This document provides an overview of Amazon CloudFront and Lambda@Edge. It discusses how CloudFront is a global content delivery network that can accelerate content delivery, including both static and dynamic content. It also introduces Lambda@Edge, which allows running code at the edge using AWS Lambda. Lambda@Edge functions can be triggered by CloudFront events to customize content delivery, such as modifying requests and responses. The document provides details on CloudFront pricing and architecture, including how it uses edge locations globally to improve performance.
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
You may already know that you can use Amazon CloudWatch to view graphs of your AWS resources like Amazon Elastic Compute Cloud instances or Amazon Simple Storage Service. But, did you know that you can monitor your on-premises servers with Amazon CloudWatch Logs? Or, that you can integrate CloudWatch Logs with Elasticsearch for powerful visualization and analysis? This session will offer a tour of the latest monitoring and automation capabilities that we’ve added, how you can get even more done with Amazon CloudWatch.
재해복구에 대한 대비는 온프레미스를 이용할때나, 클라우드를 이용할때나 항상 중요합니다. 이 세션에서는 AWS Backup을 활용하여 최소한의 비용으로 클라우드 환경에서 운영 중인 시스템에 대한 멀티 리전 재해복구를 자동화하는 방안을 살펴봅니다. 더불어 온프레미스에서 운영중인 시스템에 대한 재해복구를 비용 효율적으로 자동화하기 위해 어떻게 AWS Elastic Disaster Recovery를 활용할 수 있는지도 알아봅니다. AWS 서비스를 활용해 대부분의 시간 동안 유휴 상태인 복구 사이트에 대한 비용을 최소화하면서도 재해복구를 자동화할 수 있습니다.
스타트업 얼라이언스 화요일 테헤란로 런치클럽에서는 AWS(Amazon Web Services)에 대해 알아보는 시간을 갖고자합니다. AWS가 제공하는 다양한 프로그램들에는 무엇이 있는지, 국내 스타트업은 과연 어떻게 AWS를 활용하고 있는지에 대해 AWS의 테크에반젤리스트 윤석찬님이 자세히 그리고 꼼꼼히 설명해주신다고 합니다. 또한 국내 스타트업들이 AWS를 가장 잘, 멋지게 활용하기 위해서는 어떻게 해야 하는지 실제로 AWS를 활용하고 있는 스타트업인 HB Smith가 경험을 공유해주신다고 하는데요.
AWS의 윤석찬님, HB Smith 한종원 대표님, 윤제상 CTO와 함께 스타트업 성공을 위한 AWS 첫걸음은 어떻게 내딛어야 할지 만나보세요.
Docker containers have become a key component of modern application design. Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources.
CloudStack allows various life cycle operations for a Virtual Machine (VM). It maintains queues internally, to sync and perform all these operations. This talk briefs about how job queues are maintained in CloudStack, to execute the VM operations, followed by a demo.
Suresh Anaparti is a software architect at ShapeBlue, the largest independent integrator of CloudStack technologies globally. He has over 15 years of end-to-end product development experience in Cloud Infrastructure, Telecom and Geospatial technologies. He is an active Apache CloudStack committer/contributor and is currently working with ShapeBlue. He has been working on CloudStack development for more than 5 years.
-----------------------------------------
The CloudStack European User Group 2022 took place on 7th April. The day saw a virtual get together for the European CloudStack Community, hosting 265 attendees from 25 countries. The event hosted 10 sessions with from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
You may already know that you can use Amazon CloudWatch to view graphs of your AWS resources like Amazon Elastic Compute Cloud instances or Amazon Simple Storage Service. But, did you know that you can monitor your on-premises servers with Amazon CloudWatch Logs? Or, that you can integrate CloudWatch Logs with Elasticsearch for powerful visualization and analysis? This session will offer a tour of the latest monitoring and automation capabilities that we’ve added, how you can get even more done with Amazon CloudWatch.
재해복구에 대한 대비는 온프레미스를 이용할때나, 클라우드를 이용할때나 항상 중요합니다. 이 세션에서는 AWS Backup을 활용하여 최소한의 비용으로 클라우드 환경에서 운영 중인 시스템에 대한 멀티 리전 재해복구를 자동화하는 방안을 살펴봅니다. 더불어 온프레미스에서 운영중인 시스템에 대한 재해복구를 비용 효율적으로 자동화하기 위해 어떻게 AWS Elastic Disaster Recovery를 활용할 수 있는지도 알아봅니다. AWS 서비스를 활용해 대부분의 시간 동안 유휴 상태인 복구 사이트에 대한 비용을 최소화하면서도 재해복구를 자동화할 수 있습니다.
