AWS Notes

У Google (опять) проблемы. https://openai.com/index/searchgpt-prototype/

Задачи по Backup & Disaster Recovery легче приоретизируются после (не)большой потери данных.

⚡️ Mistral Large 2 is here. Mistral Large 2 is already available on AWS! 💪 #Bedrock

CrowdStrike Postmortem https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/ What Happened? On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques. TL;DR ❌ linter ❌ auto tests ❌ canary deployment ❌ rollback #postmortem

А девопса из CrowdStrike таки уволили, ищут нового: 😁 https://crowdstrike.wd5.myworkdayjobs.com/en-US/crowdstrikecareers/job/Principal-Cloud-Software-Engineer-DevOps-Engineer--Remote-_R19529 P.S. Спешите зааплаиться — $135,000 - $225,000 per year + variable/incentive compensation + equity + benefits.

⚡️ Llama 3.1 405B is here. https://ai.meta.com/blog/meta-llama-3-1/ And Llama 3.1 is already available on AWS! 💪

​​🆕 RDS with DLV (Dedicated Log Volumes) for PostgreSQL, MySQL, and MariaDB: https://aws.amazon.com/blogs/database/enhance-database-performance-with-amazon-rds-dedicated-log-volumes/ RDS with DLV use cases: • Large allocated storage (over 5 TiB) • High IOPS requirements • Transaction-intensive workloads • Latency-sensitive workloads • Using io1 or io2 Provisioned IOPS storage ⚠️ Enabling DLV requires database downtime, but this can be reduced by enabling DLV on a new or existing read replica and then promoting it as the primary. #RDS

Лидер в области безопасности Wiz отклонил предложение продаться Google и идёт на IPO. https://www.theverge.com/2024/7/23/24204198/google-wiz-acquisition-called-off-23-billion-cloud-cybersecurity Очень хорошо, таким гигантам для столь чувствительной ниши правильно оставаться независимыми.

Простая рабоче-крестьянская Lambda@Edge для добавления парольной аутентификации сайтам на CloudFront + S3: https://towardsaws.com/a-short-guide-in-using-lambda-edge-to-password-protect-your-development-and-staging-environments-1ce5faacb8f8 #Lambda

​​AWS Well-Architected Framework https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html #design #WAF

​​S3 как container registry вместо ECR — в 5-8 раз быстрее и в 4 раза дешевле! https://ochagavia.nl/blog/using-s3-as-a-container-registry/ #S3 #ECR

☑️ Issue #133 | 21 July 2024 ▪️  Application Migration Service FedRAMP High authorization ▪️  Artifact enhanced search capability for reports ▪️  Cloud Control API IPv6 ▪️  CloudWatch Logs Infrequent Access log class available in GovCloud Regions ▪️  Connect        ▫️ search API for agent status        ▫️ search API for hierarchy groups ▪️  Control Tower customization frameworks are available in opt-in regions ▪️  Elemental MediaConnect individual output stopping capability ▪️  HealthImaging DICOMweb retrievals ▪️  IAM Identity Center independent 90-days session duration for CodeWhisperer ▪️  Lambda SnapStart for ARM64 Java functions ▪️  Marketplace Catalog API (CAPI) Integration with Strongly-Typed API Schemas ▪️  OpenSearch Serverless smart caching ▪️  Private CA ARM architecture in Kubernetes ▪️  QuickSight improves controls performance ▪️  RDS Aurora new open-source Advanced MYSQL ODBC Driver ▪️  RDS for MariaDB LTS version 11.4 ▪️  RDS for SQL Server password policies for SQL Server logins ▪️  SageMaker Canvas Productionize Fine-tuned Foundation Models

Простите, кто последний в очереди предложений переписать Windows на Rust? Никто? Тогда просьба за мной не занимать! https://x.com/Perpetualmaniac/status/1814376668095754753

Старожилы не припомнят.

Старожилы не припомнят.

Кто сам не ронял прод в результате апдейта Пусть первый в меня кинет бэкапом.

