投稿時間:2022-04-11 08:31:06 RSSフィード2022-04-11 08:00 分まとめ(30件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
IT	気になる、記になる…	｢WWDC22｣で新型｢MacBook Air｣発表の可能性も	https://taisy0.com/2022/04/11/155604.html	apple	2022-04-10 22:05:26
IT	ITmedia 総合記事一覧	[ITmedia ビジネスオンライン] 「ワクワクイベント」はドクター・中松の商標か　困惑の経産省、ワクチン接種促進「イベントワクワク」との混乱も	https://www.itmedia.co.jp/business/articles/2204/11/news063.html	中松氏にその真意を聞いてみた。	2022-04-11 07:35:00
IT	ITmedia 総合記事一覧	[ITmedia ビジネスオンライン] マツダのラージPF、CX-60プロトタイプに乗る	https://www.itmedia.co.jp/business/articles/2204/11/news017.html	itmedia	2022-04-11 07:30:00
IT	ITmedia 総合記事一覧	[ITmedia エグゼクティブ] 脱炭素に貢献するスマートモビリティ領域分析および同領域の日本企業分析 第1回	https://mag.executive.itmedia.co.jp/executive/articles/2204/11/news002.html	itmedia	2022-04-11 07:05:00
IT	ITmedia 総合記事一覧	[ITmedia エグゼクティブ] 第3回 デジタル人材とは構想と実現の「両利き」を目指すこと	https://mag.executive.itmedia.co.jp/executive/articles/2204/11/news006.html	itmedia	2022-04-11 07:05:00
IT	ITmedia 総合記事一覧	[ITmedia エグゼクティブ] 「損害保険×ソリューション」の提供で、効率的かつ効果的なサイバーリスク対策を実現――東京海上日動火災保険 教学大介氏	https://mag.executive.itmedia.co.jp/executive/articles/2204/11/news012.html	itmedia	2022-04-11 07:03:00
python	Pythonタグが付けられた新着投稿 - Qiita	AtCoder Beginner Contest 247　A~D　4完記事	https://qiita.com/kani_kani_kani/items/a4f4d4907f6af0ee0a5e	amoveri	2022-04-11 07:54:14
python	Pythonタグが付けられた新着投稿 - Qiita	Pythonのlist（配列）の挙動について	https://qiita.com/Yumihiki/items/ddac93a87c47bf373ae7	配列	2022-04-11 07:17:58
python	Pythonタグが付けられた新着投稿 - Qiita	Blenderで花火を打ち上げるアドオン	https://qiita.com/SaitoTsutomu/items/9c7aae103bf13d72dd5c	blenderaddon	2022-04-11 07:10:13
Ruby	Rubyタグが付けられた新着投稿 - Qiita	【開発未経験】Railsでサ活(サウナ活動)を管理できるアプリを作成しました。	https://qiita.com/matsuken314/items/2ae660c7635cca726283	rails	2022-04-11 07:16:31
AWS	AWSタグが付けられた新着投稿 - Qiita	AWS公式資料で挑むSCS認定(38)-こんな時どうする(全分野その15)	https://qiita.com/mingchun_zhao/items/7b7ded45cfcbd91bfedd	資料	2022-04-11 07:54:28
AWS	AWSタグが付けられた新着投稿 - Qiita	【AWS】CodePipeline未サポートの大阪リージョンにCodePipelineでデプロイする方法	https://qiita.com/ozzy3/items/930f63d82f076f601021	codepipeline	2022-04-11 07:52:57
Ruby	Railsタグが付けられた新着投稿 - Qiita	【開発未経験】Railsでサ活(サウナ活動)を管理できるアプリを作成しました。	https://qiita.com/matsuken314/items/2ae660c7635cca726283	rails	2022-04-11 07:16:31
海外TECH	DEV Community	Why I Started, and Why I'll Be Continuing: Coding	https://dev.to/frtjuy/why-i-started-and-why-ill-be-continuing-coding-cbh	Why I Started and Why I x ll Be Continuing CodingHiya I recently got enrolled in Flat Iron Schools to learn Software Development It is a moment of great excitement for me to finally get into anything related to coding as it has been an aspiration for me since I first learned about it as a teen This blog post is a required assignment given by Flat Iron Schools but it is also an opportunity to show off my eagerness for coding to others as well as give an insight to what one would hope to expect from me as a future software developer The majority of my life has been spent on the computer and I owe my joys in life as well as my current social circles to my time on the screen throughout the years Whether it is spending most of my childhood glued to the screen playing Flash games or communicating with my friends across the globe through Discord computers have been the center of my life When I began really getting into videogames when I was younger I knew that I wanted to one day make one myself Being able to create a game and more importantly a community that loves the game is something that I aspire to do Although I don t spend as much time playing videogames as I used to I still hold this aspiration Around two years ago I decided to drop out of college realizing that a four year program was going to be too mentally draining and the amount of time that it was going to consume from my life was illogical to me thinking that my time would be better spent elsewhere I decided that maybe I will return to school at a later time in life but if I was going to try again it would have to be a short one year program like a trade school In the meantime I was set on living in Richmond with friends and working my way up any retail job I could get into In July of I joined Amazon as a warehouse worker and although the pay is competitive for being entry level it is the most soul destroying line of work I have been in My job involves mindlessly following a prompt on a scanner walking to the designated area and picking the item it wants me to This line of work feeling robotic plus isolating me by not allowing time to socialize led me to realize that my life goal needs to change from working my way up in a warehouse career to something more gratifying Luckily for me Amazon had fliers around the building advertising a Career Choice for Flat Iron Schools Flat Iron Schools presented me with the perfect opportunity an month program that promises to teach you coding skills and land you a job I decided to take the Software Development course as it was the only course offered in my area This program was exactly what I was looking for and Amazon would be paying for it in full which was a necessity for me at the time I signed up and was accepted into the school after a two month selection process Since February I have began the program and am currently having some fun with it At first I was a bit scared to know how hard the course would be but so far it hasn t been too frustrating and rather it is somewhat enjoyable I am currently learning JavaScript with the use of Ubuntu VSC and GitHub As I am finally able to get hands on experience with coding myself I realize that I am wired to do coding Getting started on a project not understanding how I am supposed to approach something learning methods and lines from others then figuring out how to do it myself and completing the project has been such a satisfying experience and I can see myself doing projects of my own in my free time I am excited to get to know other languages that I will be learning from this school and beyond A few additional critical thoughts I d like to share that are important to me as a person I believe learning software development directs me to career paths that will give me benefits such as higher salaries and the ability to work remotely While these are very important to me the main reason why I chose to make coding my career rather than other professions is that coding is useful to me outside of work Many projects that were impossible for me before are now a possibility I plan to not waste this amazing opportunity given to me Some projects that I look forward to creating with code include fun side projects with close friends helping charities create programs websites creating my own startup as well as many other ideas that I will stumble upon in the future Although I said earlier that making a videogame is a passion for me what is more important to me is creating something or working on a team that creates something that helps or builds a community I tend to value the positive impacts I make on people communities over the something that created said impact Creating a videogame is just one way that I am familiar with and extremely well versed in that can achieve this goal of mine While I can go on and on with how excited I am to learn code and the things that I could possibly do with code I can only do so if I complete the first steps Right now I am in my second month of the Flat Iron School and completing the rest of the program is my greatest priority In order to complete it I also need to continue working at Amazon during this time which has been a struggle mentally as of recently I think the next six or so months will be the most demanding period in my life but I hope to come out the other side with skills and a source of income that will help me follow my true passion coding	2022-04-10 22:22:57
