// API callback
related_results_labels_thumbs({"version":"1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearchrss/1.0/","xmlns$blogger":"http://schemas.google.com/blogger/2008","xmlns$georss":"http://www.georss.org/georss","xmlns$gd":"http://schemas.google.com/g/2005","xmlns$thr":"http://purl.org/syndication/thread/1.0","id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012"},"updated":{"$t":"2023-10-23T04:18:30.735-07:00"},"category":[{"term":"AWS"},{"term":"AWS Certified Solutions Architect"},{"term":"Architect"},{"term":"Certification"},{"term":"AWS Certified Developer"},{"term":"AWS Certified SysOps Administrator"},{"term":"EC2"},{"term":"Course"},{"term":"Development"},{"term":"Cognito"},{"term":"Tutorial"},{"term":"SysOps Administration"},{"term":"CloudFront"},{"term":"News"},{"term":"S3"},{"term":"AutoScaling"},{"term":"Cordova"},{"term":"DynamoDB"},{"term":"ELB"},{"term":"IAM"},{"term":"Node.JS"},{"term":"PhoneGap"},{"term":"Security"},{"term":"Shared Responsibility"},{"term":"VPC"},{"term":"Amazon Aurora"},{"term":"Android"},{"term":"Denial of Service"},{"term":"EBS"},{"term":"IOS"},{"term":"NodeJS"},{"term":"RDS"},{"term":"AWS IoT"},{"term":"AWS Mobile Hub"},{"term":"Amazon Inspector"},{"term":"Amazon QuickSight"},{"term":"AngularJS"},{"term":"CloudTrail"},{"term":"Cloudformation"},{"term":"Dynamic"},{"term":"ECS"},{"term":"India"},{"term":"Internet of Things"},{"term":"Kinesis Firehose"},{"term":"MEAN"},{"term":"MariaDB"},{"term":"PIOPS"},{"term":"PhantomJS"},{"term":"ReactJS"},{"term":"Region"},{"term":"Route 53"},{"term":"Selenium"},{"term":"Trusted Adviser"},{"term":"WAF"},{"term":"Web Application Firewall"},{"term":"YAML"},{"term":"app"},{"term":"example"}],"title":{"type":"text","$t":"BackSpace Academy Blog"},"subtitle":{"type":"html","$t":"A blog about all things Amazon Web Services (AWS) and Cloud Certification."},"link":[{"rel":"http://schemas.google.com/g/2005#feed","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/posts\/default"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/-\/EC2?alt=json-in-script\u0026max-results=6"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/search\/label\/EC2"},{"rel":"hub","href":"http://pubsubhubbub.appspot.com/"},{"rel":"next","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/-\/EC2\/-\/EC2?alt=json-in-script\u0026start-index=7\u0026max-results=6"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"generator":{"version":"7.00","uri":"http://www.blogger.com","$t":"Blogger"},"openSearch$totalResults":{"$t":"9"},"openSearch$startIndex":{"$t":"1"},"openSearch$itemsPerPage":{"$t":"6"},"entry":[{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-96012945605615497"},"published":{"$t":"2016-10-03T06:10:00.000-07:00"},"updated":{"$t":"2016-10-05T18:44:02.277-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"AngularJS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"CloudFront"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Dynamic"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"},{"scheme":"http://www.blogger.com/atom/ns#","term":"MEAN"},{"scheme":"http://www.blogger.com/atom/ns#","term":"NodeJS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"ReactJS"}],"title":{"type":"text","$t":"Super Fast Dynamic Websites with CloudFront, ReactJS, and NodeJS - Part 1"},"content":{"type":"html","$t":"\u003Cbr \/\u003E\nCloudFront should be an essential component of any web based application deployment. It not only instantly provides super low-latency performance, it also dramatically reduces server costs while providing maximum server uptime.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nCreating low latency static websites with CloudFront is a relatively simple process. You simply upload your site to S3 and create a CloudFront distribution for it. This is great for HTML5 websites and static blogs such as Jeckyl. But what about dynamic sites that need real time information presented to the end user? A different strategy is clearly required. Much has been published about different methods of caching dynamic websites but, I will present the most common sense and reliable technique to achieve this end.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch3\u003E\nServer Side v Browser Side Rendering\u003C\/h3\u003E\nIf you read any book on NodeJS you will no doubt find plenty of examples of rendering Jade templates with Express on the server. If you are still doing this, then you are wasting valuable server resources. A far better option is to render on the browser side. There are a number of frameworks specifically for this, the most popular being Facebook's ReactJS and Google's AngularJS (see \u003Ca href=\"http:\/\/stateofjs.com\/2016\/frontend\/\" target=\"_blank\"\u003EState of JS report\u003C\/a\u003E). I personally use ReactJS and the example will be in ReactJS, but either is fine.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nCreating your site using ReactJS or AngularJS and uploading it to your NodeJS public directory will shift the rendering of your site from your server to the client's browser. Users of your app will no longer be waiting for rendered pages and will see pages appear with the click of a button.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nYou can now create a CloudFront distribution for your ReactJS or AngularJS site.