KMS managed Encryption Keys - CSE KMS.pptx
•Download as PPTX, PDF•
0 likes•68 views
This is the same as for SSE, that is, the KMS in the IAM service is used to manage shared keys. The client can use the key ID (the ARN) to refer to a key, which is then accessed by the client for encryption and decryption purposes. Note that each object is encrypted using a dedicated key, and the KMS key is used to secure the per-object keys.
Report
Share
Report
Share
Recommended
How to Setup Language Model Locally without Code — LM Studio.pptx
Welcome to a groundbreaking tutorial on effortlessly setting up language models locally without a single line of code!
In this step-by-step guide, we'll dive into the world of LM Studio, unlocking the secrets to seamless language model deployment on your own machine. Whether you're a seasoned developer or a complete beginner, this tutorial is designed to empower you with the skills to master local setup without the complexities of coding.
Join us as we demystify the process, making AI accessible to everyone. Get ready to unleash the power of language models with LM Studio – your ticket to simplified, code-free AI magic!
Video URL : https://youtu.be/_8LaGrbNr0chttps://youtu.be/_8LaGrbNr0c
Unlock the Power of Conversations - Building a Chatbot with Gemini Pro Free A...
Welcome to a journey into the realm of AI conversations! 🚀 In this tutorial, we delve into the art of crafting a sophisticated chatbot for Conversational Q&A using the incredible Gemini Pro Free API. Join us as we unlock the potential of natural language processing and build a chatbot that engages, informs, and elevates user experiences.
🌐 Key Features:
Step-by-step guide to setting up and integrating the Gemini Pro Free API.
Harness the capabilities of advanced natural language processing for dynamic conversational interactions.
Learn how to tailor your chatbot to answer user queries effectively, enhancing user engagement.
🤖 Why Watch This Tutorial:
Whether you're a seasoned developer or exploring the world of chatbots for the first time, this tutorial offers a comprehensive overview. Gain insights into the intricacies of building a conversational AI application and witness the transformative potential of Gemini Pro Free API.
📚 Resources Mentioned:
Gemini Pro Free API Documentation
Code Repository
👩💻 Who Can Benefit:
Developers, AI enthusiasts, and anyone intrigued by the future of conversational interfaces will find value in this tutorial. No prior chatbot development experience required—just a passion for innovation!
🔗 Explore Further:
Ready to embark on your journey into conversational AI? Dive into the tutorial now and unlock the door to limitless possibilities with the Gemini Pro Free API. Subscribe, like, and share to stay updated on the latest in AI and chatbot development!
#ChatbotDevelopment #GeminiProAPI #ConversationalAI #AIProgramming #TechTutorial
How to Access and Use Gemini API for Free.pptx
Embark on a journey into the world of advanced AI with our latest tutorial! In this hands-on session, we'll guide you through the steps to access and utilize the powerful Gemini API for free. Uncover the potential of AI-driven capabilities as we demonstrate how to integrate Gemini seamlessly into your projects using a simple and cost-free approach.
What to Expect:
Introduction to Gemini API: Learn about the innovative Gemini model developed by Google and discover its multifaceted capabilities in transforming your projects.
Free Access Tutorial: Follow along as we provide step-by-step guidance on accessing the Gemini API without any cost. Unlock the door to advanced AI functionalities for your projects.
Integration Walkthrough: Dive into a practical demonstration of how to integrate Gemini into your applications using a user-friendly approach. Whether you're a seasoned developer or a beginner, this tutorial caters to all skill levels.
Real-world Examples: Explore real-world use cases where Gemini's capabilities shine. From text generation to image understanding, witness the AI magic in action.
Q&A and Troubleshooting: We've got you covered! Engage in a live Q&A session where we address your queries and troubleshoot any challenges you may encounter during the tutorial.
