AWS |
AWS The Internet of Things Blog |
Digital Twins on AWS: Understanding “state” with L2 Informative Digital Twins |
https://aws.amazon.com/blogs/iot/l2-informative-digital-twins/
|
Digital Twins on AWS Understanding “state with L Informative Digital TwinsIn our prior blog we discussed a definition and framework for Digital Twins consistent with how our customers are using Digital Twins in their applications We defined Digital Twin as “a living digital representation of an individual physical system that is dynamically updated with data to mimic the true structure state and behavior of the … |
2022-07-21 15:11:34 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
「streamlit hello」を実行すると「command not found」になる |
https://qiita.com/otomaru97/items/7903e162011cb63e3666
|
commandnotfound |
2022-07-22 00:24:17 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
GiNZA で形態素解析やってみた(インストールで少しだけハマった) |
https://qiita.com/munepi0713/items/5666276082c35f2428ea
|
catetcosrele |
2022-07-22 00:10:30 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
プログラム経験2ヶ月の私が1週間で機械学習アプリをつくってみた |
https://qiita.com/sobacha/items/fc320b5e6122da75f486
|
機械学習 |
2022-07-22 00:09:04 |
海外TECH |
DEV Community |
How to get 2000+ stars on GitHub with 11 places to promote your project |
https://dev.to/ixartz/how-to-get-2000-stars-on-github-with-11-places-to-promote-your-project-2o3h
|
How to get stars on GitHub with places to promote your projectMy React Boilerplate with Next js has recently reached stars on GitHub In the last months I ve continuously been working on improving the project and adding new features Unfortunately this isn t enough to get the project noticed by the community I ve also spent my time promoting the project on many platforms and in this article I ll share with you my places to promote an open source project Preparation for a successful promotionBefore promoting your project you need to make sure other developers will be interested in it In my case as an indie maker I constantly build new products So I was losing my time installing and configuring new React projects again and again For example I was spending my time configuring TypeScript ESLint Prettier Jest Cypress and other JavaScript related tools With this frustration I ve decided to create a React boilerplate that you can use to start quickly a new project I thought other people would have the same pain So I made the project open source and accessible to everyone You also need to make sure your project is easy to use Any documentation tutorials or README you provide will help other developers to get started Especially if you have a good looking README file it ll definitively increase your chances of getting a good first impression and a star on your GitHub project After making sure that everything is in place we can start promoting in these places Google with SEOFor my React Boilerplate the project is currently ranked number on Google for the keyword Next js Boilerplate It brings a lot of traffic to the repository and increases the number of stars on GitHub Actually the project got the most traffic from Google Google brings more traffic than GitHub itself That s why it s extremely important to write the README file for Google to index The good thing about SEO is that you only need to set it up once Then your project automatically gets some traffic from Google It s fully passive But SEO is hard and complex especially if you target a highly competitive keyword There are a lot of factors that can influence your Google ranking It requires you to invest your time to learn about the SEO strategy and how to implement it TwitterAs you already know Twitter has a large number of developers that can be interested in your project If you have a large based of followers you shouldn t have any issues getting noticed when you start promoting your project But when you don t have a lot of followers like me you need to make sure you have a good chance to get noticed You should add some hashtags to your tweet it ll help you to increase your reach For example you can add some hashtags like the technology stack you use to build your open source project like react reactjs javaScript webdev nextjs etc Here is one example of my tweet where I got likes and retweets by having only followers RedditReddit has also a large community of programmers who can support you by giving you a star on your project There are communities for almost every technology stack For example there is a subreddit for React named r reactjs And there is also a subreddit for Node js JavaScript TypeScript AWS etc You won t have difficulty finding a community where it makes sense to promote your project For your information each subreddits has different rules and guidelines Some subreddits