Code Examples: https://github.com/brianklaas/awsPlaybox
CFML has a number of built-in hooks to access Amazon Web Services (AWS). Using AWS effectively, though, requires going beyond the support built into CFML and tapping in to the power both the AWS Java SDK and AWS' powerful authentication and authorization system: IAM. In this session, we'll look at how to use IAM from within your CFML app to set up IAM roles and permissions so that you can start leveraging the real power of AWS, whether it's cloud-based file storage (S3), sending text messages (SNS), or working with a noSQL database (DynamoDB).
Amazon S3 hosts trillions of objects and is used for storing a wide range of data, from system backups to digital media. This presentation from the Amazon S3 Masterclass webinar we explain the features of Amazon S3 from static website hosting, through server side encryption to Amazon Glacier integration. This webinar will dive deep into the feature sets of Amazon S3 to give a rounded overview of its capabilities, looking at common use cases, APIs and best practice.
See a recording of this video here on YouTube: http://youtu.be/VC0k-noNwOU
Check out future webinars in the Masterclass series here: http://aws.amazon.com/campaigns/emea/masterclass/
View the Journey Through the Cloud webinar series here: http://aws.amazon.com/campaigns/emea/journey/
"Ever wondered how can you find out which user made a particular API call, when the call was made, and which resources were acted upon? In this session, you will learn how to turn on AWS CloudTrail for hundreds of AWS accounts in all AWS regions to ensure you have full visibility into API activity in all your AWS accounts. We will demonstrate how to use CloudTrail Lookup in the AWS Management Console to troubleshoot operational and security issues and how to use the AWS CLI or SDKs to integrate your applications with CloudTrail.
We will also demonstrate how you can monitor for specific API activity by using Amazon CloudWatch and receive email notifications, when such activity occurs. Using CloudTrail Lookup and CloudWatch Alarms, you can take immediate action to quickly remediate any security or operational issues. We will also share best practices and ready-to-use scripts, and dive deep into new features that help you configure additional layers of security for CloudTrail log files."
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices.As an IoT developer, you will need to interact with AWS services like Amazon Kinesis, AWS Lambda, and Amazon Machine Learning to get the most from your IoT application. In this session, we will do a deep dive on how to define rules in the Rules Engine, or retrieve the last known and desired state of device using Device Shadows, routing data from devices to AWS services to leverage the entire cloud for your Internet of Things application.
Join the “AWS Services Overview” webinar to take a fast-paced 45-minute tour through our broad range of new and existing services. During the webinar, you will have the opportunity to propose questions for the live Q&A session following the presentation.
Learning Objectives:
• Overview of AWS New & Existing Services
• Advice for Getting Started
Who Should Attend:
• IT Administrators, IT Directors, IT Architects, and Technology or Business Decision Makers
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...Amazon Web Services
Learning Objectives:
• Learn what core capabilities are necessary for a successful IoT cloud platform
• Understand how the core capabilities work together
• Learn what and how standards are beginning to take shape
As with any other trend in the history of computer software, IoT is being powered by a new generation of cloud platforms. In this tech talk, we will identify and explain what to look for when evaluating an IoT cloud platform to ensure a successful deployment of IoT strategies. Learn what core capabilities are necessary to look for when choosing an IoT cloud platform.
Amazon S3 hosts trillions of objects and is used for storing a wide range of data, from system backups to digital media. This presentation from the Amazon S3 Masterclass webinar we explain the features of Amazon S3 from static website hosting, through server side encryption to Amazon Glacier integration. This webinar will dive deep into the feature sets of Amazon S3 to give a rounded overview of its capabilities, looking at common use cases, APIs and best practice.
See a recording of this video here on YouTube: http://youtu.be/VC0k-noNwOU
Check out future webinars in the Masterclass series here: http://aws.amazon.com/campaigns/emea/masterclass/
View the Journey Through the Cloud webinar series here: http://aws.amazon.com/campaigns/emea/journey/
"Ever wondered how can you find out which user made a particular API call, when the call was made, and which resources were acted upon? In this session, you will learn how to turn on AWS CloudTrail for hundreds of AWS accounts in all AWS regions to ensure you have full visibility into API activity in all your AWS accounts. We will demonstrate how to use CloudTrail Lookup in the AWS Management Console to troubleshoot operational and security issues and how to use the AWS CLI or SDKs to integrate your applications with CloudTrail.
We will also demonstrate how you can monitor for specific API activity by using Amazon CloudWatch and receive email notifications, when such activity occurs. Using CloudTrail Lookup and CloudWatch Alarms, you can take immediate action to quickly remediate any security or operational issues. We will also share best practices and ready-to-use scripts, and dive deep into new features that help you configure additional layers of security for CloudTrail log files."
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices.As an IoT developer, you will need to interact with AWS services like Amazon Kinesis, AWS Lambda, and Amazon Machine Learning to get the most from your IoT application. In this session, we will do a deep dive on how to define rules in the Rules Engine, or retrieve the last known and desired state of device using Device Shadows, routing data from devices to AWS services to leverage the entire cloud for your Internet of Things application.
Join the “AWS Services Overview” webinar to take a fast-paced 45-minute tour through our broad range of new and existing services. During the webinar, you will have the opportunity to propose questions for the live Q&A session following the presentation.
Learning Objectives:
• Overview of AWS New & Existing Services
• Advice for Getting Started
Who Should Attend:
• IT Administrators, IT Directors, IT Architects, and Technology or Business Decision Makers
Essential Capabilities of an IoT Cloud Platform - April 2017 AWS Online Tech ...Amazon Web Services
Learning Objectives:
• Learn what core capabilities are necessary for a successful IoT cloud platform
• Understand how the core capabilities work together
• Learn what and how standards are beginning to take shape
As with any other trend in the history of computer software, IoT is being powered by a new generation of cloud platforms. In this tech talk, we will identify and explain what to look for when evaluating an IoT cloud platform to ensure a successful deployment of IoT strategies. Learn what core capabilities are necessary to look for when choosing an IoT cloud platform.
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAmazon Web Services
This document discusses Amazon Inspector findings. It begins by introducing Eric Fitzgerald from Amazon and providing context on what Amazon Inspector is. It then discusses findings in more detail - specifically that findings report potential security issues, provide metadata, and can be used to drive automation. It demonstrates how to examine findings through the console and CLI. It also provides examples of how findings can be automatically exported using SNS and Lambda and how Lambda can be used to automatically remediate findings by triggering actions with other AWS services like SSM.