海外TECH	DEV Community	How I passed the AWS Certified SysOps Exam?	https://dev.to/tom_millner/how-i-passed-the-aws-certified-sysops-exam-3if	How I passed the AWS Certified SysOps Exam IntroductionI recently passed the AWS Certified SysOps Administrator Associate exam and I ve put together this post to outline how I prepared for the exam and notes I took along the way If you want to learn more about the certification check out this link from AWS About meEveryone who starts their preparation for this exam will have arrived there by their own unique journey For myself this is my th AWS certification having already achieved the other two associate certifications the cloud practitioner and two data specialities Of the exams I have studied for so far the SysOps exam overlapped most with the Architect associate exam This was mainly in the area of networking Study for both certs covers all parts of cloud networking extensively Study for the other certifications has also prepared me for questions on services such as S and DynamoDB However the SysOps covers a range of services that I had never encountered before It is a tough exam to prepare for requiring you to study a lot of different services There are services listed on the study guide Where to beginEvery AWS certification has a page on the AWS certification website and I always find it the best place to start You will find details here about the exam with a study guide and sample questions You ll also find links to the FAQs for the services and white papers to read You might be tempted to ignore these but they are worth reading From there you can attend the free Exam Readiness course provided by AWS on their skillbuilder site This course is useful in that it you gives an outline of where you should focus The exam breaks down into following domains and the exam readiness course goes through the services that you need to study in each domain Domain of ExaminationDomain Monitoring Logging and Remediation Domain Reliability and Business Continuity Domain Deployment Provisioning and Automation Domain Security and Compliance Domain Networking and Content Delivery Domain Cost and Performance Optimization The instructors also cover more sample questions and walk through the answers One big plus is the sample labs they run you through as well The SysOps exam is different from all other AWS certification exams in that it includes a practical component Most of the remainder of this article is built around these domains and the services outlined in the Exam Readiness course Unless you re using all services everyday in your role you are going to need an additional course to help you pass I used Stephane Marek s Udemy course and found the content excellent It doesn t have a sandbox or labs that the CloudAcademy or A Cloud Guru courses provide but I liked the content and Stephane s style He does a lot of walk throughs and provides you with very detailed slides that you can go back to If you have access to any of these courses or similar they all cover much the same content and are essential to help with preparing for the exam The excellent Andrew Brown makes his course available under the Free Code Camp channel in Youtube This course is just as good as the others mentioned and can be helpful if you re operating on a budget If you can afford it though please remember to donate Free Code Camp is such a wonderful service and they appreciate all the help they can get Before we dive in it s worth considering what this exam is about Obvious as it might seem it is a SysOps exam therefore services that are marketed as Serverless will feature a lot less in this exam than services than need Ops support You will not be asked about the inner workings of Lambda but you will need to know EC very well You will need to know a lot more about RDS than DynamoDB I think it s worth keeping that frame of reference in your mind while studying for this exam Personally I have more experience with the managed and serverless services of AWS so this was my first time having to get to grips with services like AWS Systems Manager and Config while having to dust off my notes on VPCs Domain Monitoring Logging and Remediation For domain you need to be able to collect metrics and logs from your applications and infrastructure You should be able to create alarms and notifications based on the logs and metrics collected You should use all metrics logs and alarms to monitor and troubleshoot your applications and infrastructure And you also need to be able to fix any issues Automation is also a big factor you should be thinking about how you can remediate issues automatically before they become a bigger issue CloudWatchThe primary monitoring service in AWS is Amazon CloudWatch and you should take a look at the faqs to get started Amazon CloudWatch consists of several individual services but the main ones you need to know for the exam are CloudWatch MetricsCloudWatch AgentCloudWatch LogsCloudWatch AlarmsCloudWatch DashboardsAmazon EventBridge aka CloudWatch Events CloudWatch MetricsMost services push metrics to CloudWatch by default Logging of EC metrics is minutes by default and you can enable detailed logging at a cost down to every minute CloudWatch can monitor CPU Network and a Status Check of an EC instance by default but it does not monitor memory of your instance by default If you need custom metrics or more fine grained detail from your EC instances you need to install the CloudWatch agent on your instance Namespaces are used for storing metrics CloudWatch metrics cannot be deleted and will be expired after months CloudWatch AgentYou should also understand about the CloudWatch agent The CloudWatch agent allows you to collect metrics and logs from Amazon EC instances and on premises servers If you want that you ll need to use the CloudWatch agent If using the CloudWatch Agent make sure you attach an IAM role to your instance with permissions to push to CloudWatch Using the CloudWatch agent you can capture metrics at a maximum frequency of second CloudWatch LogsYou can think of CloudWatch Logs as the data store for your application logs You should understand how data gets in here either by default or how it can be pushed in This isn t just for AWS services you can also push logs your on premise applications and infrastructure using the SDK A log event is a single line item detailing the event This is what is pushed to CloudWatch A log stream is a sequence of log events that share the same source Each separate source of logs in CloudWatch Logs makes up a separate log stream And a log group is a group of log streams that share the same retention monitoring and access control settings You can define log groups and specify which streams to put into each group There is no limit on the number of log streams that can belong to one log group You can use CloudWatch Logs Insights to query your logs with a AWS custom query language Each log comes with system fields message logStream and timestamp for all logs sent to CloudWatch message contains the raw unparsed log event logStream contains the name of the source that generated the log event and timestamp contains the time at which the log event was added to CloudWatch Logs Insights can also generate visualizations such as bar charts line charts and stacked area charts from the output of your queries You can monitor log events as they are sent to CloudWatch Logs by creating Metric Filters Metric Filters turn log data into CloudWatch Metrics for graphing or alarming CloudWatch DashboardsCloudWatch Dashboards are a good way to get a visual overview of your metrics You can centralise metrics from multiple regions into a single dashboard CloudWatch AlarmsYou can create a CloudWatch Alarm to monitor any CloudWatch metric in your account This include custom metrics When you create an alarm you choose the metric you want it to monitorthe evaluation period e g five minutes or one hour a statistical value to measure e g Average or Maximum To