스타트업 얼라이언스 화요일 테헤란로 런치클럽에서는 AWS(Amazon Web Services)에 대해 알아보는 시간을 갖고자합니다. AWS가 제공하는 다양한 프로그램들에는 무엇이 있는지, 국내 스타트업은 과연 어떻게 AWS를 활용하고 있는지에 대해 AWS의 테크에반젤리스트 윤석찬님이 자세히 그리고 꼼꼼히 설명해주신다고 합니다. 또한 국내 스타트업들이 AWS를 가장 잘, 멋지게 활용하기 위해서는 어떻게 해야 하는지 실제로 AWS를 활용하고 있는 스타트업인 HB Smith가 경험을 공유해주신다고 하는데요.
AWS의 윤석찬님, HB Smith 한종원 대표님, 윤제상 CTO와 함께 스타트업 성공을 위한 AWS 첫걸음은 어떻게 내딛어야 할지 만나보세요.
Docker containers have become a key component of modern application design. Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources.
CloudStack allows various life cycle operations for a Virtual Machine (VM). It maintains queues internally, to sync and perform all these operations. This talk briefs about how job queues are maintained in CloudStack, to execute the VM operations, followed by a demo.
Suresh Anaparti is a software architect at ShapeBlue, the largest independent integrator of CloudStack technologies globally. He has over 15 years of end-to-end product development experience in Cloud Infrastructure, Telecom and Geospatial technologies. He is an active Apache CloudStack committer/contributor and is currently working with ShapeBlue. He has been working on CloudStack development for more than 5 years.
-----------------------------------------
The CloudStack European User Group 2022 took place on 7th April. The day saw a virtual get together for the European CloudStack Community, hosting 265 attendees from 25 countries. The event hosted 10 sessions with from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
Slides used in following Udemy training: https://www.udemy.com/course/terraform-on-azure/?referralCode=B11C0C9542992626FC4E
Terraform allows you to write your cloud setup in code. If you have used Azure before, you'll know that setting up your infrastructure using the Azure Portal (the Web UI) is far from ideal. Terraform allows you use Infrastructure as Code, rather than executing the steps manually by going through the correct steps in the Azure Portal.
This course will teach you how to write HCL, the HashiCorp Configuration Language, to bring up your infrastructure on Azure. Terraform is cloud agnostic, so the terraform skills learned in this course are easily transferrable to other cloud providers. After teaching you the terraform basics, the course will continue setting up simple architectural patterns, like VMs, to get you used to how terraform works. Once you have a good feeling of how you can use terraform, we dive a bit deeper into the possible Azure Services you can spin up, like Autoscaling, LoadBalancing, MSSQL & MySQL, CosmosDB, Storage Accounts, Azure AD, and others. Also covered is advanced terraform usage, like using remote state, for/foreach loops, and conditionals/functions.
Our mission is to ensure you can start using terraform with Azure in your organisation to automate the provisioning of cloud infrastructure. After taking this course, you'll have a solid basis of Terraform and Azure!
Slides used in following Udemy training: https://www.udemy.com/course/terraform-on-azure/?referralCode=B11C0C9542992626FC4E
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Amazon Web Services
The AWS Global Network provides a secure, highly available, and high- performance infrastructure for customers. In this session, we walk through the architecture of various parts of the AWS network such as Availability Zones, AWS Regions, our Global Network connecting AWS Regions to each other and our Edge Network which provides Internet connectivity. We explain how AWS services such as AWS Direct Connect and Amazon CloudFront integrate with our Global Network to provide the best experience for our customers. We also dive into how the AWS Global Network connects to the rest of the Internet through peering at a global scale. If you are curious about how AWS network infrastructure can support large-scale cat photo distribution or how Internet routing works, this session answers those questions. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon Web Services Korea
컨테이너를 활용하고자 하는 고객은 많이 있지만, 일정 규모 이상의 서비스를 하려면 오케스트레이션 플랫폼이 필수적 입니다. 직접 물리/가상 서버를 이용하여 컨테이너 플랫폼을 설치하는 방법도 있지만 이 경우 설치, 모니터링, 용량관리, 트래픽 처리 등 다양한 문제들을 마주하게 됩니다. AWS의 완전 관리형 쿠버네티스 서비스인 EKS를 통해 클러스터에 운영 시 고려해야하는 다양한 문제를 보다 쉽게 해결할 수 있습니다. 또한 다양한 에코 시스템과 연동하여 탄력적이고 비용 효율적인 모델을 서비스할 수 있도록 소개해 드립니다.
(AWS Training: https://www.edureka.co/cloudcomputing)
This Edureka "AWS Elastic Beanstalk Tutorial” PPT will help you understand how to deploy an application on Elastic Beanstalk a web hosting PAAS service offered by Amazon.
