python |
Pythonタグが付けられた新着投稿 - Qiita |
【AtCoder解説】PythonでABC228のA,B,C,D問題を制する! |
https://qiita.com/u2dayo/items/e80a489c6e7472da3d83
|
最も近いとは、hをずつ増やしていったとき、最初に見つかる書き換えられていない番号ということです問題文通りの操作をシミュレートすると、計算量がOQNとなりTLEになります。 |
2021-11-21 20:31:04 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
Djangoのviews.pyをVScodeでデバッグしたが相対import関連でエラーがでてしまう |
https://teratail.com/questions/370377?rss=all
|
DjangoのviewspyをVScodeでデバッグしたが相対import関連でエラーがでてしまうviewspyと同じディレクトリにutilspyを作成し、getdotplotという関数を作成し、簡易サーバー上での動きも想定どおりのものができました。 |
2021-11-21 20:42:32 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
PDF分割vbsで日本語が化ける |
https://teratail.com/questions/370376?rss=all
|
PDF分割vbsで日本語が化ける初心者です。 |
2021-11-21 20:22:41 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
【wordpress】パーマリンク先のアンカーにリンク |
https://teratail.com/questions/370375?rss=all
|
【wordpress】パーマリンク先のアンカーにリンク前提・実現したいことHTML作成のHPをWordPress化する練習をしています。 |
2021-11-21 20:15:59 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
読み取り専用フォルダの解除 Permission deniedエラー |
https://teratail.com/questions/370374?rss=all
|
|
2021-11-21 20:12:40 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
IAMユーザーで請求ダッシュボードを閲覧できるようにするには |
https://qiita.com/mittsukan/items/570ffe7f8395c2d61611
|
ポリシーの確認画面が表示されるので、問題なければ「アクセス権限の追加」をクリックする。 |
2021-11-21 20:47:32 |
golang |
Goタグが付けられた新着投稿 - Qiita |
Goで2つの日付間の日数を取得する |
https://qiita.com/maatanman/items/2d304bc4bde3d5affaf2
|
functTimeSubuTimeDurationDurationの定義はintのエイリアス型になっていて、時間を取得するHoursメソッドが定義されています。 |
2021-11-21 20:30:55 |
技術ブログ |
Developers.IO |
Amazon Pinpointを使ったSMS送信をおこなってみた |
https://dev.classmethod.jp/articles/amazon-pinpoint-send-sms/
|
amazonpinpoint |
2021-11-21 11:05:21 |
海外TECH |
DEV Community |
I made my website rank by accident |
https://dev.to/dailydevtips1/i-made-my-website-rank-by-accident-1lp1
|
I made my website rank by accidentYou must be thinking clickbait 🪝 right Well it kind of is but also isn t I make my website rank on purpose but had an accidental big win on a specific topic Let me explain what happened Looking through Google search consoleNow and then I like to take a Sunday to go through my search console Ahrefs and analytics This process includes checking broken links seeing where I might have missed a broken image and most importantly where I can optimize On June I wrote this article about moving from GIF to video format And this article was purely written to make my website faster Which it did These pages I changed became so much faster so I was happy Back to now I was checking my Google Search Console and noticed the following The screenshot above shows I got clicks and impressions on video content And although I did do some twitch before this never really picked up So I was surprised where these impressions and clicks came from Diving a bit deeper into the reports I found the keywords used and decided to go through them in the video tab on google And on the Chrome screenshot query I managed to find the following video snippet Pretty impressive as this is only an second self hosted video snippet Which used to be a GIF Here you can see it in action Detecting faces from the webcam in JavaScript ConclusionMoving from GIF to video does not only make your website faster It even helps get you ranked on video content I for one was super surprised as I haven t even optimized any on this content for that purpose Did you ever have random SEO wins Thank you for reading and let s connect Thank you for reading my blog Feel free to subscribe to my email newsletter and connect on Facebook or Twitter |
2021-11-21 11:34:57 |
海外TECH |
DEV Community |
Clean & Minimal portfolio website |
https://dev.to/mukulrajpoot/clean-minimal-portfolio-website-42nn
|
Clean amp Minimal portfolio website Portfolio WebsiteHey this is my portfolio website Let me know what do you think about the website Website is made using next js tailwind GSAP and deployed on Vercel Live LinkLink to WebsiteGitHub LinkLink to Repo Some Screenshots |
2021-11-21 11:22:37 |
海外TECH |
DEV Community |
Just released Notion Pro Clipper Web Extension |
https://dev.to/sarthology/just-released-notion-pro-clipper-web-extension-5202
|
Just released Notion Pro Clipper Web ExtensionJust Released our product Notion Pro Clipper on Producthunt After working with beta user from Notion Community our it s finally here So what can you do with Notion Pro Clipper Page Clipper ways to clipper the information on web using Notion Pro Clipper Just URL The plan simple way to save urls to NotionContent of Web Page Clip the entire content on webpage to NotionSection of Web Page Take ScreenshotNotion Pro Clipper lets you capture screenshots of any page in one click and adds them to whichever Notion page you want It lets you take screenshots in ways Visible Section Section visible currentlyEntire Page From top to bottomFree clip Select any area you want on a page Image ClipperJust hover on any image on web you want to save and save it directly to Notion BonusSave any Youtube video directly to Notion with one click I hope you all are ready to use this Get it Notion Pro ClipperWe are on Producthunt today Go show some love here Thanks Again |