are more strict than others I suggest you take some time to read them and make sure you follow them For one of my posts on Reddit I got XXX upvotes which translates to a lot of stars on GitHub I don t remember the exact number Awesome listsYou can find a similar list directly on GitHub with Awesome Lists There is almost an Awesome list for each technology stack and each field in software engineering It shouldn t be hard to find a list that fits your project For Next js Boilerplate I ve posted into these lists Awesome Tailwind CSSAwesome AWS AmplifyAwesome JAMStack Publish aggregator websitesThere are several websites that list projects using a specific technology stack For example BestOfJs is a website that aggregates open source projects built with JavaScript You can find a similar website for React Vue Tailwind CSS and more Indie HackerNot everybody on Indie Hacker is a developer So not everybody will be interested in your open source project But one of the largest groups on Indie Hacker are developers People on indie hackers are building a startup or bootstrap company So if your project can help them in their business you should promote it on Indie Hacker My React Boilerplate Template helps developers to start a new project So indie makers can use it to start their new productl whether for a landing page a SaaS a blog etc That s why I ve done some promotions on Indie Hacker Write a blog postYou can write a blog post about your project on your blog if you have one So you can share your vision and your idea It s the perfect solution to promote your project Or you can also write a tutorial on how to use your project You can also post on Dev to Hashnode Medium or any other platform as an alternative Or you can republish your blog post from your personal blog into these platforms DiscordToday most open source project has a discord channel where they can discuss with other developers A great way to get help from other developers and you can connect with others who use the same technology For example there is a discord channel for React developers named Reactiflux If your project uses React it makes sense to join the server and promote your project NewsletterYou can find a lot of newsletters for developers For example you can find a newsletter for JavaScript developers called JavaScript Weekly You can definitively try to contact them to see if they are interested in featuring your project in their newsletter Like on Reddit you can definitely find a newsletter where your project can be promoted There is almost a newsletter for each technology stack and each field in software engineering GitHub TrendsYour project can be featured on GitHub Trends if it has received a large number of stars in a short period After appearing in GitHub Trends my React Boilerplate has received more than stars in one day So this is super effective to get stars on your project Github ExploreGitHub Explore is a great way to find open source projects It automatically suggests open source projects hosted on GitHub to users based on their interests So it s important to fill your project details by adding description and tags Your project will show up on the right side of their dashboard It will also show up in their explore page I myself love this feature and use it to discover projects that I can use ConclusionThese are the places I ve posted about my Next js Boilerplate Template The project on GitHub has now stars on GitHub It was a long journey it took me almost years to reach this number Hope this article can help you and shorten your journey to get stars on your project After working on this boilerplate for almost two years I noticed it s possible to go further by creating a SaaS boilerplate It s exactly the same idea but applies to a SaaS product So I build a React SaaS Boilerplate a boilerplate you can get everything you need to create your SaaS and earn your st MRR It ll take care of all the features needed to make SaaS products authentication payment team support dashboard landing page etc So you focus on what makes your project unique and quickly launch your SaaS |
2022-07-21 15:51:14 |
Apple |
AppleInsider - Frontpage News |
Subscription model will drive Apple's $3T market valuation, analyst says |
https://appleinsider.com/articles/22/07/21/subscription-model-will-drive-apples-3t-market-valuation-analyst-says?utm_medium=rss
|
Subscription model will drive Apple x s T market valuation analyst saysInvestment Bank Morgan Stanley says that Apple s path to a trillion market valuation will stem from the company s user base and an increasing shift to a subscription model ServicesIn a note to investors seen by AppleInsider analyst Erik Woodring ーwho is assuming coverage of Apple from Katy Huberty ーtakes a look at how a more pronounced shift to a subscription model could add nearly trillion to Apple s current market capitalization Read more |
