repeatable logic Sponsors CMD Solutions Silver Sponsors Cevo Versent

A lot of things happened in October, and we talked about them all in early November. In this episode Arjen, Guy, and JM discuss a whole bunch of cool things that were released and may be a bit harsh on everything Microsoft. News Finally in Sydney Amazon EC2 Mac instances are now available in seven additional AWS Regions Amazon MemoryDB for Redis is now available in 11 additional AWS Regions Serverless Lambda AWS Lambda now supports triggering Lambda functions from an Amazon SQS queue in a different account AWS Lambda now supports IAM authentication for Amazon MSK as an event source Step Functions Now — AWS Step Functions Supports 200 AWS Services To Enable Easier Workflow Automation | AWS News Blog AWS Batch adds console support for visualizing AWS Step Functions workflows Amplify Announcing General Availability of Amplify Geo for AWS Amplify AWS Amplify for JavaScript now supports resumable file uploads for Storage Other Accelerating serverless development with AWS SAM Accelerate | AWS Compute Blog Containers Amazon EKS Managed Node Groups adds native support for Bottlerocket AWS Fargate now supports Amazon ECS Windows containers Announcing the general availability of cdk8s and support for Go | Containers Monitoring clock accuracy on AWS Fargate with Amazon ECS Amazon ECS Anywhere now supports GPU-based workloads AWS Console Mobile Application adds support for Amazon Elastic Container Service AWS Load Balancer Controller version 2.3 now available with support for ALB IPv6 targets AWS App Mesh Metric Extension is now generally available EC2 & VPC New – Amazon EC2 C6i Instances Powered by the Latest Generation Intel Xeon Scalable Processors | AWS News Blog Amazon EC2 now supports sharing Amazon Machine Images across AWS Organizations and Organizational Units Amazon EC2 Hibernation adds support for Ubuntu 20.04 LTS Announcing Amazon EC2 Capacity Reservation Fleet a way to easily migrate Amazon EC2 Capacity Reservations across instance types Amazon EC2 Auto Scaling now supports describing Auto Scaling groups using tags Amazon EC2 now offers Microsoft SQL Server on Microsoft Windows Server 2022 AMIs AWS Elastic Beanstalk supports Database Decoupling in an Elastic Beanstalk Environment AWS FPGA developer kit now supports Jumbo frames in virtual ethernet frameworks for Amazon EC2 F1 instances Amazon VPC Flow Logs now supports Apache Parquet, Hive-compatible prefixes and Hourly partitioned files Network Load Balancer now supports TLS 1.3 New – Attribute-Based Instance Type Selection for EC2 Auto Scaling and EC2 Fleet | AWS News Blog Amazon Lightsail now supports AWS CloudFormation for instances, disks and databases Dev & Ops CLI AWS Cloud Control API, a Uniform API to Access AWS & Third-Party Services | AWS News Blog Now programmatically manage alternate contacts on AWS accounts CodeGuru Amazon CodeGuru now includes recommendations powered by Infer Amazon CodeGuru announces Security detectors for Python applications and security analysis powered by Bandit Amazon CodeGuru Reviewer adds detectors for AWS Java SDK v2's best practices and features IaC AWS CDK releases v1.121.0 - v1.125.0 with features for faster development cycles using hotswap deployments and rollback control AWS CloudFormation customers can now manage their applications in AWS Systems Manager Other NoSQL Workbench for Amazon DynamoDB now enables you to import and automatically populate sample data to help build and visualize your data models Amazon Corretto October Quarterly Updates Bulk Editing of OpsItems in AWS Systems Manager OpsCenter AWS Fault Injection Simulator now supports Spot Interruptions AWS Fault Injection Simulator now injects Spot Instance Interruptions Security Firewalls AWS Firewall Manager now supports centralized logging of AWS Network Firewall logs AWS Network Firewall Adds New Configuration Options for Rule Ordering and Default Drop Backups AWS Backup Audit Manager adds compliance reports AWS Backup adds an additional layer for backup protection with the availability of AWS Backup Vault Lock Other AWS Security Hub adds support for cross-Region aggregation of findings to simplify how you evaluate and improve your AWS security posture Amazon SES now supports 2048-bit DKIM keys AWS License Manager now supports Delegated Administrator for Managed entitlements Data Storage & Processing Goodbye Microsoft SQL Server, Hello Babelfish | AWS News Blog Announcing availability of the Babelfish for PostgreSQL open source project Announcing Amazon RDS Custom for Oracle AWS announces AWS Snowcone SSD Amazon RDS Proxy now supports Amazon RDS for MySQL Version 8.0 Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) announces support for Cross-Cluster Replication Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) now comes with an improved management console AWS Transfer Family customers can now use Amazon S3 Access Point aliases for granular and simplified data access controls Amazon EMR now supports Apache Spark SQL to insert data into and update Apache Hive metadata tables when Apache Ranger integration is enabled Amazon Neptune now supports Auto Scaling for Read Replicas AWS Glue Crawlers support Amazon S3 event notifications Amazon Keyspaces (for Apache Cassandra) now supports automatic data expiration by using Time to Live (TTL) settings New – AWS Data Exchange for Amazon Redshift | AWS News Blog AI & ML SageMaker Announcing Fast File Mode for Amazon SageMaker Amazon SageMaker Projects now supports Image Building CI/CD templates Amazon SageMaker Data Wrangler now supports Amazon Athena Workgroups, feature correlation, and customer managed keys Other Amazon Kendra launches support for 34 additional languages Amazon Fraud Detector now supports event datasets AWS announces a price reduction of up to 56% for Amazon Fraud Detector machine learning fraud predictions Amazon Fraud Detector launches new ML model for online transaction fraud detection Amazon Transcribe now supports custom language models for streaming transcription Amazon Textract launches TIFF support and adds asynchronous support for receipts and invoices processing Announcing Amazon EC2 DL1 instances for cost efficient training of deep learning models Other Cool Stuff AWS IoT Core now makes it optional for customers to send the entire trust chain when provisioning devices using Just-in-Time Provisioning and Just-in-Time Registration AWS IoT SiteWise announces support for using the same asset models across different hierarchies VMware Cloud on AWS Outposts Brings VMware SDDC as a Fully Managed Service on Premises | AWS News Blog AWS Outposts adds new CloudWatch dimension for capacity monitoring Amazon Monitron launches iOS app Amazon Braket offers D-Wave's Advantage 4.1 system for quantum annealing Amazon QuickSight adds support for Pixel-Perfect dashboards Amazon WorkMail adds Mobile Device Access Override API and MDM integration capabilities Announcing Amazon WorkSpaces API to create new updated images with latest AWS drivers Computer Vision at the Edge with AWS Panorama | AWS News Blog Amazon Connect launches API to configure hours of operation programmatically New region availability and Graviton2 support now available for Amazon GameLift Sponsors CMD Solutions Silver Sponsors Cevo Versent

Watch the live stream: Watch on YouTube About the show Sponsored by us: Check out the courses over at Talk Python And Brian's book too! Special guest: Laís Carvalho Michael #1: Django 4.0 released Django is picking up speed: 4.0 Dec 2021 (+1) 3.0 Dec 2020 (+3) 2.0 Dec 2017 (+7) 1.0.1 May 2010 Feature highlights: The new RedisCache backend provides built-in support for caching with Redis. To ease customization of Forms, Formsets, and ErrorList they are now rendered using the template engine. The Python standard library's zoneinfo is now the default timezone implementation in Django. scrypt password hasher: The new scrypt password hasher is more secure and recommended over PBKDF2. However, it's not the default as it requires OpenSSL 1.1+ and more memory. Django 3.2 has reached the end of mainstream support. The final minor bug fix release, 3.2.10, was issued today. Django 3.2 is an LTS release and will receive security and data loss fixes until April 2024. Some backwards incompatible changes you'll want to be aware of when upgrading from Django 3.2 or earlier. They've begun the deprecation process for some features. Django 4.0 supports Python 3.8, 3.9, and 3.10. Brian #2: python-minifier Suggested by Lance Reinsmith My first thought was “we don't need a minifier for Python” The docs give one reason: “AWS Cloudformation templates may have AWS lambda function source code embedded in them, but only if the function is less than 4KiB. I wrote this package so I could write python normally and still embed the module in a template.” Lance has another reason: “I needed it because the RAM on Adafruit boards using the common M0 chip is around 192KB to 256KB total--not all of which is available to your program. To get around this, you can either 1) compile your code to an .mpy file or 2) minify it. The second worked for me and allowed me to alter it without constantly re-compiling.” Fair enough, what does it do? All of these features are options you can turn off, and are documented well: Combine Import statements Remove Pass statements Remove literal statements (docstrings) Remove Annotations Hoist Literals Rename Locals, with preserved Locals list Rename Globals, with preserved Globals list Convert Positional-Only Arguments to Normal Arguments Also looks like it replaces spaces with tabs Begrudgingly, that makes sense in this context. You can try it at python-minifier.com Laís #3: It's time to stop using Python 3.6 Python 3.6 is reaching the end of it's life in 1 week and 1 day (Dec 23rd), i.e. no more releases after it. You should care because the Python dev team will no longer release security updates for 3.6 ⚠️ if you use Linux, you have a bit more time BUT security updates will be released and bug fixes will not. also, Python 3rd party libraries and frameworks will drop support for 3.6 soon enough. See the log4j issue and Java. Brian might like this one: Grype - a vulnerability scanner for container images and filesystems Michael #4: How to Visualize the Formula 1 Championship in Python Race Highlights | 2021 Abu Dhabi Grand Prix Formula 1: Drive to Survive (Season 3) | Official Trailer Wanting to get into Formula 1 data analysis, the Ergast API is a very good starting point. This tutorial will show you how to use data from the Ergast API to visualize the changes in the 2021 championship standings over the rounds. Introduces fastf1: Wrapper library for F1 data and telemetry API with additional data processing capabilities. Brian #5: nbdime: Jupyter Notebook Diff and Merge tools Suggestion from Henrik Finsberg “you recently covered ‘jut' for viewing Jupyter notebooks from the terminal. Check out ‘mbdime'.” (that was episode 258) So I did. And it looks cool. nbdime provides tools for diffing and merging of Jupyter Notebooks. nbdiff compare notebooks in a terminal-friendly way nbmerge three-way merge of notebooks with automatic conflict resolution nbdiff-web shows you a rich rendered diff of notebooks nbmerge-web gives you a web-based three-way merge tool for notebooks nbshow present a single notebook in a terminal-friendly way Laís #6: Using AI to analyse and recommend software stacks for Python apps thanks Fridolin! Project Thoth: an open source cloud-based Python dependency resolver ML (reinforcement learning) that solves dependency issues taking into consideration runtime envs, hardware and other inputs. Using Markov's decision process. “a smarter pip” that instead of using backtracking, precomputes the dependency information and stores it in a database that can be queried for future resolutions. Using pre-specified criteria by the developer. In summary: Thot's resolver uses automated bots that guarantee dependencies are locked down to specific versions, making builds and deployments reproducible; the aggregated knowledge (reinforcement learning from installed logs) helps the bots to lock the dependencies to the best libraries, instead of the latest. They are in beta phase but welcoming feedback and suggestions from the community. Extras Brian: Pragmatic Bookshelf 12 days of Christmas Today, pytest book is part of the deal, nice timing, right? Michael: My talk at FlaskCon is out Firefox releases RLBox We're all getting identity theft monitoring for 1 year for free :-/ Laís: Python Ireland's speaker's coaching session is on Jan 22nd Learning git the visual way - cool for beginners, thorough explanations Good read for Java devs who want to start with Python (by Real Python) Joke: Janga Python (hellish) virtual envs

בפינה זו, נגיש לכם מידע על העבודה היומיומית בסביבת ענן מנקודת המבט שלנו. דוברי הפרק: אריאל מונפו, בועז זינימן ואבי קינן.‍ בפרק הקודם, המשכנו את השיח על Infrastructure as a Code, הצגנו לייב דמו של Terraform, כאשר הרמנו (והורדנו) מכונה וראינו EC2 קונסול שמתחבר אליה. בפרק זה, נדבר על מהו כלי ה- AWS CloudFormation Templates, מה המקור שלו ומאיפה הכל התחיל. נציג דוגמאות ל-AWS CloudFormation Templates עבור Serverless Application. רוצים להתעדכן בתכנים נוספים בנושאי ענן וטכנולוגיות מתקדמות? הירשמו עכשיו לניוזלטר שלנו ותמיד תישארו בעניינים. להרשמה: https://www.israelclouds.com/newslettersignup

Watch the live stream: Watch on YouTube About the show Sponsored by us: Check out the courses over at Talk Python And Brian's book too! Special guest: Muhammad Raza Brian #1: yaml, GH Actions, and Python 3.10 Anthony Shaw (and others) Old: python: [3.7, 3.8, 3.9, 3.10-dev] New: python: ["3.7", "3.8", "3.9", "3.10"] Reasons: Github Actions use yaml. yaml treats 3.10-dev as a string, since it's got non-numbers in it. yaml treats 3.10 as a number, and is the same as 3.1 hence, we have to use quotes for “3.10” using them on “3.7”, etc is not necessary, but is a nice consistency Michael #2: Beating C and Java, Python Becomes the #1 Most Popular Programming Language, Says TIOBE via Brain Skin "For the first time in more than 20 years we have a new leader of the pack..." the TIOBE Index announced this month. "The long-standing hegemony of Java and C is over.” For Tiobe, its enterprise focus, has seen Java and C dominate in recent years, but Python has been snapping at the heels of Java, and has now overtaken it... "Its ease of learning, its huge amount of libraries, and its widespread use in all kinds of domains, has made it the most popular programming language of today. Congratulations Guido van Rossum!" Muhammad #3: Newspaper3k: Article scraping & curation News, full-text, and article metadata extraction This allows you extract useful information from news articles, similar to Pocket or InstaPaper. Brian #4: PEP 660, pip 21.3, flit 3.4 -> easy editable installs pip install -e /local/dir is a great way to have a project installed while you are developing it. It used to not work with pyproject.toml based projects. Flit worked around this with flit install --``pth-file (or --symlink) PEP660 - Editable installs for pyproject.toml based builds (wheel based) Plus tons of work by Stéphane Bidoul and others, see Test & Code, episode 163 pip 21.3 (Oct 11), flit 3.4 (Oct 10) now support PEP660 And now with pip 21.3 and flit 3.4, pip install -e works for flit projects If you are using optional dependencies, for example: [project.optional-dependencies] test = [ "pytest", "tox", ] Then you need to use a quotes: pip install -e ".[test]" Michael #5: Mito - a JupterLab Extension - generates Python code while you work on your analysis via Tomas Rollo Mito is a spreadsheet that helps you complete your Python analyses 10x faster. You edit the Mitosheet, and it generates Python code for you. Best way to experience it is to watch the video Muhammad #6: troposphere Python library to create AWS CloudFormation descriptions The troposphere library allows easier creation of CloudFormation templates by writing Python code to describe AWS resources. Extras Muhammad How to learn Unix Tools Brian PyCon 2022 site is live, https://us.pycon.org/2022/ Joke: Alphabet cancels Loon

July and August were very boring months for announcements, so Arjen, JM, and Guy decided to discuss them both in a single episode. They also decided to record before the month actually ended, which doesn't really behoove them as they missed out on a couple of actually interesting announcements. So those will be discussed in our September episode. News Finally in Sydney Amazon ml.Inf1 instances are now available on Amazon SageMaker in 4 additional AWS Regions Amazon RDS Cross-Region Automated Backups Regional Expansion AWS Directory Service now supports smart card authentication with AD Connector for Amazon WorkSpaces in 5 additional AWS Regions Serverless Lambda AWS Lambda adds support for Python 3.9 AWS Lambda now supports Amazon MQ for RabbitMQ as an event source Amplify AWS Amplify launches new full-stack CI/CD capabilities Complete guide to full-stack CI/CD workflows with AWS Amplify | Front-End Web & Mobile AWS Amplify CLI adds support for storing environment variables and secrets accessed by AWS Lambda functions AWS Amplify allows you to mix and match authorization modes in DataStore AWS Amplify now supports Sign in with Apple Announcing Amplify Geo (Developer Preview) for AWS Amplify Other Amazon API Gateway now supports mutual TLS with certificates from third-party CAs and ACM Private CA Simplify CI/CD configuration for serverless applications and your favorite CI/CD system — Public Preview AWS AppSync now supports custom authorization with AWS Lambda for GraphQL APIs Containers Amazon EKS and EKS Distro now support Kubernetes version 1.21 Amazon EKS now supports Kubernetes 1.21 | Containers Amazon EKS managed node groups now supports parallel node upgrades Amazon EKS now supports Multus Amazon ECS supports additional configurations for scheduled and event-driven tasks AWS Cloud Map supports configuring negative caching for DNS queries AWS App Mesh Constructs for AWS CDK are now generally available AWS Private Certificate Authority introduces integration with Kubernetes Amazon VPC CNI plugin increases pods per node limits EC2 & VPC Instances Introducing new Amazon EC2 G4ad instance sizes New – Amazon EC2 M6i Instances Powered by the Latest-Generation Intel Xeon Scalable Processors | AWS News Blog Amazon EC2 customers can now use ED25519 keys for authentication during instance connectivity operations Amazon EC2 Hibernation adds support for C5d, M5d, and R5d Instances Amazon Virtual Private Cloud (VPC) customers can now assign IP prefixes to their EC2 instances Assigning prefixes to Amazon EC2 network interfaces - Amazon Elastic Compute Cloud Amazon EC2 now supports custom time windows for Scheduled Events Auto Scaling Amazon EC2 Auto Scaling enhances Instance Refresh with configuration checks, Launch Template validation, and Amazon EventBridge notifications Amazon EC2 Auto Scaling now lets you control which instances to terminate on scale-in Other Amazon EC2 adds Resource Identifiers and Tags for VPC Security Group Rules Amazon CloudFront announces new APIs to locate and move alternate domain names (CNAMEs) AWS Elastic Beanstalk supports Capacity Rebalancing for Amazon EC2 Spot Instances AWS lowers data processing charges for AWS PrivateLink AWS IoT Core for LoRaWAN now supports VPC endpoints AWS IoT Core now supports VPC Endpoints Dev & Ops Dev Tooling EC2 Image Builder now supports parameters in components for creating custom images AWS Cloud9 introduces new features to browse CloudWatch Logs, S3, and use EC2 instance profiles Introducing AWS App Runner integration in the AWS Toolkit for VS Code Amazon CodeGuru Profiler adds recommendation support for Python applications Amazon CodeGuru Profiler extends visualizations capability with a new compare option for application profile Amazon CodeGuru Profiler announces new automated onboarding process for AWS Lambda functions CodeBuild Supports Publicly Viewable Build Results AWS AppConfig now enables customers to compare two application configuration versions AWS App2Container now supports containerization of complex multi-tier Windows applications CDK/CloudFormation Announcing CDK Pipelines GA, CI/CD for CDK Apps AWS CDK releases v1.111.0 - v1.116.0 with updates for unit testing and CDK Pipelines support AWS CloudFormation now supports more stacks per AWS account You can now import your AWS CloudFormation stacks into a CloudFormation stack set Systems Manager AWS Systems Manager Application Manager now supports full lifecycle management of AWS CloudFormation templates and stacks Now view inventory and patch compliance of stopped instances using AWS Systems Manager AWS Systems Manager Automation now supports upgrade of SQL Server 2012 AWS Systems Manager OpsCenter launches operational insights to identify duplicate items and event sources with unusual activity Now enable auto-approval of change requests and expedite changes with AWS Systems Manager Change Manager AWS Systems Manager Change Manager now supports AWS IAM roles as approvers AWS Systems Manager Fleet Manager now offers report generation for Managed Instances Other AWS Control Tower announces improvements to guardrail naming and descriptions Announcing Amazon CloudWatch cross account alarms Amazon CloudWatch Synthetics supports visual monitoring Amazon CloudWatch Logs now supports Usage Metrics Security AWS Firewall Manager now supports central monitoring of VPC routes for AWS Network Firewall AWS Shield Advanced no longer requires AWS WAF logging for web-application layer event response AWS Certificate Manager provides expanded usage of imported ECDSA and RSA Certificates Amazon QLDB supports customer managed KMS keys AWS Control Tower now provides support for KMS Encryption AWS Security Hub adds 10 new controls to its Foundational Security Best Practices standard for enhanced cloud security posture monitoring AWS License Manager now supports Delegated Administrator AWS WAF now offers managed rule group versioning AWS Security Hub adds 18 new controls to its Foundational Security Best Practices standard and 8 new partners for enhanced cloud security posture monitoring Data Storage & Processing AWS DataSync can now copy system access control lists (SACLs) to Amazon FSx for Windows File Server Amazon Lightsail now offers object storage for storing static content Amazon Data Lifecycle Manager launches new console experience Announcing availability of Red Hat Enterprise Linux with Microsoft SQL Server for Amazon EC2 Amazon Neptune now supports the openCypher query language Amazon RDS Proxy can now be created in a shared Virtual Private Cloud (VPC) Amazon RDS for SQL Server now supports Automatic Minor Version Upgrades Introducing Amazon MemoryDB for Redis – A Redis-Compatible, Durable, In-Memory Database Service | AWS News Blog AWS Transfer Family expands compatibility for FTPS/FTP clients and increases limit for number of servers Amazon ElastiCache for Redis now supports auto scaling EBS AWS Announces General Availability of Amazon EBS io2 Block Express Volumes Amazon Elastic Block Store now supports idempotent volume creation AWS CloudTrail now supports logging of data events for Amazon EBS direct APIs Athena Amazon Athena adds parameterized queries to improve reusability and security Amazon Athena announces data source connector for Power BI S3 AWS Storage Gateway adds support for AWS Privatelink for Amazon S3 and Amazon S3 Access Points Amazon S3 Access Points aliases allow any application that requires an S3 bucket name to easily use an access point Amazon S3 on Outposts supports direct access for applications running outside the Outposts VPC Amazon S3 on Outposts now supports sharing across multiple accounts Amazon EMR now supports Amazon S3 Access Points to simplify access control Redshift Amazon Redshift simplifies the use of JDBC/ODBC with authentication profile Cross-Account Data Sharing for Amazon Redshift | AWS News Blog Redshift spatial performance enhancements and new spatial functions Glue AWS Glue Studio now provides data previews during visual job authoring AWS Glue DataBrew now supports writing prepared data directly into JDBC-supported destinations AWS Glue DataBrew adds the ability to specify which data quality statistics are generated for your datasets AWS Glue DataBrew now supports numerical format transformations AWS Glue DataBrew now supports writing prepared data into AWS Lake Formation-based AWS Glue Data Catalog S3 tables Snow Family AWS Snowball Edge Storage Optimized devices now supports high performance NFS data transfer AWS Snow Family now enables you to remotely monitor and operate your connected Snowcone devices AWS Snowball now supports multicast streams and routing by providing instances with direct access to external networks AWS Snowcone now supports multicast streams and routing by providing instances with direct access to external networks AI & ML Amazon Textract announces improvements to detection of handwritten text, digits, dates, and phone numbers Amazon Textract announces specialized support for automated processing of invoices and receipts Announcing Model Variable Importance for Amazon Fraud Detector AWS customers can now view all the labels supported by Amazon Rekognition Amazon Neptune ML is now generally available with support for edge predictions, automation, and more Amazon EC2 Inf1 instances now supports TensorFlow 2 SageMaker Amazon announces new AWS Deep Learning Containers to deploy Hugging Face models faster on Amazon SageMaker Amazon SageMaker Pipeline introduces a automatic hyperparameter tuning step Amazon SageMaker Autopilot and Automatic Model Tuning now support more refined access control using Condition Key Policies Amazon SageMaker now supports M5d, R5, P3dn, and G4dn instances for SageMaker Notebook Instances Amazon SageMaker Pipelines now supports invoking AWS Lambda Functions Amazon SageMaker notebook instance now supports Amazon Linux 2 Introducing Amazon SageMaker Asynchronous Inference, a new inference option for workloads with large payload sizes and long inference processing times Kendra Announcing Amazon Kendra Smaller Units and Price Drop Amazon Kendra releases Web Crawler to enable web site search Amazon Kendra releases Principal Store for secure search Amazon Kendra releases WorkDocs Connector Other Cool Stuff IoT AWS IoT SiteWise is expanding its transforms and formula expressions capabilities AWS IoT SiteWise Edge now generally available AWS SiteWise now supports custom time intervals for metric aggregations Announcing support for new Timestamp function, PreTrigger function and ability to write nested expressions within aggregation functions (SiteWise) Announcing support for exporting data from AWS IoT SiteWise to Amazon S3 The rest The Amazon Chime SDK adds media capture pipelines to enable capture of meeting video, audio, and content streams Amazon AppStream 2.0 adds support for real-time audio-video using a web browser AWS Now Allows Customers To Pay For Their Usage in Advance AWS Organizations increases quotas for tag policies AWS DeepRacer announces DeepRacer LIVE races Amazon HealthLake is now Generally Available Introducing AWS for Health Introducing Amazon Route 53 Application Recovery Controller | AWS News Blog CloudFormation templates for Amazon Route 53 Application Recovery Controller (ARC) - GitHub Amazon CloudWatch adds support for trimmed mean statistics Amazon WorkSpaces now offers web access with WorkSpaces Streaming Protocol (WSP) Amazon WorkSpaces Renews Windows Desktop Experience with Windows Server 2019 bundles and 64-bit Microsoft Office 2019 Fully customizable action space now available in AWS DeepRacer Console Sponsors CMD Solutions Silver Sponsors Cevo Versent