2021-11-21 11:18:50 |
海外TECH |
DEV Community |
IPv6 on AWS | AWS White Paper Summary |
https://dev.to/awsmenacommunity/ipv6-on-aws-aws-white-paper-summary-2h5d
|
IPv on AWS AWS White Paper Summary Best practices for adopting and designing IPv based networks on AWSEvery node connected to an Internet Protocol IP network must have an IP address for communication purposes As the internet continues to grow so does the need for IP addresses IPv is a version of the Internet Protocol that uses a larger address space than its predecessor IPv This whitepaper focuses on best practices for adopting and designing IPv based networks on AWS Cloud It covers IPv dual stack networks for both internet facing and private IPv networks use cases IntroAn increasing number of organizations operate dual stack IPv IPv networks Carrier networks and ISPs were the first groups to start deploying IPv on their networks with mobile networks leading the charge Adoption of IPv has been delayed partly due to NAT with IPv which takes private IP addresses and turns them into public IP addresses An increasing number of organizations are adopting IPv in their environments driven by the public IPv space exhaustion private IPv scarcity especially within large scale networks and the need to provide connectivity to IPv only clients There is no onesize fits all approach with IPv however there are best practices AWS customers can follow to plan and implement IPv into their existing cloud networks This whitepaper explains key drivers for adoption and highlights best practices to guide you while leaving enough space for you to decide based on your specific use case and implementation how to approach IPv in your network Tenets for IPv adoptionAdhering to the following tenets for IPv adoption can help make the process and decision more manageable Re evaluate network controls ーIPv offers opportunities to rethink your approach to perimeter security and make design decisions that further improve your security posture Design for scale ーMore usable IPv addresses doesn t mean you can shortcut IP allocation and planning Phase your IPv adoption ーFocus on your business needs to implement IPv where needed and remember that IPv and IPv can be made to coexist as long as needed Internet Protocol version IPv is the next generation IP address standard intended to supplement and eventually replace IPv the original and ubiquitous IP address scheme Every computer mobile phone home automation component IoT sensor and any other device connected to an IP based network needs a numerical IP address to communicate with other devices Public reachable IPv addresses are in short supply due to their widespread usage and constantly increasing demand stemming from the proliferation of connected devices globally The last available block of new IP version IPv addresses was allocated back in and from that time on everyone has been reusing a finite set of available addresses IP version IPv is the replacement for IPv and it is designed to address the depletion of IP addresses and change the way traffic is managed IPv addressingThe IPv address space is organized by using format prefixes that logically divide it in the form of a tree so that a route from one network to another can easily be found The main categories of IPv addresses are Aggregatable global unicast addresses GUA ー Unique local unicast addresses ULA ーFC Link local unicast addresses ーFE Multicast addresses ーFF IPv adoption strategies and mechanismsWorking with customers AWS observed the following two main drivers for IPv adoption Network Address Translation is no longer sufficient to work around exhaustion and poses significant challenges with overlapping IP addresses There are numerous organizational or regulatory mandates to adopt IPv Following is a summary of IPv adoption drivers Mandated IPv endpoints ーEither mandated by a government policy or an industry regulator and not necessarily tied to a particular use case Interoperability with IPv networks ーThe last years have seen a growing population of IPv only clients and as a result so have the number of organizations wanting to cater to this user base With the number of mobile IPv only users many companies find they can t afford to lose that section of their potential user base Public IPv exhaustion ーAs public IPv addresses become more scarce allocating contiguous IP address ranges for public routing becomes more difficult and costly Private IPv exhaustion ーAs private IPv RFC addresses become exhausted and too fragmented within organizations private networks IPv only networks offer opportunities to address additional nodes IPv adoption strategy depends on the driving force behind it You may have an immediate goal such as addressing private IPv exhaustion or the ability to provide IPv service endpoints as per government mandate with the long term goal of fully converting to an IPv only network Following are the four main driving forces and the corresponding adoption strategy Private IPv