Пояснение по новым ограничениям со стороны AWS:
1) Ограничения, которые AWS объявили относятся к работе напрямую и оплаты счетов с карты (они и так не могут т.к. карточки не работают).
2) На данный момент для клиентов из РФ и РБ отсутствует возможность создание новых аккаунтов AWS и привязки карт местных банков

Для клиентов, использующих сервисы AWS из РФ и РБ остаётся возможность оплаты сервисов AWS через партнёра.
Также, возможна локализация контракта за пределами РФ и РБ и оплата счетов в валюте.

Если у вас остались вопросы и вам требуется помощь в оплате счетов от AWS, напишите в лс или на email:
svyatoslav.ustyugov@softline.com

Network Infrastructure Security Guidance:

https://media.defense.gov/2022/Mar/01/2002947139/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDANCE_20220301.PDF

Contents
1. Introduction
2. Network architecture and design
3. Security maintenance
4. Authentication, authorization, and accounting
5. Administrator accounts and passwords
6. Remote logging and monitoring
7. Remote administration and network services
8. Routing
9. Interface ports
10. Notification banners
11. Conclusion

#security #network #design

CNCF Kubernetes and Cloud Native Associate Certification Course (KCNA) from Andrew Brown:

https://www.youtube.com/watch?v=AplluksKvzI

⭐️ Course Contents ⭐️
☁️ 0:00:00 Introduction
☁️ 0:22:31 Cloud Native Kubernetes Concepts
☁️ 1:36:41 Selectors
☁️ 1:42:33 Kubelet
☁️ 1:50:15 KubeCTL
☁️ 1:59:20 Distrubutions
☁️ 2:26:25 Runtimes
☁️ 2:37:04 Storage
☁️ 2:51:34 Service
☁️ 3:06:52 Networking
☁️ 3:33:05 Cluster Networking
☁️ 3:50:50 Security
☁️ 4:23:51 Autoscaling
☁️ 4:28:23 Open Standards
☁️ 4:31:17 Goverance
☁️ 5:01:37 Serverless
☁️ 5:10:29 Observability
☁️ 5:24:45 Cloud Native Application Delivery
☁️ 5:44:03 Deployment Strategies
☁️ 5:58:59 Follow Along
🎤 5:58:59 Review of Light Weight Containers
🎤 6:05:14 Building an App Using Docker
🎤 6:29:29 Minkube
🎤 6:55:36 Kind
🎤 7:03:41 Microk8s
🎤 7:27:10 Kubectl Fix
🎤 7:28:38 Pod Communication via IP
🎤 7:36:44 Service ClusterIP
🎤 7:51:20 Service NodePort
🎤 7:59:14 Service LoadBalancer
🎤 8:09:19 Service Externalname
🎤 8:24:53 Ingress
🎤 8:38:51 Jobs
🎤 8:46:35 ReplicaSets
🎤 8:50:56 Scale and Autoscale
🎤 9:00:39 Configmap
🎤 9:23:29 Secrets
🎤 9:34:08 PV and PVC
🎤 9:56:30 NetPolicy
🎤 10:20:29 Knative
🎤 10:34:30 OpenFaaS
🎤 10:46:11 Helm
🎤 10:55:19 LinkerD
🎤 11:32:49 Google Kubernetes Engine
🎤 11:47:25 Azure Kubernetes Service
🎤 12:03:09 AWS Elastic Kuberenetes Service
🎤 12:35:47 IBM Cloud
🎤 12:48:18 Digital Ocean
🎤 13:10:22 CIVO
🎤 13:26:14 Namespaces
🎤 13:30:59 RBAC
🎤 13:58:00 KubeCTL Extra Commands

#Kubernetes

AWS SAA-C02 vs AWS SAA-C03:

https://tutorialsdojo.com/the-new-aws-certified-saa-c03-2022/

Video:

https://www.youtube.com/watch?v=u8Eg86a306Q

#AWS_Certification

AWS Certificate Manager problems for Russia and Belarus:

We are reaching out to inform you about a change to supported top level domains for public certificates. Amazon relies on a third party as part of our process for issuing and renewing certificates issued by Amazon Trust Services. As of March 10, 2022, and until further notice, due to changes implemented by that third party to disallow the issuance and renewal of certificates from the domains specified later, we will no longer be able to issue or renew certificates from the domains specified through ACM. All Amazon certificates for these domains will remain functional until expiration, but will not be renewable and no new certificates from these domains will be issued. Certificates within these domains can still be created by another recognized certificate authority and imported to Amazon:

* .RU
* .BY
* Бел - Belarus
* Рф - Russian Federation
* .moscow
* .москва - Moscow
* .SU - Soviet Union
* (http://ru.com/) .RU.COM
* .РУС
* .RU.NET

#ACM

​​Weekly Summary on AWS (March 6 - 12)

🔸 Amplify iOS Library + Swift
🔸 Aurora PostgreSQL + Multi Major Version Upgrade
🔸 Braket + OpenQASM 3.0
🔸 Chime SDK + live transcription with automatic language identification
🔸 Comprehend + Targeted Sentiment
🔸 DevOps Guru + CodeGuru Profiler for Lambda
🔸 DynamoDB
➖ Limit request option for PartiQL
➖ Tables Per Account 256 → 2,500
➖ Еnable management operations 50 → 500
🔸 EC2 AMI + LastLaunchedTime
🔸 EC2 + X2idn/X2iedn instances 💥
🔸 ECS Update Service API + loadBalancers, propagateTags, enableECSManagedTags, and serviceRegistries 👀
🔸 Glue DataBrew + cross-account Glue Data Catalog S3 access
🔸 Lambda + PrincipalOrgID 💪
🔸 Lightsail + S3 block public access 🎉
🔸 MSK Connect + Secrets Manager
🔸 Personalize + CloudFormation
🔸 QuickSight + auto refresh
🔸 SSM Change Manager + approve/reject multiple change requests together

🔹 Bottlerocket + NVIDIA GPUs 👍
🔹 Genomics CLI + Snakemake
🔹 RDS for MySQL + 5.7.37 and 8.0.28
🔹 RDS for Oracle + Oracle Database 21c
🔹 RDS for PostgreSQL + 14.2, 👈 13.6, 12.10, 11.15, and 10.20
🔹 RDS for SQL Server + M6i/R6i instances

#AWS_week

Видео по SageMaker Studio Lab от Александра Патрушева (Sr. AI/ML Specialist SA, AWS).

https://www.youtube.com/watch?v=jrNs6c0E0A8

00:00:00 Представление
00:03:30 Что такое Amazon SageMaker Studio Lab
00:06:25 Для чего подходит Amazon SageMaker Studio Lab
00:07:12 Demo
00:25:03 В чем разница между SageMaker Studio Lab и SageMaker

#SageMakerStudioLab #video

Всем привет! Сообщение для тех, кому нужно сохранить доступ к AWS.

Selectel — официальный партнер AWS в России. Через нас можно оплачивать сервисы зарубежного провайдера, получая все отчетные документы РФ (при условии потребления от $1000/мес). Также мы предоставляем выделенный канал в обход публичного интернета, который связывает инфраструктуру AWS и Selectel.

Наши сертифицированные специалисты настроят связь с зарубежным провайдером, а также помогут с построением гибридного облака и/или миграцией. Предложение актуально как для представителей бизнеса, так и для физических лиц.

По всем вопросам пишите на почту — sales@selectel.ru. На все ответим и попробуем придумать эффективное в вашей ситуации решение.

Узнать подробнее об услуге — https://slc.tl/2gPx2

Hello all!