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nAlthough pages may be rendered instantly in the browser, any dynamic data required for the pages will be cached by CloudFront. We most probably do not want our dynamic data cached. We will still need a solution for delivering this data to the browser.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch3\u003E\nHandling Dynamic Data\u003C\/h3\u003E\n\u003Cbr \/\u003E\nAlthough there are many elaborate techniques published for handling dynamic data with CloudFront, the best way is to deliver this data without caching at all from CloudFront.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNot all HTTP methods are cached by CloudFront, only responses to GET and HEAD requests (although you can also configure CloudFront to cache responses to OPTIONS requests). If we use a different HTTP method, such as POST, PUT or DELETE \u0026nbsp;the request will not be cached by Cloudfront. CloudFront will simply proxy these requests back to our server.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nOur EC2 NodeJS server can now be used to respond to requests for dynamic data by creating an API for our application that responds to POST requests from the client browser.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"https:\/\/2.bp.blogspot.com\/-5Be6dKuaOHQ\/V_JXJqPXlvI\/AAAAAAAAAXA\/xfP1-VLIz9sdkFol9-7ttradYMsWlTCaQCLcB\/s1600\/pptCD4.pptm%2B%255BAutosaved%255D.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"360\" src=\"https:\/\/2.bp.blogspot.com\/-5Be6dKuaOHQ\/V_JXJqPXlvI\/AAAAAAAAAXA\/xfP1-VLIz9sdkFol9-7ttradYMsWlTCaQCLcB\/s640\/pptCD4.pptm%2B%255BAutosaved%255D.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cdiv style=\"text-align: center;\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nSome of you might be wondering why I haven't used serverless technology such as AWS Lambda or API Gateway. Rest assured I will be posting another series using this but, I consider EC2 as the preferred technology for most applications. First of all, costs are rarely mentioned in the serverless discussion. If you have an application that has significant traffic, the conventional EC2\/ELB architecture will be the most cost effective. Secondly, many modern web applications are utilising websocket connections. Connections like this are possible with EC2 directly and also behind an ELB when utilizing proxy protocol. This is not possible with serverless technology as connections are short lived.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn the next post in this series we will set up our NodeJS server on EC2, create a CloudFront distribution and, create our API for handling dynamic data.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nBe sure to subscribe to the blog so that you can get the latest updates.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nFor more AWS training and tutorials check out\u0026nbsp;\u003Ca href=\"https:\/\/backspace.academy\/\"\u003Ebackspace.academy\u003C\/a\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ca href=\"https:\/\/backspace.academy\/\" target=\"_blank\"\u003E\u003Cimg src=\"https:\/\/backspace.academy\/assets\/img\/logo.svg\" \/\u003E\u003C\/a\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/96012945605615497\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/10\/super-fast-dynamic-websites-with.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/96012945605615497"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/96012945605615497"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/10\/super-fast-dynamic-websites-with.html","title":"Super Fast Dynamic Websites with CloudFront, ReactJS, and NodeJS - Part 1"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"https:\/\/2.bp.blogspot.com\/-5Be6dKuaOHQ\/V_JXJqPXlvI\/AAAAAAAAAXA\/xfP1-VLIz9sdkFol9-7ttradYMsWlTCaQCLcB\/s72-c\/pptCD4.pptm%2B%255BAutosaved%255D.png","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-6960110121802518864"},"published":{"$t":"2016-09-12T01:06:00.001-07:00"},"updated":{"$t":"2016-09-26T06:28:48.097-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"Denial of Service"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"},{"scheme":"http://www.blogger.com/atom/ns#","term":"PhantomJS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Security"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Selenium"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Shared Responsibility"}],"title":{"type":"text","$t":"Shared Responsibility 3 - Identify and Destroy the Bots"},"content":{"type":"html","$t":"\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"https:\/\/manilenya222.files.wordpress.com\/2015\/07\/tg-ff23.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"264\" src=\"https:\/\/manilenya222.files.wordpress.com\/2015\/07\/tg-ff23.jpg\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cdiv style=\"text-align: center;\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\n\u003Cb\u003EPlease note\u003C\/b\u003E: You should have a link in your login for blind or vision impaired people. These techniques will prevent them from using your application. They could be accommodated using an alternative dual factor authentication process.