exhaustion ーThe goal is to provision new nodes and allocate routable IP addresses without IP overlap and without the challenge of sourcing contiguous and usable IP addresses Adoption strategy ーConfigure IPv only routing between dual stack network segments to facilitate communication using the IPv stack Provide IPv to IPv interoperability layer such as dual stack load balancers Public IPv exhaustion ーThe goal is to support IPv only nodes connecting to your public endpoints As an example you may have an API endpoint for data upload from IoT devices which are connected to an IPv only network The IoT devices have IPv addresses and the network does not provide interoperability layer to IPv Other devices may operate in IPv networks Adoption strategy ーCreate dual stack VPCs and subnets Configure AWS services such as load balancers and edge service in dual stack mode with corresponding DNS record on the AWS Cloud Optionally provide separate endpoints for IPv and IPv in dedicated IPv only or IPv only deployments InteroperabilityAlthough operating in dual stack mode solves a lot of the problems with IPv and IPv interoperability it creates management overhead For example security becomes harder because you have to manage two sets of security rules one for each network stack Routing and troubleshooting become harder and you have to maintain additional records to existing DNS names You may be able to avoid making the entire network dual stack by focusing on implementing dual stack at your border via load balancers Existing segments of your network can continue to operate as IPv in most cases and new segments are built with IPv Focus on implementing and operating interoperability layer where AWS services such as dual stack VPC and load balancers to help you solve interoperability challenges Planning IPv adoption in the AWS Cloud networkElastic network interfaces in an IP network could operate in three different modes IPv only mode ーYour resources can communicate over IPv and if communicating to IPv nodes require an interoperability layer IPv only mode ーYour resources can communicate over IPv and if communicating to IPv nodes require an interoperability layer Dual stack mode ーYour resources can communicate over both IPv and IPv A separate interoperability layer is not required IPv addressing plan on AWSComing up with an IPv addressing plan is one of the most important initial tasks for any organization proceeding with IPv adoption For most organizations IPv is deployed in parallel with IPv in existing IPv AWS and hybrid networks IPv addressing plans tend to grow over time and consequently may be highly fragmented not contiguous or not big enough Simply duplicating the IPv addressing scheme insome fashion in IPv might initially prove advantageous However any temporary advantage gained by such a shortcut will ultimately be surpassed by the ease and efficiency of operation and design offered by a proper IPv addressing plan that incorporates the key benefits of the larger allocations possible with IPv AWS assigned IPv VPC CIDRBy default Amazon provides one fixed size IPv CIDR block to a VPC This range is assigned by the service and consequently you can t assign contiguous IPv CIDR blocks to VPCs in the same Region or based on other custom defined criteria For customers that have a large VPC footprint in AWS and prefer to use IP route summarization to simplify their overall environment bring your own IPv BYOIPv described in the next section may be the preferred solution BYOIPv VPC CIDRAlternatively if you own an IPv address space you can import it into AWS using the Bring Your Own IPv service The smallest IPv address range that you can bring is for CIDRs that are publicly advertised by AWS and for CIDRs that are not publicly advertised by AWS You can also choose to bring a and mark it as non advertisable keeping control of IP advertisements on your on premises setup After importing it you can assign ranges from the space to individual VPCs in the same account VPC subnet addressingAlthough you can assign one IPv CIDR block to a VPC the VPC subnets are fixed in length This yields to the interface ID being in length in accordance with the general format of the IPv unicast addresses Given the fixed size of the VPC CIDR and the subnet prefix you have bits for subnet allocation in the VPC enabling you to create subnets in the VPC Designing an IPv AWS Cloud network Amazon VPC designPlanning and implementing network connectivity in AWS is usually one of the foundational tasks you perform when deploying workloads in AWS Following are some of the aspects typically considered Amount and nature of Amazon VPCs requiredAmazon VPC CIDR range and IP address allocation including Bring Your Own IP BYOIP for public connectivityNumber and type of subnetsNumber of availability zones to coverPermitted traffic pathsInternet incoming and outgoing traffic optionsHybrid connectivityInter VPC connectivityScalability and expansion VPC IP address assignmentYour VPC can operate in dual stack modeーyour resources can communicate over IPv IPv