Following is the list of topics covered in this session:
1. What is Elastic Beanstalk?
2. Features of Elastic Beanstalk.
3. Components of Elastic Beanstalk.
4. The architecture of Elastic Beanstalk.
5. Hands-on Demo
Check out our complete AWS Playlist here: https://goo.gl/8qrfKU
SAN Health is a free Brocade utility that provides a comprehensive point-in-time report on your SAN. SAN Health provides a data capture application that is executed against the SAN, and a back-end report processing engine, that provides an extensive detail on the SAN configuration. Topics covered, learn how to generate the SAN Heath reports to ensure the SAN infrastructure is optimized to support IBM FlashSystems, all IBM Storage products, and the new FICON SAN Health Utility
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
SRV401 Deep Dive on Amazon Elastic File System (Amazon EFS)Amazon Web Services
In this session we will review Amazon EFS and how it delivers fully managed, petabyte-scale file storage for Amazon EC2 instances. Large scale and consistent performance make Amazon EFS ideal for web and content serving, enterprise applications, media processing, container storage, and Big Data analytics use cases. Session attendees will learn how to identify appropriate applications for use with Amazon EFS, understand performance details and security models, and hear how established customers are using it in production. The target audience is file system administrators, application developers, and application owners that operate or build file-based applications that require consistent latencies at cloud scale.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Loft | London - Amazon Virtual Private Cloud by Andrew Kane, Solution Architect
April 18, 2016
(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...Amazon Web Services
Do you need to know who made an API call? What resources were acted upon in an API call? Do you need to find the source IP address of an API call? AWS CloudTrail helps you answer these questions. In this session we review the basics of CloudTrail and then dive into CloudTrail features. We demo solutions that you can use to analyze API activity recorded and delivered by CloudTrail. Join us if you are interested in security or compliance and how you can architect, build, and maintain compliant applications on AWS.
Prometheus Design and Philosophy by Julius Volz at Docker Distributed System Summit
Prometheus - https://github.com/Prometheus
Liveblogging: http://canopy.mirage.io/Liveblog/MonitoringDDS2016
OpenSearch는 배포형 오픈 소스 검색과 분석 제품군으로 실시간 애플리케이션 모니터링, 로그 분석 및 웹 사이트 검색과 같이 다양한 사용 사례에 사용됩니다. OpenSearch는 데이터 탐색을 쉽게 도와주는 통합 시각화 도구 OpenSearch와 함께 뛰어난 확장성을 지닌 시스템을 제공하여 대량 데이터 볼륨에 빠르게 액세스 및 응답합니다. 이 세션에서는 실제 동작 구조에 대한 설명을 바탕으로 최적화를 하기 위한 방법과 운영상에 발생할 수 있는 이슈에 대해서 알아봅니다.
SRV206 Getting Started with Amazon CloudFront Content Delivery NetworkAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. We will also share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting a A+ on SSL labs.
AWS re:Invent 2016: Introduction to Amazon CloudFront (CTD205)Amazon Web Services
End users expect to be able to view static, dynamic, and streaming content anytime, anywhere, and on any device. Amazon CloudFront is a web service that accelerates delivery of your websites, APIs, video content, or other web assets to end users around the globe with low latency, high data transfer speeds, and no commitments. In this session, learn what a content delivery network (CDN) such as Amazon CloudFront is and how it works, the benefits it provides, common challenges and needs, performance, recently released features like HTTP/2 and IPV6 support, pricing, and examples of how customers are using CloudFront.
Slides used in following Udemy training: https://www.udemy.com/course/terraform-on-azure/?referralCode=B11C0C9542992626FC4E
Terraform allows you to write your cloud setup in code. If you have used Azure before, you'll know that setting up your infrastructure using the Azure Portal (the Web UI) is far from ideal. Terraform allows you use Infrastructure as Code, rather than executing the steps manually by going through the correct steps in the Azure Portal.
This course will teach you how to write HCL, the HashiCorp Configuration Language, to bring up your infrastructure on Azure. Terraform is cloud agnostic, so the terraform skills learned in this course are easily transferrable to other cloud providers. After teaching you the terraform basics, the course will continue setting up simple architectural patterns, like VMs, to get you used to how terraform works. Once you have a good feeling of how you can use terraform, we dive a bit deeper into the possible Azure Services you can spin up, like Autoscaling, LoadBalancing, MSSQL & MySQL, CosmosDB, Storage Accounts, Azure AD, and others. Also covered is advanced terraform usage, like using remote state, for/foreach loops, and conditionals/functions.
Our mission is to ensure you can start using terraform with Azure in your organisation to automate the provisioning of cloud infrastructure. After taking this course, you'll have a solid basis of Terraform and Azure!