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn my last post I detailed how to create dynamic CSS selectors to make life difficult for reliable Bot scripts to be written. The next part of this series is to identify the Bot and take retaliatory action. The \u003Ca href=\"https:\/\/gist.github.com\/BackSpaceTech\/e522d861af3c35d875637bf2bedfed93\" target=\"_blank\"\u003Ecode for this post is available at Gist\u003C\/a\u003E in case Blogger screws it up again.. The code for creating dynamic CSS selectors including some additional decoy elements looks like this:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cpre class=\"brush: js\"\u003Efunction dynamicCSS(){\n var username, password\n x = ''\n if ((Math.random()*2) \u0026gt; 1)\n  x += '\u003Cstyle\u003E.btnSubmit,.password,.username{position:absolute;left:10}.username{top:50px}.password{top:80px}.btnSubmit{top:110px}\u003C\/style\u003E'\n else\n  x += '\u003Cstyle\u003E.btnSubmit,.password,.username{position:absolute;left:10}.username{top:80px}.password{top:110px}.btnSubmit{top:140px}\u003C\/style\u003E'\n x += '\u003Cform\u003E\n'\n x += '\u003Cbr \/\u003E\n\u003Ch1\u003E\nPlease Login\u003C\/h1\u003E\n'\n y = Math.floor((Math.random()*5)) + 2\n for (var a=0; a\u003Cy a=\"\" class=\"username\" id=\"' + username + '\" input=\"\" name=\"' + username + '\" password=\"randonString()\" placeholder=\"Enter Username\" type=\"text\" username=\"randonString()\" x=\"\"\u003E'\n  x += '\u003Cinput class=\"password\" id=\"' + password + '\" name=\"' + password + '\" placeholder=\"Enter Password\" type=\"password\" \/\u003E'\n   x += '\u003Cbutton class=\"btnSubmit\" onclick=\"submitForm(' + '\\'' + username + '\\'' + ',' + '\\'' + password + '\\'' + ')\" type=\"button\"\u003ELog in\u003C\/button\u003E'\n }\n for (var a=0; a\u003Cy a=\"\" class=\"username\" id=\"' + username + '\" input=\"\" name=\"' + username + '\" password=\"randonString()\" placeholder=\"Enter Username\" style=\"visibility: hidden;\" type=\"text\" username=\"randonString()\" x=\"\"\u003E'\n  x += '\u003Cinput class=\"password\" id=\"' + password + '\" name=\"' + password + '\" placeholder=\"Enter Password\" style=\"visibility: hidden;\" type=\"password\" \/\u003E'\n   x += '\u003Cbutton class=\"btnSubmit\" onclick=\"submitForm(' + '\\'' + username + '\\'' + ',' + '\\'' + password + '\\'' + ')\" style=\"visibility: hidden;\" type=\"button\"\u003ELog in\u003C\/button\u003E'\n }\n x += '\u003C\/y\u003E\u003C\/y\u003E\u003C\/form\u003E\n'\n  x += '\u003Cscript src=\"https:\/\/code.jquery.com\/jquery-3.1.0.min.js\"\u003E\u003C\/script\u003E'\n  x += '\u003Cscript src=\"login.js\"\u003E\u003C\/script\u003E'\n return x\n}\n\u003C\/pre\u003E\n\u003Cbr \/\u003E\nIn a real app you would set this all up using a jade template but for simplicity we will just send raw html.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch3\u003E\nAnalysing Header Information\u003C\/h3\u003E\nThe first thing we can look at is the header information sent to our NodeJS EC2 instance. I conducted some tests using a number of different browsers and also using the very popular PhantomJS headless webkit to find any clear differences between a real browser and a headless browser. Below are the results.\u003Cbr \/\u003E\n\u003Ch4\u003E\nRequest headers from Chrome:\u003C\/h4\u003E\n{\u003Cbr \/\u003E\n\u0026nbsp; \"host\": \"54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"connection\": \"keep-alive\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-length\": \"31\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept\": \"*\/*\",\u003Cbr \/\u003E\n\u0026nbsp; \"origin\": \"http:\/\/54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"x-requested-with\": \"XMLHttpRequest\",\u003Cbr \/\u003E\n\u0026nbsp; \"user-agent\": \"Mozilla\/5.0 (Windows NT 10.0; WOW64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/52.0.2743.116 Safari\/537.36\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-type\": \"application\/x-www-form-urlencoded; charset=UTF-8\",\u003Cbr \/\u003E\n\u0026nbsp; \"referer\": \"http:\/\/54.197.212.141\/\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-encoding\": \"gzip, deflate\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-language\": \"en-GB,en-US;q=0.8,en;q=0.6\",\u003Cbr \/\u003E\n}\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch4\u003E\nRequest headers from Firefox:\u003C\/h4\u003E\n{\u003Cbr \/\u003E\n\u0026nbsp; \"host\": \"54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"user-agent\": \"Mozilla\/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko\/20100101 Firefox\/48.0\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept\": \"*\/*\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-language\": \"en-US,en;q=0.5\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-encoding\": \"gzip, deflate\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-type\": \"application\/x-www-form-urlencoded; charset=UTF-8\",\u003Cbr \/\u003E\n\u0026nbsp; \"x-requested-with\": \"XMLHttpRequest\",\u003Cbr \/\u003E\n\u0026nbsp; \"referer\": \"http:\/\/54.197.212.141\/\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-length\": \"10\",\u003Cbr \/\u003E\n\u0026nbsp; \"connection\": \"keep-alive\"\u003Cbr \/\u003E\n}\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch4\u003E\nRequest headers from Safari:\u003C\/h4\u003E\n{\u003Cbr \/\u003E\n\u0026nbsp; \"host\": \"54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-type\": \"application\/x-www-form-urlencoded; charset=UTF-8\",\u003Cbr \/\u003E\n\u0026nbsp; \"origin\": \"http:\/\/54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-encoding\": \"gzip, deflate\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-length\": \"9\",\u003Cbr \/\u003E\n\u0026nbsp; \"connection\": \"keep-alive\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept\": \"*\/*\",\u003Cbr \/\u003E\n\u0026nbsp; \"user-agent\": \"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit\/601.7.8 (KHTML, like Gecko) Version\/9.1.3 Safari\/601.7.8\",\u003Cbr \/\u003E\n\u0026nbsp; \"referer\": \"http:\/\/54.197.212.141\/\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-language\": \"en-us\",\u003Cbr \/\u003E\n\u0026nbsp; \"x-requested-with\": \"XMLHttpRequest\"\u003Cbr \/\u003E\n}\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch4\u003E\nRequest headers from Internet Explorer:\u003C\/h4\u003E\n{\u003Cbr \/\u003E\n\u0026nbsp; \"content-type\": \"application\/x-www-form-urlencoded; charset=UTF-8\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept\": \"*\/*\",\u003Cbr \/\u003E\n\u0026nbsp; \"x-requested-with\": \"XMLHttpRequest\",\u003Cbr \/\u003E\n\u0026nbsp; \"referer\": \"http:\/\/54.197.212.141\/\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-language\": \"en-US;q=0.5\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-encoding\": \"gzip, deflate\",\u003Cbr \/\u003E\n\u0026nbsp; \"user-agent\": \"Mozilla\/5.0 (Windows NT 10.0; WOW64; Trident\/7.0; rv:11.0) like Gecko\",\u003Cbr \/\u003E\n\u0026nbsp; \"host\": \"54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-length\": \"9\",\u003Cbr \/\u003E\n\u0026nbsp; \"dnt\": \"1\",\u003Cbr \/\u003E\n\u0026nbsp; \"connection\": \"Keep-Alive\",\u003Cbr \/\u003E\n\u0026nbsp; \"cache-control\": \"no-cache\"\u003Cbr \/\u003E\n}\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch4\u003E\nRequest headers from PhantomJS:\u003C\/h4\u003E\n{\u003Cbr \/\u003E\n\u0026nbsp; \"accept\": \"*\/*\",\u003Cbr \/\u003E\n\u0026nbsp; \"referer\": \"http:\/\/54.197.212.141\/\",\u003Cbr \/\u003E\n\u0026nbsp; \"origin\": \"http:\/\/54.197.212.141\",\u003Cbr \/\u003E\n\u0026nbsp; \"x-requested-with\": \"XMLHttpRequest\",\u003Cbr \/\u003E\n\u0026nbsp; \"user-agent\": \"Mozilla\/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko\/20100101 Firefox\/47.0\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-type\": \"application\/x-www-form-urlencoded; charset=UTF-8\",\u003Cbr \/\u003E\n\u0026nbsp; \"content-length\": \"9\",\u003Cbr \/\u003E\n\u0026nbsp; \"connection\": \"Keep-Alive\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-encoding\": \"gzip, deflate\",\u003Cbr \/\u003E\n\u0026nbsp; \"accept-language\": \"en-AU,*\",\u003Cbr \/\u003E\n\u0026nbsp; \"host\": \"54.197.212.141\"\u003Cbr \/\u003E\n}\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nI won't put all the results here for all the browsers tested, but there is a clear structure to the PhantomJS header that is unique from conventional browsers. In particular starting with \"accept\" and finishing with \"host\".\u003Cbr \/\u003E\nAnalysing the header structure can be used to help identify a Bot from a real person.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch3\u003E\nPlugin Support\u003C\/h3\u003E\nSupport for plugins with headless browsers is minimal or non-existent. We can also look at using the javascript Navigator method on the client to get information on supported plugins and other browser features. A simple test would be to check the plugins array length. In order to do this we need to create a javascript file that runs on the client.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn the public directory of your NodeJS create a new file called login.js (use your IP address of course)\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cpre class=\"brush: js\"\u003Efunction submitForm(username, password) {\n  loginURL = 'http:\/\/54.197.212.141' + '\/login'\n  user = $('#' + username).val()\n  pass = $('#' + password).val()\n  $.post( loginURL, { \n    username: 'user',\n    password: 'pass',\n    plugins: '  '\/\/navigator.plugins.length\n  })\n    .done(function( result ) {\n      alert(result)\n      }\n    })\n}\n\u003C\/pre\u003E\n\u003Cbr \/\u003E\nThis code will post back to your NodeJS server information about the browser. Although headless browsers can post forms, from my experiments they don't process jQuery post commands running on the client. In contrast it has worked on all normal browsers without issue\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIf the post is submitted then the further identification can occur. In this example we will just check the length of the plugins array and also send the filled out input fields. If it is a Bot then the wrong input fields will be submitted and the plugins array length will be zero.