Join us in this exciting hands-on session and empower your projects with the transformative capabilities of Gemini API – all for free! Don't miss out on this opportunity to elevate your AI game. Subscribe now and be part of the AI revolution! 🚀🤖 #GeminiAPI #FreeAccess #AIRevolution #HandsOnTutorial
Building Better AWS Lambdas: Unlocking the Power of Layers
Welcome to a comprehensive hands-on demonstration of AWS Lambda layers! In this tutorial, we'll delve into the powerful world of Lambda layers, unlocking their potential to streamline your serverless applications on Amazon Web Services.
Join us as we guide you through a step-by-step walkthrough, illustrating how Lambda layers can optimize code reuse, enhance development efficiency, and simplify your AWS Lambda functions. From understanding the fundamentals to implementing practical examples, this tutorial is designed for both beginners and seasoned developers looking to leverage the full capabilities of Lambda layers.
Discover how to organize dependencies, manage shared libraries, and elevate your serverless architecture with this in-depth exploration. Whether you're a developer, cloud enthusiast, or AWS professional, this hands-on session will equip you with the knowledge and skills to elevate your AWS Lambda game.
Don't miss out on this opportunity to master AWS Lambda layers and revolutionize your serverless applications. Hit play and embark on a transformative journey into the world of Lambda layers today!
Exploring Private Hosted Zones in Route 53 A Hands-On Workshop.pptx
A private hosted zone in Amazon Route 53 is a DNS (Domain Name System) configuration that allows you to create and manage custom domain names within your Virtual Private Cloud (VPC) for use with internal resources. It enables you to resolve domain names to private IP addresses within your VPC, providing a way to access resources such as instances, load balancers, and other services using user-friendly domain names, while keeping the DNS resolution isolated to your VPC network.
Private hosted zones are particularly useful for scenarios where you want to maintain separation between your internal network resources and external resources, ensuring that your private domain names do not get resolved outside of your VPC. This can enhance security and simplify access to resources within your VPC by using familiar domain names.
In summary, a private hosted zone in Route 53 offers a controlled and secure method for managing DNS records for your internal resources within your Amazon Web Services (AWS) Virtual Private Cloud environment.
Thanks for watching this video.
Do like and subscribe my channel.
Copying and Sharing Amazon Machine Image (AMI) and Snapshots - Hands-on Session
Welcome to this exciting hands-on session, where we will dive into the world of Amazon Machine Images (AMIs) and Snapshots. In this interactive workshop, you will gain practical experience and insights into copying and sharing these essential components in Amazon Web Services (AWS).
Session Overview:
During this session, we will cover the following key topics:
Copying AMIs:
Step-by-step guide on duplicating AMIs across regions.
Best practices for efficient AMI copying.
Sharing AMIs:
How to securely share AMIs with other AWS accounts.
Granting permissions and setting up sharing options.
Hands-On Experience:
This session is designed to provide you with hands-on experience. You will have access to AWS Management Console to follow along with our instructors as we demonstrate each concept. Please make sure you have an active AWS account and access to the AWS Management Console.
Prerequisites:
To make the most out of this session, it is recommended to have basic knowledge of AWS services and a fundamental understanding of cloud computing concepts.
Join us for this immersive workshop to learn invaluable skills in managing AMIs and snapshots efficiently, enabling you to optimize your AWS infrastructure and streamline your cloud operations.
Don't miss this opportunity to enhance your AWS expertise and elevate your cloud capabilities. Let's dive into the world of AMIs and snapshots together!
Please note that this session is limited to a specific duration. However, AWS offers a vast range of services and possibilities that go beyond this hands-on workshop. We encourage you to continue exploring the AWS ecosystem and take advantage of the multitude of resources available to support your cloud journey.
Get ready to empower your cloud expertise with practical insights in copying and sharing AMIs and snapshots. Let's begin this exciting session!
SSL Termination in ALB NLB
This video will explain about different scenarios for SSL/TLS Termination in Application Load Balancer (ALB) / Network Load Balancer (NLB)
Youtube link : https://youtu.be/CS8OsLFsQJ0
Hands-On Lab for Locating client IP address from EC2 when using Network Load ...