set a threshold set a target value and choose whether the alarm will trigger when the value is greater than gt greater than or equal to gt less than lt or less than or equal to lt that value One thing to consider is that if you want your alarm to trigger at more than the default collection frequency of the metric you may need to enable detailed logging of the metrics An alarm can be in states OK INSUFFICIENT DATA and ALARM You should understand how the state of an alarm moves between these states An alarm can be used to trigger an auto scaling action be sent to an SNS topic or trigger an EC action such as terminate reboot or recover A composite alarm is a combination of multiple alarms and therefore metrics into alarm hierarchies You can choose then to integrate an action or notification at any level of the hierarchy Alarm history is available for days EventBridge CloudWatch EventsAmazon EventBridge used to be known as CloudWatch Events and EventBridge is CloudWatch Events repackaged and supercharged In the exam the two service names could be referenced interchangeably but generally it s referred to EventBridge EventBridge is an event bus and is a great option for integrating different services and applications together Some services will have direct integration like AWS Config and AWS Systems Manager but EventBridge can be a good catch all option for integrating services In the context of the SysOps certification all CloudWatch Alarm state changes will be sent to EventBridge From there you can create an EventBridge rule to trigger a Lambda or Step Functions to remediate the issue SNS for sending alerts Use Amazon SNS to deliver emails or sms messages to people about a specific alarm state change People and groups can subscribe to a SNS topic so that they will be notified when an alarm state changes Other Services CloudTrailAWS CloudTrail provides visibility into user activity and API activity by recording actions taken on your account Basically if CloudWatch tracks what is happening in your system CloudTrail tracks who is performing actions in your system CloudTrail records information about each action including who made the request the services used the actions performed parameters for the actions and the response elements returned by the AWS service CloudTrail is enabled by default on your account for management events with create modify and delete API calls and account activity If you need more detailed event you ll need to create a Trail and save it to S You can choose which events you want to include in the trail CloudTrail stores days of activity Again if you need to store specific events for longer you ll need to create a Trail and save it to S Logs from CloudTrail can be sent to CloudWatch Logs where CloudWatch metrics and alarms can be built against them ConfigAWS Config can also be considered a monitoring service Config enables you to assess audit and evaluate the configurations of your AWS resources It continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations You configure Config by setting up rules with the desired configuration for a resource Config will then track and record compliance with these rules over time You can configure CloudWatch Events or SNS to alert you when a resource breaches a rule AWS supplies pre configured rules that you can use or you can write your own For example you can use Config to track changes to CloudFormation stacks EC instances and EBS volumes You can also use AWS Systems Manager Automation documents to take action based on AWS Config rules to remediate non compliance with Config rules This AWS blog gives a detailed overview of how these two services work together HealthThe AWS Health Dashboard is a single place to learn about the availability and operations of AWS services You can view the overall status of AWS services and you can sign in to view personalized communications about your particular AWS account or organization While the AWS Health Dashboard is a good way to view the overall status of each AWS service but provides little in terms of how the health of those services is impacting your resources AWS Personal Health Dashboard provides a personalized view of the health of the specific services that are powering your workloads and applications You can configure EventBridge to get notifications for events that might affect your services and resources Service QuotasService Quotas is an AWS service that helps you manage your quotas for many AWS services from one location Along with looking up the quota values you can also request a quota increase from the Service Quotas console Domain Reliability and Business Continuity For this domain AWS wants the student to show that they know how to use the features of individual services to build a system that can remain in operation after an incident or in response to extra load on the system Having a system that can scale out during times of peak load and scale back in when the load subsides is important This is where the courses like Stephane Marek really start to come into their own You should also understand why it is important to architect your system so that it can run in a multi AZ configuration Can your system remain online if an AWS availability zone goes offline within a region EC Auto Scaling and Elastic Load Balancers are essential to know for the exam You must understand them in theory and in practise You should spend time in the console setting up and integrating the services EC Auto ScalingASGs helps you keep your application available by allowing you to automatically add or remove EC instances according to conditions you define They also help with fault tolerance as an unhealthy EC instance can be terminated and replaced with a newer one ASGs are composed of many elements Launch configuration AMI Instance Type Key pair security groups EBS volumes and EC User Data if using Auto scale group minimum maximum and desired number of instancesScaling plan when and how to scale out and in Network and Subnets Use these to specify how many subnets you want to spread your instances across ASGs scale based on CloudWatch alarms and you can set up the group to scale in or out based on a CloudWatch metric Auto scaling will always try to ensure capacity is balanced across AZs You can set up simple scaling policies that add or remove instances when scaling in or out You can also use target tracking to scale This works by tracking a metric like CPU and works to keep all instances at a certain level adding or removing nodes based on the CPU of the instances present in the group It s definitely worth diving deeper into these for the exam Termination Policy which instances to terminate and in what order You can terminate oldest instance and or instances with the oldest launch configuration Can use default termination policy or set your own Instance protection does not protect instances from manual termination initiated via the console or via an api Health checks are how instances get removed from the group You can use an EC status check or if integrated with an ELB use the ELB check Elastic Load BalancersAn ELB distributes incoming application traffic across multiple targets and virtual appliances in one or more Availability Zones AZs It exposes a single DNS endpoint for clients to access your application You can setup ELBs so that they service clients internal to your AWS network or clients that exist outside your network There are types of ELBs that you should know about for the exam Classic Load Balancer older generation and are deprecated You shouldn t get asked about these in the exam but good to know they exist Network Load Balancer operates at Layer network level and at extremely low latency If you see something calling for low latency and TCP traffic think Network Load Balancer Application Load Balancer operates at Layer for HTTPS and HTTP