On The Cloud Pod this week, AWS releases new features including Managed Grafana, GCP Serverless solves the cold start problem, and Wiz hacks into CosmosDB. A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. JumpCloud, which offers a complete platform for identity, access, and device management — no matter where your users and devices are located.  This week's highlights

Un épisode sur deux du podcast est consacré à une brève revue des principales nouveautés AWS. Cette semaine, nous fêtons un anniversaire, nous parlons de stockage avec S3 et d'une nouvelle base de données, Grafana managé est maintenant disponible pour toutes et tous, nous parlons d'une réduction de prix et de nouvelles possibilités offertes par Amazon VPC et AWS CloudFormation.

Un épisode sur deux du podcast est consacré à une brève revue des principales nouveautés AWS. Cette semaine, nous fêtons un anniversaire, nous parlons de stockage avec S3 et d'une nouvelle base de données, Grafana managé est maintenant disponible pour toutes et tous, nous parlons d'une réduction de prix et de nouvelles possibilités offertes par Amazon VPC et AWS CloudFormation.

En el episodio 64 del podcast de Entre Dev y Ops hablaremos de Política como código. Blog Entre Dev y Ops - https://www.entredevyops.es Telegram Entre Dev y Ops - https://t.me/entredevyops Twitter Entre Dev y Ops - https://twitter.com/EntreDevYOps LinkedIn Entre Dev y Ops - https://www.linkedin.com/in/entre-dev-y-ops-a7404385/ Patreon Entre Dev y Ops - https://www.patreon.com/edyo Amazon Entre Dev y Ops - https://amzn.to/2HrlmRw Enlaces comentados: Definición de Policy as Code by Hashicorp - https://docs.hashicorp.com/sentinel/concepts/policy-as-code Hashicorp Sentinel - https://docs.hashicorp.com/sentinel AWS CloudFormation Guard - https://aws.amazon.com/es/blogs/mt/introducing-aws-cloudformation-guard-2-0/ AWS CloudFormation Guard GitHub repo - https://github.com/aws-cloudformation/cloudformation-guard Open Policy Agent - https://www.openpolicyagent.org/ CIS AWS - https://www.cisecurity.org/benchmark/amazon_web_services/ AWS CDK - https://aws.amazon.com/es/cdk/ AWS Cloudformation - https://aws.amazon.com/es/cloudformation/ Terraform - https://www.terraform.io/ Envoy - https://www.envoyproxy.io/docs/envoy/latest/intro/what_is_envoy Cloud Native Foundation Landscape - https://landscape.cncf.io/ GitOps - https://www.redhat.com/es/topics/devops/what-is-gitops Tweet de Javier Moreno - https://twitter.com/ciberado/status/1422464468492169219 Infinidash - https://twitter.com/hashtag/Infinidash CFRipper - https://cfripper.readthedocs.io/ Conftest - https://www.conftest.dev/

Setting a new record for delay in editing, you can finally listen to Arjen, JM, and Guy discuss the news from April 2021. This was recorded nearly two months before it was released. News Finally in Sydney Amazon Transcribe Custom Language Models now support Australian English, British English, Hindi and US Spanish Multi-Attach for Provisioned IOPS io2 Now Available in Thirteen Additional AWS Regions AWS Transit Gateway Connect is now available in additional AWS Regions AWS CloudShell is now available in the Asia Pacific (Mumbai), Asia Pacific (Sydney), and Europe (Frankfurt) regions Serverless API Gateway Amazon API Gateway custom domain names now support multi-level base path mappings Lambda AWS Lambda@Edge changes duration billing granularity from 50ms down to 1ms Amazon CloudWatch Lambda Insights Now Supports AWS Lambda Container Images (General Availability) Amazon RDS for PostgreSQL Integrates with AWS Lambda AWS Lambda@Edge now supports Node 14.x Step Functions AWS Step Functions adds new data flow simulator for modelling input and output processing EventBridge Amazon EventBridge introduces support for cross-Region event bus targets AWS Chatbot now expands coverage of AWS Services monitored through Amazon EventBridge Amplify Data management is now generally available in the AWS Amplify Admin UI Amplify iOS now available via Swift Package Manager (SPM) AWS Amplify now orchestrates multiple Amazon DynamoDB GSI updates in a single deployment Containers eksctl now supports creating node groups using resource specifications and dry run mode AWS Secrets Manager Delivers Provider for Kubernetes Secrets Store CSI Driver EC2 & VPC Amazon EC2 Auto Scaling introduces Warm Pools to accelerate scale out while saving money Amazon VPC Flow Logs announces out-of-the-box integration with Amazon Athena MacSec Encryption for some Direct Connect (apologies, linking to this prevents the podcast from getting published :shrug:) New AWS Storage Gateway management console simplifies gateway creation and management AWS Batch now supports EFS volumes at the job level AWS Backup now supports cost allocation tags for Amazon EFS Backups Internet Group Management Protocol (IGMP) Multicast on AWS Transit Gateway is now available in major AWS regions worldwide Amazon EC2 enables replacing root volumes for quick restoration and troubleshooting Announcing availability of Red Hat Enterprise Linux with High availability for Amazon EC2 AWS Nitro Enclaves now supports Windows operating system Dev & Ops Dev Amazon CodeGuru Reviewer Updates: New Predictable Pricing Model Up To 90% Lower and Python Support Moves to GA | AWS News Blog Now available credential profile support for AWS SSO and Assume Role with MFA in the AWS Toolkit for Visual Studio AWS CodeDeploy improves support for EC2 deployments with Auto Scaling Groups AWS SAM CLI now supports AWS CDK applications - public preview Better together: AWS SAM and AWS CDK | AWS Compute Blog Proton AWS Proton allows adding and removing instances from an existing service AWS Proton introduces customer-managed environments AWS Proton adds an API to cancel deployments CloudFormation You can now deploy CloudFormation Stacks concurrently across multiple AWS regions using AWS CloudFormation StackSets AWS CloudFormation Command Line Interface (CFN-CLI) now supports TypeScript AWS CloudFormation Modules now Provides YAML and Delimiter Support Now reference latest AWS Systems Manager parameter values in AWS CloudFormation templates without specifying parameter versions You can now use macros and transforms in CloudFormation templates to create AWS CloudFormation StackSets Control Tower AWS Control Tower introduces changes to preventive S3 guardrails and updates to S3 bucket encryption protocols AWS Control Tower now provides configurable naming during Landing Zone setup Systems Manager AWS Systems Manager Run Command now displays more logs and enables log download from the console AWS Systems Manager Parameter Store now supports easier public parameter discoverability Customers can now use ServiceNow to track operational items related to AWS resources AWS Systems Manager Parameter Store now supports removal of parameter labels AWS Systems Manager now supports Amazon Elastic Container Service clusters AWS Systems Manager OpsCenter and Explorer now integrate with AWS Security Hub for diagnosis and remediation of security findings Security Firewalls How to Get Started with Amazon Route 53 Resolver DNS Firewall for Amazon VPC | AWS News Blog Reduce Unwanted Traffic on Your Website with New AWS WAF Bot Control | AWS News Blog AWS Firewall Manager now supports centralized management of Amazon Route 53 Resolver DNS Firewall AWS Firewall Manager now supports centralized deployment of the new AWS WAF Bot Control across your organization AWS WAF now supports Labels to improve rule customization and reporting Identity Review last accessed information to identify unused EC2, IAM, and Lambda permissions and tighten access for your IAM roles AWS Identity and Access Management now makes it easier to relate a user's IAM role activity to their corporate identity Other AWS Config launches the ability to track and visualize compliance change history of conformance packs AWS Security Hub Automated Response & Remediation Solution adds support for AWS Foundational Security Best Practices standard You now can use AWS CloudTrail to log Amazon DynamoDB Streams data-plane API activity Data Storage & Processing Glue Detect outliers and use dedicated transforms to handle outliers in AWS Glue DataBrew AWS Glue DataBrew now supports time-based, pattern-based and customizable parameters to create dynamic datasets AWS announces preview of AWS Glue custom blueprints AWS Glue now supports cross-account reads from Amazon Kinesis Data Streams AWS Glue now supports missing value imputation based on machine learning AWS announces data sink capability for the Glue connectors AWS Glue DataBrew announces native console integration with Amazon AppFlow to connect to data from SaaS (Software as a Service) applications and AWS services (in Preview) Redshift AQUA (Advanced Query Accelerator) – A Speed Boost for Your Amazon Redshift Queries | AWS News Blog Announcing cross-VPC support for Amazon Redshift powered by AWS PrivateLink Announcing general availability of Amazon Redshift native console integration with partners Announcing general availability of Amazon Redshift native JSON and semi-structured data support EMR Amazon EMR Release 5.33 now supports 10 new instance types Amazon EMR Studio is now generally available Athena Announcing general availability of Amazon Athena ML powered by Amazon SageMaker User Defined Functions (UDF) are now generally available for Amazon Athena RDS Amazon RDS for SQL Server now supports Extended Events Amazon RDS on VMware networking now simplified and more secure Other Amazon FSx and AWS Backup announce support for copying file system backups across AWS Regions and AWS accounts AWS Batch increases job scheduling and EC2 instance scaling performance Amazon Elasticsearch Service now supports integration with Microsoft Power BI AWS Ground Station now supports data delivery to Amazon S3 Amazon ElastiCache now supports publishing Redis logs to Amazon CloudWatch Logs and Kinesis Data Firehose AI & ML SageMaker Decrease Your Machine Learning Costs with Instance Price Reductions and Savings Plans for Amazon SageMaker | AWS News Blog New options to trigger Amazon SageMaker Pipeline executions ( EventBridge) Other Detect abnormal equipment behavior with Amazon Lookout for Equipment — now generally available Amazon Fraud Detector now supports Batch Fraud Predictions Get estimated run time for forecast creation jobs while using Amazon Forecast Amazon Kendra launches dynamic relevance tuning Other Cool Stuff WorkSpaces Amazon WorkSpaces webcam support now Generally Available Amazon WorkSpaces now supports smart cards with the WorkSpaces macOS client application IVS Amazon Interactive Video Service adds new Cloudwatch Metrics Amazon Interactive Video Service adds support for recording live streams to Amazon S3 Connect Amazon Connect launches audio device settings for the custom Contact Control Panel (CCP) Amazon Connect allows contact center managers to configure agent settings in a custom Contact Control Panel (CCP) Other AWS RoboMaker now supports the ability to configure tools for simulation jobs Amazon AppStream 2.0 adds support for fully managed image updates Amazon Managed Service for Grafana now supports Grafana Enterprise upgrade, Grafana version 7.5, Open Distro for Elasticsearch integration, and AWS Billing reports AWS Cloud9 now supports Amazon Linux 2 environments CloudWatch Metric Streams – Send AWS Metrics to Partners and to Your Apps in Real Time | AWS News Blog Announcing open source robotics projects for AWS DeepRacer Announcing Moving Graphs for CloudWatch Dashboards Amazon Nimble Studio – Build a Creative Studio in the Cloud | AWS News Blog AWS Snow Family now enables you to order, track, and manage long-term pricing Snow jobs The Nanos AWS Console Mobile Application adds support for Asia Pacific (Osaka) region (Arjen) Amazon Connect reduces telephony rates in Cyprus, Belgium, and Portugal (Guy) AWS Cloud9 now supports Amazon Linux 2 environments (Jean-Manuel) Sponsors Gold Sponsor Innablr Silver Sponsors AC3 CMD Solutions DoIT International

Un épisode sur deux du podcast est consacré à une brève revue des principales nouveautés AWS. Cette semaine, nous parlons d'une baisse de prix sur les instances Windows et SQL Serveur, de partage de vos extensions AWS CloudFormation, d'un concours autour de Graviton et d'un nouvel outil de programmation visuelle pour orchestrer vos fonctions AWS Lambda.

Un épisode sur deux du podcast est consacré à une brève revue des principales nouveautés AWS. Cette semaine, nous parlons d'une baisse de prix sur les instances Windows et SQL Serveur, de partage de vos extensions AWS CloudFormation, d'un concours autour de Graviton et d'un nouvel outil de programmation visuelle pour orchestrer vos fonctions AWS Lambda.

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS」 おはようございます、水曜日担当の福島です。 今日は 6/22に出たアップデートをピックアップしてご紹介 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ トークスクリプト https://blog.serverworks.co.jp/aws-update-2021-06-22 ■ UPDATE PICKUP AWS CloudFormationがレジストリ機能を提供開始 Amazon Aurora Serverless v1は、クローンの作成をサポート Amazon RDS for MySQLのバージョン8.0が監査プラグインをサポート Amazon Keyspacesは、新しいAmazon CloudWatchメトリクスをサポート AWS Elemental MediaLiveは、画像ベースの字幕をテキストベースの 字幕に変換できるように ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