Hands-on session for Locating Source IP Address in EC2 with Network Load Balancer while adding Instance or IP as Targets.
Youtube link : https://youtu.be/lG4Z1vSJaqk
Recommended
How to Setup Language Model Locally without Code — LM Studio.pptx
Welcome to a groundbreaking tutorial on effortlessly setting up language models locally without a single line of code!
In this step-by-step guide, we'll dive into the world of LM Studio, unlocking the secrets to seamless language model deployment on your own machine. Whether you're a seasoned developer or a complete beginner, this tutorial is designed to empower you with the skills to master local setup without the complexities of coding.
Join us as we demystify the process, making AI accessible to everyone. Get ready to unleash the power of language models with LM Studio – your ticket to simplified, code-free AI magic!
Video URL : https://youtu.be/_8LaGrbNr0chttps://youtu.be/_8LaGrbNr0c
Unlock the Power of Conversations - Building a Chatbot with Gemini Pro Free A...
Welcome to a journey into the realm of AI conversations! 🚀 In this tutorial, we delve into the art of crafting a sophisticated chatbot for Conversational Q&A using the incredible Gemini Pro Free API. Join us as we unlock the potential of natural language processing and build a chatbot that engages, informs, and elevates user experiences.
🌐 Key Features:
Step-by-step guide to setting up and integrating the Gemini Pro Free API.
Harness the capabilities of advanced natural language processing for dynamic conversational interactions.
Learn how to tailor your chatbot to answer user queries effectively, enhancing user engagement.
🤖 Why Watch This Tutorial:
Whether you're a seasoned developer or exploring the world of chatbots for the first time, this tutorial offers a comprehensive overview. Gain insights into the intricacies of building a conversational AI application and witness the transformative potential of Gemini Pro Free API.
📚 Resources Mentioned:
Gemini Pro Free API Documentation
Code Repository
👩💻 Who Can Benefit:
Developers, AI enthusiasts, and anyone intrigued by the future of conversational interfaces will find value in this tutorial. No prior chatbot development experience required—just a passion for innovation!
🔗 Explore Further:
Ready to embark on your journey into conversational AI? Dive into the tutorial now and unlock the door to limitless possibilities with the Gemini Pro Free API. Subscribe, like, and share to stay updated on the latest in AI and chatbot development!
#ChatbotDevelopment #GeminiProAPI #ConversationalAI #AIProgramming #TechTutorial
How to Access and Use Gemini API for Free.pptx
Embark on a journey into the world of advanced AI with our latest tutorial! In this hands-on session, we'll guide you through the steps to access and utilize the powerful Gemini API for free. Uncover the potential of AI-driven capabilities as we demonstrate how to integrate Gemini seamlessly into your projects using a simple and cost-free approach.
What to Expect:
Introduction to Gemini API: Learn about the innovative Gemini model developed by Google and discover its multifaceted capabilities in transforming your projects.
Free Access Tutorial: Follow along as we provide step-by-step guidance on accessing the Gemini API without any cost. Unlock the door to advanced AI functionalities for your projects.
Integration Walkthrough: Dive into a practical demonstration of how to integrate Gemini into your applications using a user-friendly approach. Whether you're a seasoned developer or a beginner, this tutorial caters to all skill levels.
Real-world Examples: Explore real-world use cases where Gemini's capabilities shine. From text generation to image understanding, witness the AI magic in action.
Q&A and Troubleshooting: We've got you covered! Engage in a live Q&A session where we address your queries and troubleshoot any challenges you may encounter during the tutorial.
Join us in this exciting hands-on session and empower your projects with the transformative capabilities of Gemini API – all for free! Don't miss out on this opportunity to elevate your AI game. Subscribe now and be part of the AI revolution! 🚀🤖 #GeminiAPI #FreeAccess #AIRevolution #HandsOnTutorial
Building Better AWS Lambdas: Unlocking the Power of Layers
Welcome to a comprehensive hands-on demonstration of AWS Lambda layers! In this tutorial, we'll delve into the powerful world of Lambda layers, unlocking their potential to streamline your serverless applications on Amazon Web Services.