traffic ALB sacrifices latency for features It can provides SSL termination using AWS Certificate Manager stickiness to underlying nodes with cookies and can route traffic based on hostname and url path When you use an ELB the underlying application won t know where the request originated from unless they can reference the x forwarded for header in the request It s worth understanding this concept for the exam You should also understand the error codes that an ELB can return all goodxx client side errors The xx errors are front end errors that pertain to access to the object xx server side errors not access or authorization errors Health Checks are an integral part of ELBs They are used to decide if traffic can be routed to an instance They work different to EC healthchecks in that they check if traffic is getting to the instance not just that the instance is healthy You can specify an ELB healthcheck on an ASG which might be more useful than the EC check CachingCaching is also covered in this domain and it s worth understanding where you would use Elasticache and also caching with CloudFront You could also be asked a question on caching for DynamoDB with DAX Route routingWhile we cover Route in more depth in Domain Networking and Content Delivery it is also relevant for this domain Using Route you can architect a multi region solution to failover when an application in one region becomes unavailable You can do this by combining a Route health check and an Alias record Alias records allow you to point to an AWS Resource ELB S hosted Website CloudFront distribution Elastic Beanstalk API Gateway VPC Endpoint Queries to alias records are free of charge RDSRDS Read replicas are for increased scalability You can run read only workloads against read replicas You can enable automatic backups on a MySQL or MariaDB read replica You can t against SQL Server Oracle or Postgres You can take a manual snapshot of a Postgres read replica A read replica can be promoted to be it s own standalone database instance but once promoted it won t be linked to the primary instance anymore RDS Multi AZ is for increased availability The database copies created in a multi az setup are not readable However automated backups and DB Snapshots are taken from the standby to avoid I O suspension on the primary In the event of a failure you should understand how you can restore your database and to which point you can recover it RTO is Recovery Time Objective and is the amount of time you can take to restore your database Recovery Point Objective is the state at a point of time to which you can restore your database You should also understand how to use replication to enable a restore in another region You should understand the difference between automated backups and snapshots With automated backups RDS take a full backup of your database at a regular frequency generally daily and then backs up the transaction logs generated when updates are made on the database a more regular frequency Generally your RPO is tied to how often you are backing up your transaction logs A point in time recovery is generally getting you to an RPO between the latest full backup by applying all transaction logs up to that point You ll never get this down to realtime and it s generally within minutes Snapshots are taken manually and allow you to restore a copy of your data in a separate RDS instance SFor S you should understand how you can protect accidental deletion of objects To do this you can use versioning MFA Delete and or Object lock Cross region replication can also help This requires versioning to be enabled and deletes are not replicated to the secondary region These are all features of S worth knowing for this part of the exam Data Lifecycle ManagerYou can use Amazon Data Lifecycle Manager to protect your EBS snapshots and EBS backed AMIs Other ServicesWhile you won t need to know serverless services like Lambda DynamoDB SQS and others in depth they may come up in the exam as they can help address different use cases For this domain you should know how to use an SQS to decouple domains and how a queue can be used as a buffer to handle extra load on an application Domain Deployment Provisioning and Automation With this domain AWS is testing your knowledge on how to deploy and run your AWS systems hands free You need to have a good understanding of the different services that can be used to deploy infrastructure across your accounts and also how you can keep them up to date with patches and changes CloudFormationCloudFormation is AWS s Infrastructure as Code service and will more than likely come up in the exam You should understand how to create an EC instance in CloudFormation and how to specify the different networking attributes You specify resources for CloudFormation to create within a template A template can be either in json or yaml format and consists of several sections The top sections don t do much and you just need to know that they exist AWSTemplateFormatVersion always set to Description a description of the templateMetadata template metadataParameters use this section to input custom values to your template each time you create or update a stack This will require input each time you run the stack Rules you can use this section to validate input from the parameters section Mappings useful for making stacks regionally agnostic by mapping regional data like AMI keys in a set of named values Conditions use this section to generate a flag that can be referred to in later sections For example you might want to know want to know if your stack is running in a production account or not and this section can set a flag based on a passed in parameter Transform use this section to run macros within your stack Resources this section is the only mandatory section and where you specify details of the resources you wish to create Outputs output the ARNs of the resources created within the stack Can be useful for passed information to nested stacks Nested Stacks are stacks that are used in other stacks They enable you to standardise the creation of common resources within an account StackSets work within an AWS Organisation to standardise resource creation across accounts within an organisation You can define a stackset in an administration account and then use it as a basis for deployed resources in all target accounts The important thing to remember is that the deployment is controlled from a single administration account and used to deploy resources in or more target accounts Before you deploy a stack you can use a changeset to know what changes will happen before the stack is deployed With the DeletionPolicy attribute you can preserve and in some cases backup a resource when its stack is deleted You specify a DeletionPolicy attribute for each resource that you want to control If a resource has no DeletionPolicy attribute AWS CloudFormation deletes the resource by default Using the UpdatePolicy attribute you can specify how AWS CloudFormation handles updates to a number of services including Auto Scaling Groups Elasticache OpenSearch Elasticsearch and Lambda For the exam it s good to know how it works with ASGs For ASGs this attribute can be set to AutoScalingReplacingUpdateAutoScalingRollingUpdateYou should know how to use the UpdatePolicy attribute to do blue green deployments and rolling and canary environments A stack policy is a policy attached to a CloudFormation stack that controls if and how a resource can be updated For example if your stack creates a production database you may want to prevent CloudFormation from changing the name of the database after it has been created A stack policy can be added to prevent stack resources from being unintentionally updated or deleted during a stack update And finally you ll need to know how to troubleshoot if your Cloudformation stack fails