Mobile App development is very popular today and cloud provides a highly scalable and available backend for mobile apps. In this session, we will introduce how to use AWS services include Lambda, DynamoDB, Cognito, Mobile Analytics and SNS, to create a serverless location aware mobile app.
ALX401-Advanced Alexa Skill Building Conversation and MemoryAmazon Web Services
This session walks you through some of the more advanced features offered in Alexa Skill Builder, like Dialog Management, Entity Resolution, state management, session persistence, and maintaining context. Using Dialog Management, you can engage skill users in a multi-turn dialog to elicit and confirm slots for an intent. Using Entity Resolution, you can greatly simplify slot management by mapping multiple synonyms of your slot to a unique ID. We couple these conversational techniques with the management of session state and persistence to enable memory and personalization.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This webinar will introduce the best practices for IoT Security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, as well as integrate devices with other AWS services to create secure solutions.
Learning Objectives:
• Common IoT Thing Management Issues
• Learn about AWS IoT Security and Access Control Mechanisms
• Build Secure interactions with the AWS Cloud
Who Should Attend:
• Technical Decision Makers, Developers, Makers
AWS January 2016 Webinar Series - Getting Started with AWS IoTAmazon Web Services
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices.
In this webinar, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device from the cloud using the protocol of their choice. We will discuss how devices can securely connect using MQTT and HTTP protocols, and how developers and businesses can leverage features of AWS IoT like Device Shadows, a JSON document used to store and retrieve current state information for device, app and so on, and Rules Engine, which provides message processing and integration with other AWS services, to build a real connected product.
Learning Objectives:
Understand what AWS IoT is and an introduction to the Internet of Things
Understand connecting a device with a live example
Understand using the Device Gateway, Rules Engine, Registry, Device Shadows
Who Should Attend:
IoT Developers
This document contains slides from a presentation on AWS IoT. The presentation covers an overview of AWS IoT, how to connect devices, the IoT rules engine for processing and routing data, device shadows for offline operations and command/control, and integrating AWS IoT with other AWS services like Elasticsearch. The slides provide explanations and examples of building applications with AWS IoT.
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
Streamline your mobile app signup experience with social login. We demonstrate how to use web identity federation to enable users to log into your app using their existing Facebook, Google, or Amazon accounts. Learn how to apply policies to these identities to secure access to AWS resources, such as personal files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.
The document discusses serverless technologies for big data processing, including ingestion using Amazon Kinesis Video Streams, Data Streams, and Data Firehose. It covers real-time processing with Kinesis Data Streams and Lambda, real-time analytics using Kinesis Data Analytics, and post processing options like Amazon S3, DynamoDB, Athena and AWS Glue. The role of serverless computing in simplifying and scaling big data workloads is a key focus.
(SEC321) Implementing Policy, Governance & Security for EnterprisesAmazon Web Services
"CSC engineers will demonstrate enterprise policy, governance, and security products to deploy and manage enterprise and industry applications AWS. We will demonstrate automated provisioning and management of big data platforms and industry specific enterprise applications with automatically provisioned secure network connectivity from the datacenter to AWS over layer 2 routed AT&T NetBond (provides AWS DirectConnect access) connection. We will demonstrate how applications blueprinted on CSC's Agility Platform can be re-hosted on AWS in minutes or re-instantiated across multiple AWS regions. CSC Cybersecurity will also demonstrate how CSC can provide agile & consumption based endpoint security for workloads in any cloud or virtual infrastructure, providing enterprise management and 24x7 monitoring of workload compliance, vulnerabilities, and potential threats.
Session sponsored by CSC."
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery Amazon Web Services
This document summarizes a presentation about using Amazon CloudFront and AWS WAF for securing and accelerating APIs. It discusses the challenges of delivering APIs, how CloudFront addresses these challenges through application acceleration, security features, and high availability. The presentation also provides a case study of how Slack migrated from using Elastic Load Balancing to using CloudFront to deliver their API, improving performance metrics. It concludes with a demonstration of automating protections using Lambda and discusses future plans for rate limiting and blocking malicious traffic.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this tech talk, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device from the cloud using the protocol of their choice. We will use the AWS IoT Starter Kit to demonstrate building a real connected product, securely connect with AWS IoT using MQTT, WebSockets, and HTTP protocols, and show how developers and businesses can leverage features of AWS IoT like Device Shadows and the Rules Engine, which provides message processing and integration with other AWS services.
Learn from our hands-on experience using and working with Firebase. Great for building quick POC (prototypes) of apps that need real-time updates. Build cross platform web and mobile products with ease quickly.
As your use of the AWS platform matures and evolves you need to be continuously looking at ways to streamline IT operations to maximise your business innovation, outcomes and maintaining that competitive edge.
In this advanced technical session we will provide insights on server-less IT ops designs, building end-to-end automation systems, implementing robust security controls, and automated response to IT behavioural analysis to ensure that your operations and management of the AWS Platform is designed to deliver scale, resiliency, security, and is cost optimised. Be prepared for a technically deep session on AWS technology.
Speaker: Dean Samuels, Black Belt Ninja Master, Amazon Web Services
The document discusses how Amazon Mobile Analytics can help mobile developers analyze user behavior and key business metrics from their mobile apps with just one line of code. It collects usage data from millions of users at scale without sharing or aggregating individual user data. Metrics like monthly/daily active users, new users, daily sessions, retention rates, and custom events can provide insights for improving user engagement and monetization.
Building a Development Workflow for Serverless Applications - March 2017 AWS ...Amazon Web Services
Building, testing, and deploying AWS Lambda-based, serverless applications introduces new challenges to developers whose development workflows are optimized for traditional VM-based applications. In this webinar, we will introduce one method for automating the deployment of serverless applications running on AWS Lambda. We will first cover how you can model and express serverless applications using the open source AWS Serverless Application Model (AWS SAM). Then, we will discuss how you can use CI/CD tooling from AWS CodePipeline and AWS CodeBuild to build an automated development workflow for your serverless app.
Learning Objectives:
1. Understand the fundamentals of the microservices architectural approach
2. Learn best practices for designing microservices on AWS
3. Learn the basics of Amazon EC2 Container Service, Amazon API Gateway, AWS Lambda, and AWS X-Ray"
This document provides an introduction and overview of Amazon Web Services (AWS). It discusses that AWS has over 1 million active customers, including startups, enterprises, and independent software vendors. It highlights how AWS allows for agility through quick provisioning, a vast technology platform, and rapid innovation with new features. The document promotes learning more about AWS through blogs, events, training and certification programs. It encourages readers to create an AWS account and try new services.