AWS Health Dashboard — CrowdStrike Falcon Agent Issue Starting at 9:30 PM PDT on July 18th 2024 some Windows Instances, Windows WorkSpaces and Appstream 2.0 Applications experienced connectivity issues and reboots due to a recent update of the CrowdStrike Falcon agent (csagent.sys). This update caused a stop error (BSOD) within the Windows operating system. Windows instances and WorkSpaces that do not use CrowdStrike, were not affected by this issue. AWS services and network connectivity were also not affected by this event and continued to operate normally. While the issue was triggered by the CrowdStrike Falcon agent update within the Windows guest operating system, AWS has taken steps to mitigate the issue for as many Windows instances, Windows WorkSpaces and Appstream 2.0 Applications as possible. For the remaining Windows instances and Windows WorkSpaces that are still affected by this issue, customers need to take action to restore connectivity. Customers using Amazon Appstream 2.0 Applications will no longer see the impact. For EC2 instances, there are currently three paths to recovery. First, in some cases, a reboot of the instance may allow for the CrowdStrike Falcon agent to be updated to a previously healthy version, resolving the issue. However, this is not successful in all cases, in which case an alternative recovery strategy will be needed. Second, the following steps can be followed to delete the CrowdStrike Falcon agent file on the affected instance: (Latest revision: July 19, 7:01 AM PDT) 1. Create a snapshot of the EBS root volume of the affected instance 2. Create a new EBS volume from the snapshot in the same Availability Zone 3. Launch a new instance in that Availability Zone using a different version of Windows 4. Attach the EBS volume from step (2) to the new instance as a data volume 5. Navigate to the \windows\system32\drivers\CrowdStrike\ folder on the attached volume and delete "C-00000291*.sys" 6. Detach the EBS volume from the new instance 7. Create a snapshot of the detached EBS volume 8. Create an AMI from the snapshot by selecting the same volume type as the affected instance 9. Call replace root volume on the original EC2 Instance specifying the AMI just created Finally, customers can relaunch the EC2 instance from a snapshot or image taken before 9:30 PM PDT. We have been able to confirm that the update that caused the CrowdStrike Falcon agent issue is no longer being automatically updated, so the relaunched instance will no longer be affected by the issue. For Amazon WorkSpaces, we recommend a reboot of the affected WorkSpaces. As with EC2, this may recover the instance but it does not work in all cases. Alternatively, we would recommend restoring to a recent backup of the workspace. If you need assistance with any of these actions please contact AWS Support via the AWS Support Center.

CrowdStrike Falcon Agent Issue Starting at 9:30 PM PDT on July 18th 2024 some Windows Instances, Windows WorkSpaces and Appstream 2.0 Applications experienced connectivity issues and reboots due to a recent update of the CrowdStrike Falcon agent (csagent.sys). This update caused a stop error (BSOD) within the Windows operating system. Windows instances and WorkSpaces that do not use CrowdStrike, were not affected by this issue. AWS services and network connectivity were also not affected by this event and continued to operate normally. While the issue was triggered by the CrowdStrike Falcon agent update within the Windows guest operating system, AWS has taken steps to mitigate the issue for as many Windows instances, Windows WorkSpaces and Appstream 2.0 Applications as possible. For the remaining Windows instances and Windows WorkSpaces that are still affected by this issue, customers need to take action to restore connectivity. Customers using Amazon Appstream 2.0 Applications will no longer see the impact. For EC2 instances, there are currently three paths to recovery. First, in some cases, a reboot of the instance may allow for the CrowdStrike Falcon agent to be updated to a previously healthy version, resolving the issue. However, this is not successful in all cases, in which case an alternative recovery strategy will be needed. Second, the following steps can be followed to delete the CrowdStrike Falcon agent file on the affected instance: (Latest revision: July 19, 7:01 AM PDT) 1. Create a snapshot of the EBS root volume of the affected instance 2. Create a new EBS volume from the snapshot in the same Availability Zone 3. Launch a new instance in that Availability Zone using a different version of Windows 4. Attach the EBS volume from step (2) to the new instance as a data volume 5. Navigate to the \windows\system32\drivers\CrowdStrike\ folder on the attached volume and delete "C-00000291*.sys" 6. Detach the EBS volume from the new instance 7. Create a snapshot of the detached EBS volume 8. Create an AMI from the snapshot by selecting the same volume type as the affected instance 9. Call replace root volume on the original EC2 Instance specifying the AMI just created Finally, customers can relaunch the EC2 instance from a snapshot or image taken before 9:30 PM PDT. We have been able to confirm that the update that caused the CrowdStrike Falcon agent issue is no longer being automatically updated, so the relaunched instance will no longer be affected by the issue. For Amazon WorkSpaces, we recommend a reboot of the affected WorkSpaces. As with EC2, this may recover the instance but it does not work in all cases. Alternatively, we would recommend restoring to a recent backup of the workspace. If you need assistance with any of these actions please contact AWS Support via the AWS Support Center.

Лучи поддержки команде тестирования CrowdStrike.