Other ServicesThere are other services within AWS that are also relevant when studying for this domain You can use EC Image builder to create and manage AMIs It can be used at an AWS organisation which helps with maintaining standards across all accounts With AWS Opworks you can use a managed Puppet or Chef service to manage your instances And Elastic Beanstalk can be used to deploy your application code By using Elastic Beanstalk you push responsibility for managing the OS to AWS As with CloudFormation you should understand the different deployments for Elastic Beanstalk You can perform much the same as CF with all at once rolling rolling with additional batches and immutable deployments all supported You can automate patching across your EC instances with AWS Systems Manager Patch Manager And to schedule automated updates or tasks you can utilise EventBridge or AWS Config EC Image Builder simplifies the building testing and deployment of Virtual Machine and container images for use on AWS or on premises It integrates with AWS Resource Access Manager AWS Organizations and Amazon ECR to enable sharing of automation scripts recipes and images across AWS accounts Fix deployment issuesYou may get several questions in the exam concerning failed deployments You will have to be able to troubleshoot these and pick the correct answer Errors with deployments may not be related to anything to do with your application but could be AWS region specific in terms of service quotas You should understand what are they why are they and how they can be changed For example the default limit for a number of instances of a particular type in each region is If you get a InstanceLimitExceeded error when spinning up a new instance it means that you are over your limit and will need to either terminate older instances or request an increase in your quota If you get an InsufficientInstanceCapacity error that means that AWS does not have enough instances of that type in the AZ you are trying to launch Domain Security and Compliance With this domain AWS wants the student to show how they can utilise AWS services to implement polices to control access and ensure compliance They also want to see how you can protect data at rest and in flight There are a lot of separate security services in AWS and I found the table on this page gives a very good overview of them Identity and Access Management IAM IAM is at the core of all AWS services working to ensure only those who have been granted access can execute api calls and actions Generally when you hear someone talking about implementing least privilege it is with IAM I cannot hope to cover it in this article and you will need to study this in depth to pass the exam You should start by reading the IAM faqs There is a lot of good material in here The following videos also give a very good overview of the service AWS re Inforce The Fundamentals of AWS Cloud Security FND R AWS re Invent REPEAT Getting started with AWS identity SEC R secd iamFor the exam you will need to be able to look at the json of an IAM policy and understand what it does With the IAM policy simulator you can test and troubleshoot identity based policies IAM permissions boundaries Organizations service control policies SCPs and resource based policies Working with AWS OrganizationsYou must understand AWS Organizations and they help centrally manage and govern a multi account environment for the exam The Using AWS Organizations for security page gives a very good overview of how they work with Control Tower service control policies and other services like CloudTrail Config and CloudFormation StackSets AWS Resource Access Manager RAM helps you securely share your resources across AWS accounts within your organization or organizational units OUs in AWS Organizations and with IAM roles and IAM users for supported resource types While IAM Access Analyzer helps identify resources in your organization and accounts that are shared with an external entity Trusted AdviserThe Trusted Adviser service includes several security checks It s a very passive service only reporting on what it sees but it can be useful It can be configured to run at an organization so can be good for checking compliance across all accounts GuardDutyAmazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation Integrates with AWS Detective You can also integrate GuardDuty with Amazon EventBridge to automate best practices for GuardDuty such as automating responses to new GuardDuty findings DetectiveAmazon Detective helps customers conduct security investigations by distilling and organizing data from source such as AWS Cloudtrail Amazon VPC Flow Logs and Amazon GuardDuty into a graph model that summarizes resource behaviors and interactions observed across a customer s AWS environment InspectorAmazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS It assesses applications for vulnerabilities or deviations from best practices After performing an assessment Amazon Inspector produces a detailed list of security findings prioritized by level of severity Inspector does not automatically remediate issues but could integrate with Systems Manager to do so One important to note about Inspector is that it works primarily with EC instances Parameter StoreAWS Systems Manager Parameter Store provides secure hierarchical storage for configuration and secrets You can store data such as passwords database strings Amazon Machine Image AMI IDs and license codes as parameter values You can encrypt the parameters using KMS It also integrates with CloudFormation Secrets ManagerAWS Secrets Manager is the go to service to help you protect secrets needed to access your applications services and IT resources It integrates with database services like RDS and Redshift to rotate credentials and keep them in sync If you re wondering if you should use Parameter Store instead of Secrets Manager have a read of this Handling Secrets with AWS article from Corey Quinn KMSYou must know this service for the exam Generally questions will generally be on how you can use KMS with different services and not just on KMS itself It makes sense when you think about it as it doesn t exist as a standalone service KMS is the go to service for encryption in AWS so it will come up in the exam Start with the faqs and I found this video very useful in understanding the service AWS re Inforce How Encryption Works in AWS FND R S EncryptionYou should understand the methods for encrypting data at rest in S These are SSE S native encryption using keys managed by S SSE KMS use KMS to manage encryption SSE C use your own encryption keys Client side encryption the client application controls encryption and decryption of the object Certificate ManagerAWS Certificate Manager ACM handles the complexity of creating and managing public SSL TLS certificates for your AWS based websites and applications ACM can also be used to issue private SSL TLS X certificates that identify users computers applications services servers and other devices internally When you think of encrypting data in flight ACM is a major part of it CloudHSMAWS CloudHSM provides hardware security modules HSM in the AWS Cloud An HSM is a computing device that processes cryptographic operations and provides secure storage for cryptographic keys CloudHSM allows you to generate store import export and manage cryptographic keys including symmetric keys and asymmetric key pairs MacieAmazon Macie is a service that will scan data in S and discover any PII or sensitive fields that may be contained therein If you get a question about identifying PII data or sensitive fields chances are that Macie will be an option and a worthy candidate Firewall ManagerAWS Firewall Manager is a security management service you use to centrally configure and manage firewall rules and other protections across the AWS