Slides used in following Udemy training: https://www.udemy.com/course/terraform-on-azure/?referralCode=B11C0C9542992626FC4E
Behind the Scenes: Exploring the AWS Global Network (NET305) - AWS re:Invent ...Amazon Web Services
The AWS Global Network provides a secure, highly available, and high- performance infrastructure for customers. In this session, we walk through the architecture of various parts of the AWS network such as Availability Zones, AWS Regions, our Global Network connecting AWS Regions to each other and our Edge Network which provides Internet connectivity. We explain how AWS services such as AWS Direct Connect and Amazon CloudFront integrate with our Global Network to provide the best experience for our customers. We also dive into how the AWS Global Network connects to the rest of the Internet through peering at a global scale. If you are curious about how AWS network infrastructure can support large-scale cat photo distribution or how Internet routing works, this session answers those questions. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon Web Services Korea
컨테이너를 활용하고자 하는 고객은 많이 있지만, 일정 규모 이상의 서비스를 하려면 오케스트레이션 플랫폼이 필수적 입니다. 직접 물리/가상 서버를 이용하여 컨테이너 플랫폼을 설치하는 방법도 있지만 이 경우 설치, 모니터링, 용량관리, 트래픽 처리 등 다양한 문제들을 마주하게 됩니다. AWS의 완전 관리형 쿠버네티스 서비스인 EKS를 통해 클러스터에 운영 시 고려해야하는 다양한 문제를 보다 쉽게 해결할 수 있습니다. 또한 다양한 에코 시스템과 연동하여 탄력적이고 비용 효율적인 모델을 서비스할 수 있도록 소개해 드립니다.
(AWS Training: https://www.edureka.co/cloudcomputing)
This Edureka "AWS Elastic Beanstalk Tutorial” PPT will help you understand how to deploy an application on Elastic Beanstalk a web hosting PAAS service offered by Amazon.
Following is the list of topics covered in this session:
1. What is Elastic Beanstalk?
2. Features of Elastic Beanstalk.
3. Components of Elastic Beanstalk.
4. The architecture of Elastic Beanstalk.
5. Hands-on Demo
Check out our complete AWS Playlist here: https://goo.gl/8qrfKU
SAN Health is a free Brocade utility that provides a comprehensive point-in-time report on your SAN. SAN Health provides a data capture application that is executed against the SAN, and a back-end report processing engine, that provides an extensive detail on the SAN configuration. Topics covered, learn how to generate the SAN Heath reports to ensure the SAN infrastructure is optimized to support IBM FlashSystems, all IBM Storage products, and the new FICON SAN Health Utility
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
SRV401 Deep Dive on Amazon Elastic File System (Amazon EFS)Amazon Web Services
In this session we will review Amazon EFS and how it delivers fully managed, petabyte-scale file storage for Amazon EC2 instances. Large scale and consistent performance make Amazon EFS ideal for web and content serving, enterprise applications, media processing, container storage, and Big Data analytics use cases. Session attendees will learn how to identify appropriate applications for use with Amazon EFS, understand performance details and security models, and hear how established customers are using it in production. The target audience is file system administrators, application developers, and application owners that operate or build file-based applications that require consistent latencies at cloud scale.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Loft | London - Amazon Virtual Private Cloud by Andrew Kane, Solution Architect
April 18, 2016
(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...Amazon Web Services
Do you need to know who made an API call? What resources were acted upon in an API call? Do you need to find the source IP address of an API call? AWS CloudTrail helps you answer these questions. In this session we review the basics of CloudTrail and then dive into CloudTrail features. We demo solutions that you can use to analyze API activity recorded and delivered by CloudTrail. Join us if you are interested in security or compliance and how you can architect, build, and maintain compliant applications on AWS.
Prometheus Design and Philosophy by Julius Volz at Docker Distributed System Summit
Prometheus - https://github.com/Prometheus
Liveblogging: http://canopy.mirage.io/Liveblog/MonitoringDDS2016
OpenSearch는 배포형 오픈 소스 검색과 분석 제품군으로 실시간 애플리케이션 모니터링, 로그 분석 및 웹 사이트 검색과 같이 다양한 사용 사례에 사용됩니다. OpenSearch는 데이터 탐색을 쉽게 도와주는 통합 시각화 도구 OpenSearch와 함께 뛰어난 확장성을 지닌 시스템을 제공하여 대량 데이터 볼륨에 빠르게 액세스 및 응답합니다. 이 세션에서는 실제 동작 구조에 대한 설명을 바탕으로 최적화를 하기 위한 방법과 운영상에 발생할 수 있는 이슈에 대해서 알아봅니다.
SRV206 Getting Started with Amazon CloudFront Content Delivery NetworkAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. We will also share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting a A+ on SSL labs.
AWS re:Invent 2016: Introduction to Amazon CloudFront (CTD205)Amazon Web Services
End users expect to be able to view static, dynamic, and streaming content anytime, anywhere, and on any device. Amazon CloudFront is a web service that accelerates delivery of your websites, APIs, video content, or other web assets to end users around the globe with low latency, high data transfer speeds, and no commitments. In this session, learn what a content delivery network (CDN) such as Amazon CloudFront is and how it works, the benefits it provides, common challenges and needs, performance, recently released features like HTTP/2 and IPV6 support, pricing, and examples of how customers are using CloudFront.