or both IPv and IPv communication are independent of each other You cannot disable IPv support for your VPC and subnets you are required to allocate at least one IPv CIDR range to your VPC In addition you may associate up to one IPv CIDR block range per VPC Subnet address assignmentAfter you have associated an IPv prefix to a VPC you can begin to assign one IPv prefix to each subnet Note that these assignments are configured on a per subnet basis and it s possible to have a mix of subnets with and without IPv within the same VPC This is useful in scenarios where you merely require IPv capability for a subset of the network as described in the drivers for adoption section The address assignment of resource within a subnet occurs at two levels The Amazon VPC elastic network interface construct configurationA resource s networking stack configuration IP addressing of the elastic network interfaceNetwork addressable resources deployed within a VPC must have an elastic network interface Examples of resources include Amazon Elastic Compute Cloud Amazon EC instancesInterface VPC endpointsAWS Lambda functions deployed in VPCs Amazon Relational Database Service Amazon RDS database instancesElastic network interfaces are logical constructs in the VPC which represent a resource s network adapter at runtime Each elastic network interface may have one or more IPv addresses as well as one or more IPv addresses This means you are not required to provision separate elastic network interfaces for IPv and IPv and there is no need to configure additional elastic network interfaces on your workloads to enable IPv IP addressing at the resource s networking stackIn IPv the preferred method for assigning IPv addresses is to use Dynamic Host Configuration Protocol DHCP DHCP is based on IPv s broadcast mechanism that allows hosts to announce themselves to DHCP servers These servers can then offer an IP address lease to the client IPv has no concept of broadcast and initially did not feature DHCP capability However the community has become used to DHCP and so RFC was developed to introduce DHCPv In the absence of broadcast capability DHCPv makes use of the well known multicast address for all DHCP servers relays ff Amazon VPC has built in support for address assignment via DHCP for both IPv and IPv Address allocation works similar to static address reservation in traditional DHCP servers the IP address assigned to the elastic network interface construct determines the IP address the VPC DHCP infrastructure offers the resource requesting an address Amazon VPC also offers the ability to configure DHCP option sets which can be used to provide additional configuration information such as domain name or DNS servers to use In a dual stack design all IP addresses used in an option set need to be IPv Supporting Amazon VPC servicesAWS exposes a set of supporting services within customer VPCs at wellknown reserved addresses These services are traditionally exposed from the IPv linklocal address range For AWS Nitro System instances AWS also provides these services using IPv ULAs Instance Metadata Service IMDS The instance metadata is information about your instance Instances can introspect this at runtime by querying the IMDS available to it at For Nitro based instances AWS also provides this service at the fd ec IPv endpoint Route DNS resolverAmazon VPC features a built in DNS resolver which resides at VPC CIDR BASE and IPv enabled Nitro instances can access the service via fd ec Amazon Route Resolver and DNS in general is discussed at greater length in the Designing DNS for IPv section of this document Network Time Protocol serverAmazon VPC provides a Stratum NTP server at Nitro based IPv enabled instances can reach this server via fd ec Amazon VPC connectivity options for IPvThere are a growing number of ways in which Amazon VPCs can connect to each other Many of these options are detailed in the VPC to VPC connectivity section of the Building a Scalable and Secure Multi VPC AWS Network Infrastructure whitepaper AWS recommends you read the following subsections alongside and it follows the same structure while providing additional insight regarding IPv operation as both papers cover VPC peeringAWS Transit GatewayVPC subnet sharingAWS PrivateLink VPC peeringVPC peering is the simplest method for VPC to VPC connectivity It supports both intraand inter Region connectivity The peering itself is IP protocol agnostic After you establish peering you must configure one or more static routes defining which prefixes are reachable Both IPv and IPv prefixes may be routed across the same peering The following diagram depicts a VPC peering between two VPCs supporting IPv and IPv simultaneously The peering is agnostic and the subnet route tables are the deciding factor for which prefixes are reachable AWS Transit GatewayIt is a scalable highly available way to establish network connectivity between multiple VPCs A Transit Gateway is a Regional construct and attaches VPCs within the same Region Transit Gateways located in different AWS