2022-07-21 15:07:16 |
海外TECH |
Engadget |
Amazon's Rivian-made electric vans are now delivering in some US cities |
https://www.engadget.com/amazon-rivian-electric-delivery-van-nationwide-152713164.html?src=rss
|
Amazon x s Rivian made electric vans are now delivering in some US citiesDon t be surprised if one of Rivian s electric vans delivers your next Amazon order Amazon has revealed that Rivian s custom made EVs are now delivering packages across the US You ll find them in numerous cities that include Baltimore Chicago Dallas Kansas City Nashville Phoenix San Diego Seattle and St Louis The company expects the vans to serve over cities by the end of and still hopes to field vehicles by Amazon s rollout hasn t gone as smoothly as originally expected It first started testing Rivian s van in Los Angeles early last year and hoped to use them in as many as cities by the end of The expansion was relatively slow however with San Francisco as the most notable addition The Rivian cargo carrier is meant to help Amazon reach its goal of net zero carbon emissions by but it also represents a technological upgrade The bespoke vans are focused on safety with greater visibility and a host of driver aids that include automatic emergency braking and highway assistance They unsurprisingly make use of Alexa to help drivers check the weather and otherwise improve their rides The deployment could be important the finances of both companies Amazon had a percent stake in Rivian as of late ーit stands to benefit when its automotive partner does It s also no secret that Rivian is cutting costs to pursue sustainable growth It needs as much business as it can get and a wider Amazon rollout could help its bottom line |
2022-07-21 15:27:13 |
海外TECH |
Engadget |
Some Skullcandy earbuds will run two voice assistants simultaneously |
https://www.engadget.com/skullcandy-voice-assistant-alexa-simultaneous-151813780.html?src=rss
|
Some Skullcandy earbuds will run two voice assistants simultaneouslySome of Skullcandy s earbuds will be able to support two voice assistants at the same time Last year the brand debuted its own assistant Skull IQ on Grind Series and Push Active earbuds Skull IQ is primarily about controlling audio including managing your media player adjusting device settings and answering or dismissing calls It can launch Spotify via voice command as well For just about anything else though you ll need another assistant That s where Alexa comes into play The dual voice assistant feature was announced during an Alexa developer event It s not clear when it will be available on Skullcandy s earbuds Other voice powered platforms offer multi assistant experiences with Alexa too such as Sonos Voice Control and Pioneer s NP Amazon is expanding Alexa in other ways It just announced developer tools that will enable app and device makers to create Alexa routines and suggest them to users Amazon sees the move as a step toward realizing its vision of an ambient more autonomous smart home |
2022-07-21 15:18:13 |
海外TECH |
Engadget |
Amazon Fire 7 (2022) review: You don't get much for $60 |
https://www.engadget.com/amazon-fire-7-review-150054618.html?src=rss
|
Amazon Fire review You don x t get much for If you want a tablet just for browsing the internet watching videos and playing games you won t need anything fancy Amazon s Fire tablets are exactly that Most of them are under and the Fire which has been updated for starts at just if you don t want ads on the lock screen It offers upgraded internals as well as Amazon s Fire OS which adds minor improvements like a dark mode Yet it still suffers from many of the same limitations that plagued older models like the lack of Google apps Updated hardwareThe Fire tablet has GB of RAM double that of previous generation and is powered by the same quad core GHz processor as the Fire HD Amazon also promises longer battery life and importantly now uses a USB C port instead of micro USB That alone makes this worth the upgrade since USB C is fast becoming the new charging standard Aside from that the overall look and feel of the Fire is unchanged It s made out of plastic with thick bezels surrounding its inch display Yet it does feel durable I also didn t mind the bezels as they gave me room to grip the tablet without accidentally launching apps The screen is one of the bigger disappointments with the Fire though Its by resolution just looks terribly dull with fuzzy images and muddy colors Even for a budget tablet and granted there aren t that many in this price range a display that s less than full HD in this day and age seems outdated The rest