The EMEA Specialist Solutions Architects team is organizing an EMEA Analytics Learning series. These series will be comprised of 5 different tracks covering the key analytics technologies:

The first three sessions belonging to the MSK, Redshift and Quicksight tracks are already planed and awaiting for you to join!!

Below you can find the dates and registration links for each of the sessions:

• 22 March – 15:45 – 16:30 GMT: Introduction to Amazon Managed Streaming for Apache Kafka (Amazon MSK) – Registration link here - https://emea-introduction-amazon-managed-streaming.splashthat.com/

[LEVEL 200 - Webinar] Introduction to Amazon Managed Streaming for Apache Kafka (Amazon MSK). Amazon MSK makes it easy to ingest and process streaming data in real time with fully managed Apache Kafka. This is an introductory webinar to MSK, explaining what it is, why it is useful, and how it can help organizations.

• 29 March – 9:00 – 16:45 GMT: Redshift Immersion day – Registration link here - https://emea-redshift-immersion-day.splashthat.com/

[LEVEL 200 - Workshop] A Redshift Immersion Day provides our customers with a deeper understanding of the Amazon Redshift service through presentations and hands-on experience, and is specifically designed to help us accelerate a customer opportunity or further enable an existing Redshift customer.

• 30 March – 9:00 – 10:00 GMT: Discover Amazon QuickSight - Scalable, serverless, cloud-native Business Intelligence – Registration Link here - https://emea-discover-amazon-quicksight.splashthat.com/

[LEVEL 200 - Webinar] This session, will be an introductory level session 150/200 ideal for customers that may not familiar with Quicksight but have BI use cases in AWS. During the session we will be describing the different features of Quicksight along with a live demo where customers will be able to see the service in action.

​​AWS Cloud Quest — Cloud Practitioner:

https://explore.skillbuilder.aws/learn/course/external/view/elearning/11458/aws-cloud-quest-cloud-practitioner

▫️ AWS Cloud Quest: Cloud Practitioner is a role-playing learning game that helps you develop practical cloud skills through interactive learning and hands-on activities using AWS services.
▫️ You will solve problems throughout the virtual Cloud Quest city by completing learning exercises like labs, quizzes, and puzzles.
▫️ Through hands-on learning in a live AWS environment, you will learn and apply cloud concepts to real business problems while earning rewards and transforming the city. Ready to begin? Enroll to start your quest.

#AWS_Certification

Тем кто смотрит в сторону AWS Architect сертификации - будет очень полезно

​​Weekly Summary on AWS (March 13-19)

🔸 AppConfig Feature Flags + GA
🔸 App Mesh Envoy Management Service (EMS) + CloudTrail
🔸 Backup Audit Manager + 'cross-Region copy', 'cross-account copy', and 'backups protected by AWS Backup Vault Lock' controls
🔸 Billing Conductor
🔸 Chatbot + GA for management of AWS resources from Slack
🔸 Chime SDK
➖ Amazon Lex voice bots
➖ Amazon Voice Focus
🔸 Cognito + in-region SES/SNS integration
🔸 Connect + rich formatting in chat messages
🔸 Cost Anomaly Detection + AWS Chatbot
🔸 ECS Anywhere + Windows
🔸 EKS 1.21 + containerd on Windows nodes
🔸 Kendra FSx Connector for Windows File Server
🔸 KMS & ACM + latest hybrid post-quantum TLS ciphers
🔸 Lambda console + sharing test events
🔸 Location Service + HERE Explore & HERE Explore Truck map stypes
🔸 Lookout for Vision + GA & Starter Kit
🔸 RDS for PostgreSQL + mysql_fdw
🔸 Route 53 Private DNS + Geolocation and Latency-Based Routing
🔸 Route 53 Resolver DNS Firewall + reducing the cost
🔸 PrivateLink + RoboMaker
🔸 Service Catalog + VPC Endpoint Policies

#AWS_week

Всем привет!
Если кто-то готовится получить AWS сертификацию, здесь есть возможность получить ваучер на бесплатный Practice Exam https://pages.awscloud.com/global-ln-gc-traincert-certification-associate-challenge-2022-reg

What did we launch?
Today, at the Game Developers Conference 2022, we announced the preview launch of Amazon GameSparks, a managed AWS service that provides game developers with features for building, running, and scaling the backend for their games. Amazon GameSparks was launched as a part of AWS for Games, an initiative that aligns purpose-built game development capabilities—including AWS services, AWS solutions, and AWS Partners—against solution areas to help developers build, run, and grow their games.