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Amazon Web Services
Traditionally, content delivery networks (CDNs) were known to accelerate static content. Amazon CloudFront has come a long way and now supports delivery of entire websites that include dynamic and static content. In this session, we introduce you to CloudFront’s dynamic delivery features that help improve the performance, scalability, and availability of your website while helping you lower your costs. We talk about architectural patterns such as SSL termination, close proximity connection termination, origin offload with keep-alive connections, and last-mile latency improvement. Also learn how to take advantage of Amazon Route 53's health check, automatic failover, and latency-based routing to build highly available web apps on AWS.
Amazon CloudFront Flash Talks: Best Practices on Configuring, Securing, Custo...Amazon Web Services
In this series of technical flash talks, learn directly from Amazon CloudFront engineers about best practices on security, caching, measuring performance using Real User Monitoring (RUM), and customizing content delivery with Lambda@Edge.
In this series of technical flash talks, learn directly from Amazon CloudFront engineers about best practices on security, caching, measuring performance using Real User Monitoring (RUM), and customizing content delivery with Lambda@Edge.
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...Amazon Web Services
Traditionally, content delivery networks (CDNs) were known to accelerate static content. Amazon CloudFront has come a long way and now supports delivery of entire websites that include dynamic and static content. In this session, we introduce you to CloudFront’s dynamic delivery features that help improve the performance, scalability, and availability of your website while helping you lower your costs. We talk about architectural patterns such as SSL termination, close proximity connection termination, origin offload with keep-alive connections, and last-mile latency improvement. Also learn how to take advantage of Amazon Route 53's health check, automatic failover, and latency-based routing to build highly available web apps on AWS.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
An overview of one of the worlds largest content delivery networks, how it is used for accerlation of websites and applications for dynamic and static content. We will cover recent feature additions including integration of the new AWS WAF and other security features.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
AWS Webcast - Best Practices for Content Delivery using Amazon CloudFrontAmazon Web Services
Amazon CloudFront offers a simple, cost-effective way to improve the performance, reliability and global reach of your entire website for both static content and the dynamic portions of your site that change for each end user. In this webinar, you will learn some best practices for using Amazon CloudFront to architect a highly reliable and high-performing website. You will also learn how you can use Amazon CloudFront to deliver content securely, how you can customize content based on device or geo, and learn how use can use CloudFront tools such as our reports and analytics to help you continuously optimize your content. If you are an AWS customer, you will also learn some best practices on how you can use Amazon CloudFront to improve delivery of static or dynamic content originating from AWS services such as Amazon S3, Elastic Load Balancing (ELB), or Amazon EC2.
Learning Objectives:
• Best practices for delivering your whole website on Amazon CloudFront
• Best practices to deliver content securely via Amazon CloudFront
• Best practices to deliver content from AWS services such as Amazon S3, Amazon EC2 and Elastic Load Balancing using Amazon CloudFront
Who Should Attend:
• All AWS (S3, EC2, or ELB) customers who have some data transfer to internet
• All Amazon CloudFront customers
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. We will also share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting a A+ on SSL labs.
AWS re:Invent 2016: Amazon CloudFront Flash Talks: Best Practices on Configur...Amazon Web Services
In this series of 15-minute technical flash talks you will learn directly from Amazon CloudFront engineers and their best practices on debugging caching issues, measuring performance using Real User Monitoring (RUM), and stopping malicious viewers using CloudFront and AWS WAF.
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. We will also share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting a A+ on SSL labs.
(ARC303) Pure Play Video OTT: A Microservices ArchitectureAmazon Web Services
"An end-to-end, over-the-top (OTT) video system is built of many interdependent architectural tiers, ranging from content preparation, content delivery, and subscriber and entitlement management, to analytics and recommendations. This talk will provide a detailed exploration of how to architect a media platform that allows for growth, scalability, security, and business changes at each tier, based on real-world experiences delivering over 100 Gbps of concurrent video traffic with 24/7/365 linear TV requirements. Finally, learn how Verizon uses AWS, including Amazon Redshift and Amazon Elastic MapReduce, to power its recently launched mobile video application Go90.
Using a mixture of AWS services and native applications, we address the following scaling challenges:
Content ingest, preparation, and distribution
Operation of a 24x7x365 Linear OTT Playout Platform
Common pitfalls with transcode and content preperation
Multi-DRM and packaging to allow cross platform playback
Efficient delivery and multi-CDN methodology to allow for a perfect experience globally
Kinesis as a dual purpose system for both analytics and concurrency access management
Integration with Machine Learning for an adaptive recommendation system, with real time integration between content history and advertising data
User, entitlement, and content management
General best practices for ‘Cloud Architectures’ and their integration with Amazon Web Services; Infrastructure as Code, Disposable and immutable infrastructure, code deployment & release management, DevOps and Microservices Architectures
This session is great for architects, engineers, and CTOs within media and entertainment or others simply interested in decoupled architectures."
Deploying Next Generation Firewalling with ASA - CXCisco Canada
This presentation will explain the technology and capabilities behind Cisco’s new context aware firewall: Cisco ASA–CX. We will introduce a new approach to firewall policy creation based on contextual attributes such as: user identity, device type and application usage.