Join us as we guide you through a step-by-step walkthrough, illustrating how Lambda layers can optimize code reuse, enhance development efficiency, and simplify your AWS Lambda functions. From understanding the fundamentals to implementing practical examples, this tutorial is designed for both beginners and seasoned developers looking to leverage the full capabilities of Lambda layers.
Discover how to organize dependencies, manage shared libraries, and elevate your serverless architecture with this in-depth exploration. Whether you're a developer, cloud enthusiast, or AWS professional, this hands-on session will equip you with the knowledge and skills to elevate your AWS Lambda game.
Don't miss out on this opportunity to master AWS Lambda layers and revolutionize your serverless applications. Hit play and embark on a transformative journey into the world of Lambda layers today!
Exploring Private Hosted Zones in Route 53 A Hands-On Workshop.pptx
A private hosted zone in Amazon Route 53 is a DNS (Domain Name System) configuration that allows you to create and manage custom domain names within your Virtual Private Cloud (VPC) for use with internal resources. It enables you to resolve domain names to private IP addresses within your VPC, providing a way to access resources such as instances, load balancers, and other services using user-friendly domain names, while keeping the DNS resolution isolated to your VPC network.
Private hosted zones are particularly useful for scenarios where you want to maintain separation between your internal network resources and external resources, ensuring that your private domain names do not get resolved outside of your VPC. This can enhance security and simplify access to resources within your VPC by using familiar domain names.
In summary, a private hosted zone in Route 53 offers a controlled and secure method for managing DNS records for your internal resources within your Amazon Web Services (AWS) Virtual Private Cloud environment.
Thanks for watching this video.
Do like and subscribe my channel.
Copying and Sharing Amazon Machine Image (AMI) and Snapshots - Hands-on Session
Welcome to this exciting hands-on session, where we will dive into the world of Amazon Machine Images (AMIs) and Snapshots. In this interactive workshop, you will gain practical experience and insights into copying and sharing these essential components in Amazon Web Services (AWS).
Session Overview:
During this session, we will cover the following key topics:
Copying AMIs:
Step-by-step guide on duplicating AMIs across regions.
Best practices for efficient AMI copying.
Sharing AMIs:
How to securely share AMIs with other AWS accounts.
Granting permissions and setting up sharing options.
Hands-On Experience:
This session is designed to provide you with hands-on experience. You will have access to AWS Management Console to follow along with our instructors as we demonstrate each concept. Please make sure you have an active AWS account and access to the AWS Management Console.
Prerequisites:
To make the most out of this session, it is recommended to have basic knowledge of AWS services and a fundamental understanding of cloud computing concepts.
Join us for this immersive workshop to learn invaluable skills in managing AMIs and snapshots efficiently, enabling you to optimize your AWS infrastructure and streamline your cloud operations.
Don't miss this opportunity to enhance your AWS expertise and elevate your cloud capabilities. Let's dive into the world of AMIs and snapshots together!
Please note that this session is limited to a specific duration. However, AWS offers a vast range of services and possibilities that go beyond this hands-on workshop. We encourage you to continue exploring the AWS ecosystem and take advantage of the multitude of resources available to support your cloud journey.
Get ready to empower your cloud expertise with practical insights in copying and sharing AMIs and snapshots. Let's begin this exciting session!
SSL Termination in ALB NLB
This video will explain about different scenarios for SSL/TLS Termination in Application Load Balancer (ALB) / Network Load Balancer (NLB)
Youtube link : https://youtu.be/CS8OsLFsQJ0
Hands-On Lab for Locating client IP address from EC2 when using Network Load ...
Hands-on session for Locating Source IP Address in EC2 with Network Load Balancer while adding Instance or IP as Targets.