שלום וברוכים הבאים לפרק מספר 410 של רברס עם פלטפורמה - זהו פרק מספר 73 של באמפרס.אם בעבר יצא לכם לשמוע שוב את פרק 68 [לא זה . . . זה, לפחות אם האזנתם ולא קראתם], אז זו כנראה הייתה טעות, כי זה היה פרק 62 [72 . . . הסתבכנו עוד יותר]. בכל מקרה, הפעם לא טעינו, ככה אני מקווה [אז זהו, ש…].אנחנו מקליטים את באמפרס אחרי הרבה הרבה זמן שלא נפגשנו - באולפן נמצאים אלון, אני [רן] ודותן - אהלן חברים! מה נשמע?האולפן הוא כמובן וירטואלי - אנחנו עובדים מהבתים, ברובנו - והתאריך היום, למען ההיסטוריה, הוא ה-27 באפריל 2021, ואנחנו מתחילים לחזור לנורמל [אז זהו, ש…. לא משנה].באמפרס, למי שלא יצא לו להקשיב בשבע או שמונה השנים האחרונות, זו בעצם סדרה של קצרצרים, שבה אנחנו סוקרים חדשות טכנולוגיות מעניינות שיצא לנו לפגוש בחודש האחרון - אבל כיוון שהרבה זמן לא נפגשנו, אז זה יוצא, ככה, קצת יותר מחודש - זהו, סדרה של קצרצרים, חווים את דעתינו וממליצים על קריאה או ספריות או דברים מעניינים שמצאנו ברחבי האינטרנט[ים]. אז קדימה - בואו נתחיל.רן - אני דווקא אתחיל הפעם במשהו קצת שולי - בזמן האחרון החלטתי להקדיש את עצמי למדע[!]: יוצא לי הרבה פחות לקרוא בלוגים וכאלה, והחלטתי שאני רוצה להתרכז בלקחת קורסים, אז אני יכול לבוא עם המלצות על קורסים, ודברים שיצא לי ללמוד ומאוד אהבתי . . . בעבר גם המלצתי על ספרים [בבאמפרס 68 המקורי . . . מקרי? עוד נחזור לזה], ובזמן האחרון אני עוסק בתחום של Data Science, ורציתי להשלים הרבה דברים, שחלקם הם Basic וחלקם קצת יותר מתקדמים, והחלטתי לבדוק כל מיני קורסים Online, ולראות מה הם שווים והאם אני מתחבר לחווייה הזאת.עשיתי לא מעט קורסים ב-Coursera וב-edX וב-Udemy, ורציתי להמליץ על כמה.אז קודם כל - יש הרבה שאני לא ממליץ עליהם - והם לא ברשימה . . . לקחתי לא מעט קורסים, שבסופו של דבר אמרתי לעצמי “אוקיי, זה לא היה שווה את זה”אבל יש כמה שכן - אם זה מבחינת התוכן עצמו, כשתוכן כמובן זה משהו אינדיבידואלי, זאת אומרת שאם זה רלוונטי לכם תלכו על זה ואם לא אז לאאבל גם בעיקר מבחינת אופן ההגשה של הקורס: קורסים שהם פשוט מאוד מושקעים - חלקם צולמו במיוחד לפלטפורמה, זאת אומרת שלא “סתם” שמו מצלמה בכיתה ואחר כך שידרו את זה אלא צולמו ממש לפלטפורמה ואפשר לראות - משתמשים שם באמצעי המחשה שהם הרבה יותר נוחים ונגישים.וחלקם לא . . . לא צולמו במיוחד, אבל עדיין הם טובים.אז כמה קורסים שרציתי להמליץ עליהם . . .אז קודם כל - יש כמה קורסים של ה- Imperial College London, שחלקם הם מאוד Basics, כמו היזכרות באלגברה לינארית או היזכרות באינפי (באנגלית קוראים לזה Multivariate Calculus), ונושאים כמו סטטיסטיקה - Principal Component Analysis (PCA) . . . יכול להיות שאת חלק מהדברים יצא לכם ללמוד בתואר הראשון, אם עשיתםאני למדתי את חלקם, ובחלקם פשוט רציתי להיזכר [ד”ש לאביב צנזור ולעליזה מלק]והם מוגשים בצורה מאוד יפה - בעצם, כל הקורסים שראיתי עד היום מ-Imperial College London מוגשים בצורה מאוד מאוד יפה, גם מבחינת העריכה של התוכן וגם מבחינת הפרזנטציה, והייתי מאוד ממליץ עליהם.קורסים אחרים שלקחתי, והייתי רוצה להמליץ - קורס בסיסי בהסתברות וסטטיסטיקה מהרווארד, שנקרא Harvard STAT110xבקורס עצמו אין הרבה קטעים מצולמים - הוא ברובו קריאה - אבל לדעתי הוא מוגש בצורה מאוד יפההרבה מאוד דברים מוגשים בצורה… גם מתימטית טובה אבל גם סיפורית טובה, עם לא מעט אנימציות ואמצעי המחשה אחרים שאני מאוד אהבתי, ואני חושב שזה קורס מאוד מושקע.ועכשיו אני עושה קורס שגם הייתי רוצה מאוד להמליץ עליו, של מרצה בשם Professor Daphne Koller, שנקרא Probabilistic Graphical Models 1: Representationהקורס מכסה דברים כמו רשתות בייסיאניות ומודלים מרקוביים ודברים בסגנון הזה, ויש כמה דברים מעניינים על הקורס הזה -(1) הקורס כנראה לא צולם במיוחד ל-Coursera, אבל למעשה Daphne Koller, שכמו שאתם בטח מבינים מהשם שלה היא ישראלית לשעבר שהיום מלמדת בסטנפורד - אז זה קורס שבעצם נלקח מסטנפורד.אתם יכולים הרבה פעמים לבחור קורסים מאוניברסיטאות שביום-יום לא הייתה לכם גישה אליהן, וזה נחמד.חוץ מזה [2] גם קצת קראתי והבנתי שהיא ה-Co-Founder של Coursera, יחד עם Andrew Ng - פרט טריווייה שלא ידעתי ומעניין להגיד.היא בעצם הייתה באיזשהו שלב גם ה-CEO של Coursera, תוך כדי העבודה שלה בסטנפורד.[ויש שיחות סופר מעניינות של Lex Fridman עם שניהם - כאן Daphne Koller: Biomedicine and Machine Learning וכאן Andrew Ng: Deep Learning, Education, and Real-World AI]זהו, אז אלו ככה כמה קורסים שאספתי וחשבתי שאמליץ עליהם . . .(דותן) לכולם יש וידאו? או שרק לסטטיסטיקה אין וידאו, זה מה שאתה אומר?(רן) לכל אלה שרשמתי פה, כל החמישה, שכמובן יהיו ב-Show notes [כמובן . . .], יש בהם וידאובזה עם הסטטיסטיקה יש הרבה פחות וידאו, זאת אומרת - רובו בכתב.כל השאר הם בעיקר וידאו.אבל מה שכן - אחד מהדברים שעוזרים לי ללמוד זה שבסוף כל פרק יש תרגיל, ובהרבה מקרים גם מקבלים את הפידבק - זה תלוי אם אתם משלמים או לא משלמים על המנוי.אני בחרתי שלא לשלם, כי אני לא באמת צריך את ה-Certificate - זה סתם ככה לידע כללי:אם אתם הולכים לעשות קורס באחת מהפלטפורמות האלה, אפשר ללכת בשני מסלולים - מסלול “משולם” ומסלול “לא משולם”.אם אתם משלמים, אז אתם גם מקבלים את כל החבילה - שזה בדרך כלל אומר מבחנים וציוניםאבל אם אתם לא משלמים אז אתם עדיין מקבלים את כל התוכן - ומה שאתם לא מקבלים זה את אותו Certificate, משהו שאתם יכולים להציג ב-LinkedInבטח יצא לכם לראות, יש אנשים שמציגים את זה.אני בחרתי שלא כי אני לא צריך את זה, אני לומד את זה בעיקר בשביל העניין והסקרנות שליברוב המקרים גם התרגילים זמינים למי שלא משלם.בקיצור - בסוף כל פרק יש איזשהו תרגיל, כשחלק מהתרגילים הם בתכנות, זאת אומרת ב-Python, ב-R, ב-Octave . . . יצא לי לכתוב בכל מיני שפות כאלה בזמן האחרון.חלק מהתרגילים הם תיאורטיים לגמרי, זאת אומרת - מתימטיקה וכאלה -אבל זה נחמד ועוזר, ככה, לשים אותך בפוקוס ולהבין מה חסר לך, אם אתה צריך קצת לחזור על החומר.(דותן) תגיד - כמה זמן אתה משקיע בזה? אתה יכול להעריך כמה זה דורש, בשעות?[זה בקורס על effort estimations, לא היה ברשימה . . .](רן) אני בדרך כלל משקיע כמה שעות בשבוע, תלוי בשבוע - לפעמים אני לומד בלילה, לפעמים אני קם מוקדם בבוקר, לפעמים בסופ”ש כשיש זמן . . .זה נורא אישי, זאת אומרת - החל משעתיים בשבוע ועוד 10 שעות בשבוע, תלוי בשבועאבל אני חייב להגיד שיש פה המון סיפוק - עצם זה שזה מובנה, ואתה ככה עובר שלבים ויש מבחנים ואתה מצליח בהם וכל זה . . .זה כאילו קצת נחמד לחזור להיות סטודנט, ובעיקר לקבל את הפידבק של . . . “סיימת שלב!”זה מגניב להחזיק Spreadsheet ולסמן V על הדברים שעברת.זהו, אני יכול גם להגיד שהחווייה היא, מה שנקרא “Mixed” - לא כל הקורסים כל כך טובים, יצא לי לעשות קורסים של מרצים עם מבטא שקשה מאוד להביןזאת אומרת - לא כל האוניברסיטאות הן אמריקאיות או בריטיות, חלק מהאוניברסיטאות מגיעות ממקומות שונים באירופה או במזרח, אז לא תמיד אתה מצליח ממש להבין מה המרצה אומר.וגם מבחינה מבחינה מתודולוגית זה לא תמיד מועבר בצורה הכי מדהימה.פה הוספתי את אלו שכן אהבתי . . .(אלון) !Back to School . . .(דותן) אחד האתגרים זה כל “המבניות" של זה, כי נגיד שמישהו אומר לי “יש לך 6 שעות, וכשאתה מסיים להשקיע אותן אז סיימת רענון של אלגברה לינארית” אז אני מוכן למצוא את הזמן ולהשקיע אותן.אבל אם אני מתחיל איזשהו קורס, ואז עובר שעתיים וזה גרוע, אז אני מחפש את הקורס הבא, ואז אני מנסה עוד שעתיים, וזה גם גרוע . . .ואז בסוף זה די . . .(רן) נכון, אז היו . . . אני חושב שצריך פה חוויות טובות, אז רציתי להמליץ על כמה שהיו לי חוויות טובות איתם.אני כן . . . היו לא מעט קורסים שהתחלתי וזה לא שבסופו של דבר החלטתי שהחומר לא מעניין אותי, אלא שהחלטתי שפשוט המרצה לא מעביר את זה טוב או שהקורס לא מעודכן וכאלה, אז חיפשתי אלטרנטיבה.בחלק מהמקרים מצאתי אלטרנטיבה ובחלק מהמקרים לא, אבל יש מספיק ידע בעולם, ככה שלא חסר מה ללמוד, ולדעתי זה מאוד מספק.זה כיף, זאת אורמת, כשאתה מצליח ללמוד משהו בלי הלחץ הזה של המבחנים ואתה יודע - של סמסטר רגיל והכלאתה פשוט עושה את זה בשביל הכיף, ואני מאוד נהנה מזה.[1+](אלון) בדיוק חשבתי על זה שהם צריכים להפוך את המודל העסקי - מי שלא משלם אז שיהיו לו מבחנים וכל הלחץ, ומי שמשלם יכול לעשות את זה ב-Easy, בכיף[קוראים לזה “לקנות תואר”, זה מודל עסקי ותיק ומוכח . . . ](רן) כן, לגמריאז זהו - ותוך כדי גם התחלתי לפתח אינסטיקטים של איך לזהות מה זה “קורס טוב”, כדי שאם אני ארצה “ליפול מהקורס” [תרגום יפה של Drop . . .] מוקדם אז אני לא אבזבז יותר מדי זמן עליו.אז פיתחתי ככה כל מיני אינטואיציות, אבל זה בהחלט משהו ש . . . זאת אומרת - יש איזשהו ניקוד ופידבק על הקורסים, אבל אני חייב להגיד שזה לא תמיד כל כך עקבי, אני חושב שיש לא . . . יצא לי לבחור לא מעט קורסים עם ניקוד גבוה, שבסופו של דבר, לפחות לטעמי, התוצאה לא הייתה מדהימהאבל מצד שני - זה לא שנרשמת לאוניברסיטה ועכשיו אתה חייב לעשות את המבחן בסוף - מקסימום אתה נושר וזהו, ממשיך לדבר הבא.אז ככה שאין לי המון המון אייטמים כאלה פזורים, כמו שבדרך כלל יש לי, כי את רוב הזמן אני משקיע בדברים האלה - אבל כן יצא לי להיתקל במשהו אחר, בנושא אחר שדי, ככה, קצת שעשע אותו וקצת עשה גלים ויכול להיות שגם לכם יצא לקרוא על זה - סוג של “מיני מלחמה” [ביטוי מעניין במועד שחרור הפרק…] בין חברת Signal לבין חברת Cellebrite שהיא, דרך אגב, חברה ישראלית שמספקת תוכנה שבעיקר משמשת גופים ממשלתיים ובטחוניים, שבאמצעותה אפשר לקרוא נתונים מתוך הטלפון.אם, לצורך העניין, שוטר מקבל צו מבית משפט כדי לקרוא את הנתונים על הטלפון שלך [וכמובן שאך ורק במקרה זה] - אז הם יכולים להשתמש בתוכנה של Cellebrite כדי באמת לקרוא, בלי שיתוף הפעולה שלך.לצורך העניין - לפתוח את הנעילות או מה שצריך . . .באיזשהו שלב הם באו והכריזו שיש להם עכשיו גם תמיכה ב-Signal - הם בכל פעם מוסיפים תמיכה בעוד ועוד אפליקציות, ו-Signal, למי שלא מכיר, זו תוכנה, אפליקציה ל-Instant Messaging, כמו WhatsApp ו-Telegram ואחרים . . .(אלון) רק עם באגים . . . (רן) קודם כל, זו תוכנה יחסית צעירה - אבל הפוקוס שלהם הוא Privacy ו-Security, אוקיי?הם כנראה לא מדהימים בפיצ’רים, לא up to par עם WhatsApp או עם Telegram, אבל הם . . . לפחות ה-Claim-to-fame שלהם, זה Privacy ו-Security.אז כש-Cellebrite באו והכריזו שעכשיו יש להם גם תמיכה ב-Signal, כלומר - אם שוטר תפס את הטלפון שלך ויש לך הודעות ב-Signal שלא היית רוצה שהוא יראה, ועכשיו פתאום הוא כן יכול לראות, אז זה כמובן מדאיג את החברה.אז מה שעשה מנכ”ל החברה - למעשה, הוא פירט בבלוג-פוסט מאוד משעשע, שכולל גם איזשהו סרטון וידאו, קצת היתולי אני חייב להגיד - הרבה מאוד רגישויות או באגים, שקיימים ב-Cellebrite עצמה, בתוכנה של Cellebrite.התוכנה של Cellebrite מתוקנת על Windows, והוא בא וסקר את ה-Vulnerabilities, את הפגיעויות . . . ככה אומרים בעברית? ה-Vulnerabilities השונים של התוכנה, ובגדול - די קטל אותם . . .וכאילו בא ואומר - “חבר’ה, אם אתם מתעסקים ב-Security, בואו קודם כל תאבטחו את עצמכם”.אני לא יודע עד כמה הדברים שהוא אמר מדוייקים או לא, אבל אני חייב שהגישה הזאת . . . אותי לפחות זה קצת הצחיק, אבל אני חושב שזה . . . זה לא עניין מצחיק לכשלעצמו, אבל הבלוג-פוסט הזה נכתב בצורה די משעשעת לדעתי.בכל אופן, אחד הדברים המצחיקים הנוספים שהיו שם זה שהוא בא ואמר “במקרה נפלה ממשאית ערכה של Cellebrite” . . . הוא הראה תצלום של ערכה של Cellebrite והוא אמר ש“במקרה הלכתי ברחוב לתומי ונפלה ממשאית והרמתי” . . . אשכרה ככה, כאילו הוא לא מכיר את הביטוי הזה בעברית.וצילם את הערכה הזו של Cellebrite, ערכת חומרה, שבאמצעותה מתחברים לטלפונים מהסוגים השונים.זהו, אני חשבתי שכל הסיפור הזה הוא קצת משעשע - כמובן שאני מניח שלא Signal ולא Cellebrite באמת לוקחים את זה בקטע הומוריסטי - מבחינתם זה ביזנס אמיתי - אבל אני חייב להגיד שלי, כקורא מהצד, אני מאוד השתעשעתי לקרוא את כל הסיפור הזה.(אלון) מה שמצחיק זה הקטע הזה ש”נפל ממשאית” זה כאילו . . . . כמה הוא שילם למישהו שיפיל את זה מהמשאית, זה הקטע המעניין . . . איך עושים את זה, זה הקטע המעניין, כי לא רגיל שציוד ייפול ממשאית . . . (רן) אני שואל את עצמי האם הוא כתב בתמימות שבמקרה זה נפל ממשאית, או שגם פה יש איזושהי אירוניה . . . אני לא יודע, אבל בכל אופו, כן . . .אני לא יודע האם הביטוי הזה נכון גם באנגלית, “נפל ממשאית” [כן, זה ביטוי מתורגם לעברית], אבל זה אשכרה מה שהוא כתב.(אלון) זה משעשע . . . מה שכן, כדי לשים קצת דברים בפרופורציה, חוץ מזה שזה משעשע וזה, ויש להם חולשות בתוכנה - התוכנה שלהם, למיטב הבנתי, זה רק המכשיר . . . גם אם פרצת, אין נזק אמיתי, אז אין פה כל כך אפקט.(רן) לא, הוא כן מסביר . . . אתה מתכוון האם הוא פרץ ל-Cellebrite? לא - מה שהוא אומר זה שאם אתה יכול, לצורך העניין, אתה יכול לשים קובץ בתוך Signal, או בתוך אחת מהאפליקציות האחרות ש-Cellebrite תומכת בהן, והקובץ הזה למעשה יוכל לשנות את הדאטה ש-Cellebrite קוראתאתה תוכל, לצורך העניין, להסתיר ככה דברים, או אפילו לשנות דאטה ש-Cellebrite קוראת מטלפונים אחרים, ככה שכן יש פה איזשהו נזק.זאת אומרת שזה פוגע באמינות - לטענתו, שוב, אני לא יודע אם זה נכון או לא, אבל הוא טוען, לכאורה כפי שאומרים - הוא טוען שאם אתה יודע מה שאתה עושה, אז אתה יכול למעשה לנטרל את Cellebrite, או לגרום לה לדווח על דברים שהם לא נכונים, למחוק דאטה, לגרום לזה שהיא לא תראה דאטה וכו’.(אלון) כן, אבל להבנתי את צריך קודם כל לעשות את זה על Cellebrite, זאת אומרת שאתה לא יכול להיות מנותק . . . אתה לא יכול להגן על הטלפון שלך בלי המכשיר, להבנתי.(רן) אתה צריך לשתול קובץ על הטלפון שלך, ואז לתת לשוטר לקרוא את הטלפון שלך - ואז השתלטת לו על התוכנה . . . זה ה-Scenario שהוא מתאר.שזה לא . . בוא נגיד שזה אולי לא Attack surface מאוד רחב, זה לא שאתה יכול להתחבר מהאינטרנט ולהתחיל לסרוק והלפגיז את כולם.זה דורש גישה פיזית והכל.אבל - בכל אופן, אני חושב שזה לא כל כך נעים מבחינת PR ל-Cellebrite.אוקיי, נמשיך הלאה . . . אלון?(אלון) זהו? היית קצר היום, אבל לקחת את האייטם הכי מגניב . . .אבל בסדר.[עוד נחזור להערה הזו . . .]אלון - אז משהו שנתקלתי בו, קצר מאוד האמת - Back to basic - how tail call optimization worksקודם כל, Tail Call Optimization זה כשה-Complier הופך רקורסיות ללולאות For, מאחורי הקלעים - יכולים לעשות אופטימיזציה אם זה התנאי האחרון, מדעי המחשב 101 כזה . . .אבל יש פה ממש, למי שרוצה, את הפירוט אסמבלי (Assembly) - איך זה מתקמפל לזה.ממש קצר וממש Back to Basic - למי שאוהב את הדברים האלה אז זה חמוד ונחמד קצת להתרענן.(רן) זה ספציפית לשפה מסויימת או . . . ?(אלון) זה ספציפי ל . . .לא, נראה לי שפה זה ++C בדוגמא, אבל . . .באופן כללי זה אותו הקונספט בהכל, אז זה לא כזה עקרוני, נראה לי, אבל בטח יבוא מישהו ויגיד לי שזה לא בכל השפות ככה . . .בטח גם נכון . . . שפות עם Interpreter למשל, אני לא יודע אם הן יודעות לעשות את זה, או לפחות חלקן.נושא הבא - Go cheat-sheet . . . אז מה שנחמד זה שיש פה דף, עמוד, עם איזה-300 . . . - 261, למען האמת - דברים ש”איך עושים ב-Go”.איך עושים לולאת For? איך עושים Trim? איך בודקים אורך של String? לחשב דברים וכל מיני דברים . . . כמעט כל מה שאתה צריך לעשות בשפת תכנות, שהוא מעבר לדברים מתוחכמים.ממש - שתי שורות על איך עושים את הפונקציה, או בשורה אחת - ממש Stack overflow בעמוד אחד, כנראה ל-99% מהדברים שאנשים מחפשים.ממש נחמד - גם ,ככה, למי שרוצה לחזק את עצמו בשפה או לחזור לשפה אחרי הרבה זמן - פשוט לעבור על זה זה לדעתי לוקח כמה דקות . . .(דותן) אבל אני חושב שבכל שפה זה נחמד . . . כאילו, אני יכול להכניס שפה . . . אני תוהה אם הכיסוי של כל ה-Idioms הוא רחב כמו . . .(רן) כן - אז הURL הוא Programming-Idioms.org, ואז יש לך מתחת כזה [סרגל] לבחור שפות - כמו את Go שאלון הראה, אבל יש גם שפות אחרות.(דותן) יש כאן גם קטע של השוואה שהוא נחמד - אם אני כותב משהו, ואני רואה את כל השפות, ואז . . .(אלון) כן - אפשר להשוות, ולראות כמה זה נורא בשפה מסויימת . . . בקיצור - זה ממש חמוד, אם אתה “בא שנייה” לשפה או נכנס לאיזשהו קטע קוד בשפה אחרת, אתה יכול שנייה להסתכל.ויש פה את Ruby, אהובת ליבי, שמה שנחמד שם ב-Cheat-sheet זה שזה הכל בשורה אחת בערך, אבל. . . זהו, אני חושב שבכל השפות יש את כל הדוגמאות - אלו אותן דוגמאות בכל השפות, אז ממש נחמד.(דותן) הייתי מוסיף לזה קצת סטטיסטיקה - הייתי כותב, נגיד, “כמה חסכונית השפה”, לפי מה שאמרת, ואז . . .(רן) חסכונית במה?(דותן) בכתיבה . . . נגיד, כתבתי פה, סתם - Http, file, הגעתי ל-Load . . . נגיד שמישהו ירצה Http Get, וקורא קובץ . . . עכשיו, אם אני מדפדף בין השפות, זה הופך להיות נחמד, כי אני יכול להסתכל כמה זה רע . . .(רן) אבל פה אני חייב להעיר - זאת אומרת: שפה שהיא over-verbose אז נכון, יש פה טעם לפגםמצד שני - שפה שהיא קצרנית מדי יכולה לפגוע לפעמים בקריאות - ע”ע Perl או אחרים.המדד שאותי באמת יעניין, שהוא אמנם מדד סובייקטיבי, אבל אותי הוא מעניין - זה מדד הקריאות, ה-Readability, של השפה.שוב, זה משהו שהוא סובייקטיבי, אבל אני חושב שזה המדד הנכון, זאת אומרת - מספר ה-Characters, או מספר השורות . . . לדעתי זה קצת פחות חשוב מהיכולת שלך לתקשר את הכוונה שלך למפתח הבא.(דותן) כן, זה באמת מביא אותך לאיזור במפה, ואז אתה צריך להחליט עד כמה זה קריא.(אלון) תראה, יש על זה הרבה דברים, אתה יודע : קוד קצר, באופן כללי - אנשים זוכרים אותו והוא יותר מובן.אם תכתוב קוד בעשר שורות במקום בשורה אחת, אז יש ויכוח על עד כמה השורה הזאת מסובכת, אבל ככלל אצבע, קצר יותר קל לנו לפענח ולהבין בראש, ולא צריך להתחיל לזכור גם מה היה לפני שתי שורות ודברים כאלה.אז בגדול - קצר זה טוב [?]ואז הגיעו Perl, כמקרה קצה של “בסדר, בואו נוסיף תווים” . . . (רן) כן, תראה יש עוד דוגמאות - Perl זו דוגמא אחת ,אבל אתה יכול למצוא את זה ב-Python וב-Clojure ובעוד שפות אחרות.שפות נותנות לך לעשות כל מיני דברים מתחכמים - יש לזה לפעמים איזושהי אלגנטיות, אבל לפעמים זה גם יכול לפגוע בקריאות.אני חושב שזו איזושהי עקומה, שיש לה מקסימום באמצע - זאת אומרת שאם אתה שם על ציר X את מספר השורות ועל ציר Y את רמת הקריאות, אז המקסימום הוא לא בקצה הימיני ולא בקצה השמאלי - לא בהמון שורות ולא במעט שורות, אלא כנראה איפשהו באמצע.יכול להיות שקצת נוטה ימינה, אבל הוא בטח לא בקצה הימיני.ובסופו של דבר - כן, זאת אומרת, אני חושב שהאתגר המשמעותי ביותר בכל זה הוא איך למדוד את זה.אגב, אחת מהמטרות, כשמישהו תכנן את Go, לאנשים שתכננו את Go, הייתה לייצר שפה קריאה ולא בהכרח קצרה.היו כל מיני הצעות לשינויים בשפה, שהיו עושים . . . לצורך העניין For-loops יותר קצרים וקומפקטיים, שזה משהו שבכלל לא קשה לעשות, אבל מתוך בחירה מודעת באו ואמרו “אוקיי, אנחנו רוצים שתיהיה רק דרך אחת לעשות For Loop, אנחנו לא רוצים לייצר עוד דרך, אפילו שהדרך הזאת קצת ארוכה ולא קומפקטית, כי אנחנו חושבים שזה תורם יותר לקריאות של השפה”, ולכן הם נשארו איתה.יש כאלו שטוענים ש-Go היא קצת “וורבוזית” (verbose), ואני מסכים - אבל זה מתוך בחירה.(אלון) ברור שיש כל מיני דעות, אני חושב ש-Scala זה הקיצון השני של איך אפשר לעשות . . . לתת לשלושה מפתחים לכתוב לולאה ויהיו לך שלושים בערך, אז זה הקיצון השני.אבל כן, יש איזשהו מנעד.(רן) אוקי . . . יאללה, Next?(אלון) כן, אז Reverse Engineering, אבל הפעם התחום של ה-Covid [היה פעם כזה דבר] . . . מישהו כתב מאמר על Reverse Engineering the source code of Pfizer SARS-CoV-2 Vaccineבקיצור - מדובר כאן על 4,284 Characters, לכל הקידוד של ה-RNA, וזה מתחיל קצת להיכנס למה שעשו בכל קטע [מקטע], עם קצת נסיון לפענח מה הדברים עושים.לא יותר מדי ארוך, וזה ממש חמוד שהכל ניהיה בעצם תוכנה . . . כל דבר.(דותן) אני מה-זה-לא-מצליח להבין את זה . . . (רן) לא, תקשיבו - יש בלוג-פוסט מדהים בעברית, על אותו נושא בדיוק - בעצם, לקח את הפוסט הזה באנגלית, שהוא סופר-סופר-טכני וגם קצת על ביולוגיה, וכתב אותו בעברית.זה לא מה שמקושר פה, יש פה כל מיני תרגומים - זה לא התרגום הזה לעברית אלא בלוג-פוסט אחר, תיכף אני אחפש אותו, של רועי צזנה [מלך!], אם אני לא טועה.רועי בא ומסביר בדיוק מה הוא עשה פה, בצורה מאוד מובנת ויפה, אז אני ממלית לקרוא אותו - באמת, קריאה טובה.הבלוג-פוסט הזה פה שקישרת, אלון - הוא מעולה אבל הוא סופר-סופר טכני, ודורש גם לא מעט הבנה בביולוגיה.אבל אני מסכים איתך גמרי שזה לתכנת את גוף האדם, וזה קטע מגניב לאללה.(אלון) תראה, אני שמתי פה משהו טכני, כי באת לי עם קורסים אקדמאיים שעשית בהתחלה, ורציתי לראות אם אתה מדבר ויודע או סתם מדבר . . . (רן) קראתי, קראתי, כן . . . קריאה טובה.(אלון) זה קשוח, כן(רן) מתי המבחן? [רגע, שילמת?](אלון) הקיצר, המאמר הזה קשוח, אני מסכים איתך - אבל הוא מגניב, לא צריך להבין הכל בשביל להבין כמה שהוא מגניב, אבל אם יש אחד יותר פשוט להמונים אז זה יהיה . . .(רן) אני ארפרר (Reference) אליו, כן - אני אחפש ואפנה אליו[הנה - שפת התכנות של החיים: מה נכלל בחיסון הרנ"א שמיליון ישראלים כבר קיבלו, ואם כבר ז אולי גם זה, על הכותב - עושים היסטוריה מארחת: מדוע עתידנים כושלים בניבוי העתיד? עם ד"ר רועי צזנה](אלון) דבר הבא - יש איזה קטע כזה שלמי שכותב VS Code ב-Go יש בעיה לעשות evaluation ל-Expressions, ומסתבר שיש לזה תמיכהפשוט צריך לעשות Call לפני ה-Debug . . .חסכתי טיפ של אלופים -שמתי לינק ל-Stack Overflow, סתם . . . נתקלתי בזה והרבה לא הכירו, אז אמרתי “בוא, נשים”.מישהו כתב בלוג-פוסט חמוד - How I cut GTA Online loading times by 70%יש GTA Online, שרץ ב-Browser, ובקיצור - לקח לזה המון-המון דקות להיטען, והבחור הזה התחיל לנסות להבין מה הולך שם.יש לזה את ה-Source Code פתוחבקיצור, הכל התחיל ונגמר באיזה Parser, והוא מסביר פה איך הוא מצא הכל, אבל בסוף זה להחליף איזה json Parser באיזו ספריה אחרת - וחסך איזה 7 דקות, אם אני זוכר נכון . . . משהו כזה.6 דקות לדעתיבקיצור - חמוד לאללה כל מה שהוא עשה פה, וזה מטורף כמה זמן אפשר לחסוך עם Parser.(דותן) GTA Online זה אילו GTA Open Source כזה? או שהוא עשה . . .(אלון) זה רץ ב-Browser, והוא Open Source למיטב זכרוני . . . לא זוכר בעצם.(דותן) אז כאילו כשהוא החליף את הספריה, אז זה פשוט להחליף ספריה . . . (אלון) הם אחרי המאמר הזה לקחו את השינוי שלו ובאמת מימשו את זה גם . . . הם החליפו את זה, וזה חסך לכולם כמה דקות ארוכות של טעינה.לא איזה כמה שניות - אני מדבר פה על משבע לדקות לפחות משתי דקות . . . . משהו כזה.(דותן) אני אהבתי את כל הפירוק לגורמים - זה מאוד ויזואלי וגם הוא נותן הערות על גבי העורך, שנדע למצוא את הקטע הזה.(אלון) ולאייטם הבא - וזה האייטם האחרון שלי בהחלט, כי אחריו אי אפשר לעלות יותר גבוה: אני עושה פהDrop-Mic וזהו - זה הפרק האחרון, לא תראו אותי יותר, זה פרק אחרון - GitHub to VS Code:כל מה שצריך לעשות, זה מטורף - קחו Repoתוסיפו, בסוף הקוד של ה-GitHub, תוסיפו “1s” -שמתי פה לינק לאייטם של דותן - ותלחצו וזה פשוט פסיכי . . . פשוט עובדים על הקוד ב-VS Code וזה מאוד נוח לדפדף, לכתוב קוד, כל מה שאתם רוצים - זה VS Code online לכל Repo, אם Private או Public, של GitHub1. Go to any repo you are interested in on GitHub.2. Replace "github" with "github1s" (one + s) in the browser address bar.3. Enjoy browsing code like you would in VS Code.For exmaple: https://github1s.com/gofiber/fiberזהו, סיימתי, אין מפה יותר לאן לעלות . . .