of the Fire s hardware is the same as its predecessor It has megapixel cameras on the front and rear or GB of built in storage expandable up to TB with microSD card and a mm headphone jack As expected the camera quality isn t impressive but it ll work for a quick video chat Just don t expect to use it for actual photography unless you re really into super grainy washed out images Amazon Fire EngadgetMeh performance but solid battery lifeThough the new Fire has more RAM and a quad core GHz processor don t expect lightning fast performance Navigating the Fire OS interface feels smooth for the most part but it s still sluggish at times I experienced some lag when switching apps and scrolling through Instagram for example It can handle basic tasks like checking email but the Fire won t be as fast as modern smartphones My favorite thing about the new Fire is its long battery life Amazon says it should last up to hours on a charge but of course that depends on how you use it In the usual battery test we run for Android devices where we play a locally stored video on loop the Fire lasted for close to hours I mostly used it to watch Prime videos read books on the Kindle app check Instagram and Twitter and play a few rounds of Candy Crush Saga After several days of occasional use an hour or so a day for a week the Fire still has around percent battery I should note however that the Fire doesn t offer wireless or fast charging It comes with a W charger which took around four hours to top up the battery nbsp New software but same ol issuesThe Fire comes with Fire OS which adds Android features like a system wide dark theme Yet the interface looks the same Like all other Fire tablets it runs Amazon s proprietary skin that forced me to use Amazon approved apps rather than ones from the Google Play Store As someone who relies a lot on Google apps I was frustrated by this Instead of the native version of Gmail or YouTube for example I had to use inferior third party apps that just didn t look or feel as intuitive If you re an Amazon die hard however you ll benefit from Fire OS As soon as I logged in all of my favorite Amazon content showed up on the home screen like TV shows on Prime Video personalized recommendations on Kindle Unlimited suggested Audible books based on my purchases and more Of course the caveat is that you won t be able to delete Amazon related apps like Kindle Goodreads and Prime Video Plus you won t see recommendations for shows and content that s not on Amazon no Netflix suggestions for example It makes sense that Amazon would push its own services but it s still annoying Like other Amazon products the Fire features hands free Alexa which makes controlling my smart home devices easier It s also helpful for getting the weather forecast the latest sports scores or answers to random trivia questions Amazon Fire AmazonWrap upThe thing you should know about Fire tablets is that they aren t typical Android devices you ll need to sideload the Google Play Store for example if you want to use Google apps Amazon s proprietary interface prioritizes its own apps like Prime Video and Kindle over others But if you already heavily rely on Amazon services I can see how the Fire might be tempting it delivers an Amazon curated experience for cheap Unfortunately if you want a tablet in the price range you don t have many non Amazon options Two of the more affordable non Amazon tablets at this time appear to be the Lenovo Tab M starting at and the Samsung Galaxy Tab A Lite starting at We haven t reviewed them just yet but both at least let you use Google apps without resorting to third party options If you re dead set on a budget Fire tablet I actually recommend the Fire HD instead It has a superior HD display longer battery life and wireless charging It also supports Show Mode which basically turns it into a portable Echo Show At with ads it s more than the Fire but I think it s well worth the extra cost |
2022-07-21 15:00:54 |
Cisco |
Cisco Blog |
Partnering to Win Global SMBs with Managed Services for Webex |
https://blogs.cisco.com/sp/partnering-to-win-global-smbs-with-managed-services-for-webex
|
Partnering to Win Global SMBs with Managed Services for WebexWe have a unique opportunity to enhance our market position and better meet your customer needs with Webex Our Wholesale Route to Market RTM is designed to capture this opportunity taking our winning partnership to a new level by leveraging your market power and our innovative Webex technology |
2022-07-21 15:30:00 |
Cisco |
Cisco Blog |
Cisco Catalyst 9300X Switches Deliver More |
https://blogs.cisco.com/networking/cisco-catalyst-9300x-switches-deliver-more
|