Regions can establish a peering relationship enabling global connectivity for your network IPv connectivity into Transit GatewayYou use a Transit Gateway attachment to connect a VPC to a Transit Gateway An attachment deploys an elastic network interface into each subnet you select Traffic is routed into Transit Gateways using static routes in VPC subnet routing tables with the attachment as the next hop The attachments themselves are IP protocol agnostic and you can route IPv and IPv prefixes via the same attachment To support IPv the elastic network interface s used by the attachments need to have IPv addresses assigned to them IPv traffic within and between Transit GatewaysA Transit Gateway attachment is both a source and a destination of packets You can attach the following resources to your Transit Gateway VPCsOne or more VPN connectionsOne or more AWS Direct Connect gatewaysOne or more Transit Gateway Connect attachmentsOne or more Transit Gateway peering connectionsA Transit Gateway has one or more routing tables A routing table can receive its entries through a combination of static route configuration and dynamic propagations from other attachments VPC Direct Connect Site to Site VPN or Connect Peering In either case IPv routes are supported AWS Transit Gateway Connect Attachments for IPvYou can create a Transit Gateway Connect attachment to establish a connection and dynamic routing between a transit gateway and third party virtual appliances such as SD WAN appliances These attachments take the form of IP Generic Routing Encapsulation GRE protocol tunnels and enable dynamic exchange of routing information between an EC instances in a VPC and a TGW Route exchange is facilitated by a Border Gateway Protocol BGP peering TGW connect peers support IPv using Multi Protocol BGP MP BGP and a CIDR block from the well known fd unique local address range Multiprotocol BGP MP BGP is an extension to BGP that enables BGP to carry routing information for multiple network layers and address families MP BGP can carry the unicast routes used for multicast routing separately from the routes used for unicast IP forwarding AWS PrivateLinkAWS PrivateLink provides private connectivity between VPCs AWS services and customer on premises networks without exposing traffic to the public internet AWS PrivateLink makes it easy to connect services across different accounts and VPCs to significantly simplify your network architecture AWS PrivateLink does not currently support IPv However PrivateLink has the useful property of abstracting the IP addressing used between source and destination In the meantime it s possible to operate a dual stack setup for the purpose of communicating via PrivateLink endpoints It is possible for a workload to use IPv for most communication and use IPv purely for accessing the IPv address of the PrivateLink endpoint VPC sharingVPC sharing allows VPC owners to share a subnet across AWS accounts You may share dual stack subnets the same way as IPv only ones IPv resources deployed into a shared subnet function identical to those deployed into non shared subnets Amazon VPC internet access Internet reachable IPv resourcesElastic network interfaces retain their IPv addresses throughout their lifetime For IPv elastic network interfaces can have zero or more Elastic IP addresses associated with them An Elastic IP address defines a static NAT relationship between an elastic network interface s IPv address and a public internetroutable address In IPv VPC addressing is already globally unique and therefore Elastic IP addresses are not required Amazon assigned IPv addresses are automatically publicly advertised whereas for BYOIP ranges this is optional In either case resources deployed only have IPv internet reachability if their subnet s routing table contains IPv destinations such as via either an internet gateway or outbound traffic only internet gateway Hybrid connectivity designHybrid connectivity scenarios are a reality for many customers Two methods for addressing these AWS Direct Connect and AWS managed Site to Site VPN AWS previously published the Hybrid Connectivity whitepaper which focused on designs and considerations around these solutions and most of that content remains relevant However that paper does not consider IPv This section assumes you are acquainted with the aforementioned document and it focuses only on the best practices and differences compared to IPv implementations AWS Direct ConnectAWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from customer premises to AWS Different aspects of the Direct Connect service deal with different layers of the OSI model The choice of IPv only affects configuration related to Layer so many aspects of Direct Connect configuration such as physical connections link aggregation VLANs and jumbo frame are no different from IPv use cases Where IPv does differ is when it comes to addressing and configuration of BGP peerings on top of a virtual network interface VIF There are three types of VIFs PrivateTransitPublicTransit and Private VIF