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nYou will also need to install and enable bodyParser in your index.js file to receive the information:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nvar bodyParser = require('body-parser')\u003Cbr \/\u003E\napp.use(bodyParser.urlencoded({ extended: true }));\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nYou will also need to update the dynamicCSS function to include jQuery on the client:\u003Cbr \/\u003E\n\u003Cspan style=\"background-color: white; color: #333333; font-family: \u0026quot;consolas\u0026quot; , \u0026quot;liberation mono\u0026quot; , \u0026quot;menlo\u0026quot; , \u0026quot;courier\u0026quot; , monospace; font-size: 12px; line-height: 20px; white-space: pre;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"background-color: white; color: #333333; font-family: \u0026quot;consolas\u0026quot; , \u0026quot;liberation mono\u0026quot; , \u0026quot;menlo\u0026quot; , \u0026quot;courier\u0026quot; , monospace; font-size: 12px; line-height: 20px; white-space: pre;\"\u003E  \u003C\/span\u003E\u003Cspan style=\"color: #333333; font-family: \u0026quot;consolas\u0026quot; , \u0026quot;liberation mono\u0026quot; , \u0026quot;menlo\u0026quot; , \u0026quot;courier\u0026quot; , monospace;\"\u003E\u003Cspan style=\"font-size: 12px; line-height: 20px; white-space: pre;\"\u003Ex += '\u0026lt;script src=\"https:\/\/code.jquery.com\/jquery-3.1.0.min.js\"\u0026gt;\u0026lt;\/script\u0026gt;'\u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nAlso add a link to to your login.js file:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"color: #333333; font-family: \u0026quot;consolas\u0026quot; , \u0026quot;liberation mono\u0026quot; , \u0026quot;menlo\u0026quot; , \u0026quot;courier\u0026quot; , monospace; font-size: 12px; line-height: 20px; white-space: pre;\"\u003Ex += '\u0026lt;script src=\"login.js\"\u0026gt;\u0026lt;\/script\u0026gt;'\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nAdditional security can also be achieved by creating multiple versions of the login file with different names for the parameters (username\/password\/plugins). The backend code that handles the post request would be expecting the fields defined in login file that was served. Anything different that is posted means the request is most probably a from a Bot. Another option is to serve the login.js file on the server side with random parameters and set up a route for it to be downloaded. For simplicity I won't add the extra code for this, but implementation is quite straightforward.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch3\u003E\nBuilding a Profile of the Bot\u003C\/h3\u003E\n\u003Cbr \/\u003E\nIt is quite important that you use a number of techniques to identify bots to make sure you do not have a case of mistaken identity. It is a good idea to use a score system and identify a level which will trigger corrective action.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn your index.js file that is run on your server update with the following code:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cpre class=\"brush: js\"\u003Eapp.post('\/login', function(request, response) {\n  var botScore = 0\n  if (request.body.plugins == 0) ++botScore \/\/ Empty plugins array\n  if (!request.body.username) ++botScore \/\/ Clicked on decoy inputs\n  if (!request.body.password) ++botScore\n  if (getObjectKeyIndex(request.headers, 'host') != 0) ++botScore \/\/ Bot type header info\n  if (getObjectKeyIndex(request.headers, 'accept') == 0) ++botScore\n  if (getObjectKeyIndex(request.headers, 'referer') == 1) ++botScore\n  if (getObjectKeyIndex(request.headers, 'origin') == 2) ++botScore\n  console.log('Bot score = ' + botScore)\n  if (botScore \u0026gt; 4) {\n    console.log('Destroy Bot')\n    response.send('fail')\n  }\n  else {\n    response.send('Logged in ' + request.body.username)\n  }\n})\n\u003C\/pre\u003E\n\u003Cbr \/\u003E\nWe are now building a bot score and deciding whether to allow access based on that score.\u003Cbr \/\u003E\n\u003Ch3\u003E\nAttacking the Bot with Javascript\u003C\/h3\u003E\nThe following technique needs to be used with caution.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIf you want to ensure the Bot is destroyed for the good of the internet community then you can look at launching a counterattack on the bot with your own malicious script to crash the browser.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThis can be achieved quite simply using an endless loop that reloads the page. This will stop execution of the browser and eventually cause it to crash. Update your client side code in login.js with:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cpre class=\"brush: js\"\u003Efunction submitForm(username, password) {\n  loginURL = 'http:\/\/54.197.212.141' + '\/login'\n  user = $('#' + username).val()\n  pass = $('#' + password).val()\n  $.post( loginURL, { \n    username: 'user',\n    password: 'pass',\n    plugins:   navigator.plugins.length\n  })\n    .done(function( result ) {\n      if (result == 'fail')\n        while(true) location.reload(true) \/\/ Crash the Bot\n      else {\n        alert(result)\n      }\n    })\n}\n\u003C\/pre\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn my next post I will look at the different types and benefits of captcha and how to enable them on your site.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nBe sure to subscribe to the blog so that you can get the latest updates.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nFor more AWS training and tutorials check out\u0026nbsp;\u003Ca href=\"https:\/\/backspace.academy\/\"\u003Ebackspace.academy\u003C\/a\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ca href=\"https:\/\/backspace.academy\/\" target=\"_blank\"\u003E\u003Cimg src=\"https:\/\/backspace.academy\/assets\/img\/logo.svg\" \/\u003E\u003C\/a\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/6960110121802518864\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/09\/shared-responsibility-3-identify-and.