This document outlines the modules in an AWS training course. The course teaches students foundational AWS services like EC2, VPC, S3, and EBS, as well as security, databases, and management tools. The modules cover an introduction to AWS history and services, foundational compute, network and storage services, security and access management, databases, and management tools.
Getting Started with Serverless Computing Using AWS Lambda - ENT332 - re:Inve...Amazon Web Services
With serverless computing, you can build and run applications without the need for provisioning or managing servers. Serverless computing means that you can build web, mobile, and IoT backends, run stream processing or big data workloads, run chatbots, and more. In this session, learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We introduce you to the basics of building with Lambda. As part of that, we show how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this session, we will discuss how constrained devices in Enterprise environments can securely connect to the cloud over HTTP, MQTT and WebSockets. We will discuss how developers can use the AWS IoT Rules Engine and Thing Shadows. Finally, we will cover new features released since the launch of AWS IoT including integration with Amazon Machine Learning and ElasticSearch.
GOTO Stockholm - AWS Lambda - Logic in the cloud without a back-endIan Massingham
Slides from my session at Goto Stockholm where I talked about AWS Lambda and how it can be used to build reliable, scalable & low-cost applications, without servers for you to manage.
Special thanks to James Hall at Parallax for allowing me to talk about the awesome application that they built using AWS Lambda, Amazon API Gateway & Amazon DynanmoDB :)
AWS Technical Day Riyadh Nov 2019 - The art of mastering data protection on awsAWS Riyadh User Group
This document discusses various techniques for securing data stored in Amazon S3 buckets, including:
- Using IAM policies and S3 bucket policies to control access to buckets and objects
- The S3 Block Public Access setting to prevent public access
- Encryption using AWS KMS to encrypt data at rest
- Authorization processes where S3 checks IAM, bucket, and object policies to authorize requests
- Managing cross-account access using IAM roles
- Replication ownership override for business continuity between regions
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...Amazon Web Services
Enterprises trying to deploy infrastructure to the cloud and independent software companies trying to deliver a service have similar problems to solve. They need to know how to create an environment in AWS that enforces least-privilege access between components while also allowing administration and change management. Amazon Elastic Cloud Compute (EC2) and Identity and Access Management (IAM), coupled with services like AWS Security Token Service (STS), offer the necessary building blocks. In this session, we walk through some of the mechanisms available to control access in an Amazon Virtual Private Cloud (VPC). Next, we focus on using IAM and STS to create a least-privilege access model. Finally, we discuss auditing strategies to catch common mistakes and discuss techniques to audit and maintain your infrastructure.
Addressing Amazon Inspector Assessment Findings - September 2016 Webinar SeriesAmazon Web Services
This document discusses Amazon Inspector findings. It begins by introducing Eric Fitzgerald from Amazon and providing context on what Amazon Inspector is. It then discusses findings in more detail - specifically that findings report potential security issues, provide metadata, and can be used to drive automation. It demonstrates how to examine findings through the console and CLI. It also provides examples of how findings can be automatically exported using SNS and Lambda and how Lambda can be used to automatically remediate findings by triggering actions with other AWS services like SSM.
Mobile App development is very popular today and cloud provides a highly scalable and available backend for mobile apps. In this session, we will introduce how to use AWS services include Lambda, DynamoDB, Cognito, Mobile Analytics and SNS, to create a serverless location aware mobile app.
ALX401-Advanced Alexa Skill Building Conversation and MemoryAmazon Web Services
This session walks you through some of the more advanced features offered in Alexa Skill Builder, like Dialog Management, Entity Resolution, state management, session persistence, and maintaining context. Using Dialog Management, you can engage skill users in a multi-turn dialog to elicit and confirm slots for an intent. Using Entity Resolution, you can greatly simplify slot management by mapping multiple synonyms of your slot to a unique ID. We couple these conversational techniques with the management of session state and persistence to enable memory and personalization.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This webinar will introduce the best practices for IoT Security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, as well as integrate devices with other AWS services to create secure solutions.
Learning Objectives:
• Common IoT Thing Management Issues
• Learn about AWS IoT Security and Access Control Mechanisms
• Build Secure interactions with the AWS Cloud
Who Should Attend:
• Technical Decision Makers, Developers, Makers
AWS January 2016 Webinar Series - Getting Started with AWS IoTAmazon Web Services
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices.
In this webinar, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device from the cloud using the protocol of their choice. We will discuss how devices can securely connect using MQTT and HTTP protocols, and how developers and businesses can leverage features of AWS IoT like Device Shadows, a JSON document used to store and retrieve current state information for device, app and so on, and Rules Engine, which provides message processing and integration with other AWS services, to build a real connected product.
Learning Objectives:
Understand what AWS IoT is and an introduction to the Internet of Things
Understand connecting a device with a live example
Understand using the Device Gateway, Rules Engine, Registry, Device Shadows
Who Should Attend:
IoT Developers
This document contains slides from a presentation on AWS IoT. The presentation covers an overview of AWS IoT, how to connect devices, the IoT rules engine for processing and routing data, device shadows for offline operations and command/control, and integrating AWS IoT with other AWS services like Elasticsearch. The slides provide explanations and examples of building applications with AWS IoT.
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
Streamline your mobile app signup experience with social login. We demonstrate how to use web identity federation to enable users to log into your app using their existing Facebook, Google, or Amazon accounts. Learn how to apply policies to these identities to secure access to AWS resources, such as personal files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.
The document discusses serverless technologies for big data processing, including ingestion using Amazon Kinesis Video Streams, Data Streams, and Data Firehose. It covers real-time processing with Kinesis Data Streams and Lambda, real-time analytics using Kinesis Data Analytics, and post processing options like Amazon S3, DynamoDB, Athena and AWS Glue. The role of serverless computing in simplifying and scaling big data workloads is a key focus.
(SEC321) Implementing Policy, Governance & Security for EnterprisesAmazon Web Services
"CSC engineers will demonstrate enterprise policy, governance, and security products to deploy and manage enterprise and industry applications AWS. We will demonstrate automated provisioning and management of big data platforms and industry specific enterprise applications with automatically provisioned secure network connectivity from the datacenter to AWS over layer 2 routed AT&T NetBond (provides AWS DirectConnect access) connection. We will demonstrate how applications blueprinted on CSC's Agility Platform can be re-hosted on AWS in minutes or re-instantiated across multiple AWS regions. CSC Cybersecurity will also demonstrate how CSC can provide agile & consumption based endpoint security for workloads in any cloud or virtual infrastructure, providing enterprise management and 24x7 monitoring of workload compliance, vulnerabilities, and potential threats.
Session sponsored by CSC."