(דותן) תחברו קוד פרטי, תערכו . . . (אלון) לא נסיתי, לא יודע, כי צריך את האותנטיקציה (Authentication) של ה . . . (דותן) יש פה, כן(אלון) אז קוד פרטי זה . . . כל אחד והמלצתו.(דותן) לקח לי הרבה זמן לראות מי מאחורי זה בכלל . . . אתה יודע מי מאחורי זה? איזו יישות?זה Open source, של conwnet/github1s . . . (אלון) בקיצור - זה אחד הדברים הכי מגניבים שיש . . . (רן) אני לא רואה פה תמיכה ב-VI . . . איפה פותחים לו Issues?(דותן) אין פה . . . (אלון) כן, כי זה נורא נוח - יש את ה-Tree בצד וה-Syntax Highlighting וזה כותב ואפשר לעשות עם זה הכל.אפשר להוסיף לזה Extensions אפילו, כי זה ממש VS Code, זה VS Code online . . .(דותן) מה אתה אומר? גם Extensions? זה משוגע . . . עם Extensions זה משוגע(אלון) הם לקחו את כל ה-VS Code online . . . אפילו אפשר להריץ את זה ולדבג (Debug) את זה, תוך כדי . . .(דותן) אז נגיד Extensions הוא מתקין איפה? בשטח של Chrome הוא מתקין את ה-Extensions? לא ברור כי בסוף ה-Extension צריך איזשהו Disk Space כלשהו . . . (אלון) שמע, זה נראה לי Open source, אז אפשר לפתוח את זה עם . . . (רן) כן , התקנתי תמיכה ב-VI . . . סבבה, יש Extensions . . .(דותן) באמת?! וואו . . . (אלון) טוב, חברים - אני חושב שאפשר לסיים את העונה אחרי האייטם הזה [או לכל הפחות להעביר לאילת . . . ] - תודה רבה לכם, אנחנו נחזור בעונה הבאה עם דותן . . . (רן) וזה גם נשמר בין רילואדים (Reload) . . . אם אתה עושה Reload לדף זה נשמר.אני באמת לא יודע איפה הוא מתקין את זה, אבל זה מתקין.(אלון) יכול להיות שהוא רק מסמן שהוא מתקין לך? ואז הוא מביא לך כאילו גרסא עם זה? יוצרים כאילו ב-Cloud מלא גרסאות ואתה רק מקבל . . . לא יודע.בקיצור - זה ממש ממש ממש ממש מגניב, אם לא אמרתי את זה עדיין.(דותן) טוב . . . נשמע כמו מתכון טוב לכל דבר, הדבר הזה . . .(רן) כן . . . דרך אגב, אות’נטיקציה (Authentication) - יש לך בצד שמאל למטה איזשהו אייקון, שאתה יכול ללחוץ עליו, אז אתה יכול לעשות אות’נטיקציה באמת ל-GitHubאם אתה ממש רוצה להשתמש בזה כ-Editor, כ-Frontend ל-GitHub, וגם לשלוח Pull-requests וכו’, אז אתה יכול לעשות את זה.אתה צריך לעשות Log-in, ואז אתה יכול ממש להשתמש בזה.(אלון) כן, ואתה יכול, כאילו, להפוך את זה ל-One-stop-shop שלך להכל כאילו, זה מטורף . . . אני משתמש בזה כדי לראות קוד ב-GitHub, כל פעם שיש איזה Repo, יותר נוח לפתוח אותו ככה.עושה את החיים הרבה יותר טובים, כשאתה רוצה ל-Browse קוד, ולא להוריד אותו ולהתחיל לחפור(רן) בכל ה . . . נגיד Go-to definitions ו-Find וכל זה - עובד?(אלון) כן, הכל עובד - אתה יכול . . . Command B . . . פשוט . . . הקיצר - VS Code, בתוך ה-Browserוזה עובד מהר! זה די, כאילו . . . (דותן) אני עדיין בין “מטריד” לבין “מדהים” . . . .(אלון) למה מטריד? זה רק מדהים . . . למה מטריד?(דותן) ?How it works . . . יש כזה מסמך . . .(אלון) לא ברור, אבל זה עובד.בקיצור - חברים, זה הדבר הכי טוב שנתקלתם בו, באמת, מאז החיסון קורונה . . . . בבקשה.(דותן) ממש . . . להתחסן ולהתקין, אתה אומר? אתה ממליץ?(אלון) כן, זה עובד יותר טוב מה-5G, יש לזה קישוריות . . . (דותן) הסר והתקן . . . (אלון) זהו . . דותן! במעבר חד, נעבור אליך . . .(דותן) קשה להתעלות על זה . . . (אלון) אני אגיד לך - אפשר להחליט שמעכשיו זה פשוט פרק 73 וחצי . . . [כן, כי לא הסתבכנו מספיק עם המספור להפעם . . . ] - ונמשיך, כי אז כאילו תיהיה לך התחלה חלקה.(דותן) נכון, טוב . . . בנעימה עלובה זו אני אמשיך באייטמים הפחות מרגשים . . . .דותן - יש פה ספריה שכתובה ב-Rust ועושה UIקודם הראית (אלון) משהו שעושה UI ועושה הכל, אז אני לא יודע עד כמה זה משתווה . . .בכל אופן - למי שרוצה לשחק ב-UI וגם לקודד ב-Rust, מבלי להתחייב, יכול לעבוד עם ספרייה וה-Framework - זה נקרא icedהחלק הכייפי פה זה שזה מבוסס על ה-Elm Architecture של בניית UI - שזה אומר שאם עבדת עם Redux פעם, או דומיו - אז זה ירגיש לך מוכר.בעצם, ה-Elm זה סבא-רבא של של Redux, וזו גם - באופן שאולי נתון לויכוח - הדרך הנכונה לעשות הכל, כש-Redux הוא “פרשנות” של Elm.למי שרוצה לחוות UI בדרך אחרת, ארכיטקטורה של UI בדרך אחרת, וגם לשחק קצת עם שפה ולראות UI כתוצאה מהמשחקים - מוזמן.בהמשך ישיר לזה - יש ל-Rust כל מיני אתרי “?Are we ______ yet” . . . אז נגיד: לעולם ה-Gaming ב-Rust יש את ?Are We Gaming Yet, לעולם ה-UI יש את ?Are we GUI Yet, ל-Machine Learning אותו הדבר וכו’ . . . בעצם, זה מציג באופן ממש נחמד את “המצב הקהילתי” של השפה.אז הוספתי פה את ?Are we GUI Yet, למי שרוצה לנסות עוד כל מיני חבילות UI ולבנות אפליקציות.אני חושב שרוב, אם לא כל הספריות - רוב הספריות, לא כולן - יתנו לכם לבנות UI שאפשר להריץ אותו בכל מערכת הפעלה בצורה נחמדה.אייטם הבא - זה נקרא Starship[בוא - זה Starship . . .]למי שעובד בטרמינל, אז יש לו כל מיני “קישוטים” על ה-Command Line שלו בטרמינל, כמו האם אתה עובד על Git/Repo ויש לך דברים שלא דחפת, אז . . . אני, למשל, אוהב שמסומן לי כמה דברים, ואם יש משהו ב-Remote אז אני אוהב שמסומן שיש לי משהו ב-Remote.מה שהיינו עושים לרוב זה איזשהו Shell-Script, שמריץ איזשהו “Git-Whatever” וכמה שילובים של דברים, ואני חושב שהיינו “מחליפים ידיים” של הסקריפטים האלה . . . כל הזמן החלפת ידיים עם הסקריפטים האלה.מה שקורה זה שכשאתה פותח טרמינל, או כשאתה רוצה לעבוד הטרמינל, ואתה, נגיד, לוחץ Enter - אז הדבר הזה מריץ את עצמו שוב פעם - וזה איטי . . .אז אני תמיד הייתי במרדף אחרי ה”למצוא את המשהו הזה שעושה את זה מהר”.אז הייתה חבילה ב-Node שמישהו כתב, כבר לא זוכר איך זה נקראואז היה Port של זה ב-Rust, שעד היום עבדתי איתו.ועכשיו יש עוד איזושהי חבילה ב-Rust שנקראית Starship, שהיא ה-Holy Grail של זה . . . עברתי לזה וזה מדהים.סופר מהיר, כמעט קסם - וזה מאוד מודולרי, אפשר להוסיף לזה דברים כמו סטטוס של Git, גרסאות של דברים שאתם עובדים איתן, נגיד Python-ים למינהם, סביבות למינהן וכו’.(רן) אז אתה משתמש, נגיד, ב-Oh-My-Zsh, ואתה פשוט מחבר את Starship? או שאתה . . .(דותן) כן, לא חשוב איזה Shell - מה שנחמד פה זה שגם נותנים לכם סוג-של שורת אינטגרציה, אז . . .נגיד ב-Z Shell, אז בסך הכל “eval "$(starship init zsh)ב-Fish, למי שאוהבים [דייגים?] אז זה starship init fish | source . . . לי זה היה Plug & Play, ונקרא לזה “בול פגיעה”, כי בדרך כלל אני מחבר משהו כזה ואז דברים מוזרים קורים לילפעמים זה עובד - פותח טאב חדש - פתאום זה לא עובד . . .כנראה שזה האופי של לחבר Shell למלא Script-ים, משהו מודרני יותר - זה כמעט אף פעם לא עובד חלק ביחד.(אלון) זה ממש חמוד - אני רק לא מצליח להבין ממה שאמרת עד כמה זה איטי? לא יודע . . . אף פעם לא הרגיש לי שזה איטי . . . מה זה - 100ms? לא יודע . . . Windows ישן?(דותן) Windows?! אני לא קורא לזה Windows, אני קורא לזה Win98, לא יודע מה איתך . . (אלון) סבבה, הבנתי, אני במילניום . . . הבנתי . . . את האיטיות - אני לא הרגשתי אותה באופן שהפריע לי אף פעם, אולי אני מקליד יותר לאט . . .(רן) או חושב יותר . . . (אלון) . . . אבל זה מגניב, כי אפשר להוסיף.(דותן) לי זה ממש מפריע . . . כאילו - אני אוהב שהטרמינל מרגיש לך ריק, בלי כלום - מהיר, זריז ו . . לא יודע. אני רגיש לזה, זה מעצבן אותי.(רן) כל יומיים כשאתה פותח את ה Terminal Z Shell אז הוא רוצה שתעדכן אותו?(דותן) אני לוחץ על זה Cancel יותר מהר ממהירות האור . . .אבל כן - אני תמיד במרדף אחרי טרמינל שהוא מרגיש לך כזה הכי מהיר . . VIM, למשל, מרגיש לך הכי מהיר, אז עשיתי VIM ו-NeoVIM ובלה-בלה-בלה . . עד שבסוף עברתי ל-VS Code בכלל, וקיסטמתי (Custom) אותו להראות כמו VIM, והוא עובד לי הכי מהר שיש, יותר מהיר מה-VIM בטרמינל שלי - וזה בגלל שה Terminal Item עצמו הוא איטי, באופן לא ביזאריאם חושבים על זה, זה אפילו הגיוני - האייטם מתעסק בלצייר . . . הוא לוקח מסך, ומתעסק בלצייר מחדש Characters על המסך - יש לך חישובים כאלה ואופטימיזציות מה אני רוצה להחליף בתוך סט . . . מסך, כשאתה מרחיב אותו על 27 אינץ’ או Whatever, אז זה מלא Characters, אלפי Characters - ועכשיו הוא צריך לתמרן אותם, ובזה הוא עסוק.והדרך לתמרן אותם זו דרך די פרימיטיבית - פשוט תמרון טקסט כמו של טרמינל.אם אתה עובד ל - VS Code, זה בכלל UI, אז אתה מקבל UI שמתמרן את עצמו כמו ש-Browser עושה, ואז זה יכולות של מערכת הפעלה, מה שאתה רוצה . . . הכל הופך להיות יותר מהיר. זהו.(רן) אתה עדיין משתמש ב-iTerm2? בתור טרמינל?(דותן) כן, לגמרי - אני לא עובד עם . . .(אלון) לא יוצאת גרסא 3? אני עם iTerm2 כבר עשר שנים לדעתי . . .(דותן) אני חושב שזה iTerm2, אבל זה 3, בתכל’ס . . . אם אתב עושה ב-”About” . . .(אלון) באמת? . . .(דותן) זהו, וקצת שלא שמתי לב, אבל זה ממש Plug-in לאייטם הבא, יצא טוב . . .יש את VIM וכל העולם של זה . . .VIM, ה-Editor, אכזב את הקהילה באיזשהו שלב . . . מה זה אכזב? היה בו מלא קוד, וקוד מגעיל, וקוד רקוב, והוא לא היה אינטגרטיבי, ו-Plug-ins - כל אחד היה צריך לעשות שמיניות באוויר בשביל לעשות Plug-ins, והוא גם לא היה a-Synced, אז נגיד שהיה לי עכשיו Code Linting, אז לא היית יכול להריץ אותו הצורה Sync-ית ולהקליד ולקבל את ה-Decorators . . . “הצ’ופצ’יקים” האדומים ו-Whatever, תוך כדי העבודה שלך ... לא יכולת, היית מקבל Freeze, ואז הקוד שלך היה Highlighted, כי הוא לא היה Synced - וכל הקהילה זעמה [!] - והולידו את NeoVIMבעצם זה היה VIM, “שכיסחו לו את הצורה”, העיפו מלא קוד “מת”, בהתחלה - ואז התחילו להוסיף לזה מנגנונים מאוד מאוד מתוחכמים, של a-syncחיברו בפנים Lua בתור Scripting Engine, שזו בחירה הרבה יותר טובה ממה שהיה, היסטוריתו-NeoVIM פשוט פרח, ממש.ואז בא Bram, ה-Owner של VIM, ואמר “בסדר, אני אעשה את זה” - הוציא את VIM 8 ודי השווה . . . ואנשים, האמת, חזרו ל-VIM - אבל קהילת ה-NeoVIM המשיכה להתפתח לכל מיני כיוונים.אחד הכיוונים זה היכולת לקחת את VIM כ-Engine, להדביק עליו UI מכל מיני סוגים משוגעים, טיפה כמו שראינו על VS Code.אז יש פה פרויקט שנקרא neovide - כאילו Neo-V-IDE . . .זה מישהו שבנה UI, השתמש ב-NeoVIM, וה-UI בנוי ב-Rust - וה-UI משוגע . . .הוא דומה מאוד במבנה לטכניקות של Gaming Engine, ויש אנימציות משוגעותה-Curser זז לך באנימציות כמו של משחק, החלונות זזים באנימציה . . . ממש ממש מגניב.(רן) מה זה אומר שזה UI? יש מנוע של NeoVIM שרץ ברקע, והוא מחבר אליו, ורק מציג את ה-Frontend?(דותן) כן, מתחבר אליו ב-RPC, מתקשר איתו, אומר “שמע - זה הקובץ, הבנאדם הזיז את ה-Character, תגיד לי מה הייצוג החדש של הקובץ”.נגיד, אם לחצתי על האות T, כי אני מקליד, אז הוא שולח לו “הבנאדם לחץ על האות T”, ואז NeoVIM עונה “הבנתי, הטקסט החדש הוא . . . “ - ומחזיר לו את הטקסט, זה ה-RPC שקורה, בערך, בין השניים.נשמע איטי - אבל זה סופר מהיר, ועובד . . סוג של ארכיטקטורה . . .(רן) אבל אם אתה עושה את זה בתוך iTerm, אז עדיין יש את האיטיות של iTerm . . . או שזה רץ עצמאית, בחלון משלו?(דותן) לא, הוא רץ עצמאית - זו אפליקצית UI מבוססת Vulcan, שזה מנוע גרפי, נקרא לזה “דור חדש” כזה.וכן - כללי המשחק, איך שהבחור הזה פיתח את זה, הם ש”אני הולך להשתמש במנוע שהוא מאוד דומה למנוע של משחקים כדי לבנות IDE”, שזה מגניב . . .(רן) יש לך פה כל מיני אנימציות מצחיקות, למשל - אם אתה מזיז את ה-Curser אז הוא מציג לך כזה שובל, כמו שביל כזה, וכל מיני אנימציות אחרות.(דותן) קוראים לזה Railgun animation . . . (רן) Railgun זה התותח של הנאצים . . . (דותן) נאצים?!(רן) כן, זה תותח שפיתחו ובסוף לא השתמשו בו, שנע על פסי רכבת, בגלל זה קוראים לזה Rail-Gun . . . זה היה איזשהו תותח-קונספט כזה שפיתחו אבל אני לא יוודע האם הוא ירה אי פעם, כי זה היה איזשהו פרוייקט מאוד מאוד שאפתני.הוא היה אמור לירות ל[מרחק של] כמה עשרות או אולי אפילו כמה מאות קילומטרים פגזים . . .(דותן) וואלה . . . אני מכיר את הרפרנס מ-Doom, חשבתי . . . אבל בסדר, אני מבין איך זה יכול בסוף למצוא את עצמו בגרמניה הנאצית . . . מבחינת טכנולוגיה, מלא דברים הם המציאו . . .אז לאייטמים הבאים - אחד נקרא RustScan - וזה Port Scanner שכתוב ב-Rustו-Port Scanner זה כלי שרץ על כל ה-Port-ים שיש - יש מגבלה, למי שמכיר, של 65K פורטים - והוא רץ על כולם.אחד הדברים שתמיד אנשים חיפשו זה Port Scanner שיהיה הרבה יותר מהיר - זה כזה מרדף אינסופי, ופה פיתחו אחד כזה.זה ב-Rust והוא סופר-מהיר, ברמות שמסחררות ראשים, הוא הפך להיות מאוד פופולארי בגלל זה.אז למי שרוצה לסרוק Port-ים, או סתם להעיר את ה-CISO שלו משינה . . . מוזמן לקחת את זה ולהריץ על הרשת הארגונית, זה דבר אחד . . .(רן) לא שמעתם את זה פה . . . דותן מתבדח, כמובן [יש ייעוץ משפטי לתוכנית? טל”ח וכו’.](דותן) מי שרוצה לעשות . . .(אלון) זה תלוי בעד כמה שאתה אוהב את ה-CISO שלך, כאילו . . . (דותן) נכון, זה מאוד תלוי אז זהו . . . הדבר הבא נקרא bettercapאם אתם רוצים לקחת כמה שעות [בממ”ד?] מהשינה של אותו CISO שאתם אוהבים - אז פה יש כלי, את האמת ממש מגניב, ממש ממש מגניב אפילו, שנקרא bettercap, והוא אורז כל מיני סורקים למינהם בכלי אחדוהוא גם כולל UI, שהוא “עני” יחסיתאתם יכולים לסרוק . . . בוא נגיד מי קהל היעד: זה אנשים שסתם רוצים לשחק, אנשים שהם Red-Teamers, שזה גוף תקיפה בתוך הארגון שהמטרה שלו זה לשים כובע של תוקף והתיאוריה היא שאם אותו צוות יתקוף את הארגון כל הזמן, אז אם יבוא תוקף אמיתי אז הארגון יהיה מוגן . . . (אלון) או שארגון יחשוב שהוא יכול לכתוב ב-Slack “טוב, תפסיקו, זה עושה בעיות, תורידו את זה” ולחזור לישון . . . (דותן) בדיוק, כן . . .אני יכול להגיד שגם מצאתי את עצמי משתמש בכלים כאלה כדי לדבג (Debug) דברים - לפעמים הרשת במשרד הייתה לא יציבה, לא טובה, וזה גם כלים טובים כדי לנסות להבין מי נמצא שם בחוץ, מי מנסה להתחבר ומה הוא מנסה לעשות.[אבל להטריל את ה-CISO זה יותר מצחיק, בהחלט]אז זה כלי אחד, שאורז כל מיני תקנים של WiFi, כל מיני תקנים של Bluetooth, וגם TCP/IP רגילגם Reconnaissance, שזה להבין מה קורה בחוץ, וגם כדי לסמלץ (Simulate) התקפות מכל מיני סוגים.אין פה, דרך אגב, בכלים האלה, שוב דבר חדש תחת השמש - זה מיחזור של תקיפות קיימות וידע שכבר קיים, רק שפה ארזו את זה בצורה מאוד נוחה, שכיף להתקין ולהשתמש.אייטם הבא - זה נקרא hyperfine, וזה בעצם כלי ל - Command-line benchmarkingהגעתי אליו דרך Rust, שמשתמשים בו בעצמם כדי לבדוק שהכלי הוא סופר-מהיר.זה כלי גנרי - אם יש לכם איזשהו CLI Tool, אתם יכולים להשתמש בו כדי לעשות benchmarking ל-Command-line ולוודא שאתם תמיד “תחרותיים” מול ה-Performance ,מול איך שה-Command-line שלכם עובד.(אלון) או, חמוד! (רן) זאת אומרת - אתה בודק את הביצועים של ה-CLI שלך . . .נכון, זה CLI Performance?(דותן) כן, זה benchmarking שרמת האבסטרצקיה (Abstraction), ה-Contact שלך מול ה-Command-line הוא ה-Command-line . . . . זו לא ספריה שאתה עכשיו צריך להשתמש ל-Unit Testing שלך או כאלה(רן) כמו Time ,כמו פקודת Time ב-Linux . . . (דותן) האמת שזו אחלה דוגמא - אם היית רוצה להשתמש בפקודת Time בשביל לעשות דבר כזה, מה היית צריך לעשות?היית צריך כנראה להריץ Time כמה פעמים, להגיע לאיזשהו מספר הרצות שנותנות לך Significance סטטיסטי [מובהקות], לעבור על כל הנתונים, להריץ כמה כלים של סטטיסטיקה - ממוצע, Mean וכל מיני שטויות כאלה - ולהציג לך איזשהו כזה Progress Bar וכל מיני דברים כאלה.וזה בסופו של דבר הכלי . . .ואני מניח שמה שהיית רוצה זה שתוציא לי את זה ב-json, כי יש לי CI ואני רוצה להשוות בין Build ל-Build, לעשותכל מיני Diff-ים וכאלה, אני חושב שככה זה עושה את זה יותר מוחשי.(אלון) אפשר להריץ את הכלי על זה על עצמו? זה עובד? להריץ אותו על עצמו ולבדוק כמה מהיר הוא על עצמו? . . . (דותן) האמת שזו אחלה שאלה . . . אני לא יודע אם הם עושים את זה לעצמם . . . . אני חייב להניח שכן, לא בדקתי.(רן) אין סיבה שלא . . .אתה יכול להריץ אותו על עצמו - על עצמו - על עצמו - על עצמו . . . .על הכלי שלך.(דותן) נכון . . .(רן) נשמע כמו רעיון מאוד שימושי, שימוש מאוד טוב לזמן שלך . . . (דותן) פרודוקטיבי, כן . . . (רן) בוא, תנסה . . . (אלון) חבר’ה, אני בעד התחממות כדור הארץ - פשוט אם כולם יעשו, זה יתחמם יותר מהר.(דותן) אפשר גם לשלב - יש את הכלי של ה-Port Scanning:אם אתה מריץ אותו פעם אחת - זה מעיר CISOאם אתה מריץ אותו בתוך ה-hyperfine, שזה מריץ אותו כנראה אלפי פעמים - אז אולי אתה מעיר את כל הצוות . . . [ואת מערך הסייבר](רן) ואז, ברגע שהגעת ל-Port, אתה מתחבר ל-Bitcoin - וכורה . . . [בעסה שכבר אי אפשר לקנות ככה טסלה](דותן) בדיוק(אלון) הפודקאסט עבר נושא, נראה לי . . . [מה אמרנו על טל”ח וייעוץ משפטי?](דותן) אחרי הפרק הזה, כל מיני צוותי Security יתקשרו אלינו ויגידו שהם לא ישנים בלילה[סביר מאוד, רק שזה הוקלט לפני הסבב הנוכחי אז הסיבה כנראה תיהיה שונה מהצפוי . . .]אז האייטם הבא - זה נקרא terraformer וזה נמצא תחת Google Cloud Platform ב-GitHubכלי שעושה “Reverse Terraform”, כלומר - תכוון אותו ל-Infrastructure והוא ייצר קוד.(אלון) *עכשיו* אתה בא עם זה? איפה היית עד היום?!(דותן) זה לא אני, זה הצוות SRE ב-Waze, מסתבר . . . [Created by: Waze SRE](אלון) איזה מגניב!(דותן) ברכות וד”ש . . .(רן) לדעתי ל-AWS יש כזה כבר הרבה זמן . . . אני חושב ש . . . [יש את AWS CloudFormation](דותן) זהו, שגם ל-Terraform . . . לא בטוח של-Terraform…(רן) לדעתי אפילו Terraform הם אלו שייצרו את זה, אבל אני זוכר שראיתי Plug-in כזה ל-AWS גם . . . (דותן) אז פה יש רשימה מטורפת של Providers, אני לא יודע כמה - מן הסתם לא ניסיתי את כל ה-Providers, אז אני לא יודע מה רמת ה . . . אבל מבחינת Cloud-ים אז GCP ו-AWS ו-Azure ו-Alibaba ו-IBM ו-DigitalOcean ועוד ועוד ועוד . . .קצת משוגע אפילו, הייתי אומר, בקטע טוב(רן) מה אתם עושים אצלכם, אלון?אני מבין שאתם משתמשים ב-Terraform, אז איך אתם עושים את זה? מעל GCP, ומה אז?(אלון) יש לנו Terraform, לצערינו עדיין לא על הכלאבל כתבו, כאילו - מאפס, אתה יודע . . . מה זאת אומרת מה עשינו?(רן) כאילו יש לכם, תיאורטית - אתם רוצים להגיע למצב שבו יש לכם את כל סביבת ה-Production, שאפשר להריץ אותה בסקריפט אחד, ומעל זה לפרוש את כל ה-Services והכל - וזה מונע ע”י Terraform, זה הקונספט?(אלון) כן, זה הקונספט - ה-Terraform ב-Infrastructure והכלי CI לאפליקציות, CI/CD, איך שלא . . . (רן) אוקיי . . . (דותן) אני חייב להגיד שיש פה מלא השקעה, מלא . . . בכלי הזה.אם תטיילו ב-Providers, תפתחו Provider אחד לדוגמא - קודם כל להתחבר ל-API, וממש להבין את כל האובייקטים בפנים, ולתרגם אותם ל-Terraformבקיצור - מגניב(אלון) זה אחלה . . . אני אחזור אליך עם כמה זה שימושי - מעניין אם אני אתן לו פרויקט - סביבה - אם הוא יצליח לבנות אותה, כי לא הכל אצלנו ב-Terraform עדיין(דותן) זהו, אז נמשיך לאייטם הבא - יש פה שפה שנקראית GoPlusאני כבר אגיד שאני לא הייתי משתמש בה . . .אבל זו שפה שנכתבה, דומה ל-Go, עבור Data Science.למי שרוצה לשחק, להתנסות - זה תמיד כיף, אבל אני לא יודע אם הייתי משתמש בה באמת בפועללא יודע אם זה בכלל . . . אם יש לזה מטרה ואם זה מייצר משהו פרודוקטיבי.(רן) אני גם לא, דרך אגב . . .(אלון) יש משהו . .. איזה וריאנט על Go, שכבר היה . . . GoPlusPlus אני חושב? . . . [צודק, היה כבר אייטם של רן על goplus, שבצירוף מקרים סטייל ה-Hitchhikers’ Guide הוזכרה בבאמפרס 68 - המקורי, לא זה שהתבלבל בספירה עם הבאמפרס הקודם, שהוזכר בתחילת הפרק הזה . . . Glitch במטריקס?](דותן) כן, יש מלא, האמת . . . יש מלא - אחת הבעיות עם כל השפות ב-Go זה שהן איטיות, באופן מפתיע.יש כאלה שמהירות יותר, נגיד אם מימשו, לא זוכר איזו שפה זו, אבל הייתה שפה שמימשו ב-Go העניין הוא ששפת המטרה הייתה כל כך איטית, שגם אחרי שמימשו את השפה הזו on top of Go, היא הייתה יותר מהירה . . . לא זוכר בדיוק איזו שפה זו.בקיצור - תמיד זה איכזב אותי, זה היה דווקא יכול להיות נחמד, כי למשל - אם אתה לוקח שפה שהיא באופן טיפוסי באה עם חברים, נגיד Clojure שבאה עם כל ה-JVM, ומה שבא לך זה איזשהו Lisp ככה, Light-weight, כייפי, מגניב, שאתה יכול נגיד לארוז כשפת קונפיגורציה או כל מיני שימושים כאלה מעניינים אז אתה יודע שאם זה בנוי ב-Go, אז אתה תקבל Single Binary, ששוקל איזה 9Mb, וסיימת.יש מלא אימפלמנטציות (Implementations) Lisp-like Languages, אבל כולן סופר-איטיות וכאלה . . מגושמות, לצערי.(רן) כן . . . אני גם, דרך אגב, לא חושב שהייתי משתמש בהזאת אומרת - אני אוהב את Go, ואני עושה Data Science - אבל זה לא מתחבר לי, goplus נראית כמו אנקדוטה נחמדה.בסדר - אז אתה יכול להריץ סקריפטים, אבל זה לא באמת . . . לפחות בינתיים, זה לא באמת פרקטיאין לזה את ה-Ecosystem העשיר שיש ל-Python או ב-R או בשפות אחרות, כך שזה באמת יותר צעצוע, לא ממש משהו שימושי, לדעתי.(דותן) כן, זה משהו שטוב להמליץ למתחרים בתור שפה שממש טוב להתעסק איתה . . .(אלון) כן - “תבדוק, ספר לי איך היה” . . .יש את השפה ל-Data Science - ה-Linda? (רן) Julia . . . אחותה . . .(אלון) כן, אחותה, זהו . . . היא אמורה להיות מעניינת, אבל זה . . .(רן) כן, היא מעניינת - אבל יש לה Ecosystem מאוד קטן, אז השפה היא עם Performance גבוה ובאמת מיועדת לחישובים מדעיים, אבל מבחינת ה-Ecosystem זה לא מתקרב למה שיש ב-Ecosystems האחרים של R ושל Python או MATLAB, ככה שרק אם אתה צריך משהו נורא ספציפי שלא מצאתי בשום מקום אחר, ואתה צריך High Performance, אז אתה צריך להחליט האם אתה הולך על Julia או משהו אחר - ++C או Rust או אחריםככה שגם אז - Julia זו לא האופציה היחידה שיש לך שם.(אלון) אגב - גם Fortran . . . לא לשכוח. אישית, אצלנו יש קצת Fortran . . .(דותן) Fortnite . . . (אלון) כן, כמעט . . . (דותן) בינתיים שיניתי קצת את הסדר - יש כאן עוד שפה שנקראית Starlark - בטח רן מכיר . . .זאת שפת קונפיגורציה, שנמצאית מאחורי Bazel, ואפשר להשתמש בה באופן עצמאיאיך נראית השפה הזאת? טיפה Python-י, וטיפה, נקרא לזה פרוגרמבילי (Programmable) - אפשר להריץ שם כל מיני לופים (Loops) ושטויות כאלה, אבל ב-end-state של הדבר הזה זה אמור להיות Configuration Language.עוד פעם - לא יודע . . . אם מישהו צריך Configuration Language אז . . . האמת, יש מצבים כאלה, שאתה רוצה להיות מאוד Express-י, אתה בונה כלי ואתה רוצה להיות מאוד Express-י בקונפיגורציה שלו.נגיד - קונפיגורציה שמרגישה כמו Terraform מבחינת איך שזה מרגיש, או NGINXזה לא ממש Yaml וזה לא ממש תכנות - אז אני תמיד מחפש את אלה.(רן) אז כן, אני יודע את השפה - קודם כל, כשמסתכלים על זה זה נראה כמו Python, בגדולאבל הפרוייקט הזה הוא למעשה ממש ב-Go, אז כנראה Go-interpreter ל-Python, או למשהו שדומה ל-Python.עכשיו, זה לא Python Per se - זו כן שפת קונפיגורציה, אבל זה קצת מזכיר לי קונספט של שפה אחרת שנקראית Jsonnet, אם אני זוכר