Youtube link : https://youtu.be/lG4Z1vSJaqk
AWS Global Infrastructure - Regional Edge Cache
In November 2016, AWS announced a new type of Edge Location, called a Regional Edge Cache. These sit between your CloudFront Origin servers and the Edge Locations. A Regional Edge Cache has a larger cache-width than each of the individual Edge Locations, and because data expires from the cache at the Edge Locations, the data is retained at the Regional Edge Caches.
Therefore, when data is requested at the Edge Location that is no longer available, the Edge Location can retrieve the cached data from the Regional Edge Cache instead of the Origin servers, which would have a higher latency.
AWS Global Infrastructure - Regions.pptx
An AWS Region is a cluster of data centers in a specific geographic area, such as the Northeastern United States or Western Europe. It is a best practice to choose a region that is geographically close to users; this reduces latency because data reaches the users more quickly.
Each AWS Region includes multiple AZs. However, each AZ is restricted to a specific AWS Region. You can use multiple AZs within one Region, but you can't use the same AZ across multiple Regions.
AWS Global Infrastructure - Availability Zone.pptx
AZs are essentially the physical data centers of AWS. This is where the actual compute, storage, network, and database resources are hosted that we as consumers provision within our Virtual Private Clouds (VPCs). A common misconception is that a single availability zone is equal to a single data center. This is not the case. In fact, it’s likely that multiple data centers located close together form a single availability zone.
Each AZ will always have at least one other AZ that is geographically located within the same area, usually a city, linked by highly resilient and very low latency private fiber optic connections. However, each AZ will be isolated from the others using separate power and network connectivity that minimizes impact to other AZs should a single AZ fail.
Link : https://aws.amazon.com/about-aws/global-infrastructure/
AWS Lambda SnapStart.pptx
In this video I'm going to show you how too speed up the cold start time of AWS Lambda functions by up to 10x at no extra cost, using the new AWS Lambda SnapStart feature.
Youtube video link https://www.youtube.com/watch?v=iwi_2DIMEz8
#AWS #AWSinFiveMinutesOrLess #Serverless
AWS Storage Gateway.pptx
Storage Gateway is a service in AWS that connects an on-premises software appliance with the cloud-based storage to provide secure integration between an organization's on-premises IT environment and AWS storage infrastructure.
1) Storage Gateway service allows you to securely store the data in AWS cloud for the scalable and cost-effective storage.
2) Storage Gateway is a virtual appliance which is installed in a hypervisor running in a Data center used to replicate the information to the AWS particularly S3.
3) Amazon Storage Gateway's virtual appliance is available for download as a virtual machine (VM) image which you can install on a host in your data center.
4) Storage Gateway supports either Vmware EXI or Microsoft Hyper-V.
Once you have installed the storage gateway, link it with your AWS account through the activation process, and then you can use the AWS Management Console to create the storage gateway option.
There are three types of Storage Gateways:
1) File Gateway (NFS)
2) Volume Gateway (iSCSI)
3) Tape Gateway (VTL)
AWS NAT Gateway in a Nutshell
AWS NAT Gateway in a Nutshell
NAT gateway enables instance in Private Subnet to connect to the internet or other AWS services but prevent the internet from initiating a connection with those instances.
How NAT works
NAT device has an Elastic IP address and is connected to the Internet through an internet gateway.
When we connect an instance in a private subnet through the NAT device, which routes traffic from the instance to the internet gateway and routes any response to the instance
NAT maps multiple private IPv4 addresses to a single public IPv4 address.
AWS VPC Zero to Hero in 30 Minutes.pptx
Learn VPC concepts and create your own VPC in less than 30 Minutes
Amazon S3 Server-Side Encryption with S3-Managed Keys – SSE-S3.pptx
Server-Side Encryption with S3-Managed Keys – SSE-S3
Each object is encrypted with a unique data key employing strong multi-factor encryption.
SSE-S3 encrypts the data key with a master key that is regularly rotated.
S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt the data.