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery Amazon Web Services
This document summarizes a presentation about using Amazon CloudFront and AWS WAF for securing and accelerating APIs. It discusses the challenges of delivering APIs, how CloudFront addresses these challenges through application acceleration, security features, and high availability. The presentation also provides a case study of how Slack migrated from using Elastic Load Balancing to using CloudFront to deliver their API, improving performance metrics. It concludes with a demonstration of automating protections using Lambda and discusses future plans for rate limiting and blocking malicious traffic.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this tech talk, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device from the cloud using the protocol of their choice. We will use the AWS IoT Starter Kit to demonstrate building a real connected product, securely connect with AWS IoT using MQTT, WebSockets, and HTTP protocols, and show how developers and businesses can leverage features of AWS IoT like Device Shadows and the Rules Engine, which provides message processing and integration with other AWS services.
Learn from our hands-on experience using and working with Firebase. Great for building quick POC (prototypes) of apps that need real-time updates. Build cross platform web and mobile products with ease quickly.
As your use of the AWS platform matures and evolves you need to be continuously looking at ways to streamline IT operations to maximise your business innovation, outcomes and maintaining that competitive edge.
In this advanced technical session we will provide insights on server-less IT ops designs, building end-to-end automation systems, implementing robust security controls, and automated response to IT behavioural analysis to ensure that your operations and management of the AWS Platform is designed to deliver scale, resiliency, security, and is cost optimised. Be prepared for a technically deep session on AWS technology.
Speaker: Dean Samuels, Black Belt Ninja Master, Amazon Web Services
The document discusses how Amazon Mobile Analytics can help mobile developers analyze user behavior and key business metrics from their mobile apps with just one line of code. It collects usage data from millions of users at scale without sharing or aggregating individual user data. Metrics like monthly/daily active users, new users, daily sessions, retention rates, and custom events can provide insights for improving user engagement and monetization.
Building a Development Workflow for Serverless Applications - March 2017 AWS ...Amazon Web Services
Building, testing, and deploying AWS Lambda-based, serverless applications introduces new challenges to developers whose development workflows are optimized for traditional VM-based applications. In this webinar, we will introduce one method for automating the deployment of serverless applications running on AWS Lambda. We will first cover how you can model and express serverless applications using the open source AWS Serverless Application Model (AWS SAM). Then, we will discuss how you can use CI/CD tooling from AWS CodePipeline and AWS CodeBuild to build an automated development workflow for your serverless app.
Learning Objectives:
1. Understand the fundamentals of the microservices architectural approach
2. Learn best practices for designing microservices on AWS
3. Learn the basics of Amazon EC2 Container Service, Amazon API Gateway, AWS Lambda, and AWS X-Ray"
This document provides an introduction and overview of Amazon Web Services (AWS). It discusses that AWS has over 1 million active customers, including startups, enterprises, and independent software vendors. It highlights how AWS allows for agility through quick provisioning, a vast technology platform, and rapid innovation with new features. The document promotes learning more about AWS through blogs, events, training and certification programs. It encourages readers to create an AWS account and try new services.
This document outlines the modules in an AWS training course. The course teaches students foundational AWS services like EC2, VPC, S3, and EBS, as well as security, databases, and management tools. The modules cover an introduction to AWS history and services, foundational compute, network and storage services, security and access management, databases, and management tools.
Getting Started with Serverless Computing Using AWS Lambda - ENT332 - re:Inve...Amazon Web Services
With serverless computing, you can build and run applications without the need for provisioning or managing servers. Serverless computing means that you can build web, mobile, and IoT backends, run stream processing or big data workloads, run chatbots, and more. In this session, learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We introduce you to the basics of building with Lambda. As part of that, we show how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this session, we will discuss how constrained devices in Enterprise environments can securely connect to the cloud over HTTP, MQTT and WebSockets. We will discuss how developers can use the AWS IoT Rules Engine and Thing Shadows. Finally, we will cover new features released since the launch of AWS IoT including integration with Amazon Machine Learning and ElasticSearch.
GOTO Stockholm - AWS Lambda - Logic in the cloud without a back-endIan Massingham
Slides from my session at Goto Stockholm where I talked about AWS Lambda and how it can be used to build reliable, scalable & low-cost applications, without servers for you to manage.
Special thanks to James Hall at Parallax for allowing me to talk about the awesome application that they built using AWS Lambda, Amazon API Gateway & Amazon DynanmoDB :)
AWS Technical Day Riyadh Nov 2019 - The art of mastering data protection on awsAWS Riyadh User Group
This document discusses various techniques for securing data stored in Amazon S3 buckets, including:
- Using IAM policies and S3 bucket policies to control access to buckets and objects
- The S3 Block Public Access setting to prevent public access
- Encryption using AWS KMS to encrypt data at rest
- Authorization processes where S3 checks IAM, bucket, and object policies to authorize requests
- Managing cross-account access using IAM roles
- Replication ownership override for business continuity between regions
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...Amazon Web Services
Enterprises trying to deploy infrastructure to the cloud and independent software companies trying to deliver a service have similar problems to solve. They need to know how to create an environment in AWS that enforces least-privilege access between components while also allowing administration and change management. Amazon Elastic Cloud Compute (EC2) and Identity and Access Management (IAM), coupled with services like AWS Security Token Service (STS), offer the necessary building blocks. In this session, we walk through some of the mechanisms available to control access in an Amazon Virtual Private Cloud (VPC). Next, we focus on using IAM and STS to create a least-privilege access model. Finally, we discuss auditing strategies to catch common mistakes and discuss techniques to audit and maintain your infrastructure.
CloudFormation techniques from the Dutch trenches (DVC07) - AWS re:Invent 2018Martijn van Dongen
Create Custom Resources to extend the support of resources and other extensions in CloudFormation. Build Custom Rules for cfn-lint to use the tool as a compliance control, and together with taskcat to fail fast.
Workshop: Building Your First Big Data Application on AWSAmazon Web Services
This document describes how to build a big data application on AWS that involves collecting log data using Kinesis Firehose, processing the data using EMR and Spark, storing the data in S3, analyzing the data using Redshift, and visualizing results using QuickSight. It provides step-by-step instructions for setting up the necessary AWS services and running queries to explore the data.
TIB Academy Offers best AWS training in bangalore. this tutorial contains the following aspects,
security mind map
identity and access management
IAM policies
The document discusses security segmentation and identity access management on AWS. It provides examples of using AWS Organizations, service control policies, and IAM policies to segment accounts and control access. It discusses using AWS Organizations to centrally govern accounts, AWS Resource Access Manager to share resources between accounts, and IAM policies for users, resources, and endpoints to control access to specific AWS resources like S3 buckets.