Writing CloudFormation templates from scratch is a lot of work. You will run into many issues along the way: the documentation is incomplete, magic values are required, unsupported combinations of attributes, etc. The feedback cycles are long. In the end, we have to provision real infrastructure to test the template. If you ever created an Elastisearch cluster, you feel the pain. We also observe that AWS architectures follow similar patterns (aka best practices). So why not make a collection of templates and share them with the world? That's what we did in late 2015. We launched Free Templates for AWS CloudFormation. In this episode, Michael provides you an overview of the project and show you typical use cases.

En este episodio te contamos qué es infraestructura como código, las herramientas más comunes que hay en AWS, sus beneficios y buenas prácticas. También te contamos como podes empezar a aplicar infraestructura como código en tus proyectos o si sos un usuario nuevo de la nube.En este es el episodio #2.08 del Podcast de Charlas Técnicas de AWS.00:00 - Introducción06:00 - Qué es infraestructura como código y porqué usarla?18:20 - AWS CloudFormation21:25 - AWS CDK25:25 - AWS SAM27:11 - AWS SDK y AWS CLI28:45 - Terraform33:05 - Beneficios de la infraestructura como código45:35 - Buenas practicas54:54 - Cómo empezar?01:04:30 - Empezar a en la nube con infraestructura como código

فهاد الحلقة دوينا على AWS CloudFormation In this episode, we talked about AWS CloudFormation #aws #ec2 #podcast #cloud #darija #morocco #cloudformation #infraascode

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS」 おはようございます、火曜日担当の古川です。 今日は 4/17 に出たアップデートをピックアップしてご紹介 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ トークスクリプト https://blog.serverworks.co.jp/aws-update-2021-04-17 ■ UPDATE PICKUP  AWS CloudFormationでマクロとトランスフォームを使用して スタックセットの作成が可能に  Amazon Athenaでユーザー定義関数（UDF）が利用可能に   Amazon Managed Service for Grafanaが、Grafana Enterpriseのアップグレード、Grafanaバージョン7.5、Open Distro for Elasticsearchの統合、AWS Billingレポートに対応 ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS」 おはようございます、月曜日担当パーソナリティの篠﨑です。 今日は 4/16 に出たアップデートをピックアップしてご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ トークスクリプト https://blog.serverworks.co.jp/aws-update-2021-04-16 ■ UPDATE PICKUP  Amazon EventBridgeでクロスリージョンイベントバスターゲットをサポート  パラメータバージョンを指定せずにAWS CloudFormation テンプレートでAWS Systems Manager パラメータ値を参照できるように  AWS Security Hub Automated Response & Remediation Solutionは、AWS Foundational Security のベストプラクティス標準サポートを追加  CloudWatch LogsでAmazon Macieで機密データ検出ジョブのジョブステータスとヘルスモニタリングができるように  Amazon RDS for PostgreSQL がpg_bigm拡張機能をサポート  AWS Data Exchangeでサブスクリプション後にS3へのエクスポートを簡単に設定できるように  AWSのオープンデータレジストリにアメリカの地質学調査所、スイスの生物情報学研究所であるiNaturalist.orgなどからデータセットの更新 ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

In der heutigen Episode spricht Dennis über die Vorteile von “Infrastructure as Code” (IaC) sowie die zugehörigen Tools, wie AWS CloudFormation und das AWS Cloud Development Kit (AWS CDK). Der offizielle deutschsprachige Podcast rund um Amazon Web Services (AWS), für Neugierige, Cloud-Einsteiger und AWS-Experten, produziert von Dennis Traub, Developer Advocate bei AWS. Bei Fragen, Anregungen und Feedback wendet euch gerne direkt an Dennis auf Twitter (@dtraub) oder per Mail an traubd@amazon.com.   Links zum Thema: - AWS CloudFormation - Speed up cloud provisioning with infrastructure as code: https://aws.amazon.com/cloudformation - AWS Cloud Development Kit (AWS CDK): https://github.com/aws/aws-cdk   Für mehr Infos, Tipps und Tricks rund um AWS und die Cloud folgt Dennis auf: - Twitter - https://twitter.com/dtraub  - Twitch - https://www.twitch.tv/dennis_at_work - YouTube - https://www.youtube.com/dennistraub