IPv peerings ーWhereas in IPv you are free to choose your own addressing for the logical point to point in IPv AWS automatically allocates a CIDR for each VIF and it s not possible to specify custom IPv addresses Advertising IPv prefixes from AWSWhen associating a Direct Connect Gateway directly with a VGW you can specify “Allowed Prefixes Think of this like a traditional “prefix list filter controlling the prefixes advertised to your customer gateway With IPv specifying no filter equates to ーno filtering With IPv not specifying a value here results in all advertisements being implicitly blocked Amazon managed VPNAWS Site to Site VPN connectivity configuration comprises multiple parts The customer gateway which is the logical representation of the onpremises VPN end point The VPN connection The local device configuration on the VPN appliance represented by the customer gateway Any AWS SS VPN connection consists of two tunnels It is this connection that defines the IP addressing ISAKMP IPsec and BGP peering parameters Designing DNS for IPvThe core concept of DNS is unchanged from IPv From a Layer perspective DNS is just another application and therefore by virtue of the OSI ISO model provided abstraction agnostic to the chosen network layer protocol Regardless of the IP version there is a deep link between DNS and the IP layer The DNS specification has adapted and introduced an additional type to accommodate IPv addresses In IPv the equivalent of the IPv “A records are AAAA records This means that it is possible to use IPv as the network protocol to connect to a DNS server and resolve an IPv AAAA record PTR recordsA pointer PTR record translates an IP address to its domain name IPv addresses are reverse mapped under the domain IP ARPA IPv reverse maps use a sequence of nibbles separated by dots with the suffix “ IP ARPA as defined in RFC For example the reverse lookup domain name corresponding to the address db a would be a b d ip arpa Alias recordsAmazon Route supports alias records Route alias records are mapped internally to the DNS name of alias targets such as AWS resources Route monitors the IP address associated with an alias target s DNS name for scaling actions and software updates The authoritative response from Route name servers contains an A record for IPv addresses or AAAA record for IPv addresses with the IP address of the alias target DNS resolution within a hostExternal configuration aside it is up to a host s networking stack at runtime to resolve DNS records When configured as dual stack most modern operating systems default to preferring IPv In other words when a query for a FQDN returns both an A and AAAA record the OS prefers to use the AAAA record and establishes IPv connectivity to the target Amazon Route DNS recordsIn AWS Amazon Route provides DNS capabilities Route provides features for two use cases Public DNS for externally hosted contentDNS capability within a VPC both from a resolver and authoritative name server standpoint Public IPv DNS resolutionFor externally queryable DNS you can use Route public hosted zones with both A and AAAA records Route health checks support health checking IPv services The name servers exist both for IPv and IPv meaning clients wanting to resolve a FQDN hosted on Route public hosted zone can do so natively DNS resolution within a VPCAmazon VPC comes with Route Resolver which provides a built in capability for resolving DNS names This resolver is reachable either on or VPC CIDR NETWORK for IPv and fd ec for Nitro based IPv hosts Requests sent to this resolver are resolved against the combination of private hosted zones associated with the VPC and any shared resolver rules IPv security and monitoring considerations Network level access controlAmazon VPCs feature two network access control mechanisms and these exist irrespectively of which version of the IP protocol is used IPv or IPv Security groups SGs at the elastic network interface levelNetwork access control lists network ACLs at the subnet level VPC Flow LogsVPC Flow Logs is a feature that enables you to capture information about the IPv traffic going to and from network interfaces in your VPC VPC Flow Logs for IPv traffic works the same as IPv where you can create flow logs at the VPC level the subnet level or the network interface level If you create VPC Flow Logs at a VPC or subnet level every network interface in that VPC or subnet is monitored The flow log records can use the default format or the custom format With a custom format you specify which fields are included in the IPv flow log records and in which order VPC Logs default format VPC Traffic MirroringVPC Traffic Mirroring is a complementary feature to flow logs that copies entire packets including their payload of network traffic from a specified elastic network interface of an Amazon EC instance Traffic Mirroring copies inbound and outbound IPv and IPv traffic from the network interfaces that are attached to your Amazon EC instances You can send the mirrored traffic to the network interface of another EC instance