accounts and applications in your organization Using Firewall Manager you can roll out AWS WAF rules create AWS Shield Advanced protections configure and audit Amazon Virtual Private Cloud Amazon VPC security groups and deploy AWS Network Firewalls Use Firewall Manager to set up your protections just once and have them automatically applied across all accounts and resources within your organization even as new resources and accounts are added Domain Network and Content DeliveryThis is a very important domain and you ll definitely need a separate resource to help study it AWS is testing the student to see how they can implement networking features and connectivity configure domains DNS services and content delivery and troubleshoot network connectivity issues VPC ConfigurationThis a very large topic and impossible to cover in detail All of the aforementioned cloud training providers covered this in depth To get started you could take a look at the VPC FAQs These are some of the better faqs on AWS A VPC can span multiple Availability Zones but a subnet must reside within a single Availability Zone When you launch an Amazon EC instance you must specify the subnet in which to launch the instance The instance will be launched in the Availability Zone associated with the specified subnet You are initially limited to launching Amazon EC instances at any one time and a maximum VPC size of IP addresses and a minimum of IP addresses Network ACLs are stateless If you allow traffic in you must also allow traffic out NACLs operate at the subnet level Security Groups are stateful By default if you allow traffic in it will be allowed out unless you add an explicit deny Security Groups operate at the instance level You may get asked to troubleshoot a scenario where an EC instance is not reachable or communication between two components is blocked Because they operate at different levels of the VPC you will need to ensure that both the NACLs and Security Groups are working together CIDR blocksWhen you setup a VPC and subnets you must specify a CIDR block of IP addresses for both Your subnet CIDR block will be a subset of your VPC CIDR block Remember that is the maximum in an octet so if you need more than that you need to shift left to the next octet gives IP Addresses gives IP Addresses octet gives IP Addresses octets When assigning IPs to subnets you can t overlap them For each CIDR block assigned to a subnet AWS reserves IP addresses for it s own use VPC Connectivity OptionsYou should also understand the different connectivity options from and to VPCs and this whitepaper gives you a good place to start It covers Network to Amazon VPC Connectivity How to connect remote networks such as an existing data center or office network with your Amazon VPC environment Amazon VPC to Amazon VPC Connectivity How to connect VPCs together These can be with your own account or other accounts Internal User to Amazon VPC Connectivity Allow users access to your VPC You need to know the difference between a VPN Direct Connect and a Transit VPC and also how they can complement each other Also know the difference between a Virtual Private Gateway and a Customer Gateway AWS PrivateLink is a highly available scalable technology that enables you to privately connect your VPC to supported AWS services services hosted by other AWS accounts VPC endpoint services and supported AWS Marketplace partner services Route Amazon Route provides highly available and scalable Domain Name System DNS domain name registration and health checking web services You could start with the faqs A hosted zone in Route is analogous to a traditional DNS zone file it represents a collection of records that can be managed together belonging to a single parent domain name There are several record types that you can use within a hosted zone but these are the most important Zone Apex e g amazon com or google comA URL to IPv addressAAAA URL to IPv addressCNAME URL to URLALIAS URL to AWS Resource point an URL to an AWS resource ELB S hosted Website CloudFront distribution Elastic Beanstalk API Gateway VPC Endpoint An alias record is a Route extension to DNS It s similar to a CNAME record but you can create an alias record both for the root domain such as example com and for subdomains such as www example com You cannot create CNAME records for the zone apex If you see a question asking which type of Route record should you use for pointing to an AWS service such as ELB S hosted Website CloudFront distribution Elastic Beanstalk API Gateway or VPC Endpoint the correct option is an alias record Route doesn t charge for alias queries to ELB load balancers or other AWS resources Also an alias record has a native healthcheck Routing policiesSimple Routing Policy maps a domain to a single URL Weighted Routing Policy can route traffic to multiple resources in proportions that you specify Latency Based Routing LBR can direct traffic to the region with the best latency based on network round trip Failover routing allows you to configure active passive failover by enabling you to route traffic to a primary resource when the resource is healthy and to a secondary resource when the primary is unhealthy Geolocation routing lets you choose the resources that serve your traffic based on the geographic location of your users meaning from the location that the DNS queries originate For example you might want all queries from Europe to be routed to an ELB load balancer in the Frankfurt region Geolocation routing policies route based on the physical location of a user whereas latency based routing selects the AWS Region with the lowest latency Geoproximity routing enables you to route traffic to your resources based on the distance between your users and your resources Route calculates which resource is closer to the source of the query and routes requests accordingly Multivalue answer routing policy is similar to simple routing but includes a health check TTLThe time for which a DNS resolver caches a response is set by a value called the time to live TTL associated with every record Route does not have a default TTL for any record type You must always specify a TTL for each record so that caching DNS resolvers can cache your DNS records to the length of time specified through the TTL HealthchecksYou can use Route healthchecks to monitor the health of your resources and route traffic accordingly You can put a healthcheck on the health of a specified resource such as a web server the status of other health checks and the status of an Amazon CloudWatch alarm CloudFront for content deliveryAmazon CloudFront is a content delivery network CDN that can deliver your content across the globe using the AWS network Your read only content can be cached at the edge in any of AWS s local points of presence Your content can come from aka origin servers an Amazon S Amazon Elastic Compute Cloud EC Elastic Load Balancing ELB or a custom server outside of AWS An Origin Access Identity OAI allows you to restrict access to the contents of the bucket so that all users must use the CloudFront URL instead of a direct S URL An OAI is a special CloudFront user that can access the files in the bucket and serve them to users You should block public access to the S bucket to prevent users from accessing the files directly You can use an origin request policy to configure CloudFront to include cookies and HTTP request headers in origin requests You should understand how long it takes for new content to roll out to the different points of presence and what you can do to speed it up Basically you can flush the cache and that will speed it up S static website hostingYou can host a static website on S The url will be the bucket name You must update the bucket policy to allow public reads You should also understand CORS in relation to allowing access to files in your S