※配信プラットフォームが停止しており配信開始遅れました、、、！ 最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS！」 おはようございます、サーバーワークスの加藤です。 今日は 11/25 に出たアップデート6件をご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ UPDATE ラインナップ AWS CloudFormation モジュールを発表 Amazon EventBridge がサーバーサイド暗号化に対応 AWS IoT SiteWise が AWS KMS を利用した暗号化に対応 JetBrains製IDE向け AWS Toolkit が Amazon SQS と Amazon CloudWatch Logs Insights に対応 AWS App2Container が認証済WindowsアプリケーションのデプロイをEKSに拡大 AWS CloudHSM のバックアップ保持期間を設定可能に ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS！」 おはようございます、サーバーワークスの加藤です。 今日は 10/22 に出たアップデート11件をご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ UPDATE ラインナップ Amazon SNS が FIFO トピックを発表 Amazon CloudFront が IAM ユーザー権限を用いた公開鍵管理をサポート AWS StepFunctions が Amazon Athena との統合をサポート Amazon Kendra がカスタムデータソースをサポート AWS CloudFormation が5つのサービス制限を緩和 Amazon MQ が ActiveMQ バージョン 5.15.13 に対応 Amazon AppStream 2.0 がより小さいインスタンスサイズに対応 Amazon RDS for Oracle がマネージドディザスタリカバリをサポート Amazon Redshift が Amazon EventBridge と統合、SQL クエリのスケジューリングをサポート AWS App Mesh が ACM プライベート認証局のアカウント間共有をサポート AWS App Mesh がリソースのデフォルト制限を引き上げ ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

Hoy nos visita Carlos Afonso, un Solutions Architect para hablar de DevOps y como los servicios de AWS pueden ayudar a los desarrolladores.Carlos Afonso Basado en Madrid, España, Carlos es un Solutions Architect que ayuda a Startups en España y Portugal construyendo aplicaciones robustas, tolerantes a fallas y optimizadas en costes en AWS. Cuando no esta hablando de AWS, lo podemos encontrar haciendo código como entretenimiento o intentando crear su propia cerveza (con éxitos relativos).Rodrigo Asensio - @rasensioBasado en Barcelona, España, Rodrigo es responsable de un equipo de Solution Architecture del segmento Enterprise que ayuda a grandes clientes en Iberia a moverse al cloud y aprovechar sus beneficios.LinksAWS CodeCommit: https://aws.amazon.com/codecommit/ AWS CodeCommit es un servicio completamente administrado de control de código fuente que aloja repositorios basados en Git seguros. Simplifica la colaboración en el código por parte de los equipos, en un ecosistema seguro y con alta escalabilidad. Con CodeCommit no necesita utilizar su propio sistema de control de código fuente ni preocuparse por el escalado de la infraestructura de dicho sistema. CodeCommit, que funciona perfectamente con las herramientas de Git existentes, se puede utilizar para almacenar de forma segura cualquier elemento, ya sea código fuente o binario.AWS CodeBuild: https://aws.amazon.com/codebuild/AWS CodeBuild es un servicio de integración continua completamente administrado que compila código fuente, ejecuta pruebas y produce paquetes de software listos para su implementación. Con CodeBuild, no es necesario aprovisionar, administrar y escalar sus propios servidores de compilación. CodeBuild se escala constantemente y procesa numerosas compilaciones a la vez, de manera que estas no permanecen a la espera en una cola. Puede comenzar con rapidez mediante entornos de compilación preempaquetados, o crear entornos de compilación propios personalizados que utilicen sus herramientas de compilación. Con CodeBuild, se le cobra por cada minuto de recursos informáticos que utilice.AWS CodeDeploy: https://aws.amazon.com/codedeploy/AWS CodeDeploy es un servicio de implementación completamente administrado que automatiza las implementaciones de software en diferentes servicios informáticos, como Amazon EC2, AWS Fargate, AWS Lambda y sus servidores locales. AWS CodeDeploy facilita el lanzamiento rápido de nuevas características, ayuda a evitar tiempos de inactividad durante la implementación de una aplicación y administra la compleja actualización de las aplicaciones. Puede usar AWS CodeDeploy para automatizar implementaciones de software, lo que elimina la necesidad de realizar operaciones manuales propensas a errores. El servicio se adapta a sus necesidades de implementación.AWS CodePipeline: https://aws.amazon.com/codepipeline/AWS CodePipeline es un servicio de entrega continua completamente administrado que permite automatizar canalizaciones de lanzamiento para lograr actualizaciones de infraestructura y aplicaciones rápidas y fiables. CodePipeline automatiza las fases de compilación, prueba e implementación del proceso de lanzamiento cada vez que se realiza una modificación en el código, en función del modelo de lanzamiento que defina. Esto le permite entregar características y actualizaciones de forma rápida y fiable. Puede integrar fácilmente AWS CodePipeline con servicios de terceros, como GitHub o su propio complemento personalizado. Con AWS CodePipeline solo paga por lo que utiliza. No es necesario pagar cuotas iniciales ni asumir compromisos a largo plazo.AWS CodeStar: https://aws.amazon.com/codestar/AWS CodeStar le permite desarrollar, compilar e implementar rápidamente aplicaciones en AWS. AWS CodeStar proporciona una interfaz de usuario unificada que permite administrar fácilmente actividades de desarrollo de software en un solo lugar. Con AWS CodeStar puede configurar en cuestión de minutos toda su cadena de herramientas de entrega continua, lo que permite comenzar a publicar código más rápido. AWS CodeStar facilita que todo su equipo trabaje junto de forma segura, lo que permite administrar fácilmente el acceso a sus proyectos, así como agregar propietarios, contribuyentes y espectadores de forma sencilla. Cada proyecto AWS CodeStar incorpora un panel de administración de proyectos que incluye la funcionalidad integrada de seguimiento de incidencias con tecnología de Atlassian JIRA Software. Con el panel de proyectos de AWS CodeStar puede realizar un seguimiento del progreso en todo el proceso de desarrollo de software, desde su lista de tareas pendientes hasta las implementaciones de código recientes de los equipos.Amazon CodeGuru: https://aws.amazon.com/codeguru/Amazon CodeGuru es una herramienta para desarrolladores basada en aprendizaje automático que brinda recomendaciones inteligentes para mejorar la calidad del código e identificar las líneas de código más costosas de una aplicación. Integre Amazon CodeGuru en el flujo de trabajo de desarrollo de software existente, en el que tendrá revisiones de código integradas para detectar y optimizar las líneas de código más costosas a fin de reducir los costos.AWS CloudFormation: https://aws.amazon.com/cloudformation AWS CloudFormation proporciona un lenguaje común para que modele y aprovisione recursos de aplicación de AWS y de terceros en su entorno de nube. AWS CloudFormation permite utilizar lenguajes de programación o un archivo de texto simple para modelar y aprovisionar, de una manera segura y automatizada, todos los recursos necesarios para las aplicaciones en todas las regiones y cuentas. Esto proporciona una única fuente de confianza para los recursos de AWS y de terceros.CDK: https://aws.amazon.com/cdk/ El kit de desarrollo de la nube de AWS (AWS CDK) es un marco de desarrollo de software de código abierto que sirve para modelar y aprovisionar sus recursos destinados a aplicaciones en la nube mediante lenguajes de programación conocidos.Aprovisionar aplicaciones en la nube puede resultar un proceso desafiante que implica realizar acciones manuales, escribir secuencias de comandos personalizadas, mantener plantillas o aprender lenguajes para dominios específicos. AWS CDK usa la familiaridad con los lenguajes de programación y la capacidad expresiva de estos para modelar aplicaciones. Provee componentes de alto nivel que preconfiguran recursos en la nube con valores predeterminados fiables. Esto le permite crear aplicaciones en la nube sin necesidad de ser un experto. AWS CDK aprovisiona sus recursos de una manera segura y repetible mediante AWS CloudFormation. También posibilita crear y compartir componentes personalizados propios que incorporen los requisitos de su organización, proceso que lo ayuda a iniciar proyectos nuevos con mayor rapidez.

A bit later than planned, but Arjen, Jean-Manuel, and Guy are back to talk about the AWS news from September 2020. This episode contains Arjen talking about what's wrong with the SSO APIs, Jean-Manuel showing off his Quantum computing knowledge, and Guy giving a sauce bottle a fair shake? The News   Finally in ANZ Amazon Lex launches support for Australian English Urban Dictionary: Fair shake of the sauce bottle Amazon RDS M6g and R6g instances powered by AWS Graviton2 processors are now available in Asia Pacific regions Amazon RDS M6g and R6g instance types, powered by AWS Graviton2 processors: In preview and now supported on more database versions Amazon CloudFront launches in two new countries - Mexico and New Zealand Serverless AWS Step Functions increases payload size to 256KB API Gateway HTTP APIs now supports Lambda and IAM authorization options AWS Step Functions adds support for AWS X-Ray AWS Lambda adds console support for visualizing AWS Step Functions workflows Amazon API Gateway now supports mutual TLS authentication mTLS auth with AWS API Gateway | by Koustubha Kale | Contino Engineering Mutual TLS auth with AWS API Gateway Part 2 - check certificate revocation | by Koustubha Kale | Contino Engineering Amazon EventBridge Schema Registry announces support for JSON Schema Containers Announcing the General Availability of Bottlerocket, a new open source Linux-based operating system purpose-built to run containers EKS Now Supports Creation and Management of Fargate Profiles Using AWS CloudFormation Amazon EKS now supports assigning EC2 security groups to Kubernetes pods Amazon CloudWatch now monitors Prometheus metrics from Container environments AWS and Docker extend collaboration to launch new features in Docker Desktop Docker Open Sources Compose for Amazon ECS and Microsoft ACI - Docker Blog Amazon ECS is now available in the Los Angeles AWS Local Zones EC2 & VPC New EC2 T4g Instances – Burstable Performance Powered by AWS Graviton2 – Try Them for Free | AWS News Blog Amazon EC2/Spot Fleet now support modifying instance types and weights on the run Announcing AWS PrivateLink support for Amazon Textract Amazon CodeGuru Profiler now supports AWS PrivateLink Amazon Lightsail now offers new OS blueprints Application Load Balancers now support AWS Outposts AWS Elastic Beanstalk now supports sharing of an Application Load Balancer among Elastic Beanstalk environments Amazon CloudWatch Agent is now Open Source and included with Amazon Linux 2 Dev & Ops AWS Systems Manager now supports all current versions of Ubuntu AWS X-Ray launches Auto-Instrumentation Agent for Java AWS X-Ray launches anomaly detection-based actionable insights in preview Amazon CloudWatch Synthetics strengthens end-to-end canary run debugging with X-Ray traces Systems Manager now supports on-demand patching with just two clicks Amazon CloudWatch Synthetics now supports enhanced monitoring for Broken Link and GUI Workflow Blueprints Amazon CloudFront announces support for Brotli compression AWS Systems Manager Explorer now supports grouping and customization of operational data sources Announcing event logging and self-upgrade capabilities in SSM Agent, with new version 3.0 Announcing the General Availability of Amazon Corretto 15 Security AWS Single Sign-On adds account assignment APIs and AWS CloudFormation support to automate multi-account access management Fixing AWS SSO's CloudFormation | ig.nore.me GitHub - ArjenSchwarz/awstools: A little application to help with more complex AWS functions cloudformation-macros/SSOFixer at master · ArjenSchwarz/cloudformation-macros · GitHub Now available AWS SSO credential profile support in the AWS Toolkit for JetBrains IDEs Amazon CloudFront announces real-time logs Amazon CloudFront announces support for TLSv1.3 for viewer connections Amazon CloudWatch Dashboards now supports sharing AWS Backup Will Automatically Copy Tags from Nested EBS Volumes to EC2 Recovery Points Enforce encryption for Amazon Elastic File System resources using AWS IAM Amazon Detective introduces IAM Role Session Analysis Data Lifecycle Manager now supports multiple schedules within in a single lifecycle policy AWS Backup supports application-consistent backups of Microsoft workloads on EC2 Introducing AWS Cost Anomaly Detection (Preview) Storage & Databases Announcing Data API for Amazon Redshift Amazon Redshift now supports 100K tables in a single cluster Amazon RDS for SQL Server Now Supports Native Backup/Restore on DB Instances with Read Replicas Amazon Aurora Increases Maximum Storage Size to 128TB Amazon Elasticsearch Service now offers T3 Instances Amazon ElastiCache is now available in the AWS Local Zones in Los Angeles (LA) Now it's even easier to connect JetBrains IDEs to Amazon RDS or Redshift Databases Amazon EFS integrates with AWS Systems Manager to simplify management of Amazon EFS clients AI & ML Amazon Textract supports customer S3 buckets Other Cool Stuff AWS announces a 86%+ price reduction for AWS IoT Events Amazon WorkSpaces introduces Microsoft Office Professional bundle for Bring Your Own Windows License WorkSpaces Amazon WorkSpaces introduces support for cross-Region redirection Amazon Connect launches contact flow management APIs Amazon Connect launches APIs that list prompts within your instance Amazon Connect launches API to configure routing profiles programmatically AWS CloudFormation now supports StackSets Resource Type in the CloudFormation Registry Introducing AWS Perspective Announcing new AWS Wavelength Zones in Atlanta, New York City, and Washington DC Queuing purchases of Savings Plans Amazon Braket now offers D-Wave's Advantage quantum system for quantum annealing The D-Wave 2000Q (PDF) The Nano Candidates Amazon Elasticsearch Service now offers T3 Instances (Jean-Manuel) AWS Fargate increases default resource count service quotas (Guy) AWS IQ now provides short URLs for expert profiles (Arjen)   Sponsors   Gold Sponsor Innablr   Silver Sponsors AC3 CMD Solutions DoIT International  

Cosa vuol dire davvero "DevOps" e quali tecniche possiamo utilizzare per rendere più produttivo un team di sviluppo software nel 2020? In questo episodio parliamo di Infrastructure as Code (IaC), uno strumento indispensabile per automatizzare i rilasci e renderli riproducibili ed affidabili. Parleremo dei vantaggi pratici e degli approcci principali a disposizione nel 2020 (AWS CloudFormation, HashiCorp Terraform e AWS CDK).

Deploying on cloud is very very different as compared to traditional IT infrastructures. In cloud, your deployments no longer remain hardware devices, but rather become programmable services. AWS CloudFormation is a managed AWS service that helps you to deploy your entire infrastructure as a code (IaaC). Using this, you can set up your resources continuously and repeatedly without doing all the work again and again. Now that we know slightly about CloudFormation let’s dive deep into it. CloudFormation has two most important components, templates and stacks. Let’s get on to them one by one starting with templates. A template is like a JSON or YAML file that lays the blueprint of your entire architecture. This is the document, sort of, that you upload to AWS and it provisions resources. A template has its own elements, namely: A list of AWS resources and their configuration values. Do remember this is the only part that is mandatory in the entire template Optional version number. Just as I mentioned earlier, you can apply version control to your architecture. Optional list of parameters. Consider them like some variable input values that you want to provide the template at the time of provisioning, eg. IP CIDR ranges. Optional list of output values Optional list of data tables to lookup static configuration values, like the AMIs as per the region you are provisioning And once the resources that you’ve mentioned in the template are provisioned, they all form a stack. But do remember that only the resources that are deployed as a part of the same template can be classified as a single unit called stack. Simply said, stack is nothing but a collection of resources provisioned as a part of the same cloudFormation template. Now comes a very important part of the CloudFormation service, change sets. So basically when you have deployed an architecture and now you want to make changes to the architecture, change sets come into picture. It includes an overview of the changes that you intend to make, thereby helping you to check how the proposed changes could potentially affect the already running resources. And once you execute the change set, only then will the changes be actually made to the resources. However, know that change set in no way tell you whether the stack will be successfully updated or not. Permissions and security, again, being the topmost priority of AWS, find their place in CloudFormation as well. Beginning with IAM, you must have IAM permissions assigned to you to enable you to create, provision, modify, edit or delete resources. Whatever action your template intends to perform, you must have requisite permissions for it. But AWS services have roles assigned to them, and you can use them too. A Service role is assigned to the template that enables cloudFormation to make API calls to required services on your behalf. If you have a service role, CloudFormation will no longer need you to have permissions, it will simply execute as per the permissions of the service role. But, how does it work? Like how do they grant permissions? When using a user’s IAM permissions, a temporary token is created on the basis of the user's credentials while in the case of service role, the token is created from the role’s credentials. Cloudformation template attributes CreationPolicy Creation policy makes sure that no resource sends a create complete signal until and unless it has sent a specified number of success signals to the CloudFormation. DeletionPolicy It specifies what to do when the stack is being deleted, as to whether to retain a resource or maintain it’s backup For example you can specify to take snapshots of an RDS instance at the time of deletion. DependsOn This attribute tells the CloudFormation that the resource A is dependent on resource B and that you need to have B created before you can go on and create A.