Why is this important?
Game developers have told us they want to spend less time on building and scaling backend services, and more time delivering the best player experience possible. Building and scaling backend features requires expertise with managing cloud infrastructure such as compute, storage, and networking to reach players globally and scale to millions of players. Amazon GameSparks addresses these challenges with a serverless game backend that makes it easy for developers to create and manage custom game features without having to think about underlying servers or infrastructure. Amazon GameSparks makes building a game backend easy for game developers who have little to no cloud experience since it comes with out-of-the-box backend features such as authentication and player data management and offers integration with the Unity game engine.

The preview launch of Amazon GameSparks enables game developers to begin developing and testing their games. The preview supports mobile (iOS and Android) and PC gaming platforms. Additional features and benefits include:
• Cloud Code: Add custom logic, integrate with other AWS services, and extend pre-built game features
• Test Harness: Quickly validate Cloud Code logic directly in the console
• Messaging: Send messages and events between game clients and Amazon GameSparks over WebSocket connections
• Integration with AWS Lambda: Invoke AWS Lambda functions from Cloud Code to access any AWS service
• Integration with DynamoDB: Connect to Amazon DynamoDB from Cloud Code to store and manage game data

https://aws.amazon.com/blogs/gametech/amazon-gamesparks/

We are excited to share that today we announced the General Availability of AWS GameKit for Unreal Engine during the Game Developers Conference (GDC). AWS GameKit is an open-source solution that allows game developers to deploy and customize cloud-connected game backend features directly from Unreal Engine. Today, we are launching four game backend features on AWS GameKit to support PC games built on Unreal Engine. These four features are - Identity and Authentication, Achievements, Game State Cloud Saving, and User Gameplay Data. AWS GameKit uses AWS CloudFormation templates to provision and connect all the necessary AWS resources together into a cohesive solution to power these features. With AWS GameKit, game developers can get started with the AWS GameKit templates and then customize and build out their backend to meet the needs of their game.

Customer Problem
Game development has two aspects, creating engaging game play experiences and building undifferentiated yet important backend game features. Game developers, while experts at game play development, don’t always have cloud expertise and have to spend months researching cloud services and writing undifferentiated code to build backend game features. While familiar with the game engine’s integrated development environment, developers still have to spend cycles learning how to integrate their backend into the engine. This slows a game developer’s ability to innovate quickly and bring new games to market.

Customer Value
AWS GameKit enables game developers to quickly build AWS-based backend game features without requiring advanced knowledge of AWS cloud services. With the AWS GameKit, game developers can build AWS-powered game features directly from the Unreal game with just a few clicks. Here are the three key customer benefits:
1. Ease of use: AWS GameKit makes it easy to build game features without requiring prior experience with core AWS services.
2. Complete customization: AWS GameKit includes the source code for the game features allowing developers to see how the AWS services work and allowing full customization.
3. Fast prototyping: AWS GameKit sample assets, including visual code and UIs for each feature, provide ready-made elements for game project integration and customization. The GameKit API and documentation make it easy to trace and debug from the engine.
https://aws.amazon.com/about-aws/whats-new/2022/03/aws-gamekit-unreal-engine/

AWS Customers Build to Create, Entertain, and Make History - 2021

https://youtu.be/0fEZABac-LU

​​Weekly Summary on AWS (March 20-26)

