AWS Weekly Newsletter, Cyrabee. Curated AWS news, tutorials, tools and more!
🌐 View in your browser   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
 
Allow loading remote contents and showing images to get the best out of this email.
CyraBee
 
 
 
 

🎉🔗 Tech Enthusiasts, Assemble! 🔗🎉

Calling all DevOps heroes, Kubernetes sailors, Golang wizards, and Cloud-natives! 🚀
FAUN has Subreddits just waiting for you. Join the community, where sharing is caring, and knowledge is limitless! 🌟


Engage in thought-provoking discussions, share your mighty projects, soak in wisdom from industry gurus, and forge bonds with tech aficionados around the globe! 🌍🔗💬

The realms of knowledge are infinite – let's explore them together! 🚀🔥

 
 
🔗 From the web
 
www.infoq.com www.infoq.com
 
A Comprehensive Guide to Building Event-Driven Architecture on Azure, AWS, and Google Cloud   ✅
 
 

Azure, AWS, and Google Cloud offer various resources and services for building event-driven architectures. Each platform has its own messaging services, such as Azure Service Bus, AWS Simple Queue Service (SQS), and Google Cloud Pub/Sub, which allow for reliable message delivery and support different message patterns. Additionally, AWS provides AWS EventBridge, a serverless event bus, while Google Cloud offers EventArc for managing event ingestion and delivery. These platforms also have services like AWS Kinesis, Azure Event Hub, and Amazon MSK, which enable streaming and processing of real-time data.

 
 
aws.amazon.com aws.amazon.com
 
Removing header remapping from Amazon API Gateway, and notes about our work with security researchers
 
 

The header remapping feature in Amazon API Gateway was removed as of June 14, 2023, due to an issue reported by Omegapoint. This feature allowed customers to overwrite header values, potentially leading to unintended access. Additionally, the caching behavior for authorization policies was adjusted to prevent misbehaving clients from bypassing expected authorization.

 
 
securityblog.omegapoint.se securityblog.omegapoint.se
 
AWS API Gateway header smuggling and cache confusion   ✅
 
 

Omegapoint identified two potential security issues in AWS API Gateway authorizers. They reported these issues to AWS in November 2022 and January 2023, and AWS implemented mitigations for all customer accounts in May 2023.

 
 
aws.amazon.com aws.amazon.com
 
Interactively fine-tune Falcon-40B and other LLMs on Amazon SageMaker Studio notebooks using QLoRA
 
 

Fine-tuning large language models (LLMs) using Amazon SageMaker notebooks provides improved performance on domain-specific tasks. The use of Hugging Face's parameter-efficient fine-tuning (PEFT) library and quantization techniques through bitsandbytes allows for interactive fine-tuning of extremely large models using a single notebook instance, such as Falcon-40B on a ml.g5.12xlarge instance.

 
 
aws.amazon.com aws.amazon.com
 
Simplify fine-grained authorization with Amazon Verified Permissions and Amazon Cognito
 
 

AWS customers can now use Amazon Cognito and Amazon Verified Permissions together to add fine-grained authorization to their applications. Verified Permissions allows you to write policies for fine-grained access control and evaluate them based on the context of an access request, using attributes from Amazon Cognito tokens to represent the principal and their entitlements.

 
 

 
⭐ Supporters
 
leanpub.com leanpub.com
 
Exclusive 20% Discount on "Cloud Native Microservices With Kubernetes" - Limited Time Offer!
 
 

We are thrilled to announce a special offer for our widely acclaimed book, "Cloud Native Microservices With Kubernetes - A Comprehensive Guide to Building, Scaling, Deploying, Observing, and Managing Highly-Available Microservices in Kubernetes".

Starting today and running until July 31st, we're offering an exclusive 20% discount off the regular price!

To take advantage of this offer, simply use this coupon link .

Don't miss this opportunity. Remember, the offer is only valid until July 31st. Grab your copy now and unlock the full potential of cloud-native microservices with Kubernetes!

We look forward to empowering your journey in the world of cloud computing!

Happy learning!
FAUN Team

 
 
👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.
 
🛍️ Swag Store
 
 
ByteVibe New Arrivals: Desk Mats
 
❤️ 20% exclusive discount for FAUNers on all products (+free shipping included) when you use the code "THANKSFAUN".
 
ℹ️ News
 
aws.amazon.com aws.amazon.com
 
AWS announces Software Bill of Materials export capability in Amazon Inspector
 
 

Amazon Inspector now offers the ability to export a consolidated Software Bill of Materials (SBOMs) for all monitored resources, providing key information about software supply chain, including software packages and associated vulnerabilities. Users can download the SBOM artifacts and analyze software supply chain trends using Amazon Athena or Amazon QuickSight. This capability is available with a few clicks in the Amazon Inspector console or using Amazon Inspector APIs, and it is offered at no additional cost.