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/6960110121802518864"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/6960110121802518864"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/09\/shared-responsibility-3-identify-and.html","title":"Shared Responsibility 3 - Identify and Destroy the Bots"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-2819137625144676137"},"published":{"$t":"2016-06-02T10:30:00.000-07:00"},"updated":{"$t":"2016-06-07T12:02:05.982-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified Developer"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified Solutions Architect"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified SysOps Administrator"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EBS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"}],"title":{"type":"text","$t":"Pre-Warming of EBS Volumes is not necessary"},"content":{"type":"html","$t":"\u003Cdiv style=\"text-align: center;\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"https:\/\/1.bp.blogspot.com\/-6_1gms2QD70\/V1Bsyw6v5fI\/AAAAAAAAATM\/2WaakVR8_o49OUlGdDBkD_5-kKYZSxK7wCLcB\/s1600\/EBS.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg alt=\"Amazon Web Services AWS EBS\" border=\"0\" src=\"https:\/\/1.bp.blogspot.com\/-6_1gms2QD70\/V1Bsyw6v5fI\/AAAAAAAAATM\/2WaakVR8_o49OUlGdDBkD_5-kKYZSxK7wCLcB\/s1600\/EBS.png\" title=\"\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cdiv style=\"text-align: center;\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\nA number of people have asked me about pre-warming of new EBS volumes. I do realise that there are a lot of courses and exam dumps out there stating this is necessary. In fact it is not necessary with new volumes and if you answer this incorrectly you will lose valuable marks on the exam.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThe only situation where preparation is required before access is with volumes that were restored from a snapshot:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"topictitle\"\u003E\n\"\u003Ci\u003ENew EBS volumes receive their maximum performance the moment that they are available and\n      do not require initialization (formerly known as pre-warming). However, storage blocks on\n      volumes that were restored from snapshots must be initialized (pulled down from Amazon S3 and\n      written to the volume) before you can access the block\u003C\/i\u003E.\"\u003Cspan style=\"font-weight: normal;\"\u003E \u003Ca href=\"http:\/\/docs.aws.amazon.com\/AWSEC2\/latest\/UserGuide\/ebs-initialize.html\" target=\"_blank\"\u003EInitializing Amazon EBS Volumes\u003C\/a\u003E\u003C\/span\u003E\u003C\/div\u003E\n\u003Cdiv class=\"topictitle\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv class=\"topictitle\"\u003E\n\u003Cspan style=\"font-weight: normal;\"\u003EWhen in doubt read the docs\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-weight: normal;\"\u003E\u003Ca href=\"http:\/\/backspace.academy\/\" target=\"_blank\"\u003EBackSpace Academy \u003C\/a\u003E\u003C\/span\u003E\u003C\/div\u003E\n"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/2819137625144676137\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/06\/pre-warming-of-ebs-volumes-is-not.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/2819137625144676137"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/2819137625144676137"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/06\/pre-warming-of-ebs-volumes-is-not.html","title":"Pre-Warming of EBS Volumes is not necessary"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"https:\/\/1.bp.blogspot.com\/-6_1gms2QD70\/V1Bsyw6v5fI\/AAAAAAAAATM\/2WaakVR8_o49OUlGdDBkD_5-kKYZSxK7wCLcB\/s72-c\/EBS.png","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-7968219697969552725"},"published":{"$t":"2016-05-19T03:19:00.000-07:00"},"updated":{"$t":"2016-06-05T14:11:54.929-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified Developer"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified Solutions Architect"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified SysOps Administrator"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"},{"scheme":"http://www.blogger.com/atom/ns#","term":"ECS"}],"title":{"type":"text","$t":"ECS Auto Service Scaling"},"content":{"type":"html","$t":"Watch for this on the exam! An ECS tutorial will be released with the SysOps videos.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch1 id=\"Amazon_EC2_Container_Service_Supports_Automatic_Service_Scaling\"\u003E\n\u003Ca href=\"https:\/\/www.blogger.com\/null\" name=\"Amazon_EC2_Container_Service_Supports_Automatic_Service_Scaling\"\u003EAmazon EC2 Container Service Supports Automatic Service Scaling\u003C\/a\u003E\u003C\/h1\u003E\n\u003Cdiv class=\"aws-text-box\"\u003E\n\u003Cdiv class=\"  \"\u003E\nAmazon EC2 Container Service (Amazon ECS) can now \nautomatically scale container-based applications by dynamically growing \nand shrinking the number of tasks run by an Amazon ECS service.\u003C\/div\u003E\n\u003C\/div\u003E\nPreviously, when your application experienced a load spike \nyou had to manually scale the number of tasks in your Amazon ECS \nservice.