or a Network Load Balancer that has a UDP listener listening on UDP port VXLAN The mirrored traffic is sent to the traffic mirror target by means of the source VPC IPv route table Note that all mirrored traffic is encapsulated in an IPv packet Traffic Mirroring mirrors both your IPv and IPv traffic No special configuration is necessary to enable Traffic Mirroring for your IPv traffic whether the traffic mirror source and the target are in the same VPC Or in a different VPC connected via VPC peering or a Transit Gateway as long as the traffic mirror source can route to the traffic mirror target by IPv AWS Web Application FirewallAWS Web Application Firewall AWS WAF lets you monitor the HTTP S requests that are forwarded to an Amazon CloudFront distribution an Amazon API Gateway RESTAPI an Application Load Balancer or an AWS AppSync GraphQL API With AWS WAF the services that are associated with the protected resources can respond either with the requested content or with HTTP status code based on conditions that are specified such as the IP addresses either IPv or IPv that the request originate from Web ACLYou use the rules in a web ACL to block or allow web requests based on criteria which includes IP addresses or address ranges that requests originate from The IP set match statement inspects the IP address of a web request against a set of IP addresses and address ranges Use this to allow or block web requests based on the IP addresses either IPv or IPv that the requests originate from AWS WAF IP sets supports all IPv and IPv CIDR ranges except for and AWS ShieldIt provides protection against DDoS attacks A DDoS attack can prevent legitimate users from accessing a service and can cause the system to crash due to the overwhelming traffic volume All of the AWS Shield detection and mitigations work with IPv and IPv without any impact to performance scalability or availability of the service AWS Network FirewallAWS Network Firewall is a stateful managed network firewall and intrusion detection and prevention service for Amazon Virtual Private Cloud Amazon VPC AWS Network Firewall does not currently support IPv In the dual stack mode you can still use AWS Network Firewall to filter IPv traffic going to and coming from an internet gateway NAT gateway or over VPN or AWS Direct Connect AWS Systems ManagerResources managed by AWS Systems Manager must have IPv connectivity to Systems Manager s endpoints For example to connect to an EC instance using Systems Manager Session Manager the instance must be running dual stack and must have an IPv connectivity to the internet or AWS PrivateLink VPC endpoint Similarly on premises resources must also be in dual stack network mode Scaling the dual stack network design in AWS Elastic Load BalancingELB automatically distributes your incoming traffic across multiple targets such as EC instances containers and IP addresses in one or more Availability Zones It supports the following types of load balancers Application Load Balancers Network Load Balancers and Classic Load Balancers Both load balancer types support internet facing and internal load balancer schemes You create internet facing Application Load Balancers and internet facing Network Load ConclusionThere are multiple driving forces behind IPv adoption This paper describes what they are and explains how you can respond to them It also explains differences between IPv and IPv where applicable and covers interoperability between both network stacks As always security remains paramount and so this paper covered how to evolve your perimeter design to take advantage of IPv protocol features Remember that IPv only makes a difference at the network layer of the networking stack Many connectivity and security elements especially in cloud native applications are handled at higher layers and are therefore not affected AWS offers comprehensive IPv support in Amazon VPC and AWS services running at the edge of AWS Cloud You can adopt IPv at your own pace and focus on use cases where you will benefit the most from the adoption Reference Original paper |
2021-11-21 11:14:57 |
ニュース |
BBC News - Home |
Ole Gunnar Solskjaer: Man Utd sack manager with club seventh in Premier League |
https://www.bbc.co.uk/sport/football/54826343?at_medium=RSS&at_campaign=KARANGA
|
Ole Gunnar Solskjaer Man Utd sack manager with club seventh in Premier LeagueManchester United sack manager Ole Gunnar Solskjaer with the club seventh in the Premier League following Saturday s defeat at Watford |
2021-11-21 11:51:25 |
ニュース |
BBC News - Home |
Covid: Sajid Javid orders review of medical device racial bias |
https://www.bbc.co.uk/news/uk-59363544?at_medium=RSS&at_campaign=KARANGA
|
oximeters |
2021-11-21 11:25:20 |
ニュース |
BBC News - Home |
Labour and Plaid Cymru approve Wales government deal |
https://www.bbc.co.uk/news/uk-wales-politics-59360575?at_medium=RSS&at_campaign=KARANGA
|
plaid |
2021-11-21 11:52:24 |
北海道 |
北海道新聞 |
立憲代表戦、札幌で候補者討論会 1人区共闘の共通政策で温度差 |
https://www.hokkaido-np.co.jp/article/614191/
|
立憲民主党 |
2021-11-21 20:02:00 |
コメント
コメントを投稿