Cisco Catalyst X Switches Deliver MoreHybrid work and automation in smart workspaces require agility of speed and bandwidth The high performance access edge Cisco Catalyst X switches give you additional flexibility and performance you need |
2022-07-21 15:00:41 |
海外科学 |
BBC News - Science & Environment |
Neutron stars: New telescope detects dead suns colliding |
https://www.bbc.co.uk/news/science-environment-61911047?at_medium=RSS&at_campaign=KARANGA
|
collidinglight |
2022-07-21 15:42:22 |
金融 |
RSS FILE - 日本証券業協会 |
株券等貸借取引状況(週間) |
https://www.jsda.or.jp/shiryoshitsu/toukei/kabu-taiw/index.html
|
貸借 |
2022-07-21 15:30:00 |
金融 |
RSS FILE - 日本証券業協会 |
株主コミュニティの統計情報・取扱状況 |
https://www.jsda.or.jp/shiryoshitsu/toukei/kabucommunity/index.html
|
株主コミュニティ |
2022-07-21 15:30:00 |
金融 |
RSS FILE - 日本証券業協会 |
会長記者会見−2022年− |
https://www.jsda.or.jp/about/kaiken/kaiken_2022.html
|
記者会見 |
2022-07-21 15:30:00 |
金融 |
金融庁ホームページ |
金融活動作業部会(FATF)による「金融犯罪との闘いにおける提携:データ保護、テクノロジー、民間セクターの情報共有に関する報告書」について掲載しました。 |
https://www.fsa.go.jp/inter/etc/20220721/20220721.html
|
情報共有 |
2022-07-21 15:30:00 |
ニュース |
BBC News - Home |
US President Joe Biden 'doing fine' after testing positive for Covid |
https://www.bbc.co.uk/news/world-us-canada-62256544?at_medium=RSS&at_campaign=KARANGA
|
house |
2022-07-21 15:45:34 |
ニュース |
BBC News - Home |
Guildford pub bomb inquest: Victims were unlawfully killed, coroner concludes |
https://www.bbc.co.uk/news/uk-england-surrey-62122117?at_medium=RSS&at_campaign=KARANGA
|
attacks |
2022-07-21 15:01:30 |
ニュース |
BBC News - Home |
Graham Mansfield: Hale man cleared of terminally ill wife's murder |
https://www.bbc.co.uk/news/uk-england-manchester-62250733?at_medium=RSS&at_campaign=KARANGA
|
mansfield |
2022-07-21 15:23:48 |
ニュース |
BBC News - Home |
Neutron stars: New telescope detects dead suns colliding |
https://www.bbc.co.uk/news/science-environment-61911047?at_medium=RSS&at_campaign=KARANGA
|
collidinglight |
2022-07-21 15:42:22 |
ニュース |
BBC News - Home |
Russia moves to shut Jewish Agency in Ukraine rift |
https://www.bbc.co.uk/news/world-europe-62254595?at_medium=RSS&at_campaign=KARANGA
|
israeli |
2022-07-21 15:17:20 |
ニュース |
BBC News - Home |
Euros 2022: England success bringing more fans to games |
https://www.bbc.co.uk/news/newsbeat-62251878?at_medium=RSS&at_campaign=KARANGA
|
heights |
2022-07-21 15:36:01 |
ニュース |
BBC News - Home |
Guildford pub bombs inquest: What have we learned? |
https://www.bbc.co.uk/news/uk-england-surrey-62038040?at_medium=RSS&at_campaign=KARANGA
|
soldiers |
2022-07-21 15:04:17 |
ニュース |
BBC News - Home |
Sebastian Vettel says he has 'clear intention' to extend Aston Martin contract |
https://www.bbc.co.uk/sport/formula1/62257377?at_medium=RSS&at_campaign=KARANGA
|
Sebastian Vettel says he has x clear intention x to extend Aston Martin contractSebastian Vettel says there is a clear intention to keep going with Aston Martin as he continues contract talks with the Formula team |
2022-07-21 15:37:55 |
北海道 |
北海道新聞 |
NY株、反落 |
https://www.hokkaido-np.co.jp/article/708690/
|
工業 |
2022-07-22 00:29:00 |
北海道 |
北海道新聞 |
バイデン大統領がコロナ陽性 症状は「非常に軽い」 |
https://www.hokkaido-np.co.jp/article/708684/
|
米大統領 |
2022-07-22 00:22:13 |
北海道 |
北海道新聞 |
ワクチン5回目、秋にも接種へ オミクロン対応製品、高齢者対象 |
https://www.hokkaido-np.co.jp/article/708658/
|
新型コロナウイルス |
2022-07-22 00:11:18 |
仮想通貨 |
BITPRESS(ビットプレス) |
[Bloomberg] FTX創業者バンクマンフリード氏、仮想通貨帝国を拡大-混乱を機に |
https://bitpress.jp/count2/3_9_13308
|
bloombergftx |
2022-07-22 00:10:13 |
仮想通貨 |
BITPRESS(ビットプレス) |
[日経] 東京大学「メタバース工学部」設立 中高生らに情報発信 |
https://bitpress.jp/count2/3_9_13307
|
情報発信 |
2022-07-22 00:01:59 |
GCP |
Cloud Blog |
How Google Cloud SecOps can help solve these 6 key MSSP conundrums |
https://cloud.google.com/blog/products/identity-security/how-secops-can-help-solve-these-6-key-mssp-conundrums/
|
How Google Cloud SecOps can help solve these key MSSP conundrumsEditor s note This blog was originally published by Siemplify on October The COVID pandemic accelerated many organizations timelines to transition to the cloud and advance their digital transformation efforts The potential attack surfaces for those organizations also grew as newly distributed workforces used unmanaged technologies While some organizations thrived the transition further exacerbated many of the key challenges many security teams already were facing such as an overload of alerts the need for more detection tools and security skill shortages The COVID pandemic has also played a role in increasing SecOps automation or is expected to in the near future according to of respondents in a Siemplify report from February Managed security services providers MSSPs and managed detection and response MDR vendors have emerged as big winners because of their ability to help organizations overcome these challenges while providing agility scale and cost savings