🔸 ACM Private CA + custom subject names, extensions, and name constraints
🔸 Amplify + @mapsTo to rename models while retaining data
🔸 Billing + detailed break down of costs for RDS 👀
🔸 Chime SDK + 10 000 live participants
🔸 Comprehend + extract custom entities from images and Textract JSON files
🔸 Connect forecasting, capacity planning, and scheduling
🔸 Cost Anomaly Detection + resource and tag based access management
🔸 Cost Categories + resource and tag based access controls
🔸 EC2 Metadata + autoscaling/target-lifecycle-state
🔸 ECS + warm pools for EC2 Auto Scaling
🔸 GameKit for Unreal Game Engine 🎉
🔸 GameSparks 💥
🔸 Kendra + Slack Connector
🔸 Lambda + /tmp ephemeral storage: 512 MB → 10 GB 👍
🔸 Lex + grammar slot type
🔸 Panorama
➖ CloudWatch alarms
➖ Receiving inbound messages over the local area network
➖ TensorFlow, PyTorch, and OpenCV
🔸 Proton + Terraform GA
🔸 QuickSight + Groups Management UI
🔸 RDS for PostgreSQL + tds_fdw to connect to a SQL Server
🔸 RDS Service APIs + IPv6 👈
🔸 Service Management Connector for JSM (Jira) + AWS Support
🔸 Transcribe Call Analytics + call summarization

🔹 Corretto 18
🔹 Free Tier + db.t3.micro/db.t4g.micro for RDS 💪

#AWS_week

Закрытие AWS account через AWS SDK & AWS CLI:

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html#aws-cli-&-aws-sdks

aws organizations close-account --account-id 123456789012

Не прошло и пять лет. Ан нет, прошло.

Нужно учитывать следующие особенности закрытия (на самом деле сначала приостановки - SUSPENDED) AWS аккаунтов в Organizations:

▫️ Закрыть можно любой аккаунт (member account, иногда называются как sub-account) кроме главного (management account, ранее master account).
▫️ Пока команда выполнения закрытия аккаунта находится в процессе (обычно несколько минут), аккаунт будет в состоянии PENDING_CLOSURE. По её отработке он переходит в состояние SUSPENDED, в котором будет висеть ещё три месяца, прежде, чем окончательно удалится.
▫️ Закрыть сразу все аккаунты не получится. Можно закрыть лишь 10% от общего количества в течение месяца.
▫️ Случайно закрытый нужный аккаунт можно восстановить в течение 90 дней через Support (пока аккаунт находится в состоянии SUSPENDED).

Подробности API для Organizations - CloseAccount:

https://docs.aws.amazon.com/organizations/latest/APIReference/API_CloseAccount.html

Особенности закрытия аккаунтов для AWS GovCloud (US):

https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/Closing-govcloud-account.html

⚠️ На момент публикации документация на команду AWS CLI close-account пока ещё не доступна.

#Organizations

The official AWS blog about closing AWS accounts using the AWS CLI or AWS SDK:

https://aws.amazon.com/blogs/mt/aws-organizations-now-provides-a-simple-scalable-and-more-secure-way-to-close-your-member-accounts/

You can use the AWS Organizations console, CLI or API/SDK to efficiently and more securely close the member accounts in your organization, saving you significant overhead in managing these administrative tasks while ensuring resource efficiency and overall security.

#Organizations

Reduce encryption costs by using S3 Bucket Keys on existing objects:

https://aws.amazon.com/blogs/storage/reduce-encryption-costs-by-using-amazon-s3-bucket-keys-on-existing-objects/

In this blog, we’ve walked through the steps to implement S3 Bucket Keys for objects with different KMS keys within same bucket. By doing so, we were able to significantly reduce request traffic from S3 to KMS, decreasing KMS costs by 80 percent.

#S3 #KMS

Новое видео от Михаила Голубева:
Добавление компьютерного зрения в ваше приложение используя Amazon Rekognition
https://youtu.be/SrW_rG9IrfI