Whether or not objects are encrypted with SSE-S3 can’t be enforced when they are uploaded using pre-signed URLs, because the only way server-side encryption can be specified is through the AWS Management Console or through an HTTP request header Must set header x-amz-server-side-encryption to AES-256
For enforcing server-side encryption for all of the objects that are stored in a bucket, use a bucket policy that denies permissions to upload an object unless the request includes x-amz-server-side-encryption header to request server-side encryption
Azure Hands-on Session - Azure Resource Manager.pptx
Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
Azure Hands-on Session - Hybrid Cloud Sync using Azure File Sync.pptx
Hybrid Cloud File Sharing Using Azure File Sync | Azure File Sync with AWS
What is Azure File Sync?
Azure File Sync centralizes your company's file shares in Azure Files. Azure File Sync transforms Windows Servers running on-premises or in the cloud into a quick cache of your Azure file share. When you choose Azure File Sync, you do not need to sacrifice the flexibility, performance, or compatibility of an on-premises file server. Any protocol supported by Windows Server, including SMB, NFS, and FTPS, can be used to access the data locally.
Lab Steps:
1) Logging in to AWS Portal and Launch Windows Server 2019 VM
2) Logging in to the Microsoft Azure Portal
3) Creating a Storage Sync Service
4) Creating a File Share in Azure Files
5) Creating a Sync Group
6) Connecting to AWS Virtual Machine (RDP)
7) Installing the File Sync Agent and Registering the Windows VM
8) Creating a Server Endpoint in the Sync Group
9) Testing the Sync Group with One Server Endpoint
Video Link : https://www.youtube.com/watch?v=pT3eRMps9so
Aws hands on session - share aws resources using aws resource access manager
Aws hands on session - share aws resources using aws resource access manager
Hack proof your aws account in 8 easy steps
Hack proof your aws account in 8 easy steps
Steps for Safeguarding your AWS Account
1. Enable MFA for your root account and keep a strong password.
2. Avoid using your root account for Daily Activities on AWS.
3. Create an IAM user and assign least Privilege to that user.
4. Restrict Security groups.
5. Check all Public S3 Buckets and make sure no user data gets compromised.
6. Make sure EC2 volumes, S3 Buckets are Encrypted.
7. Make sure Keys are rotated on regular basis.
8. Follow Trusted Advisor Recommendations
Setup cross account access between twi accounts in AWS as read only
1. Have two accounts i.e. Account A and Account B where Account B needs to be granted Read-Only Access to Account A
2. Create Role in Account A which has policy for ReadOnlyAccess for Account B (Another AWS Account option under create Role)
3. Create an IAM user in Account B and create inline role which assumes role created in Account A – Put ARN of Role you created in Account A
4. Click on Switch Roles in Account B and enter Role Name, Account ID of Account A.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object Calisthenics
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
DevOps and Testing slides at DASA Connect
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Presented by Suzanne Phillips and Alex Marcotte
Securing your Kubernetes cluster_ a step-by-step guide to success !
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of Product, Slack
When stars align: studies in data quality, knowledge graphs, and machine lear...
Keynote at DQMLKG workshop at the 21st European Semantic Web Conference 2024
More Related Content
More from ujjwalsoni23
AWS Global Infrastructure - Regional Edge Cache
In November 2016, AWS announced a new type of Edge Location, called a Regional Edge Cache. These sit between your CloudFront Origin servers and the Edge Locations. A Regional Edge Cache has a larger cache-width than each of the individual Edge Locations, and because data expires from the cache at the Edge Locations, the data is retained at the Regional Edge Caches.
Therefore, when data is requested at the Edge Location that is no longer available, the Edge Location can retrieve the cached data from the Regional Edge Cache instead of the Origin servers, which would have a higher latency.
AWS Global Infrastructure - Regions.pptx
An AWS Region is a cluster of data centers in a specific geographic area, such as the Northeastern United States or Western Europe. It is a best practice to choose a region that is geographically close to users; this reduces latency because data reaches the users more quickly.
Each AWS Region includes multiple AZs. However, each AZ is restricted to a specific AWS Region. You can use multiple AZs within one Region, but you can't use the same AZ across multiple Regions.