\u003Cbr \/\u003E\nNow, you can automatically scale an Amazon ECS service \nbased on any Amazon CloudWatch metric. For example, you can use \nCloudWatch metrics published by Amazon ECS, such as each service’s \naverage CPU and memory usage. You can also use CloudWatch metrics \npublished by other services or use custom metrics that are specific to \nyour application. For example, a web service could increase the number \nof tasks based on Elastic Load Balancing metrics like SurgeQueueLength, \nwhile a batch job could increase the number of tasks based on Amazon SQS\n metrics like ApproximateNumberOfMessagesVisible.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-weight: normal;\"\u003E\u003Ca href=\"http:\/\/backspace.academy\/\" target=\"_blank\"\u003EBackSpace Academy\u0026nbsp; \u003C\/a\u003E\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Ch1 id=\"Amazon_EC2_Container_Service_Supports_Automatic_Service_Scaling\"\u003E\n\u0026nbsp;\u003C\/h1\u003E\n"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/7968219697969552725\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/05\/ecs-auto-service-scaling.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/7968219697969552725"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/7968219697969552725"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/05\/ecs-auto-service-scaling.html","title":"ECS Auto Service Scaling"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-7566912086578515288"},"published":{"$t":"2016-05-19T03:13:00.003-07:00"},"updated":{"$t":"2016-06-05T14:12:04.894-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified Solutions Architect"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Certified SysOps Administrator"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"},{"scheme":"http://www.blogger.com/atom/ns#","term":"News"}],"title":{"type":"text","$t":"New EC2 instance X1"},"content":{"type":"html","$t":"Watch out for this on the exam!\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ch1 id=\"Now_available:_X1_instances,_the_largest_Amazon_EC2_memory-optimized_instance_with_2_TB_of_memory\"\u003E\n\u003Ca href=\"https:\/\/www.blogger.com\/null\" name=\"Now_available:_X1_instances,_the_largest_Amazon_EC2_memory-optimized_instance_with_2_TB_of_memory\"\u003EX1 instances, the largest Amazon EC2 memory-optimized instance with 2 TB of memory\u003C\/a\u003E\u003C\/h1\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nX1 instances extend the \nelasticity, simplicity, and cost savings of the AWS cloud to \nenterprise-grade applications with large dataset requirements. X1 \ninstances are ideal for running in-memory databases like SAP HANA, big \ndata processing engines like Apache Spark or Presto, and high \nperformance computing (HPC) applications. X1 instances are certified by \nSAP to run production environments of the next-generation Business Suite\n S\/4HANA, Business Suite on HANA (SoH), Business Warehouse on HANA (BW),\n and Data Mart Solutions on HANA on the AWS cloud.\u003Cbr \/\u003E\nX1 instances offer 2 TB of DDR4 based memory, 8x the memory\n offered by any other Amazon EC2 instance. Each X1 instance is powered \nby four Intel® Xeon® E7 8880 v3 (Haswell) processors and offers 128 \nvCPUs. In addition, X1 instances offer 10 Gbps of dedicated bandwidth to\n Amazon Elastic Block Store (Amazon EBS) and are EBS-optimized by default at no additional cost.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-weight: normal;\"\u003E\u003Ca href=\"http:\/\/backspace.academy\/\" target=\"_blank\"\u003EBackSpace Academy\u0026nbsp; \u003C\/a\u003E\u003C\/span\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/7566912086578515288\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/05\/new-ec2-instance-x1.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/7566912086578515288"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/7566912086578515288"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2016\/05\/new-ec2-instance-x1.html","title":"New EC2 instance X1"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-4603622075690903012.post-6545454393433846449"},"published":{"$t":"2015-11-03T00:12:00.000-08:00"},"updated":{"$t":"2016-06-07T12:03:13.749-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"Amazon Inspector"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Amazon QuickSight"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Android"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS IoT"},{"scheme":"http://www.blogger.com/atom/ns#","term":"AWS Mobile Hub"},{"scheme":"http://www.blogger.com/atom/ns#","term":"EC2"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Internet of Things"},{"scheme":"http://www.blogger.com/atom/ns#","term":"IOS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Kinesis Firehose"},{"scheme":"http://www.blogger.com/atom/ns#","term":"MariaDB"},{"scheme":"http://www.blogger.com/atom/ns#","term":"News"},{"scheme":"http://www.blogger.com/atom/ns#","term":"RDS"},{"scheme":"http://www.blogger.com/atom/ns#","term":"WAF"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Web Application Firewall"}],"title":{"type":"text","$t":"What a month in AWS!"