Outsourcing arrangements also free up customers to eventually gain the internal knowledge that they were originally lacking which led to calling on a provider to help fill the gaps in the first place This is promising news for the MSSP space and ensures likely continued strong growth but it doesn t do away with obstacles they face to meet increasingly demanding customer expectations As a result not all security service providers are created equal In a competitive marketplace one way to shed a sometimes spurious reputation and stand apart from rivals is through ensuring your security operations are optimized and delivering maximum outcomes for customers To accomplish that providers must overcome six modern MSSP obstacles Increasing Customer Acquisition CostsWith the proliferation of security technology options customers security stacks are more diverse than ever before To compete MSSPs must be willing and able to sufficiently support a broad set of technology that often results in higher acquisition costs as well as increased training requirements for security analysts Lack of Centralized Visibility MSSP analyst teams who manage and monitor a large customer base often lack visibility into the allocation of resources which hinders their ability to balance productivity and risk This visibility void often extends to the customer as well Clients are yearning for greater visibility into their expanding network more transparency around what is happening within it and the ability for a third party provider to do more than merely notify them about a threat Customers care about positive outcomes from their providers which means finding and stopping adversariesーand helping get their business back on its feet as quickly as possible Multiple Delivery ModelsThe range of MSSP delivery models is increasingly diverse and includes always on outsourced SOC managed SIEM MDR and staff augmentation as well as numerous hybrid models These various models are convergingーa single MSSP may provide multiple models in various configurations adding cost and complexity to operations Meeting SLA Commitments MSSP analyst teams who manage multiple systems and interfaces across a diverse set of clients strain to meet rigorous SLA expectations Round the Clock OperationsTo meet customer demands MSSPs work around the clock requiring multiple shifts and handoffs It s crucial to maintain consistency in response from one analyst to the next and variability in staff knowledge and capability places added pressure on analysts Driving consistency in processes and workflow to ensure optimal handling of alerts and incidents is paramount to balancing productivity and risk Personnel TurnoverShortages and high turnover of personnel add to the challenges of managing a operation Meanwhile reliance on manual processes and the need to retain expert knowledge further intensifies the pressure The Power of Automation and OrchestrationMSSPs are engaged in a constant struggle to ensure their existing security team keeps up with growing customer expectations Due to an ever expanding digital footprint heavy investment in detection and a growing list of security tools to monitor the industry is at a tipping point SIEM and SOAR can help MSSPs under pressure by detecting and ingesting aggregated alerts and indicators of compromise IOCs and then executing automatable process driven playbooks to enrich and respond to these incidents These playbooks coordinate across technologies security teams and external users for centralized data visibility and actionーfor both internal analysts and external customers For more information on how an automated and integrated SecOps suite can help you visit chronicle security Related ArticleHow to overcome common SecOps challengesHere are common issues that many SecOps teams struggle withーand how to fix them Read Article |
2022-07-21 16:00:00 |
GCP |
Cloud Blog |
Using Cloud Bigtable with IAM Conditions and Tags |
https://cloud.google.com/blog/products/databases/iam-techniques-for-cloud-bigtable/
|
Using Cloud Bigtable with IAM Conditions and TagsCloud Bigtable is a low latency high throughput NoSQL database Bigtable users store terabytes of data in their tables and exposing the data securely is essential for Bigtable users Ifyou are an administrator or developer responsible for securing access to your Bigtable data you are likely utilizingGoogle Cloud security features to lock down the Bigtable resources and customize your authorization model In this article we are going to learn how to control access to certain Bigtable resources create a narrow scope of your resources to apply permissions and set permissions depending on the development environment We ll accomplish this using Identity and Access Management