AWS Global Infrastructure - Availability Zone.pptx
AZs are essentially the physical data centers of AWS. This is where the actual compute, storage, network, and database resources are hosted that we as consumers provision within our Virtual Private Clouds (VPCs). A common misconception is that a single availability zone is equal to a single data center. This is not the case. In fact, it’s likely that multiple data centers located close together form a single availability zone.
Each AZ will always have at least one other AZ that is geographically located within the same area, usually a city, linked by highly resilient and very low latency private fiber optic connections. However, each AZ will be isolated from the others using separate power and network connectivity that minimizes impact to other AZs should a single AZ fail.
Link : https://aws.amazon.com/about-aws/global-infrastructure/
AWS Lambda SnapStart.pptx
In this video I'm going to show you how too speed up the cold start time of AWS Lambda functions by up to 10x at no extra cost, using the new AWS Lambda SnapStart feature.
Youtube video link https://www.youtube.com/watch?v=iwi_2DIMEz8
#AWS #AWSinFiveMinutesOrLess #Serverless
AWS Storage Gateway.pptx
Storage Gateway is a service in AWS that connects an on-premises software appliance with the cloud-based storage to provide secure integration between an organization's on-premises IT environment and AWS storage infrastructure.
1) Storage Gateway service allows you to securely store the data in AWS cloud for the scalable and cost-effective storage.
2) Storage Gateway is a virtual appliance which is installed in a hypervisor running in a Data center used to replicate the information to the AWS particularly S3.
3) Amazon Storage Gateway's virtual appliance is available for download as a virtual machine (VM) image which you can install on a host in your data center.
4) Storage Gateway supports either Vmware EXI or Microsoft Hyper-V.
Once you have installed the storage gateway, link it with your AWS account through the activation process, and then you can use the AWS Management Console to create the storage gateway option.
There are three types of Storage Gateways:
1) File Gateway (NFS)
2) Volume Gateway (iSCSI)
3) Tape Gateway (VTL)
AWS NAT Gateway in a Nutshell
AWS NAT Gateway in a Nutshell
NAT gateway enables instance in Private Subnet to connect to the internet or other AWS services but prevent the internet from initiating a connection with those instances.
How NAT works
NAT device has an Elastic IP address and is connected to the Internet through an internet gateway.
When we connect an instance in a private subnet through the NAT device, which routes traffic from the instance to the internet gateway and routes any response to the instance
NAT maps multiple private IPv4 addresses to a single public IPv4 address.
AWS VPC Zero to Hero in 30 Minutes.pptx
Learn VPC concepts and create your own VPC in less than 30 Minutes
Amazon S3 Server-Side Encryption with S3-Managed Keys – SSE-S3.pptx
Server-Side Encryption with S3-Managed Keys – SSE-S3
Each object is encrypted with a unique data key employing strong multi-factor encryption.
SSE-S3 encrypts the data key with a master key that is regularly rotated.
S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt the data.
Whether or not objects are encrypted with SSE-S3 can’t be enforced when they are uploaded using pre-signed URLs, because the only way server-side encryption can be specified is through the AWS Management Console or through an HTTP request header Must set header x-amz-server-side-encryption to AES-256
For enforcing server-side encryption for all of the objects that are stored in a bucket, use a bucket policy that denies permissions to upload an object unless the request includes x-amz-server-side-encryption header to request server-side encryption
Azure Hands-on Session - Azure Resource Manager.pptx
Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
Azure Hands-on Session - Hybrid Cloud Sync using Azure File Sync.pptx
Hybrid Cloud File Sharing Using Azure File Sync | Azure File Sync with AWS
What is Azure File Sync?
Azure File Sync centralizes your company's file shares in Azure Files. Azure File Sync transforms Windows Servers running on-premises or in the cloud into a quick cache of your Azure file share. When you choose Azure File Sync, you do not need to sacrifice the flexibility, performance, or compatibility of an on-premises file server. Any protocol supported by Windows Server, including SMB, NFS, and FTPS, can be used to access the data locally.