bucket Troubleshooting networking and connectivity issuesYou can collect and evaluate logs from VPC flow logs ELB access logs AWS WAF web ACL logs and CloudFront logs to help troubleshoot network issues AWS WAF vs AWS ShieldAWS WAF is a web application firewall that helps protect web applications or APIs against common web exploits that can affect availability compromise security or consume excessive resources AWS WAF gives you control over how traffic reaches your applications by offering you the ability to create security rules that block common attack patterns such as SQL injection or cross site scripting You also can create rules that filter out specific traffic patterns that you define AWS Shield is a managed Distributed Denial of Service DDoS protection service that safeguards applications running on AWS AWS Shield provides always on detection and automatic inline mitigations that minimize application downtime and latency so there is no need to engage AWS Support to benefit from DDoS protection There are two tiers of AWS Shield Standard and Advanced Standard operates at layer whereas Advanced can operate at layer You can use AWS Shield Standard with Amazon CloudFront and Amazon Route AWS Shield Advanced is available globally on all Amazon CloudFront AWS Global Accelerator and Amazon Route edge locations AWS Shield Advanced also gives you x access to the AWS Shield Response Team SRT and protection against DDoS related spikes in your Amazon Elastic Compute Cloud EC Elastic Load Balancing ELB Amazon CloudFront AWS Global Accelerator and Amazon Route charges Domain Cost and Performance OptimisationI really like the way AWS puts both cost and performance optimisation in the same domain It reinforces that performance optimisation in the cloud can lead to cost optimisation Corey Quinn outlines this well in his article The Key to Unlock the AWS Billing Puzzle is Architecture The first part of this domain will focus on implementing cost optimization strategies and the first place to start is understanding your existing costs To do this you need data and a report Data is useful to categorise your resources so that you can report on their costs accurately AWS uses tags to drive a lot of it s reporting If you wish to use a tag for cost reporting you must activate it as a cost allocation tag in the Billing and Cost Management console Resource Groups Tag EditorWith AWS Resource Groups you can create maintain and view a collection of resources that share common tags Tag Editor manages tags across services and AWS Regions Tag Editor can perform a global search and can edit a large number of tags at one time Resource Groups work within an AWS Organization and you can use Tag Editor to tag resources across all accounts Cost ExplorerAWS Cost Explorer is a reporting tool built into the AWS console that helps you view and analyze your costs over a time period You can slice and dice your data by many dimensions including cost allocation tags Within the cost explorer console you will also get a forecast of how much you will spend in the next months and recommendations on how to cut costs Cost and usage reportFor more comprehensive cost and usage data you can enable the cost and usage report to run and save it s output to S You can receive reports that break down your costs by the hour day or month by product or product resource or by tags that you define yourself AWS updates the report in your bucket once a day in comma separated value CSV format Budgets and billing alarmsYou can set custom budgets with the AWS Budgets service that alert you when you exceed your budgeted thresholds You can also setup a billing alarm in CloudWatch if you breach a certain threshold within a period of time Trusted AdvisorIn addition to the security checks already mentioned AWS Trusted Advisor also includes checks for costs Compute OptimizerAWS Compute Optimizer recommends optimal AWS resources for your EC instances EBS volumes and Lambda functions based on their usage data For example Optimizer can tell if you have over provisioned an EC instance and may recommend that you save costs by right sizing the instance to a smaller one EC Spot instancesIf your workload allows it EC spot instances can be a very cost efficient way to run then If you can run your jobs at off peak or start and stop them easily you can pay a fraction of what it would cost for on demand or even reserved instances Spot can be a very good way to run background processes where latency is not so important S Lifecycle ManagementYou should understand the different storage classes in S and where it makes sense to use them Generally the cheaper the storage the more expensive it is to access Therefore you need to align the access patterns to the correct storage Use cheaper storage for data that is not accessed often and more expensive storage for data that is accessed regularly The second part of this domain is to implement performance optimization strategies This section is not about getting the cheapest performance but more about getting the best value for money For example if you need to reduce latency between applications running on separate EC instances it may be worth paying for a placement group that ensures your instances are located close to one another It is being aware that it is an option and understanding the costs associated with it Other examples are utilising the right EBS volumes to match your use case Would paying more for Provisioned IOPS over SSD be a better choice for your application Turning on S Transfer Acceleration will cost you more but will deliver objects into your bucket at a much faster rate Splitting an object into parts and using multipart uploads to send it to S can also increase the transfer rate and also make the transfer more fault tolerant If only one part fails that part can be re tried rather than the entire object With RDS you can use metrics to identify any processes that are consuming resources beyond what you expect A badly performing query can consume a disproportionate amount of resources and reduce performance of the database Use RDS Proxy to more efficiently re use and balance open database connections across all clients Exam LabsThe SysOps exam is the only AWS exam that has a practical element I practised them and watched instructors going through them If you re used to working with in the AWS console combined with the instructions for each lab you should be able to handle this part of the exam My exam had three labs and I had never touched the services involved in two of them before I know AWS gets a hard time for inconsistent UX but I have a different perspective after the exam There is a general consistency between services and practise with one will help you familiarise with others SummaryI think this is the longest article I have ever written and it reflects the breadth of services that the exam covers I enjoyed the exam and learned a lot from studying for it I hope this article can help you with your own study Please comment or ask questions I m generally pretty good at getting back to people	2022-04-10 22:15:44