IAM IAM Conditions and Tags to secure Bigtable data Identity and Access Management IAM provides fine grained access control and visibility for centrally managing Google Cloud resources A complex cloud organization can have various resources that can have IAM policies bound to them which are configured by administrators who want to control access based on roles The following diagram shows an administrator binding an IAM policy to a resource An IAM policy consists of one or more principalsーotherwise known as membersーand an administrator can grant one or more roles to each principal A principle can be a user group or a service account A role is a collection of permissions that allow a principal to perform some actions on Google Cloud resources Resources inherit IAM policies from their parents in the resource tree When a user sends a request IAM checks to see if the user has permission to perform the action on that particular resource If the IAM policy bound to the resource can grant the permission to the user then the permission is granted If not IAM goes up the resource tree to search for a policy that can grant such permission If no policies can grant the permission are found in the resource tree the request is rejected with a permission denied error The following Cloud Console example grants the Bigable Reader role to the user larabrown gmail com and binds the policy to the my project project This can also be done through the gcloud CLI code block StructValue u code u gcloud projects add iam policy binding my project member user larabrown gmail com role roles bigtable reader u language u u caption lt wagtail wagtailcore rich text RichText object at xeea gt After the binding is created the Bigtable Reader role is granted to larabrown gmail com within the my project project This means that larabrown gmail com can have read access to data in existing tables and to metadata for instances clusters and tables including column families There are three types of roles in IAM basic predefined and custom The Bigtable Reader role is a predefined role See Understanding roles to learn more about IAM roles IAM ConditionsIAM Conditions is a feature that allows the defining and enforcing of conditional attribute based access control for Google Cloud resources In addition to the role binding to a resource the resource access is granted to a principal only if the configured condition is met The following illustrates how IAM Conditions works The following Cloud Console example grants the Bigable Reader role to the user larabrown gmail com with the Report tables condition and binds the policy to the my project project With the Report tables condition larabrown gmail com has read access to Bigtable tables that contain a prefix of report in the table ID within the specific Bigtable instance The condition Report tables is defined so that The source type has to be the Bigtable table bigtableadmin googleapis com Table The resource table name has to have the prefix of projects my project instances my instance tables report The service has to be the Bigtable Admin service bigtableadmin googleapis com This can also be done through the gcloud CLI code block StructValue u code u gcloud projects add iam policy binding my project member user larabrown gmail com role roles bigtable reader r n condition from file CONDITION FROM FILE u language u u caption lt wagtail wagtailcore rich text RichText object at xebef gt The CONDITION FROM FILE should be a path to a local JSON or YAML file that defines the following condition code block StructValue u code u title Report tables r n description Tables with report prefix r n expression resource type bigtableadmin googleapis com Table amp amp resource name startsWith projects my project instances my instance tables report amp amp resource service bigtableadmin googleapis com u language u u caption lt wagtail wagtailcore rich text RichText object at xedd gt IAM Conditions with TagsWhat if larabrown gmail com should only be allowed to have read access to the data in the Test or Staging environment because Prod has sensitive data that should not be exposed to larabrown gmail com One way to achieve this is by binding some environment tag values to the right resources and limiting access to the resource with associated tag values using IAM Conditions Tags are a good way to manage the resources in your organization hierarchy by adding additional business dimensions You can use tags to group certain resources for different purposes such as access control We are going to explore using tags to group resources for different environments such as Test Staging and Prod First in the Cloud Console you can create a tag at the organization level to represent the environments The new tag