The Query Service is the new platform solution for querying a variety of data sources. The goal of Query Service is that administrators can configure a metadata description of the data source that can then be used by end users without detailed knowledge of the underlying data source. This session explains how to configure Query Service data sources and use them with the RESTful API or component collection.
Similar to Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFront and Lambda@Edge (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
2. What to expect from this session
• Amazon CloudFront and AWS Lambda
• Lambda@Edge
• Getting started with Lambda@Edge
3. AWS Global Infrastructure
16 Regions – 44 Availability Zones
Region & Number of Availability Zones
AWS GovCloud (2) EU
Ireland (3)
US West Frankfurt (3)
Oregon (3) London (2)
Northern California (3)
Asia Pacific
US East Singapore (2)
N. Virginia (6), Ohio (3) Sydney (3), Tokyo (3),
Seoul (2), Mumbai (2)
Canada
Central (2) China
Beijing (2)
South America
São Paulo (3)
Announced Regions
Paris, Ningxia, Stockholm
10. CloudFront: Global content delivery network
Accelerate your application and APIs
Include static content such as images and video
Massively scalable
Highly secure
Self-service
Priced to minimize cost
13. What happens with each request?
Is it in
cache?
Is it
expired?
Revalidate
with Origin
Origin
responds
with 304 (Not
Modified)
Origin
responds
with 200
(OK) and
latest version
of object
Forward
request to
origin
Y Y
NN
Viewer
Request
Hit / Refresh Hit
Miss
Cache
it
14. CloudFront Components: Distributions
distribution
Unique CloudFront.net Domain Name to Reference Objects
example: abc123.cloudfront.net
Specifies Origin(s) of Original Content Versions
example: orign.mysite.com
Types Provide for HTTP/HTTPS
example: https://cdn.mysite.com
Contain Specific Configurations and Tags
example: origins, behaviors, error pages, restrictionsHINT: Point your own
domain name to the
CloudFront.net domain
with an Amazon Route 53
Alias record
16. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
17. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
• Route requests to specific origins
• Set HTTP Protocol
• Set HTTP Methods
• Set Header Options
• Set Caching Options
• Set Cookie and Query String Forwarding
• Restrict Access
• Set Compression
Vary Behavior based on Path Parameters
18. Example: Whole site delivery for Wordpress
Amazon
Route 53
EC2 instance(s)
S3 bucket
Static content
Dynamic content
wp-content/*
wp-includes/*
wp-admin/*
wp-login.php
Default(*)
CloudFront
distribution
19. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
One or more Origins
20. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
Forward Request Headers to the Origin
Cache Based on Header Values
Set Object Caching TTLs
Device Detection
None: optimized
Whitelist: specify headers to forward
All: dynamic content, no caching
GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
21. HEAD
Identical to GET except that the
server MUST NOT return a
message-body in the response.
Used for obtaining meta-information
about the entity implied by the
request without transferring the
entity-body itself
POST
Used to request the origin
server to accept the entity
enclosed in the request as a
new subordinate of the
resource identified by the
Request-URI in the Request-
Line.
PUT
The fundamental difference
between the POST and PUT
requests is reflected in the different
meaning of the Request-URI.
PATCH
Used to apply partial modifications
to a resource
DELETE
Requests that the origin server
delete the resource identified by the
Request-URI
OPTIONS
Request for information about the
communication options available on
the request/response chain
identified by the Request-URI
GET
Requests for content from the
cache HTTP, HTTPS and RTMP
CloudFront Components: Behaviors, HTTP Methods
22. Minimize forwarded values
All forwarded headers are
used as part of the cache
key, which means it
dramatically reduces your
cacheability.
23. CloudFront device type headers
<?php
if ( has_post_thumbnail() ) {
// check if the post has a Post Thumbnail assigned
if ($_SERVER['CloudFront-Is-Mobile-Viewer'])
{the_post_thumbnail('small');}
else if ($_SERVER['CloudFront-Is-Tablet-Viewer'])
{the_post_thumbnail('medium');}
else
{the_post_thumbnail('large');}
}?>
24. 1) Vary response based on User Agent.
Example: Desktop, Mobile, Tablet
2) Vary response based on Language.
Example: user would prefer Danish but will accept British
English and other types of English. (Accept-Language: da,
en-gb;q=0.8, en;q=0.7 )
3) Vary response based on Protocol.
Example: CloudFront-Forward-Proto detected and
customer sent different content based on connection type.
Mobile User
(CloudFront-Is-
Mobile-Viewer)
Desktop User
(CloudFront-Is-
Desktop-Viewer)
1
1
2
3
CloudFront Components: Behaviors, Headers
25. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
Forward Query Strings and Cookies to the Origin
?key=querystringparam
Set-Cookie Header
Vary Response Based on Query String/Cookie
Cache Multiple Copies of Your Object
Query String / Cookie as Cache Key
Forward All
Forward Whitelist
26. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
• Restrict Access to Content
• Subscription Content, Digital Rights, Etc.