},"content":{"type":"html","$t":"\u003Cdiv class=\"MsoNormal\"\u003E\nIt is certainly hard keeping up with AWS releases! Here are\nsome of the highlights:\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAmazon RDS Cross-Account Snapshot Sharing. \u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWatch out for this one on the certification exam!\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nRegular database snapshots have always been a part of any good\nAWS administrator’s routine. Now the service is even better with the ability to\nshare snapshots across different accounts.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nOrganisations should have multiple separate linked accounts\nfor a number of reasons; security, separation from production environments,\ncost visibility etc. Now you can take snapshots of your production environment and\ncopy to a development account for testing without any risk.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nEC2 Run Command. \u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWatch out for this one on the certification exam!\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nThis new feature will help you to administer your instances\n(no matter how many you have) in a manner that is both easy and secure.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nThis greatly increases security by allowing commands to be run\nremotely using the console without having to login through a bastion host.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nEC2 Spot Blocks\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWatch out for this one on the certification exam!\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nNow you can create spot instances that run for a fixed period\nof time from 1 to 6 hours.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nMariaDB on AWS RDS\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWatch out for this one on the certification exam!\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWe now have another database in the RDS suite. MariaDB is a\nfork from MySQL and can provide some additional capabilities.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAWS WAF - Web Application Firewall\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nWatch out for this one on the certification exam!\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nAnother tool in your AWS security arsenal. Deploy custom and\napplication-specific rules in minutes that block common attack patterns, such\nas SQL injection or cross-site scripting.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Ch2\u003E\n\u003Co:p\u003E\u0026nbsp;\u003C\/o:p\u003E\u003C\/h2\u003E\n\u003Ch3\u003E\nAmazon Inspector – Released in preview\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nAmazon Inspector is an automated security assessment\nservice. This allows you to inspect your applications for a range of security\nvulnerabilities.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAmazon Kinesis Firehose \u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nLoad streaming data quickly and easily into Amazon S3 and\nAmazon Redshift to enable real time analytics.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAmazon QuickSight. Status – Released in preview\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nAmazon’s new Business Intelligence tools for analysis of\ndata from Amazon EMR, Amazon RDS, Amazon DynamoDB, Amazon Kinesis, Amazon S3\nand Amazon Redshift. QuickSight utilises SPICE (Super Fast In-Memory\nCalculation Engine) to return results from large datasets in rapid time.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAWS IoT – Released in beta\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nAWS IoT (Internet of Things) provide cloud services for\nembedded devices. Tiny devices can use AWS Lambda, Amazon Kinesis, Amazon S3,\nAmazon Machine Learning, and Amazon DynamoDB etc to provide powerful capabilities\nfor many applications.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\nMany embedded processor suppliers including Intel, Microchip\nPIC, TI, BeagleBone, Avnet, Marvell, MediaTek, Renesas, Dragonboard and Seeeduino\nprovide starter kits to get you started.\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ch3\u003E\nAWS Mobile Hub – Released in beta\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/h3\u003E\nThis service streamlines the process of creating mobile IOS\nand Android apps that use AWS services.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nWe will be updating our \u003Ca href=\"http:\/\/backspace.academy\/\"\u003Ebackspace.academy\u003C\/a\u003E\u0026nbsp;certification courses to reflect all the changes.\u003Cbr \/\u003E\n\u003Cdiv class=\"MsoNormal\"\u003E\n\u003Co:p\u003E\u003C\/o:p\u003E\u003C\/div\u003E\n"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/learn-aws.blogspot.com\/feeds\/6545454393433846449\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2015\/11\/what-month-in-aws.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/6545454393433846449"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/4603622075690903012\/posts\/default\/6545454393433846449"},{"rel":"alternate","type":"text/html","href":"http:\/\/learn-aws.blogspot.com\/2015\/11\/what-month-in-aws.html","title":"What a month in AWS!"}],"author":[{"name":{"$t":"BackSpace Academy"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/15061292652079774775"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}}]}});