has values of Test Staging and Prod Once the tag is created it generates one tag key ID for the tag and three tag value IDs for the three tag values Let s say you want to use a Bigtable instance my instance for your Test environment You can bind the Test tag value in the Environment tag to the instance as follows using the gcloud CLI code block StructValue u code u gcloud resource manager tags bindings create tag value tagValues parent bigtable googleapis com projects my project instances my instance u language u u caption lt wagtail wagtailcore rich text RichText object at xefb gt Note Currently there is no Cloud Console support for binding tags to Bigtable instances Once the binding is in effect you can add a condition and only grant the role to the principal if the resource has a tag value that matches the Test tag value Now the user larabrown gmail com has access only to the Test environment Note Combining tags and other attributes in the same condition is currently not allowed See Tags and access control for more information SummaryIn this article you learned IAM fundamentalsHow to set IAM roles for Bigtable resources How to limit the scope of an IAM role further with IAM ConditionsHow to add an environment requirement for permissions using IAM TagsLearn MoreTo learn more about using IAM IAM Conditions to secure your Bigtable data see Access control with IAM Related ArticleCloud SQL SQL Server Performance Analysis and Query TuningCloud SQL SQL Server Performance Analysis and Query TuningRead Article |
2022-07-21 16:00:00 |
GCP |
Cloud Blog |
The Invisible Cloud: How this Googler keeps the internet moving worldwide |
https://cloud.google.com/blog/topics/inside-google-cloud/meet-people-google-cloud-stacey-cline/
|
The Invisible Cloud How this Googler keeps the internet moving worldwideEditor s note Google Cloud runs on people like Stacey Cline As Global Contract Management Lead in our Global Logistics Operations she enables the worldwide movement of global technical infrastructure the servers the storage the artificial intelligence pods and everything else that keeps Google Cloud serving enterprises and individuals A native of Trinidad amp Tobago she came to Google near the onset of COVID after years at IBM and BP Sound intense My kids say I m happy again For many people the cloud is kind of invisible Computing comes over the Internet and out from a plug in the wall You probably see it a little differently We see the guts There are machines getting made warehouses data centers forklifts trucks air freight It s different around the world depending on what customers in different locations need Google Cloud s leg up is that we design build and deploy the majority of what we run so we can support key customers in growth markets like Africa and the Asia Pacific region in ways our competitors can t We can build entirely new things and also outfit our data centers to meet the demand a lot quicker Tell us about coming to Google I grew up in Trinidad amp Tobago where my mom was the cook at an insurance company s employee cafeteria There were always different kinds of people coming through from other countries so it was pretty diverse I moved to the US to attend Howard University and later got a MBA there I started doing supply chain work for IBM about years ago Then I moved into Oil amp Gas first at BP then into a Refinery when I got the call from Google How was it starting your job at Google Cloud in the pandemic There are now thousands of us here who started during COVID Like a lot of Nooglers I had some imposter syndrome I can t believe I m here but for me there was a lot of work to do right away Demand for cloud services skyrocketed which meant building up data centers and the warehouses to support them when the supply chain wasn t optimal We were shipping by plane elevating and upskilling people with remote learning seeing that people could work safely in the warehouses People acted brilliantly and as a team we recognized all this great effort It was a year before I had a badge or I was in a Google office Work from home was great for learning the ropes and building confidence but when I came to Mountain View I finally felt like a Googler You coordinate a global system What s that been like It can be a lot of fun Something new is happening almost every day and you have to react quickly in order for our operations people to continue doing their jobs We re most of the way to having this work perfectly but like with a lot of things getting that bit right can go on forever Related ArticleHow one Googler uses talking tulips to connect with customersMeet Matthew Feigal and hear how he helps partners solve their toughest problems with humor Read Article |
2022-07-21 16:00:00 |
コメント
コメントを投稿