Lab Steps:
1) Logging in to AWS Portal and Launch Windows Server 2019 VM
2) Logging in to the Microsoft Azure Portal
3) Creating a Storage Sync Service
4) Creating a File Share in Azure Files
5) Creating a Sync Group
6) Connecting to AWS Virtual Machine (RDP)
7) Installing the File Sync Agent and Registering the Windows VM
8) Creating a Server Endpoint in the Sync Group
9) Testing the Sync Group with One Server Endpoint
Video Link : https://www.youtube.com/watch?v=pT3eRMps9so
Aws hands on session - share aws resources using aws resource access manager
Aws hands on session - share aws resources using aws resource access manager
Hack proof your aws account in 8 easy steps
Hack proof your aws account in 8 easy steps
Steps for Safeguarding your AWS Account
1. Enable MFA for your root account and keep a strong password.
2. Avoid using your root account for Daily Activities on AWS.
3. Create an IAM user and assign least Privilege to that user.
4. Restrict Security groups.
5. Check all Public S3 Buckets and make sure no user data gets compromised.
6. Make sure EC2 volumes, S3 Buckets are Encrypted.
7. Make sure Keys are rotated on regular basis.
8. Follow Trusted Advisor Recommendations
Setup cross account access between twi accounts in AWS as read only
1. Have two accounts i.e. Account A and Account B where Account B needs to be granted Read-Only Access to Account A
2. Create Role in Account A which has policy for ReadOnlyAccess for Account B (Another AWS Account option under create Role)
3. Create an IAM user in Account B and create inline role which assumes role created in Account A – Put ARN of Role you created in Account A
4. Click on Switch Roles in Account B and enter Role Name, Account ID of Account A.
More from ujjwalsoni23 (13)
AWS Global Infrastructure - Availability Zone.pptx
AWS Global Infrastructure - Availability Zone.pptx
Amazon S3 Server-Side Encryption with S3-Managed Keys – SSE-S3.pptx
Amazon S3 Server-Side Encryption with S3-Managed Keys – SSE-S3.pptx
Azure Hands-on Session - Azure Resource Manager.pptx
Azure Hands-on Session - Azure Resource Manager.pptx
Azure Hands-on Session - Hybrid Cloud Sync using Azure File Sync.pptx
Azure Hands-on Session - Hybrid Cloud Sync using Azure File Sync.pptx
Aws hands on session - share aws resources using aws resource access manager
Aws hands on session - share aws resources using aws resource access manager
Setup cross account access between twi accounts in AWS as read only
Setup cross account access between twi accounts in AWS as read only
Recently uploaded
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object Calisthenics
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
DevOps and Testing slides at DASA Connect
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Presented by Suzanne Phillips and Alex Marcotte
Securing your Kubernetes cluster_ a step-by-step guide to success !
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of Product, Slack
When stars align: studies in data quality, knowledge graphs, and machine lear...
Keynote at DQMLKG workshop at the 21st European Semantic Web Conference 2024
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designer, Beats by Dr Dre
Connector Corner: Automate dynamic content and events by pushing a button
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, Product School
Knowledge engineering: from people to machines and back
Keynote at the 21st European Semantic Web Conference
Epistemic Interaction - tuning interfaces to provide information for AI support
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Art of the Pitch: WordPress Relationships and Sales
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Key Trends Shaping the Future of Infrastructure.pdf
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scalable Platform by VP of Product, The New York Times
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Reflecting on new architectures for knowledge based systems in light of generative ai
Recently uploaded (20)
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
KMS managed Encryption Keys - CSE KMS.pptx
- 2. KMS-managed Encryption Keys (CSE-KMS) • This is the same as for SSE, that is, the KMS in the IAM service is used to manage shared keys. The client can use the key ID (the ARN) to refer to a key, which is then accessed by the client for encryption and decryption purposes. Note that each object is encrypted using a dedicated key, and the KMS key is used to secure the per-object keys.