海外TECH	DEV Community	SPO600 Project – Step 2 – SVE2 Implementation	https://dev.to/xguhx/spo600-project-step-2-sve2-implementation-3nae	SPO Project Step SVE Implementation Hey ThereIts time for Step of our SPO Project Before we start lets do a quick review on what we need to do in this projectStep Research a library level package to be a candidate for sve implementation Step Implement sve to the chosen package Step Upstream your changes or prepare it for future implementation Continuing with FFmpegAfter choosing this package I had to follow some steps to make sure it was able to receive sve through auto vectorization Check if there was previous implementation of sve There was as said in Step Check if the compiler could apply the auto vectorization on this package Check the correct Makefile to change in order to apply the auto vectorization to all files in the package My ApproachAfter taking a look at the S and c files with neon optimization on them I realized that this package was able to receive the auto vectorization from the compiler so I decided to give it a try Then I started looking for a Makefile but for my surprise there was quite a few Where should I start searching many of these files have some configuration that I cannot even understand properly So I decided to start from the beginning MakefileIt looked like this And kept going and going but no sign of compiler and optimizations But there was something there that caught my attention At the very top of the file there was an include that could help me and then there I went to see if I could find the gcc instructions The congif mak is generated by the configure script and it enables the neon optimization and others But when I checked the config mak file looking for the gcc optimizations I found that they were disabling the vectorization So I decide to change it to enable the vectorization And then I run the make command After built it was time to try it For my surprise the first run I got core dumped error which this time was a very welcome error message It meant that the program was built in a way that it could not be run by the current system So I tried to run it using the qemu aarch emulator and for my surprise the program worked fine I tried to test it with a sample file few times to see if it worked and here is the result It converted my sample avi to output avi with framerates as I requested It was time to check if there was indeed sv optimizations inside the binary file So I used Objdump d and I found that there was really sve in there Here are some examples We can see z and p registers being used together with the whilelo instruction To sum upStep was an adventure At first I thought that going for auto vectorization would be an easy task I though that a Makefile would be waiting for me just to change the arguments of the compiler but in the end I had dozens of Makefiles each with different configurations and it required a loot of reading and research to make it work I had to learn that there was configure scripts needed to make the configurations appears and the file I was looking for was not even a Makefile it was a mak one I pretend to write a little more about Makefiles as it seems to me a powerful tool and way more complicated and deeper than I have imagined Thank you for reading	2022-04-10 22:15:16
海外TECH	DEV Community	Implementing a Countdown Element in a Quick App	https://dev.to/josholadele/implementing-a-countdown-element-in-a-quick-app-m75	Implementing a Countdown Element in a Quick App What Is a Countdown ElementThe countdown element is used to display the remaining time for a promotion activity and will send a notification when such time ends This element supports Time setting by day hour minute and secondConfiguration of text border and delimiter stylesTime delayCallback event for countdown endingAs shown in the following figure the layout of the element consists of numbers and delimiters Generally the numbers indicate the remaining time by day hour minute and second The delimiters are used to separate numbers Common delimiters can be words day hour minute and second and colon lt import name countdown src Countdown countdown gt lt import gt lt template gt lt div class container gt lt text gt General usage lt text gt lt div class example body gt lt countdown class countdown day this day hour this hour minute this minute second this second splitor color AFF border width border style dotted border color AFF gt lt countdown gt lt div gt lt div gt lt template gt Implementation Steps Customizing SubelementsThe countdown UI can be used universally while the layout of its content may vary and therefore cannot be hardcoded Otherwise once any part of the content UI is changed the subelements will also need to be modified which violates the principle of open source programming Therefore multiple style attributes are supported in countdown ux for you to customize the style of subelements Designing the Attributes and Supported Event of Subelements Designing the Overall LayoutThe text element is used to design the layout of the delimiters and numbers as displayed in Figure below Define the related attributes in props of the subelements and pass the values when the parent element references the subelements Call this watch day changeFlag to listen to the changes of the values and then update and process the values in the subelements as displayed in Figure below Implement the countdown algorithm You need to convert days hours and minutes to seconds set the timer to decrease by every second and reconvert the seconds back into days hours minutes and seconds accordingly as shown in Figure and below Figure Figure aFigure bFigure Figure Define the timeup callback event in the parent element and implement and bind the event as displayed in Figure Trigger the timeup event of the parent element in the subelements as displayed in Figure Figure aFigure bFigure SummaryIn this tutorial you have learned how to Design subelements including their attributes and supported events Implement data communication between the parent element and subelements Convert days hours minutes and seconds and set a timer Configure the style of the element ReferenceQuick app official document	2022-04-10 22:14:36
金融	ニュース - 保険市場TIMES	セイビー・NECファシリティーズ・三井住友海上、3社間業務提携を締結	https://www.hokende.com/news/blog/entry/2022/04/11/080000		2022-04-11 08:00:00
ニュース	BBC News - Home	French elections: Macron and Le Pen to fight for presidency	https://www.bbc.co.uk/news/world-europe-61061230?at_medium=RSS&at_campaign=KARANGA	macron	2022-04-10 22:11:46
ニュース	BBC News - Home	The Papers: Sunak faces review and 'fight for France's future'	https://www.bbc.co.uk/news/blogs-the-papers-61062233?at_medium=RSS&at_campaign=KARANGA	elections	2022-04-10 22:41:28
ニュース	BBC News - Home	Masters: Magnificent Rory McIlroy holes from bunker on 18th for 64	https://www.bbc.co.uk/sport/av/golf/61062346?at_medium=RSS&at_campaign=KARANGA	Masters Magnificent Rory McIlroy holes from bunker on th for Rory McIlroy chips out of the sand and watches his ball disappear into the middle of the th hole before celebrating wildly as he completes a round of in the final round of the Masters	2022-04-10 22:19:38
ビジネス	ダイヤモンド・オンライン - 新着記事	仏大統領選、マクロン氏とルペン氏が24日の決選投票へ - WSJ発	https://diamond.jp/articles/-/301408	大統領選	2022-04-11 07:05:00
北海道	北海道新聞	パイレーツ筒香は５打数無安打　カージナルス戦	https://www.hokkaido-np.co.jp/article/667971/	筒香	2022-04-11 07:23:00
北海道	北海道新聞	ストラスブール川島は出番なし　フランス１部、リヨン戦	https://www.hokkaido-np.co.jp/article/667966/	出番	2022-04-11 07:23:00
北海道	北海道新聞	レガネス柴崎は後半途中まで出場　スペイン２部、オビエド戦	https://www.hokkaido-np.co.jp/article/667967/	後半途中	2022-04-11 07:23:00
北海道	北海道新聞	松山英樹、マスターズ連覇ならず　復帰のタイガーは１３オーバー	https://www.hokkaido-np.co.jp/article/667956/	松山英樹	2022-04-11 07:13:35
北海道	北海道新聞	マクロン、ルペン両氏で決選へ　仏大統領選第１回投票、得票予測	https://www.hokkaido-np.co.jp/article/667951/	大統領選	2022-04-11 07:03:28
ニュース	THE BRIDGE	米HRテックのRemote、ソフトバンクVF2らから3億米ドルをシリーズC調達——時価総額は30億米ドルに	https://thebridge.jp/2022/04/remote-secures-300-million-series-c-financing-to-power-global-employment-pickupnews	米HRテックのRemote、ソフトバンクVFらから億米ドルをシリーズC調達ー時価総額は億米ドルにRemotesecuresmillionSeriesCfinancingtopowerglobalemploymentサンフランシスコに本拠を置くRemoteは、シリーズCラウンドで億米ドルを調達した。	2022-04-10 22:45:45
ニュース	THE BRIDGE	Walmart傘下のインドEC最大手Flipkart、時価総額最大700億米ドルで米IPOを視野に	https://thebridge.jp/2022/04/flipkart-eyes-2023-ipo-70b-valuation	Walmart傘下のインドEC最大手Flipkart、時価総額最大億米ドルで米IPOを視野にTechinAsiaでは、有料購読サービスを提供。	2022-04-10 22:30:47
ニュース	THE BRIDGE	Binance US、時価総額45億米ドルで2億米ドル超をシード調達	https://thebridge.jp/2022/04/binanceus-raises-200m-seed-money-45b-valuation	BinanceUS、時価総額億米ドルで億米ドル超をシード調達TechinAsiaでは、有料購読サービスを提供。	2022-04-10 22:15:42