newline Podcast Sudo StephNate: [00:00:00] Steph, just tell us a little bit about your work and kind of your background with, like AWS and like what you're doing now.Steph: [00:00:06] Yes, so I work as a engineer for a manage services provider called Second Watch. We basically partner with other big companies that use AWS or some other clouds sometimes Azure for managing their cloud infrastructure, which basically just means that.We help big companies who may not, their focus may not be technology, it may not be cloud stuff in general, and we're able to just basically optimize the cost of everything, make sure that things are running reliably and smoothly, and we're able to work with AWS directly to kind of keep people ahead of the curve when.New stuff is coming out and just it changes so much, you know, it's important to be able to adapt. So like personally, my role is I develop automation for our internal operations teams. So we have a bunch of, you know, just really smart people who are always working on customer specific AWS issues. And we see some of the same issues.Pop up over and over. Of course, you know, security , auditing, cost optimization. And so my team makes optimizations that we can distribute to all of these clients who have to maintain their own. You know, they have their own AWS account. It's theirs. And we make it so that we're actually able to distribute these automations same way in all of our customers' accounts.So the idea is that, and it's really wouldn't be doable without serverless because the idea is that everyone has to own their own infrastructure, right? Your AWS account is yours does or your resources, you don't, for security reasons, want to put all of your stuff on somebody else's account. But actually managing them all the same way can be a really difficult, even with scripts, because permissions different places have to be granted through the AWS permissions up with  access, I identity and access management, right? So serverless gave us the real tool that we needed to be able to at scale, say, Hey, we came up with a little script that will run on an hourly basis to check to see how much usage these servers are getting, and if they're not production servers, you know, spin them down if they're not in use to save money.Little things like that when it comes to operations and AWS Lambda is just so good for it because it's all about, you know, like I said, doing things reliably. Doing things in a ways that can be audited and logged and doing things for like a decent price. So like background wise, I used to work at AWS in AWS support actually, and I kind of supported some of their dev ops products like OpsWorks, which is based on chef for configuration management, elastic Beanstalk and AWS CloudFormation, specifically. After working there for a bit, I really got to see, you know, how it's made and what the underlying system is like. And it was just crazy just to see how much work goes into all this, just so you can have a supposedly, easier to use for an end. But serverless just kinda changed all that for the better.Luckily.Amelia: [00:02:57] So it sounds like AWS has a ton of different services. What are the main ones and how many are there?Steph: [00:03:04] So I don't think I can even count anymore because they just, they do release new ones all the time. So hundreds at this point, but really main ones, and maybe not hundreds, maybe a little over a hundred would be a better estimate.I mean,  EC2 which is elastic compute is. The bread and butter. Historically, AWS is just, they're virtualized servers basically. So EC2, the thing that made AWS really special from the beginning and that made cloud start to take over the world was the concept of auto scaling groups, which are basically definitions you attached to EC2 and it basically allows you to say, Hey, if I start getting a lot of traffic on.This one type of server, right? You know, create a second server that looks exactly the same and load balance the traffic through it. So when they say scaling, that's basically what, how you scale, easy to use auto scaling groups and elastic load balancers and kind of distribute the traffic out. The other big thing besides the scalability of  with auto scaling groups is.Redundancy. So there's this idea of regions within AWS, and within each region there's availability zones. So regions are the general, like you can think of it as the place where data center is kind of like located within like a small degree. So it's usually like. Virginia is one, right? That's us East one.It's the oldest one. Another one is in California, but they're all over the world now. So the idea is you pick a region to minimize latency, so you pick the region that's closest to you. And then within the region, there's the idea of availability zones, which are basically just discreet, like physical locations of the servers that you administer them the same way, but they're protected.So like if a tornado runs through and hits one of your data centers. If you happen to have them distributed between two different availability zones, then you'll still be able to, you know, serve traffic. The other one will go down, but then the elastic load balancer will just notice that it's not responding and send the traffic to the other availability zone.So those are the main concepts that make it like EC2 those are what you need to use it effectively.Nate: [00:05:12] So with an easy to instance, that would be like a virtual server. I mean, it's not quite a Docker container, I guess we're getting to nuance there, but it's basically like a server that you would have like command line access to.You could log in and you can do more or less whenever you want on an EC2 instance.Steph: [00:05:29] Right, exactly. And so it used to be AWS used what was called Zen virtualization to do it. And that's just like you can run Zen on your own computer, you can get a computer and set up a virtual machine, almost just like they used to do it .So they are constantly putting out like new ways of virtualizing more efficiently. So they do have new technology now, but it's not something that was really, I mean, it was well known, but they really took it to a new kind of scale, which made it really impressive.Nate: [00:05:56] Okay, so EC2 lets you have full access to the box that's running and you might like load bounce requests against that.How does that contrast with what you do with AWS Lambda and serverless?Steph: [00:06:09] So with , you still have to, you know, either secure shell or, you know, furious and windows. Use RDP or something to actually get in there. You care about what ports are open. You have security groups for that. You care about all the stuff you would care about normally with a server you care about.Is it patched and up today you care about, you know, what's the current memory and CPU usage? All those things don't go away on EC2 just because it's cloud, right? When we start bringing serverless into the mix, suddenly. They do go and away. I mean, and there's still a few limitations. Like for instance, a Lambda has a limit on how much memory it can process with, just because they have to have a way to kind of keep costs down and define the units of them and define where to put them.Right? But at its core, what a Lambda is, it actually runs on a Docker container. You can think of it like a pre-configured Docker container with some pre-installed dependencies. So for Python, it would have. The latest version of Python that it says it has, it would have boto. It would have the stuff that it needs to execute that, and it would also have some basic, it's structured like it was, you know, basic Linux.So there's like a attempt. So slash temp you can write files there, right. But really it's like a Docker container. That runs underneath it on a fleet of . As far as availability zone distribution goes, that's already built into land, but you don't have to think about it with . You do have to think about it.Because if you only run one easy to server and it's in one availability zone, it's not really different from just having a physical server somewhere with a traditional provider.Nate: [00:07:38] So. There are these two terms, there's like serverless and Lambda. Can you talk a little bit about like the difference between those two terms and when to use each appropriately?Steph: [00:07:48] Yeah, so they are in a way sorta interchangeable, right? Because serverless technology just means the general idea of. I have an application, I have it defined it an artifact of we'll say zip from our get repo, right? So that application is my main artifact, and then I pass it to a service somewhere. I don't know.It could be at work. The Google app engine, that's a type of serverless technology and AWS Lambda is just the specific AWS serverless technology. But the reason AWS Lambda is, in my opinion so powerful, is because it integrates really well with the other features of AWS. So permissions management works with AWS Lambda API gateway.there's a lot of really tight integrations you can make with Lambda so that it doesn't, it's not like you have to keep half of your stuff one place and half of your stuff somewhere else. I remember when like Heroku was really big . A lot of people, you know, maybe they were maintaining an AWS account and they were also maintaining a bunch of  stuff and Heroku, and they're just trying to make it work together.And even though Heroku does use, you know, AWS on the backend, or at least it did back then, it can just make things more complicated. But the whole server, this idea of the artifact is you make your code general, it's like a little microservice in a way. So I can take my serverless application and ideally, you know, it's just Python.I use NF, I write it the right way. Getting it to work on a different server. This back end, like for, exit. I think Azure has one, and Google app engine isn't really too much of a change. There's some changes to permissions and the way that you invoke it, but at the core of it, the real resource is just the application itself.It's not, you know, how many, you know, units of compute. Does it have, how many, you know, how much memory, what are the IP address rules and all that. YouNate: [00:09:35] know. So what are some good apps to build on serverless?Steph: [00:09:39] Yes. So you can build almost anything today on serverless, there's actually so much support, especially with AWS Lambda for integrations with all these other kinds of services that the stuff you can't do is getting more limited.But there is a trade off with cost, right? Because. To me the situation where it shines, where I would for no reason ever choose anything but serverless, is if you have something that's kind of bursty. So let's say you're making like a report generation tool that needs to run, but really you only run it three times a week or something like things that.They need to live somewhere. They need to be consistent. They need to be stable, they need to be available, but you don't know how often they're going to call. And even if they can go from that, there is small numbers of times it's being called, because the cool thing about serverless is , you're charged per every 100 milliseconds of time that it's being processed.When it comes to , you're charged and units that are, it used to be by the hour, I think they finally fixed it, and it's down to smaller increments. . But if you can write it. Efficiently. You can save a ton of money just by doing it this way, depending on what the use cases. So some stuff, like if you're using API gateway with Lambda, that actually can.Be a lot more expensive than Lambda will be. But you don't have to worry about, especially if you need redundancy. Cause otherwise you have to run a minimum of two  two servers just to keep them both up for a AZ kind of outages situation. You don't have to worry about that with Lambda. So anything that with lower usage 100%.If it's bursty 100% use Lambda, if it's one of those things where you just don't have many dependencies on it, then Lambda is a really good choice as well. So there's especially infrastructure management, which is, if you look, I think Warner Vogels, he wrote something recently about how serverless driven infrastructure automation is kind of going to be the really key point to making places that are using cloud use cloud more effectively.And so that's one group of people. That's a big group of people. If you're a big company and you already use the AWS and you're not getting everything out of it that you thought you would get. Sometimes there's serverless use cases that already exist out there and like there's a serverless application repo that AWS provides and AWS config integrations, so that if you can trigger a serverless action based off of some other resource actions. So like, let's say that your auto scaling group  scaled up and you wanted to like notify somebody, there's so many things you could do with it. It's super useful for that. But even if you're just, I'm co you're coming at it from like a blank slate and you want to create something .There are a lot of really good use cases for serverless. If you are, like I said, you're not really sure about how it's going to scale. You don't want to deal with redundancy and it fits into like a fairly well-defined, you know, this is pretty much all Python and it works with minimal dependencies. Then it's a really good starting place for that.Nate: [00:12:29] You know, you mentioned earlier that serverless is very good for when you have bursty services in that if you were to do it based on  and then also get that redundancy one. You're going to have to run while you're saying you'll have to run at least two EC2 instances, just 24 hours a day. I'm paying for those.Plus you're also going to pay for API gateway. Do you pay hourly for API gatewaySteph: [00:12:53] API gateway? It, it would work the same either way, but you would pay for, in that case, like a load balancer.Nate: [00:12:59] What is API gateway? Do you use that for serverless?Steph: [00:13:02] All the time. So API gateway?Nate: [00:13:04] Yeah. Tell us the elements of a typical serverless stack.So I understand there's like Lambda, for example, maybe you say like you use CloudFront. In front of your Lambda functions, which may be store images and S3 that like a typical stack? And then can you explain like what each of those services are,Steph: [00:13:22] how you would do that? Yeah, so you're, you're not, you're on the right track here.So, okay. So a good way to think about it is, if you look at AWS has published something which a lot of documentations on it called the serverless application management standard. So S a N. And so basically if you look at that, it actually defines the core units of serverless applications. So which is the function, an API, if you, if you want one.And basically any other permission type resources. So in your case, let's say it was something where I just wanted like a really. Basic tutorial that AWS provides is someone wants to upload an image for their profile and you want to, you know, scale it down to like a smaller image before you store it on your S3.You know, just so they're all the same size and it saves you a ton, all that. So if you're creating something like that, the AWS resources that you would need are basically an API gateway, which is. Acts as basically the definition of your API schema. So like if you've ever used swagger or like a open API, these standards where you basically just define, and JSON, you know it's a rest API, you do get here, post here, this resource name.That's a standard that you might see outside of AWS a lot. And so API Gateway is just basically a way to implement that same standard. They work with AWS. So that's how you can think of API gateway. It also manages stuff like authentication integration. So if you want to enable OAuth or something on something, you could set that up the API gateway level.SoNate: [00:14:55] if you had API gateway set up. Then is that basically a web server hosted by Amazon?Steph: [00:15:03] Yeah, that's basically it.Nate: [00:15:05] And so then your API gateway is just  assigned essentially randomly a DNS name by Amazon. If you wanted to have a custom DNS name to your API gateway. How do you do that?Steph: [00:15:21] Oh, it's just a setting.It's pretty. so what you could do, yeah, so if you already have a domain name, right? Route 53 which is AWS is domain name management service, you can use that to basically point that domain to the API gateway.Nate: [00:15:35] So you'd use route 53 you configure your DNS to have route 53 point a specific DNS name to your API gateway, and your API gateway would be like a web server that also handles like authentication and AWS integration. Okay,Steph: [00:15:51] got it. Yeah, that's a good breakdown of what that works. So that's your first kind of half of how people commonly trigger Lambdas. And that's not the only way to trigger it, but it's a very common way to do it. So what happens is when the API gateway is configured, part of it is you set what happens when the method is invoked.So there's like a REST API as a type of API gateway that. People use a lot. There's a few others, like a web socket, one which is pretty cool for streaming uses, and then they're always adding new options to it. So it's a really neat service. So you would have that kind of input go into your API gate.We would decide where to route it. Right. So in a lot of cases here, you might say that the Lambda function is where it gets routed to. That's considered the integration to it. And so basically API gateway passes it all of this stuff from the requests that you want to pass it. So, you know, I want to give it the content that was uploaded.I want to give it the IP address. It originally came from whatever you want to give it.Nate: [00:16:47] What backend would people use for API gateway other than Lambda? Like would you use an API gateway in front of an EC2 instance?Steph: [00:16:56] You could, but I would use probably a load balancer or application load balancer and that kind of thing.There's a lot of things you can integrate it for. Another cool one is, AWS API calls. It can proxy, so it can just directly take input from an API and send it to a specific API call if you want to do that. That's kind of some advanced usage, but Lambdas are kind of what I see is the go-to right now.Nate: [00:17:20] So the basic stack that we're looking at is you use API gateway to be in front of your Lambda function, and then your Lambda function just basically does the work, which is either like a writing to some sort of storage or calculating some sort of response. You mentioned earlier, you said, you know the Lambda function it can be fronted by an API if you want one. And then you mentioned, you know, there's other ways that you can trigger these Lambda functions. Can you talk a little bit about like what some of those other ways are?Steph: [00:17:48] Yeah, so actually those are really cool. So the cool thing is that you could trigger it based off of basically any type of CloudWatch event is a big one.And so CloudWatch is basically a monitoring slash auditing kind of service that AWS provides. So you can set triggers that go off when alarms are set. So. It could be usage, it could be, Hey, somebody logged in from an IP address that we don't recognize. You could do some really cool stuff with CloudWatch events specifically. And so those are one that I think for like management purposes are really powerful to leverage. But also you can do it off of S3 events, which are really cool. So like you could just have it, so anytime somebody uploads a. Let's say it was a or CI build, right?  You're doing IA builds and you're putting your artifacts into a S three bucket, so you know this is released version 1.1 or whatever, right?You put it into an S3 bucket, right? You can hook it up so that when ever something gets put into that S3 bucket. That another action is that takes place so you can make it so that, you know, whenever we upload a release, then you know, notify these people. So now an email or you can make it so that it, you know, as complicated as you want, you can make it trigger a different kind of part in your build stage.If you have things that are outside of AWS, you can have it trigger from there. There's a lot of really cool, just direct kind of things that you don't need. An API for. An S3 is a good one. The notification service, SNS it's used within AWS a lot that can be used. The queuing service AWS provides called SQS.It works with, and also just scheduled events, which I really like because it replaces the need for a crown server. So if you have things that run, you know, every Tuesday or whatever, right, you can just trigger your Lambda to do that from just one configuration point, you don't have to deal with anything more complicated than that.Nate: [00:19:38] I feel like that gives me a pretty good grounding in the ecosystem, in the setting. Maybe we could talk a little bit more about tools and tooling. Yeah, so I know that in the JavaScript world, on like the node world, they have the serverless framework, which is basically this abstraction over, I think it's over like Lambda and you know, Azure functions and Google up.Google cloud probably too. Do they have like a serverless framework for Python or is there like a framework that you end up using? Or do you just generally just write straight on top of Lambda?Steph: [00:20:06] So that's a great question and I definitely do recommend that even though there is like a front end you could do to just start, you know, typing code in and making the Lambda work right.It's definitely better to have some sort of framework that. Integrates with your actual, like, you know, wherever you use to store your code and test it and that kind of thing. So serverless is a really big one, and that's, it's kind of annoying because serverless, you know, it also refers to the greater ecosystem of code that runs without managing underlying servers.But in this particular case, Serverless is also like a third party company in tooling, and it does work for Python. It works for, a whole budget. That's kind of like the serverless equivalent in my head of like Terraform, something that is kind of meant to be kind of generic, but it offers a lot of kind of value to people just getting started. If you just want to put something in your, read me that says, here's how to, you know, deploy this from Github. You know, serverless is a cool tool for that. I don't personally like building with it myself just because I find that this SAM, which is Serverless Application Model, I think I said management earlier, but it's actually model.I just looked that up. I feel like that has everything I really want for AWS and I get more fine grain control. I don't like having too much obstruction and I also don't like. When you have to install something and something changes between versions and that changes the way your infrastructure gets deployed.That's a pet peeve of mine, and that's why I don't really use Terraform too much for the same reason. When you're operating really in one world, which in my case is AWS, I just don't get the value out of that. Right. But with the serverless application model, and they have a whole Sam CLI, they have a bunch of tools coming out.So many examples on their Github repos as well. I find that it's got really everything. I want to use plus some CloudFormation plugs right into that. So if I need to do anything outside of the normal serverless kind of world, I can do that. So it's better to use serverless than to not use anything at all.  I think it's a good tool and really good way to kind of get used to it and started, but at least my case where it really matters to have super consistent deployments where I'm sharing between people and accounts and all of that. And I find that SAM really gives me the best kind of best of both worlds.Amelia: [00:22:17] So, as far as I understand it, serverless is a fairly new concept.Steph: [00:22:22] You know, it's one of those things it's catching on. Recently, I felt like Google app engine candidate a long time ago, and it was kind of a niche thing for awhile, but it recently it, we're starting to see. Bigger enterprises, people who might not necessarily want bleeding edge stuff start to accept that serverless is going to be the future.And that's why we're seeing all this stuff come up and it's, it's actually really exciting. But the good thing is it's been around long enough that a lot of the actual tooling and the architecture patterns that you will use are mature. They've been used for years. Their sites you've been using for a long time that.You don't know that it's serverless on the back end, but it is because it's one of those things that doesn't really affect you unless you're kind of working on it. Right. But it's new to a lot of people, but I think it's in a good spot where it's more approachable than it used to be.Nate: [00:23:10] When you say that there's like a lot of standard patterns, maybe we could talk about some of those.So when you write a Lambda function and code, either with like Python or Java script or whatever, there are bloods, they say Python because you use Python primarily right? Well, maybe we could talk a little bit about that. Like why do you prefer Python?Steph: [00:23:26] Yeah, so just coming from my background, which is, like I said, I did some support, did some straight dev ops, kind of a more assisted mini before the world kind of became a more interesting place kind of background.Python is just one of those tools that is installed on like every Linux server in the world and works kind of predictably. Enough people know it that it's, it's not too hard to like. Share between people who may not be, you know, super advanced developers, right? Cause a lot of people I work with, maybe they have varying levels of skills and Python's one of those ones you can start to pick up pretty quickly.And it's not too foreign really to people coming from other languages as well. So it's just a practicality thing for a lot of it. But there's also a lot of the tooling that is around. Dev ops type stuff is in Python, like them, Ansible for configuration management, super useful tool. You know, it's all Python.So really there's, there's a lot of good reasons to use Python from, like in my world it's, it's one of the things where you don't have to use one specific language, but Python is just, it has what I need and it gets, I can work with it pretty quickly. The ecosystems develop. There's still a lot of people who use it and it's a good tool for what I have to do.Nate: [00:24:35] Yeah, there's tons, and I was looking at the metrics. I think Python is like, last year was like one of the fastest growing programming languages too. There's a lot of new people coming into Python,Steph: [00:24:44] and a lot of it is data science people too, right? People who may not necessarily have a strong programming background, but there's the tooling they need in a Python already there.There's community, and it sucks that it's not as scary looking as some other languages, frankly. You know.Nate: [00:24:58] And what are some of the other like cloud libraries that Python has? Like I've seen one that's called like BotoSteph: [00:25:03] Boto is the one that Amazon provides as their SDK, basically. And so every Lambda comes bundled with Boto three you know, by default.So yeah, there was an older version of ODA for Python too. But Boto three is the main one everyone uses now. So yeah, Bodo is great. I use it extensively. It's pretty easy to use, a lot of documentation, a lot of examples, a lot of people answering questions about it on StackOverflow, but I'm really, every language does have an SDK for AWS these days, and they all pretty much work the same way because they're all just based off of.The AWS API APIs and all the API APIs are well-defined and pretty stable, so it's not too much of a stretch to use any other language, but Bono's the big one, the requests library in Python is super useful just because it makes it easier to deal with, you know, interacting with API APIs or interacting with requests to APIs.It's just all about, you know, HTP requests and all that. Some of the new Python three. Libraries are really good as well, just because they kind of improve. It used to be like with Python 2, you know, there's URL lib for processing requests and it was just not as easy to use. So people would always bundle a third party tool, like requests, but it's getting better.Also, you know, Python, there's some. Different options for testing Py unit and unit test, and really there's just a bunch of libraries that are well maintained by the community. There's a kazillion on PyPy, but I try to keep outside dependencies from Python to a total minimum because again, I just don't like when things change from underneath me, how things function.So it's one of the things where I can do a lot without. Installing third party libraries, so wherever I can avoid it, I do.Nate: [00:26:47] So let's talk a little bit about these patterns that you have. So Lambda functions generally have a pretty well defined structure, and it's basically through that convention. It makes it somewhat straightforward to write each function. Can you talk a little bit about like, I don't know, the anatomy of a Lambda function?Steph: [00:27:05] Yeah,  so at its basic core, the most important thing that every Lambda function in the world is going to have is something called a handler. And so the handler is basically a function that is accessed to begin the way that it starts.So, any Lambda function when it's invoked. So anytime you are calling it, it's called invoking a Lambda function. It sends it parameters that are event. An event is basically just the data that defines, Hey, this is stuff you need to act on. And it sends it something called context, which a lot of time you never touched the context object.But it's useful too, because AWS provides it with every Lambda and it's basically like, Hey, this is the ID of the currently running Lambda function. You know, this is where you're running. This is the Lambdas name. So like for logging stuff, context can be really useful. Or for stuff where it's like your function code may need to know something about where it is.You can save yourself time from, you don't have to use like an environment. They're able, sometimes if you can look in the context object. So at the core it's cause you have at least a file, you can name it whatever you want. A lot of people call it index and then within that file you define a function called handler.Again, it doesn't have to be called handler, but. That makes it easy to know which one it is, and it takes that event and context. And so really, if that's all you have, you can literally just have your Lambda file be one Python file that says, you can say def handler takes, you know, object and then return something.And then that can be it. As long as you define that index dot handler as your handler resource, which is, that's a lot of words, but basically we need to find your Lambda within AWS.  