Want to get ramped up on how to use Amazon's big data web services and launch your first big data application on AWS? Join us on our journey as we build a big data application in real-time using Amazon EMR, Amazon Redshift, Amazon Kinesis, Amazon DynamoDB, and Amazon S3. We review architecture design patterns for big data solutions on AWS, and give you access to a take-home lab so that you can rebuild and customize the application yourself.
New to AWS? Given the volume of AWS services, it may feel daunting to get your security house in order for the cloud. In reality, there are just a few, simple patterns you need to know to be effective. In this session, we focus on the permission controls offered by AWS Identity and Access Management (IAM) and the network security controls offered by Amazon Virtual Private Cloud (VPC). You’ll walk away with concrete examples that will empower you to properly secure any workload in the AWS Cloud.
DevOps Fest 2019. Alex Casalboni. Configuration management and service discov...DevOps_Fest
Your system is composed of highly decoupled, independent, fast, and modular microservices. But how can they share common configurations, dynamic endpoints, database references, and properly rotate secrets? Based on the size and complexity of your serverless system, you may simply use environment variables or eventually opt for some sort of centralized store. And then how do integrate all of this with monitoring and automation tooling? During this session, I will present the ideal solutions and some of the alternatives available on AWS (such as AWS Systems Manager Parameter Store and AWS Secrets Manager). I will also discuss the best use cases for each solution and the corresponding best practices to achieve the highest standards for security and performance.
Discuss How to Secure Your Virtual Data Center in the Cloud (NET210-R1) - AWS...Amazon Web Services
In this introductory chalk talk, we cover how to secure your resources in the cloud for common AWS workloads such as Amazon EC2 computing, database, and serverless. We cover security best practices recommended by AWS for each workload using simple and effective identity and networking techniques. Learn how and why these controls do what they do, and come away with the ability to interpret and apply AWS identity and network access controls.
Unleash the Power of Temporary AWS Credentials (a.k.a. IAM roles) (SEC390-R1)...Amazon Web Services
The document discusses AWS Identity and Access Management (IAM) roles, which allow granting temporary security credentials to users, applications, and AWS services. IAM roles provide a secure way to delegate access and are easy to manage. The presentation covers when and how to use IAM roles, including for cross-account access, granting least privilege access, and enabling AWS services to access resources. It also provides examples of using IAM roles for EC2 instances and with AWS Secrets Manager.
This document summarizes an AWS security deep dive presentation. It discusses segmentation of workloads using VPCs, using AWS Organizations to centrally govern accounts and apply service control policies, and using AWS Identity and Access Management (IAM) to control access. Example IAM policies are provided to control access for users, resources, and endpoints.
Deep dive on security in Amazon S3 - STG304 - Chicago AWS SummitAmazon Web Services
This document contains a presentation on security best practices for Amazon S3. It discusses how S3 provides confidentiality, integrity and availability. It also summarizes how S3 supports analytics and data serving through its scalable and cost-effective architecture. The presentation recommends enabling default encryption with SSE-KMS, using object lock for governed data, requiring TLS through bucket policies, and enabling VPC endpoints with limiting bucket policies. Useful policy snippets are also provided for requiring TLS, signatures, source IP restrictions, MFA and VPC endpoints.
S3 to Lambda:: A flexible pattern at the heart of serverless applications (SV...James Beswick
AWS re:Invent chalk talk showing benefits and examples of the S3 to Lambda pattern. Examples available in code repo at https://github.com/jbesw/svs214-examples.
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or LessAmazon Web Services
This document provides a summary of an AWS session on becoming an IAM policy expert in 60 minutes or less. It covers key IAM policy concepts like principal, action, resource, and condition elements. Examples are given for each element to show how policies can be used to control access to AWS services like EC2, S3, and IAM. The session also demonstrates how to use policy variables and debug policies. Attendees would learn tips and tricks for common use cases through demos of limiting EC2 instance types and using conditions.
AWS's access model provides powerful opportunities for controlling who has what level of access to which resources. But with this awesome power comes awesome complexity. The inevitable shortcuts mean that a one-line bug could wipe out all your EC2 resources instead of the intended targeted few. In this talk, we'll quickly review the key aspects of IAM and discuss some strategies for keeping cloud resources safe from friendly fire.
Presented at Austin DevOps July 2019
AWS supports a robust suite of tools and services that makes analyzing and processing large amounts of data in the cloud faster and more efficient. In this builders session, AWS storage and data experts guide you through Amazon S3, Amazon Glacier, and our query-in-place services, such as Amazon S3 Select, Amazon Glacier Select, Amazon Athena, and Amazon Redshift Spectrum. We also provide best practices around using them with other analytics services, like Amazon EMR and AWS Glue to build data lakes and deploy other analytics solutions. Understanding of a data lake construct, AWS storage services, and AWS analytics tools is recommended.
This document provides an overview and introduction to Amazon Web Services (AWS) including key services like EC2, S3, VPC, RDS, and Lambda. It describes the purpose and basic functionality of each service. It also includes brief demonstrations of launching EC2 instances, creating S3 buckets, setting up VPC networking, and other core AWS services. The goal is to help readers understand the breadth of AWS offerings and how to get started using various compute, storage, database, and developer services.
Similar to ITB2019 Build Fine-Grained Control of Amazon Web Services in Your CFML App - Brian Klass (20)
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
Feeling lost in the trenches of complex SQL queries and manual database interaction? Join us for a beginner-friendly mission to conquer your data with ColdFusion ORM powered by Hibernate! Whether you're a fresh recruit in the coding field or a seasoned veteran navigating legacy ColdFusion applications, this session equips you with the tools and strategies to level up your development game. We will cover ORM session management, ORM settings, caching strategies, virtual service layers, dynamic finders, dynamic counters, and an enhanced Hibernate Criteria builder for ColdFusion to create easy and programmatic HQL queries. We will even see how to build automatic CRUD APIs using only your ORM definitions. Ready to win?
Ortus Solutions is your web development expert. Planning, Design, Consulting, Mentorship, Implementation, Maintenance, and cutting-edge Software tools. All in one place.
Battlefield ORM : Learn the strategies and tactics to win with ColdFusion ORM powered by Hibernate!
We have gone through the pain and frustrations of maturing with technology such as an Object Relational Mapper (ORM) powered by Hibernate. This advanced session will cover how to leverage the ColdFusion ORM to start creating amazing, fun, and smell-great applications, and you might even see flying unicorns as well.