• Canned and Custom Policies
• Application Creates Signed URL
• CloudFront caches based on Signed
URL or Signed Cookie
28. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
• CloudFront Shared Cert
• Custom Cert
• AWS Certificate Manager
29. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
HTTP and HTTPS: Viewers can use both
protocols.
Redirect HTTP to HTTPS: Viewers can
use both protocols, but HTTP requests
are automatically redirected to HTTPS
requests.
HTTPS Only: Viewers can only access
your content if they're using HTTPS.
30.
31. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
Short TTL = Dynamic Content
Long TTL = Static Content
Reduce Load on Origin
If Modified Since
Min, Max, Default TTL’s
32. Expires headers from origin
Expires reflects when the cache must go back to the origin
server to see if the object has changed.
It is a fixed point in time and accuracy relies on clock
synchronization.
Expires: Fri, 1 Dec 2017 12:34:50 GMT
33. Cache-Control headers from origin
These directives give you fine-grained control over what is
cached and for how long (in seconds):
Cache-Control: max-age=300
34. Dynamic content? Cache it.
Use Cache-Control directives to minimize load on your origin:
- no-cache: cache & ask origin
- max-age=0: cache & ask origin
Other options:
- no-store: never cached at the edge nor by the browser
- private: never cached at the edge, but might be cached
by the browser
35. Set Min, Max, and Default TTLs for CloudFront
Min TTL Max TTLmax-age /
Expires
Browser Edge Cache
max-age /
s-maxage /
Expires
Max TTLmax-age /
Expires
max-age /
s-maxage /
Expires
Min TTL
Max TTL
max-age /
s-maxage /
Expires
Min TTLmax-age /
Expires
36. Introduce new styles without issuing invalidations.
Protect against browsers that don’t honor your
Cache-Control headers.
Version your assets
<link href="//assets.example.com/assets/v1/css/jumbotron-narrow.css“ rel="stylesheet">
<link href="//assets.example.com/assets/v2/css/jumbotron-narrow.css“ rel="stylesheet">
<link href="//assets.example.com/assets/css/jumbotron-narrow.css?<md5sum>“rel="stylesheet">
37. CloudFront Components: Behaviors
• Path Pattern Matching
• Origin Selection
• Headers
• Query Strings / Cookies
• Signed URL
• SSL Certificates
• Protocol Enforcement
• Time To Live (TTL)
• GZIP Compression
Accept-Encoding: gzip
Compresses and Serves Files
Optimizes Bandwidth Consumption
and Download Speed
Compresses Files with Header:
“Content-type” set
38. CloudFront Components: Restrictions, Errors, Tags
• Geographical Restriction
• White List or Black List
• Country Level Granularity
• No Additional Charges
• Caching Error Pages
• 4XX, 5XX Codes
• Cache Default Page
• Cache Custom Page
39. CloudFront Components: AWS WAF Web ACLs
Layer 7 Application
Protection
Fast Rule Propagation
Full Control Rules Set
Integration = Automation
Simple Pricing
40. CloudFront Regional Edge Caches
Europe
Frankfurt
North America
Northern VA
Oregon
Asia Pacific
Mumbai
Singapore
Sydney
Seoul
Tokyo
South America
São Paulo
Eleven Regional Edge Caches around the world..
42. CloudFront Security and Compliance Features
• Compliance
• PCI DSS Level 1 Compliance
• HIPAA Eligible Service, for protected health information (PHI)
• ISO 9001, 27001, 27017, 27018
• Security Enhancements to your infrastructure
• Signed URL,Signed Cookies
• Enforce HTTPS to origin
• Support iOS ATS
• Support for TLSv1 .1 and TLSv1.2 between edge and origin
• Add/Modify Request Headers Forwarded From CloudFront to Origin
• Integration with AWS Certificate Manager (SNI Certs from Amazon)
• Integration with AWS WAF (web application firewall)
• Geographic Restriction
• IPv6 Support
• Perfect Forward Secrecy, Newer Ciphers
43. CloudFront Pricing: Competitive, Flexible Options
• On-demand, pay for use pricing
• Same pricing for Static and Dynamic
• Same pricing for HTTP / HTTPS
• Usage Commitment Options
• GB delivery model
• Free SSL/TLS certs with ACM
• No Platform Fees
• No Charges for DNS Queries to
Route 53 ALIAS Records to
CloudFront
PriceperGB
Data Transfer
Data Transfer
Economies of Scale
44. All
North America + Europe
North America + Europe + East and South East Asia*
Deliver Content Globally and Control Pricing to Fit Performance and Cost Objectives
*does not include India (4) or Australia (2) PoPs
CloudFront Components: Price Classes
45. Amazon CloudFront Pricing
EC2 instance
web app
server
Elastic/Application
Load Balancing
Amazon S3
Bucket
Standard Pricing Components without CloudFront
Request for Content and Data Transfer Directly to End User
Data Transfer/Processing ($/GB)
Requests ($/Requests) = Total Charge
$
$
$ = $$$
46. Amazon CloudFront Pricing
EC2 instance
web app
server
Elastic/Application
Load Balancing
Amazon S3
Bucket
Standard Pricing Components without CloudFront
Request for Content and Data Transfer to 3rd Party CDN
3rd Party CDN Charges
Data Transfer/Processing ($/GB)
Requests ($/Requests)
CDN
+
+ 3rd Party CDN Charges = Total Charge
$
$
$
$ = $$$$
47. $
Amazon CloudFront Pricing
EC2 instance
web app
server
Elastic/Application
Load Balancing
Amazon S3
Bucket
Standard Pricing Components with CloudFront
CloudFront +
CloudFront = Total Charge
$
$
$
= $
51. AWS Lambda: Serverless computing
Run code without servers. Pay only for the compute time you consume. Be happy.