 
 
aws.amazon.com aws.amazon.com
 
Amazon Verified Permissions is now generally available
 
 

AWS has released Amazon Verified Permissions, a service that offers fine-grained authorization and permissions management for application development. The service utilizes Cedar, an open-source language for access control, allowing users to define permissions through easily comprehensible policies. Verified Permissions aids in decoupling permissions from application logic, facilitating the development of more secure applications with centralized policy stores, reusable policy templates, and policy testing.

 
 
aws.amazon.com aws.amazon.com
 
Amazon Detective extends finding groups to Amazon Inspector
 
 

Amazon Detective has expanded its capabilities by including Amazon Inspector network reachability and software vulnerability findings alongside Amazon GuardDuty findings, providing combined threats and vulnerabilities to help security analysts prioritize their focus. By automatically collecting findings from various AWS security services, Detective helps increase situational awareness, and its machine learning capabilities assist in faster investigations and identifying the root cause of security issues.

 
 
aws.amazon.com aws.amazon.com
 
Amazon EMR supports price-capacity-optimized allocation strategy for EC2 Spot Instances
 
 

Amazon EMR now supports the price-capacity-optimized allocation strategy for Amazon EC2 Spot Instances, allowing users to run Spot Instances at a lower price and with a lower interruption rate. Additionally, users can choose from four allocation strategies, including price-capacity-optimized, capacity-optimized, lowest price, and diversified, for the Amazon EC2 Spot instances in their cluster.

 
 
aws.amazon.com aws.amazon.com
 
Amazon QuickSight now supports APIs to automate and accelerate assets deployment
 
 

Amazon QuickSight has launched new API capabilities that allow you to automate and accelerate your BI asset deployment and management. With these new APIs, you can get programmatic access to export and import QuickSight assets such as dashboards, analysis, datasets including ingestion schedules, datasources, themes, and VPC configurations across accounts and environments. You can interact with a collection of assets in a lift-and-shift manner for your CI/CD workflows, enable backup and restore, and replicate assets powering automation of workflows and achievement of the desired infrastructure setup with full support for AWS CloudFormation.

 
 
aws.amazon.com aws.amazon.com
 
AWS Lambda simplifies copying environment variables in the console code editor
 
 

AWS Lambda console code editor now includes a read file listing all the environment variables associated with the function, making it easier for developers to discover the variables and reference them in their code. Environment variables are key-value pairs that developers use to extend a function's configuration outside of their code. When referencing the environment variables in their code, developers need the keys.

 
 
aws.amazon.com aws.amazon.com
 
AWS WAF Fraud Control launches account creation fraud prevention and tiered pricing
 
 

AWS WAF Fraud Control introduces Account Creation Fraud Prevention, a managed protection that prevents the creation of fake or fraudulent accounts, protecting against activities like phishing attacks and promotional abuse.

 
 
 
⚙️ Tools
 
github.com github.com
 
LeanerCloud/ChatGPT-cloud-plugin
 
 

ChatGPT plugin that will (one day) allow us to list and manage cloud resources

 
 
github.com github.com
 
fwdcloudsec/known_aws_accounts
 
 

List of known AWS accounts

 
 
github.com github.com
 
iam-veeramalla/aws-devops-zero-to-hero
 
 

AWS zero to hero repo for devops engineers to learn AWS in 30 Days. This repo includes projects, presentations, interview questions and real time examples.

 
 
👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.
 
🤔 Did you know?
 
 

The Apollo 11 guidance computer, which helped land humans on the moon, had less processing power than a modern-day smartphone.

 
 
😂 Meme of the week
 
 
 
 
❤️ Thanks for reading
 
 
👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could forward it to your friends! You can also donate to help us keep this newsletter going.

🙏 Never miss an issue!
To receive our future emails in your inbox, don't forget to add community@faun.dev to your contacts.

ℹ️ Have a question or feedback?
Feel free to reply to this email. We'd love to hear from you!

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.
 

CyraBee #381: A Comprehensive Guide to Building Event-Driven Architecture on AWS
Legend: ✅ = Editor's Choice / ♻️ = Old but Gold / ⭐ = Promoted / 🔰 = Beginner Friendly

You received this email because you are subscribed to FAUN.
🐾 FAUN is a world wide community of developers 👣 We help developers learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.

Important: We are gradually migrating to a new system. If you don't create an account on FAUN (here), you will stop receiving our weekly newsletter.