We will cover ORM session management, ORM settings, caching strategies, virtual service layers, dynamic finders, dynamic counters, and an enhanced Hibernate Criteria builder for ColdFusion to create easy and programmatic HQL queries. We will even see how to build automatic CRUD APIs using only your ORM definitions.
Ready to win?
You need to write a script you can call from cron to upload a directory of files to S3. Or perhaps zip log files and E-mail them? Or import a CSV into the DB. What do you use? Bash? Python? Node? No silly, you use CFML! ColdFusion developers have been able to write pure CLI scripts with CommandBox CLI for years now and it beats the pants of bash or Node. There's tools for creating interactive wizards, progress bar animations, colored console text output, and easy parameter handling. And the best thing is, CommandBox Task Runners are written in CFML so they can do anything CFML can do. Come learn how quick and easy Task Runners are to use so CFML can become the go-to language to use for anything.
Handling credentials, secrets and settings is a crucial aspect of any project. Developers must ensure that sensitive data is kept safe and secure from unauthorized access. However, ensuring safety shouldn't compromise local development convenience. Therefore, it's essential to adopt an approach that provides both security and ease of use.
“Transitioning from WordPress to ContentBox: A Powerful ColdFusion Alternative”
Are you a web developer tired of working with WordPress and its limitations? Look no further than ContentBox, a robust, open-source ColdFusion-based content management system built on the powerful ColdBox framework. While WordPress is popular due to its ease of use and extensive plugin ecosystem, it can sometimes fall short in terms of scalability and security. With ContentBox, you can enjoy the flexibility and stability of ColdFusion, a language we all know and love.
This session will introduce you to ContentBox CMS, what it is, what you can do with it, and why you should consider ContentBox for your next ColdFusion project. We will also compare it to WordPress and show why you would want to use ContentBox instead. Finally, we will discuss modern hosting options and how you can get up and running with a ContentBox site in the cloud using Digital Ocean.
This training class can be ran in GitHub codespaces with all the required software pre-installed. So just make sure you create a GitHub account, go to the repository: https://github.com/ColdBox/Building-Human-Friendly-Scheduled-Tasks and click on Start a Codesapace Button.
If not, you will need the latest CommandBox CLI installed: https://www.ortussolutions.com/products/commandbox
Come learn about of the flagship features of CommandBox Pro. CommandBox Multi-site allows you to completely replace your web server with CommandBox, hosting multiple websites all in a single process. Each site has its own web root, rewrites, logs, configuration, and HTTP bindings! This is a major new enhancement to CommandBox servers and finally bring CommandBox on par with other web servers and allows you to simplify your entire tech stack down to a single moving part for deployment.
This document provides an overview of OAuth and OpenID Connect specifications and grant types. It begins with introductions and defining key terms like tokens, scopes, and claims. It then explains the four main grant types - Authorization Code Flow, Implicit Flow, Resource Owner Password Flow, and Client Credentials Flow. The document notes extensions and recommends the Authorization Code Flow with PKCE for most use cases. It discusses related specifications around JSON Web Tokens, introspection, and revocation. It closes by emphasizing the need to understand which combination of specifications are required for a given implementation.
Some security vulnerabilities are more dangerous than others, or at least more commonly exploited. In this session, we'll look at the top 25 most dangerous software weaknesses and learn how to mitigate them in your CFML code.
Target Audience
Developers looking to learn when to use NoSQL databases over relational databases and who wonder how to model data for NoSQL
Assumed knowledge of the topic
Basic data modeling/database design principles
The objective of the topic
Learn data modeling with NoSQL databases, and how it differs from relational database data modeling., We will also look at good opportunities for using a NoSQL database and when a relational database is still the way to go. We will see why many NoSQL databases don’t pass the ACID (Atomicity, Consistency, Isolation, Durability) test on purpose and what this means to you, the developer.
In this session, you will learn how to extend and customize a ContentBox application. Get a deep understanding of leveraging custom modules and dynamic pages to create highly customized and engaging ContentBox apps.
Sometimes there are things that we need to customize to fill our business needs, and ContentBox allows you to create custom modules to take care of those special needs.
Some security vulnerabilities are more dangerous than others, or at least more commonly exploited. In this session we'll look at the top 25 most dangerous software weaknesses and learn how to mitigate them in your CFML code.
CBWIRE is a ColdBox module that makes building modern, reactive CFML apps a breeze without needing JavaScript frameworks such as Vue or React, and without the hassle of creating unnecessary APIs. In this session, we will learn CBWIRE, how to use it, and why you would want to. We also cover CBWIRE version 3, which brings a greatly simplified component syntax and many other requested features from the community.
Intended Audience
This session is intended for developers looking to build modern applications with less JavaScript. Attendees will need familiarity with ColdBox and CFML.
In this session, we will explore various practical applications the OpenAI API. We will begin with an introduction to the API and an overview of its capabilities. Then, we will examine several examples of how the API can be used, including natural language processing, chatbots, content creation, and translation. We will also take a look at cbopenai, a new ColdBox module for working with OpenAI. We will discuss how to get started with the API, including setting up an account, selecting the appropriate API, and integrating it into existing workflows. We will also explore the limitations and considerations when using OpenAI, and discuss potential advancements in practical AI.
Intended Audience
Participants should have a basic understanding of programming concepts and experience working with APIs.
A logistical look at microservice style applications created at scale from practical experience. Purpose is to present the strengths and purpose of microservice solutions to empower teams working with them or considering them for their projects. Technology will include JavaScript and Java solutions in examples. Hosting concerns will include self-hosted and cloud considerations. Some attention given to comparison to standard or monolith solutions, but not much. Q&A by design as part of this talk. Willing to refine the scope and focus to fit conference leadership preference.
Target Audience: developers, architects, managers, and teams working in or considering microservice architecture for their projects.
We all want our web apps and APIs to respond quickly and scale to dizzying heights of traffic. The traditional request/response cycle of web applications gets us part way to that goal, but it certainly won't get us to being the next Amazon. Asynchronous messaging is a powerful architectural pattern that will help us avoid fundamental problems with scaling while keeping our CFML apps fast and responsive. In this session, we'll look at how systems like Amazon's Simple Queue Service (SQS) and Simple Notification Service (SNS) - along with similar systems in Azure and Google Cloud Platform - can help you build highly responsive, highly scalable CFML apps and services.
Everyone has been hearing about Machine learning and AI for a while now, but recently, it exploded.
Like you, Ortus and the CFML Community have been playing with AI too, and one of the end results is ChatGPT Box.