Triggered by events or called from APIs:
• PUT to an Amazon S3 bucket
• Updates to Amazon DynamoDB table
• Call to an Amazon API Gateway endpoint
• Mobile app backend call
• CloudFront requests
• And many more…
Makes it easy to:
• Perform real-time data processing
• Build scalable backend services
• Glue and choreograph systems
52. Benefits of AWS Lambda
Continuous
scaling
No servers to
manage
Never pay for idle
– no cold servers
(only happy
accountants)
54. Introducing Lambda@Edge
• Lambda@Edge is an extension of AWS Lambda that allows you to run
Node.js code at global AWS locations
• Bring your own code to the Edge and customize your content very close to
your users, improving end-user experience
Continuous
scaling
No servers
to manage
Never pay for idle
– no cold servers
Globally
distributed
57. CloudFront triggers for
Lambda@Edge functions
CloudFront cache
End user
Viewer request Origin request
Origin responseViewer response
58. Lambda@Edge events
• All Lambda@Edge invocations are synchronous
• Request events
• URI and header modifications can change the object being requested
• Viewer request can change the object being requested from the CloudFront
cache and the origin
• Origin request can change the object or path pattern being requested from the
origin
• Response events
• Origin response can modify what is cached and generate cacheable responses
to be returned to the viewer
• Viewer response can change what is returned to the viewer
CloudFront
cache
End user
Viewer request Origin request
Origin responseViewer response
59. Lambda@Edge functionality
• Read and write access to headers, URIs, and
cookies across all triggers
• Ability to generate custom responses from
scratch
• Access to make network calls to external
resources on origin-facing hooks
61. Highly personalized websites
• Redirect viewers to the optimal
experience based on their location,
language preferences, and device type
62. Pretty URLs
• Rewrite the URL end user's request
to serve content without exposing
your team’s internal directory
structure and organization
• Provide customized experiences
without compromising consistency in
what your viewers see
63. Authorization at the Edge
• Inspect cookies or custom headers to
authenticate clients right at the Edge
• Enforce paywalls at the Edge to gate
access to premium content to only
authenticated viewers
64. Authorization at the Edge – how?
• Trigger: Viewer request
• Prerequisites
• The customer must have previously authenticated against your authoritative
service, resulting in some sort of authorization credential. Typically this is a
cookie.
• Inputs
• URL
• Authorization credential (cookie)
• Outputs
• Allow the request to succeed if the request is authorized. If not, either return
a 403 response or redirect to an authentication page
65. A/B testing
• ‘Flip a coin’ to select a
version of content
displayed to each user
on an asset level
• Set cookies to ensure
that users continue to
see the right versions
of content
66. let experimentUri;
if (headers.cookie) {
for (let i = 0; i < headers.cookie.length; i++) {
if (headers.cookie[i].value.indexOf(cookieExperimentA) >=
0) {
console.log('Experiment A cookie found');
experimentUri = pathExperimentA;
break;
} else if
(headers.cookie[i].value.indexOf(cookieExperimentB) >= 0) {
console.log('Experiment B cookie found');
experimentUri = pathExperimentB;
break;
}
}
}
67. if (!experimentUri) {
console.log('Experiment cookie has not been found.
Throwing dice...');
if (Math.random() < 0.75) {
experimentUri = pathExperimentA;
} else {
experimentUri = pathExperimentB;
}
}
request.uri = experimentUri;
console.log(`Request uri set to "${request.uri}"`);
callback(null, request);
};
68.
69. Limited access to content
• Enforce timed access to content
at the edge
• Make a call to an external
authentication server to confirm
if a user’s session is still valid
• Forward valid requests to the
origin, and serve redirects to
new users to login pages
70. Response generation at the Edge
Generate an HTTP response to end
user requests arriving at AWS locations:
• Generate customized error pages
and static websites directly from Edge
locations
• Combine content drawn from multiple
external resources to dynamically
build websites at the Edge