The required parameters are basically the handler URI, which is the name of the file, and then a.in the name of the handler function.So that's at its most basic. Every Lambda has that, but then you start, you know, scoping it out so you can actually know, organize your code decently. And then it's just a matter of, is there a read me there. Just like any other Python application really, you know, do you have a read me? Do you want to use like a requirements.txt file to like define, you know, these are the exact third party libraries that I'm going to be using.That's really useful. And if you're defining it with SAM, which I really recommend. Then there's a file called template.yaml And that's just contains the actual, like AWS resource definition, as well as any like CloudFormation defined resources that you're using. So you can make a template.yaml as the infrastructure kind of as code, and then everything else, just the code as code.Nate: [00:29:36] Okay. So unpacking that a little bit, you'll invoke this function and they'll basically be two arguments. One is the event that's coming in the event in particular, and then it'll also have the context, which is sort of metadata about the context in which this request is running. So you mentioned some of the things that come in the context, which is like what region you're in or what the name of the function is that you're on.What are some of the parameters in the event object.Steph: [00:30:02] So the interesting thing about the event object. Is, it can be anything. It just has to be basically a Python dictionary or basically, you know, you could think of it like a JSON, right? So it's not predefined and Lambda itself doesn't care what the event is.That's all up to your code to decide what is it, what is a valid event, and how to act on it. So API gateway if you're using that. There's a lot of example events, API gateway will send and so if you like ever try it, look at like the test events for Lambda, you'll see a lot of like templates, which are just JSON files with like expected outputs.But really it can be anything.Nate: [00:30:41] So the way that Lambda's structured is that API gateway will typically pass in an event that's maybe like the request was a POST request, and then it has these like query parameters or headers attached to it. And all of that would be within like the request object. But the event could also be like you mentioned like CloudWatch, like there's like a CloudWatch event that could come in and say, you basically just have to configure your handler to handle any of the events you expect that handler to receive.Steph: [00:31:07] Yeah, exactly.Nate: [00:31:09] So let's talk a little bit more about the development tooling. How in the world do you test these sorts of things? Like with, do you have to deploy every single time or tell us about like the development tooling that you use to test along the way.Steph: [00:31:22] Yeah. So I'm, one of the great things about SAM and there's some other tools for this as well, is that it lets you test your Lambdas locally before you deploy it, if you want.And the way that it does that is, I mentioned earlier that Lambda is really at its core, a container, like a Docker container running on a server somewhere. Is, it just creates a Docker container that behaves exactly like a Lambda would, and it sends your events. So you would just define basically a JSON with the expected data from either API gateway or whatever, right?You make a test one and then it will send it to that. It'll build it on demand for you and you test it all locally with Docker. When you like it, you use the same tool and it'll package it up and deploy it for you. So yeah, it's actually not too bad to test locally at all.Nate: [00:32:05] So you create JSON files of the events that you want it to handle, and then you just like invoke it with those particular events.Steph: [00:32:12] Yeah, so basically like if I created it like a test event, I would save it to my repo is tests slash API gateway event.json Had put in the data I expect, and then I would do like a SAM. So the command is like SAM, a local invoke, and then I would give it to the file path to the JSON, and it would process it.I'd see the exact same output that I would expect to see from Lambda. So it'll say, Hey, this took this many milliseconds to invoke the response code was this, this is what was printed. So it's really useful just for. It's almost a one to one with what you would get from Amazon Lambda output.Amelia: [00:32:50] And then to update your Lambda functions.Do you have to go inside the AWS GUI or can you do that from the command line.Steph: [00:32:57] yeah, no, you can do that from the command line with Sam as well. So there's a Sam package and Sam deploy command. It's useful if you need to use basically any type of CII testing service to like manage your deployments or anything like that.Then you can get a package it and then send it the package to your, Whatever you're using, like Gitlab or something, right. For further validation and then have Gitlab deploy it. Like if you don't want people to have deployed credentials on their local machine, that's the reason it's kind of broken up into two steps there.But basically you just do a command, Sam deploy, and what it does is it goes out to Amazon. It says, Hey, update the Lambda to point to this as the new resource artifact to be invoked. And if you're using and which I think it's enabled by default, not actually the versioning feature, it actually just adds another version of the Lambda so that if you need to roll back, you can just go to the previous one, which is really useful sometimes.Nate: [00:33:54] So let's talk a little bit about deployment. One of the things that I think is stressing when you are deploying Lambda functions is like, I have no idea how much it's going to cost. How is it going to cost to launch something, and how much am I going to pay? And I guess maybe you can kind of calculate if you estimate the number of requests you think you're going to get, but how do you approach that when you're writing a new function?Steph: [00:34:18] Yeah, so the first thing I look at is what's the minimum, basically timeout, what's the minimum memory usage? So number of invocations is a big factor, right? So like if you have free tier, I think it's like a million invocations you get, but that's like assuming like a hundred under a hundred milliseconds each.So when you just deploy it, there's no cost for just deploying it. You don't get charged until it's invoked. If you're storing like an artifact and as three, there's a little cost for you keeping it in as three. But it's usually really, really minimal. So the big thing is really, how many times are you give it?Is it over a million times and or are you not on free tier? The costs, like I said, it gets batchedtogether and it's actually really pretty cheap just in terms of number of invocations cause at the bigger places where you can normally save costs. Is it over-provisioned for how much memory you give it?Right. I think the smallest unit you can give it as 128 that can go up to like two gigabytes maybe more now. So if you have it set where, Oh, I want it to use this much memory and it really never is going to use that much memory and that's kind of like wasteful or if you know, if it uses that much, that's like something's wrongNate: [00:35:25] cause you pay, you configure beforehand, like we're going to use max 128 megabytes of memory and then it's allocated on invocation or something like that.And then if you set it too high, you were going to pay more than you need to. Is that right?Steph: [00:35:40] Yeah. Well and it's more like, I think I'll have to double check cause it actually just show you how much memory you use each time in Lambda is invoked. So you can sort of measure if it's getting near that or if you think you need more than it might give an error.If it doesn't, it isn't able to complete . But in general, like. I haven't had many cases where the memory has been the limiting factor. I will say that, the timeout can sometimes get you, because if a Lambda's processing forever, like let's say API gateway, a lot of times API gateway has its own sort of timeout, which is, I think it's like 30 seconds to respond.And if your Lambda is set to, you know, you give it five minutes to process  it always five minutes processing. If you, let's say that you program something wrong and there's like a loop somewhere and it's going on forever, it'll waste five minutes. Computing API gateway will give up after 30 seconds, but you'll still be charged for the five minutes that Lambda was kind of doing its thing.SoNate: [00:36:29] it's like, I know that AWS is services and Lambda are created by like world-class engineers. It's the highest performing infrastructure probably in the world, but as a user, sometimes it feels like there's giant Rube Goldberg machine, and I have like no idea. All of the different aspects that are involved in, like how do you manage that complexity?Like when you're trying to learn AWS, like let's say someone who's listening to this, they want to try to understand this. How do you. Go about making sense of all of that. Like difficulty.Steph: [00:37:02] You really have to go through a lot of the docs, like videos, people showing you how they did something isn't always the best just because they kind of skirt around all the things that went wrong in the process, right? So it's really important just to understand, just to look at the documentation for what all these features are before you use them. The marketing people make it sound like it's super easy and go, and to a degree, it really is like, it's easier than the alternative, right?It's where you put your complexities the problem Nate: [00:37:29] yeah, and I think that part of the problem that I have with their docs is like they are trying to give you every possible path because they're an infrastructure provider, and so they support like these very complex use cases. And so it's, it's like the world's most detailed choose your own adventure.It's like, Oh, have you decide that you need to take this path? Go to   or this one path B. Path C there's like so many different like paths you can kind of go down. It's just a lot when you're first learning.Steph: [00:37:58] It is, and sometimes like the blog posts have better kind of actual tutorial kind of things for like real use cases.So if you have a use case that is general enough, a lot of times you can just Google for it and there'll be something that one of their solution architects wrote up about had actually do it from like a, you know, user-friendly perspective that anything with the options is that you need to be aware of them too, just because the way that they interact can be really important.If you do ever do something that's not done before and the reason why it's so powerful and what, you know why it takes all these super smart people to set up and all this stuff is actually because are just so many variables that go into it that you can do so much with that. It's so easy to shoot yourself in the foot.It always has been in a way, right? But it's just learning how to not shoot yourself in the foot and use it like with the right agility. And once you get that down, it's really great.Amelia: [00:38:46] So there's over a hundred AWS services. How do you personally find new services that you want to try out or how does anyone discover any of these different services.Steph: [00:38:57] What I do is, you know, I get the emails from AWS whenever they release new ones, and I try to, you know, keep up to date with that. Sometimes I'll read blog posts that I see people writing about how they're using some of them, but honestly, a lot of it's just based off of when I'm doing something, I just keep an eye out.If there's something like, I wished that it did sometimes, like, I used some AWS systems manager a lot, which is basically. You can think of it. It's sort of like a config management an orchestration tool. It lets you, basically, it's a little agent. You can sell on  servers and you can, you know, just automate patching and all this other like little stuff that you would do with like Chef or Puppet or other config management tools.And. It seems like they keep announcing services. What are really just like tie ins to existing ones, right? Which is like, Oh, this one adds, you know, for instance, like the secret management and the parameter store would secrets. A lot of them are really just integrations to other AWS services, so it's not as much.The really core ones that everyone needs to know is, you know, EC2 of course Lambda, so big API gateway and CloudFormation because it's basically. The infrastructure as code format that is super useful just for structuring everything. And I guess S3 is the other one. Yeah. Let's talk aboutNate: [00:40:15] cloud formation for a second.So earlier you said your Lambda function is typically going to have a template.yaml. Is that template.yaml CloudFormation code.Steph: [00:40:26] So at its core, yes. But the way you write it is different. So how it works is that the Sam templating language is defined to simplify. What you would with CloudFormation.So a CloudFormation you have to put a gazillion variables in.And it's like, there's some ways to like make that easier. Like I really like using a Python library called Tropo sphere, where you can actually use Python to generate your own cloud formation templates for you. And it's really nice just cause, you know, I like to know I'll need a loop for something or I'll need to like fetch a value from somewhere else.And it's great to have that kind of flexibility with it . The, the Sam template is specifically a transform, is what they call it, of cloud formation, which means that it executes against the CloudFormation service. So the CloudFormation service receives that kind of turns it into the core that it understands and executes on it.So at the core of it, it is executing on top of CloudFormation. You could create a mostly equivalent kind of CloudFormation template usually, but there's more to it. But there's a lot of just reasons why you would want to use Sam for serverless specifically, just because they add so many niceties and stuff around, you know, permissions management that you don't have to like think of as much and shortcuts and it's just a lot easier to deal with, which is a nice change.But the power of CloudFormation is that if you wanted to do something. That like maybe SAM didn't support the is outside the normal scope. You could just stick a CloudFormation resource definition in it and it would work the same way cause it's running against it. It's one of those services where people, sometimes it gets a bad rap because it's so complicated, but it's also super stable.It behaves in a super predictable way and it's just, I think learning how to use that when I worked at AWS was really valuable.Nate: [00:42:08] What tools do you use to manage the security when you're configuring these things? So earlier you mentioned IAM, which is a, I don't know what it stands for.Steph: [00:42:19] Identity and access management,Nate: [00:42:20] right?Which is like configuration language or configuration that we can configure, which accounts have access to certain resources. let me give you an example. One question I have is how do you make sure each system has the minimum level of permissions and what tools you use? So for example, I wrote this Lambda function a couple of weeks ago.Yeah. I was just following some tutorial and they said like, yeah, make sure that you create this IAM role as like one of the resources for launching this Lambda function, which I think they're like, that's great. But then like. How do I pin down the permissions when I'm granting that function itself permissions to grant new IAM roles. So it was like I basically just had to give it route permission according to my low, my skill level, because otherwise I wasn't able to. Create, I am roles without the authority to create new roles, which just seems like root permissions.Steph: [00:43:13] Yes. So there are some ways that's super risky, honestly, like super risky.Nate: [00:43:17] Yeah. I'm going to need your help,Steph: [00:43:19] but it is a thing that there are case you can, you can limit it down with the right kind of definition. SoIAM. It's really powerful. Right? So the original case behind a MRI was that, so you're a servers so that if you had a, an application server and a database server separately.You could give them separate IAM roles so that they could have different things they could do. Like you never really want your database server to maybe. Interface directly with, you know, an S three resource, but maybe you want your application server to do that or something. So it was nice because it really let you limit down the scope from a servers and you don't, cause you have to leave keys around if you do it .So you don't have to keep keys anywhere on the server if you're using IAM roles to access that stuff. So anytime you're storing like an AWS secret key on a server, or like in a Lambda, you kinda did something wrong. The thing they are just because that's, AWS doesn't really care about those keys. It just looks, is it a key?Do it here. But when you actually use IAM policies, you could say it has to be from this role. It has to be executed from, you know, this service. So it can make sure that it's Lambda or the one doing this, or is it somebody trying to assume Lambda credentials? Right? There's so much you can do to kind of limit it.With I am. So it was really good to like learn about that. And like all of the AWS certifications do focus on IAM specifically. So if anyone thinking about taking like an AWS certification course, a lot of them will introduce you to that and help a lot with understanding like how to use those correctly.But for what you talked about with you, like how do you deal with a function that passes, that creates a role for another function, right? What you would do in that kind of case is there's an idea of IAM paths. So basically you can give them like as namespacing for IAM permissions, right? So you can make a, I am role that can grant functions that can create roles .Only underneath its own namespace. Within its own path.Nate: [00:45:20] When you say namespaces, I mean did inherit permissions. But the parent permission has?Steph: [00:45:28] Depends. So it doesn't inherit itself. But like, let's say that I was making a build server . And my build server, we had to use a couple of different roles for different pieces of it. For different steps. Cause they used different services or something. So we would give it like the top level one of build. And then in my S3 bucket, I might say aloud upload for anyone whose path had built in it. So that's, that's the idea that you can limit on the other side, what is allowed.And so of course, it's one of the things where you want to by default blacklist as much as possible, and then white list what you can. But in reality it can be very hard to go through some of that stuff. So you just have to try to, wherever you can, just minimize the risk potential and understand what's the worst case that could happen if someone came in and was able to use these credentials for something.Amelia: [00:46:16] What are some of the other common things that people do wrong when they're new to AWS or DevOps?Steph: [00:46:22] One thing I see a lot is people treating the environment variables for Lambdas as if they were. Private, like secrets. So they think that if you put like an API key in through the environment variable that that's kind of like secure, but really like I worked in AWS support, anyone would be able to see that if they were helping you out in your account.So it's not really a secure way to do that. You would need to use a surface like secrets manager, or you'd have some kind of way to, you would encrypt it before you put it in and then the Lambda would decrypt it, right? So there's ways to get around that, but like using environment variables as if there were secure or storing.Secure things within your git repositories that get pushed to AWS is like a really big thing that should be avoided. And we said, what else did you ever own?Nate: [00:47:08] I'm pretty sure that I put an API key in mineSteph: [00:47:11] before. So yeah, no, it's one of the things people do, and it's one of those things that. A lot of people, you know, maybe nothing will go wrong and it's fine, but if you can just reduce the scope, then you don't have to worry about it.And it just makes things easier in the future.Amelia: [00:47:27] What are like the new hot things that are up and coming?Steph: [00:47:30] So I'd say that there's more and more kind of uses for Lambda at edge for like IOT integration, which is pretty cool. So basically Lambda editor. Is basically where you can process your lamb dos computers, basically, like, you know, like, just think of it as like raspberry pi.It's like that kind of type thing, right? So you could take asmall computer and you could put it like, you know, maybe where it doesn't have a completely like, consistent internet connection . So maybe if you're doing like a smart vending machine or something. Think of it like that. Then you could actually execute the Lambda logic directly there and deploy it to there and manage it from AWS whenever it does have like a network connection and then you can basically, it just reduces latency.A lot and let your coat and lets you test your code both like locally and then deploy it out. So it was really cool for like IOT stuff. There's been a lot of like tons of stuff happening in machine learning space on AWS too much for me to even keep on top of. But a lot of the stuff around Alexa voices is super cool, like a poly where you can just, if you play with your Alexa type thing before, it's cool, but you could just write a little Lambda program to actually generate, you know, whatever you want it to say in different accents, different voices on demand, and integrate it with your own thing, which is pretty cool. Like, I mean, I haven't had a super great use case for that yet, but it's fun to play with.Amelia: [00:48:48] I feel like a lot of the internet of things are like that.Steph: [00:48:52] Oh, they totally are. That they really are. But yeah, it's just one of the things you had to keep an eye out for. Sometimes the things that, for me, because I'm dealing so much with like enterprisey kind of stuff that excite me are not really exciting to other people cause it's like, yay, patching has a way to like lock it down to a specific version of this at this time.You know, it's like, it's like, it's not really exciting, but like, yeah.Nate: [00:49:14] And I think that's one of the things that's interesting talking to you is like I write web apps, I think of serverless from like a web app perspective, but it's like, Oh, I'm going to write an API that will let her know, fix my images on the way up or something.But a lot of the uses that you alluded to are like using serverless for managing, other parts of your infrastructure, they're like, you're using, you've got a monitor on some EC2 instance that sends out a cloud watch alert that like then responds in some other way, like within your infrastructure.So that's really interesting.Steph: [00:49:47] Yeah, no, that's, it's just been really valuable for us. And like I said, I mentioned the IAM stuff. That's what makes it all possible really.Amelia: [00:49:52] So this is totally unrelated, but I'm always curious how people got into DevOps, because I do a lot of front end development and I feel like.It's pretty easy to get into front end web development because a lot of people need websites. It's fairly easy to create a small website, so that's a really good gateway, but I've never like on the weekend when it to spin up a server or any of this,Steph: [00:50:19] honestly for me, a lot of it was like my first job in college.Like I was basically part-time tech support / sys admin. And I always loved L nuxi because, and the reason I got into Lennox in the first place is I realized that when I was in high school that I could get around a lot of the schools, like, you know, spy software that won't let you do fun stuff on the internet or with the software if you just use a live boot Linux USB.So part of it was just, I was using it. So, you know. Get around stuff, just curiosity about that kind of stuff . But when I got my first job, that's kind of like assist admin type thing. It kind of became a necessity. Because you know when you have limited resources, it was like me and like another part time person and one full time person and hundreds of people who we had to keep their email and everything.Working for them. It kind of becomes a necessity thing cause you realize that all the stuff that you have to do by hand back then, you can't keep track of it all. You can't keep it all secured for a few people. It's extremely hard. And so one way people dealt with that was, you know, offshoring or hiring people, other people to maintain it.But it was kind of cool at the time to realize that the same stuff I was learning in my CS program about programming. There's no reason I couldn't use that for my job, which was support and admin stuff. So, I think I got introduced to like chef, that was the first tool that I really, I was like, wow, this changes everything.You know, because you would write little Ruby files to do configuration management and then your servers would, you know, you run the chef agent to end, you know. You know, they'd all be configured exactly the same way. And it was testable. And there's all this really cool stuff you could do with chef that I, you know, I had been trying to play to do with like, you know, bash script or just normal Python scripts.But then chef kind of gave me that framework for it. And I got a job at AWS where one of the main components was supporting their AWS ops work stool, which was basically managed chef deployments. And so that was cool because then I learned about how does that work at super high scale. What are other things that people use?And right before I actually, you know, got my first job as a full time dev ops person was when they, they were releasing the beta for Lambda. So I was in the little private beta for AWS employees and we were all kind of just like, wow, this changes a lot. They'll make our jobs a lot easier, you know, in a way it will reduce the need for some of it.But we were so overloaded all the time. And I feel like a lot of people from a  perspective know what it feels like to be like. There's so much going on and you can't keep track of it all and you're overloaded all the time and you just want it to be clean and not have to touch it and to do less work at dev ops was kind of like the way forward.So that's really how I got into it.Amelia: [00:52:54] That's awesome. Another thing I keep hearing is that a lot of dev ops tests are slowly being automated. So how does the future of DevOps look if a lot of the things that we're doing by hand now will be automated in the future?Steph: [00:53:09] Well, see, the thing about dev ops is really, it's more of like a goal.It's an ideal. A lot of people, if they're dev ops purists and they'll tell you that it means it's having a culture where. There are not silos between developers and operations, and everyone knows how to deploy and everyone knows how to do everything. But really in reality, not everyone's a generalist.And being a generalist in some ways is kind of its own specialty, which is kind of how I feel about the DevOps role that you see. So I think we'll see that the dev ops role, people might go by different names for the same idea, which is. Basically reliability engineering, like Google has a whole book about site reliability engineering is the same kind of philosophy, right? It's you want to keep things running. You want to know where things are. You want to make things efficient from an infrastructure level. But the way that you do it is you use a lot of the same tools that developers use. So I think that we'll see tiles shift to like serverless architect is a big one that's coming up because that reliability engineering is big.And we may not see people say dev ops is their role as much, but I don't think the need for people who kind of specialize in like infrastructure and deployment and that kind of thing is going to go away. You might have to do more with less, right? Or there might be certain companies that just hire. A bunch of them, like Google and Amazon, right?They're pro still going to be a lot of people, but maybe they're not going to be working at your local place because if they're going to be working for the big people who actually develop the tools that are used for that resource. So I still think it's a great field and it might be getting a little harder to figure out where to enter in this because there's so much competition and attention around the tools and resources that people use, but it's still a really great field overall. And if you just learn, you know, serverless or Kubernetes or something that's big right now, you can start to branch out and it's still a really good place to kind of make a career.Nate: [00:54:59] Yeah. Kubernetes. Oh man, that's a whole nother podcast. We'll have to come back for that.Steph: [00:55:02] Oh, it is. It is.Nate: [00:55:04] So, Steph, tell us more about where we can learn more about you.Steph: [00:55:07] Yeah. So I have a book coming out.Nate: [00:55:10] Yes. Let's talk about the book.Steph: [00:55:12] Yeah. So I'm releasing a book called, Fullstack Serverless. See, I'm terrible.I should know exactly what the title, I don'tNate: [00:55:18] know exactly the title. . Yeah. Full stack. Python with serverless or full-stack serverless with Python,Steph: [00:55:27] full stack Python on Lambda.Nate: [00:55:29] Oh yeah. Lambda. Not serverless.Steph: [00:55:31] Yeah, that's correct. Python on Lambda. Right. And that book really has, it could take you from start to finish, to really understand.I think if you read this kind of book, if I, if I had read this before, like learning it, it wouldn't feel so maybe. Some people confusing or kind of like it's a black box that you don't know what's happening. Cause really at its core lambda that you can understand exactly everything that happens. It has a reason, you know it's running on infrastructure that's not too different from people who run infrastructure on Docker or something.Right. And the code that you write. Can be the same code that you might run on a server or on some other cloud provider. So the real things that I think that the book has that maybe kind of hard to find elsewhere is there's a lot of information about how do you do proper testing and deployment?How do you. Manage your secrets, so you aren't storing those in them in those environment variables. Correct. It has stuff about logging and monitoring, all the different ways that you can trigger Lambda. So API gateway, you know, that's a big one. But then I mentioned S3 and all those other ones. there's going to be examples of pretty much every way you can do that in that book.Stuff about optimizing cost and performance and stuff about using that. SAM, serverless application, a repository, so you can actually publish Lambdas and share them and even sell them if you want to. So it's really a start to finish everything you need to. If you want to have something that you create from scratch.In production. I don't think there's anything left out that you would need to know. I feel pretty confident about that.Nate: [00:57:04] It's great. I think one of the things I love about it is it's almost like the anti version of the docs, like when we talked about earlier that the docs cover every possible use case.This talks about like very specific, but like production use cases in a very approachable, like linear way. You know, even though you can find some tutorials online, maybe. Like you mentioned, they're not always accurate in terms of how you actually do or should do it, and so, yeah, I think your book so far has been really great in covering these production concerns in a linear way.All right. Well, Steph is great to have you.Steph: [00:57:37] Thank you for having me. It was, it was great talking to you both.

Episode 66**DISCOUNTS**40% Discount to Manning Publications use Code Podbyte20Charles Gehman has been building applications on AWS since 2012. He has been an architect, CTO, technical blogger, and developer for many years. He holds the certifications AWS Certified Developer and AWS Certified Solution Architect.Manning book - https://www.manning.com/books/aws-cloudformation-in-action^Website - https://www.chuckgehman.com/Twitter - https://twitter.com/charlesgehman Based in Minneapolis   Originally from New York  Works at Perforce - https://www.perforce.com/   Perforce is one of the original Version control systems  Became a platform for DevOps tools  Old motto “Version everything"  Perforce is the main version control system used in the Video Game industry and 8 out of 10 Semiconductor manufacturing industries use Perforce.  The one tech guy in marketing  Cloud consultant  MEAP program - manning.com/meap-program

The most reliable way to automate creating, updating, and deleting your cloud resources is to describe the target state of your infrastructure and use a tool to apply it to the current state of your infrastructure. AWS CloudFormation and Terraform are the most valuable tools to implement Infrastructure as Code on AWS. But what are the differences between both tools?