AI is cool, and for some people scary, but a lot of people wonder if there is really any true value for us developers, or our businesses. In this session we’ll discuss what ChatGPT Box is, why we created it, what types of problems it solves, why we are using AI to solve those problems, and how we trained and tamed our own AI.
We will also touch on some of the science behind the scenes, to help you understand the moving parts, and how ChatGPT Box v1.0.0 is just a drop in the ocean of the possibilities, we’ll touch on some ideas we have, and in the end, using ChatGPT Box can make you a much more productive Ortusian Developer!
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
7. Verizon
Names, addresses, account details, and account personal
identification numbers (PINs) of as many as 14 million US
customers.
WE LOVE S3?
HTTPS://WWW.UPGUARD.COM/BREACHES/VERIZON-CLOUD-LEAK
8. Dow Jones
Sensitive personal and financial details of 2.2 million
customers.
WE LOVE S3?
HTTPS://WWW.UPGUARD.COM/BREACHES/CLOUD-LEAK-DOW-JONES
9. FedEx
Customer passports, driver licenses.
WE LOVE S3?
HTTPS://ARSTECHNICA.COM/INFORMATION-TECHNOLOGY/2018/02/FEDEX-CUSTOMER-DATA-LEFT-ONLINE-
FOR-ANYONE-TO-RIFLE-THROUGH/
10. Republican National
Committee
200 million voter records.
WE LOVE S3?
HTTPS://WWW.SKYHIGHNETWORKS.COM/CLOUD-SECURITY-BLOG/VERIZON-DATA-BREACH-TWO-EASY-
STEPS-TO-PREVENT-AWS-S3-LEAKS/
11. Macy’s
Customer profiles, including address and date of birth.
WE LOVE S3?
HTTPS://WWW.DOJ.NH.GOV/CONSUMER/SECURITY-BREACHES/DOCUMENTS/MACYS-20180702.PDF
12. Booz Allen Hamilton
Files related to the National Geospatial-Intelligence
Agency (NGA), which handles battlefield satellite and
drone imagery.
WE LOVE S3?
HTTPS://BUSINESSINSIGHTS.BITDEFENDER.COM/WORST-AMAZON-BREACHES
13. National Credit
Federation
11GB of credit card numbers, credit reports from the
three major reporting agencies, bank account numbers
and Social Security numbers.
WE LOVE S3?
HTTPS://BUSINESSINSIGHTS.BITDEFENDER.COM/WORST-AMAZON-BREACHES
26. POLICIES
Anatomy of a Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": “Allow",
"Principal": “*”,
"Action": [
“s3:*"
],
"Resource": [
“arn:aws:s3:::*",
]
}
]
}
Version of IAM policy language
Policy definition block
Allow or Deny
Specific actions to allow or deny
List of action names; * for any match
Resources affected by this policy
ARNs of specific resources; * for any match after that point
Who can do this
31. POLICIES
Basic Read/Write S3 Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObjectAcl",
"s3:GetObject",
"s3:ListBucket",
"s3:GetBucketAcl",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::awsplayboxprivatebucket",
"arn:aws:s3:::awsplayboxprivatebucket/*"
]
} ] }
Must specify the bucket and the items in the bucket
No principal =
Can apply to
multiple entities
32. POLICIES
Restrict How a Service Is Called
{
"Version": "2012-10-17",
"Statement": [ {
“Sid”: “Allow IAM user to publish to the SNS topic only if the request comes from a specific Lambda function.”,
"Effect": "Allow",
“Principal": { "AWS": “arn:aws:iam:0123456789:user/billingApp” },
“Action": "sns:publish",
“Resource": “arn:aws:sns:us-east-1:0123456789:billsPastDueTopic“,
“Condition”: { “ArnEquals”: {“aws:SourceArn”: “arn:aws:lambda:us-east-1:0123456789:function:
checkForBillPastDue”} }
} ]
}
39. Using the
AWS Java SDK
Add to cfusion/lib:
■ CF2018:
■ aws-java-sdk-1.11.xxx.jar
■ Other runtimes: the SDK .jar, plus:
■ jackson-annotations-2.6.0.jar
■ jackson-core-2.6.7.jar
■ jackson-databind-2.6.7.1.jar
■ joda-time-2.8.1.jar
THE AWS JAVA SDK AND CFML
40. AWS Playbox App https://github.com/brianklaas/awsPlaybox
THE AWS JAVA SDK AND CFML
41. THE AWS JAVA SDK AND CFML
Basic Pattern to Accessing the AWS Java SDK
1 Create a service object
2 Create a request object
3 Populate the attributes of the request object
4 Tell the service object to run a function on the request object
5 Get a result object back
42. POLICIES
Creating an IAM Policy
1 Create the IAM service object
2 Create a createPolicyRequest object
3 Populate the attributes of the createPolicyRequest object
4 Tell the IAM service object to createPolicy(createPolicyRequest)
5 Get a createPolicyResult object back
49. CODE: CREATING A POLICY WITH VARIABLES
iam = application.awsServiceFactory.createServiceObject(‘iam’);
policyName = 'awsPlayboxDemoPolicy-SendToSNS';
createPolicyRequest = CreateObject('java', 'com.amazonaws.services.identitymanagement.model.CreatePolicyRequest')
.withPolicyName(policyName)
.withDescription('Allows user to send message to a specific SNS topic');
policyJSON = fileRead(expandPath("./iamPolicies/snsSendMessage.txt"));
policyJSON = replace(policyDetails, "%CURRENT_TOPIC_ARN%", application.awsResources.currentSNSTopicARN);
createPolicyRequest.setPolicyDocument(policyDetails);
createPolicyResult = iam.createPolicy(createPolicyRequest);
policyDetails = createPolicyResult.getPolicy();
application.awsResources.iam.SNSPolicyARN = policyDetails.getARN();
50. CODE: CREATING A POLICY WITH VARIABLES
iam = application.awsServiceFactory.createServiceObject(‘iam’);
policyName = 'awsPlayboxDemoPolicy-SendToSNS';
createPolicyRequest = CreateObject('java', 'com.amazonaws.services.identitymanagement.model.CreatePolicyRequest')
.withPolicyName(policyName)
.withDescription('Allows user to send message to a specific SNS topic');
policyJSON = fileRead(expandPath("./iamPolicies/snsSendMessage.txt"));
policyJSON = replace(policyDetails, "%CURRENT_TOPIC_ARN%", application.awsResources.currentSNSTopicARN);
createPolicyRequest.setPolicyDocument(policyDetails);
createPolicyResult = iam.createPolicy(createPolicyRequest);
policyDetails = createPolicyResult.getPolicy();
application.awsResources.iam.SNSPolicyARN = policyDetails.getARN();
51. CODE: CREATING A POLICY WITH VARIABLES
iam = application.awsServiceFactory.createServiceObject(‘iam’);
policyName = 'awsPlayboxDemoPolicy-SendToSNS';
createPolicyRequest = CreateObject('java', 'com.amazonaws.services.identitymanagement.model.CreatePolicyRequest')
.withPolicyName(policyName)
.withDescription('Allows user to send message to a specific SNS topic');
policyJSON = fileRead(expandPath("./iamPolicies/snsSendMessage.txt"));
policyJSON = replace(policyDetails, "%CURRENT_TOPIC_ARN%", application.awsResources.currentSNSTopicARN);
createPolicyRequest.setPolicyDocument(policyDetails);
createPolicyResult = iam.createPolicy(createPolicyRequest);
policyDetails = createPolicyResult.getPolicy();
application.awsResources.iam.SNSPolicyARN = policyDetails.getARN();
52. POLICIES
Learning More About Policies
AWS Docs
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html
Complete AWS IAM Reference
https://iam.cloudonaut.io
An Excellent Session from re:Invent
https://www.youtube.com/watch?v=YQsK4MtsELU
The Best Tutorial I’ve Found
https://start.jcolemorrison.com/aws-iam-policies-in-a-nutshell/
59. USING STS: PSEUDOCODE
WARNING: Pseudocode!
assumeRoleResult = AssumeRole(ARN of the role you need to assume);
tempCredentials = new SessionAWSCredentials(
assumeRoleResult.AccessKeyId,
assumeRoleResult.SecretAccessKey,
assumeRoleResult.SessionToken);
s3Client = CreateAmazonS3Client(tempCredentials);
63. GROUPS
Creating an IAM Group
1 Create the IAM service object
2 Create a createGroupRequest object
3 Populate the attributes of the createGroupRequest object
4 Tell the IAM service object to createGroup(createGroupRequest)
5 Get a createGroupResult object back
64. CODE: CREATING A GROUP
iam = application.awsServiceFactory.createServiceObject(‘iam');
groupName = 'awsPlayboxDemoGroup';
createGroupRequest = CreateObject('java', 'com.amazonaws.services.identitymanagement.model.CreateGroupRequest')
.withGroupName(groupName);
createGroupResult = iam.createGroup(createGroupRequest);
groupDetails = createGroupResult.getGroup();
application.awsResources.iam.PlayboxGroupARN = groupDetails.getARN();
1
2
3
4
5
66. GROUPS
Attaching a Policy to a Group
1 Create the IAM service object
2 Create a attachGroupPolicyRequest object
3 Populate the attributes of the attachGroupPolicyRequest object
4
Tell the IAM service object to
attachGroupPolicy(attachGroupPolicyRequest)
5 Get a attachGroupPolicyRequestResult object back
67. CODE: ATTACHING A POLICY TO A GROUP
attachGroupPolicyRequest = CreateObject('java',
'com.amazonaws.services.identitymanagement.model.AttachGroupPolicyRequest')
.withGroupName(groupName)
.withPolicyArn(application.awsResources.iam.S3PolicyARN);
attachGroupPolicyRequestResult = iam.attachGroupPolicy(attachGroupPolicyRequest);
attachGroupPolicyRequest = CreateObject('java',
'com.amazonaws.services.identitymanagement.model.AttachGroupPolicyRequest')
.withGroupName(groupName)
.withPolicyArn(application.awsResources.iam.SNSPolicyARN);
attachGroupPolicyRequestResult = iam.attachGroupPolicy(attachGroupPolicyRequest);
2
3
4 5
72. USERS
The User Creation Process
1 Create the user
2 Create the access key for the user
3 Add user to a group which has policies attached
73. USERS
Creating an IAM User
1 Create the IAM service object
2 Create a createUserRequest object
3 Populate the attributes of the createUserRequest object
4 Tell the IAM service object to createUser(createUserRequest)
5 Get a createUserResult object back
74. CODE: CREATING A USER
iam = application.awsServiceFactory.createServiceObject(‘iam');
userName = 'awsPlayboxDemoUser';
createUserRequest = CreateObject('java',
'com.amazonaws.services.identitymanagement.model.CreateUserRequest')
.withUserName(userName);
createUserResult = iam.createUser(createUserRequest);
userDetails = createUserResult.getUser();
1
2
3
4
5
77. Types of Tags
■ Key–value pairs
■ User–defined
■ Cost Allocation
■ Can create Resource Groups
based on tags
TAGS
Business Technical Security
Cost Center 41001 Environment Dev Compliance HIPAA
Department Security Version 2.2.1
Data
Sensitivity
4
Owner Bill Bridges Application Cart Encrypted Yes
79. CODE: ADDING TAGS DURING USER CREATION
userTag = CreateObject('java', 'com.amazonaws.services.identitymanagement.model.Tag')
.withKey('department')
.withValue(‘IT Security’);
tagArray = [ userTag ];
createUserRequest.setTags(tagArray);
80. USERS
The User Creation Process
1 Create the user
2 Create the access key for the user
3 Add user to a group which has policies attached
81. USERS
Users have no credentials by default.
Users are not part of any group by default.
82. USERS
Creating User Credentials
1 Create the IAM service object
2 Create a createAccessKeyRequest object
3 Populate the username for the createAccessKeyRequest object
4
Tell the IAM service object to
createAccessKey(createAccessKeyRequest)
5 Get a createAccessKeyResult object back
88. USERS
Adding a User to a Group
1 Create the IAM service object
2 Create a addUserToGroupRequest object
3 Populate the attributes of the addUserToGroupRequest object
4
Tell the IAM service object to
addUserToGroup(addUserToGroupRequest)
5 Get a addUserToGroupResult object back
89. CODE: ADD USER TO A GROUP
addUserToGroupRequest = CreateObject('java',
'com.amazonaws.services.identitymanagement.model.AddUserToGroupRequest')
.withGroupName(groupName)
.withUserName(userName);
addUserToGroupResult = iam.addUserToGroup(addUserToGroupRequest);
2
3
4 5
90. USERS
The User Creation Process
1 Create the user
2 Create the access key for the user
3 Add user to a group which has policies attached
91. USERS
The User Creation Process
1 Create the user
2 Create the access key for the user
3 Add user to a group which has policies attached
4 Rotate access keys every [n] days
Use the createdOn property of an access key to determine when to rotate a specific set of keys.
92. USERS
Rotating Access Keys
1 Delete or update the existing access keys
2 If update, set the current keys to “inactive”
3 Make new keys with a createAccessKeyRequest