|
Buy the courses from Udemy and then transfer them into ACloudGuru by sending a copy of your receipt.
|
#
?
Dec 12, 2017 18:21
|
|
|
|
| # ? May 17, 2024 19:17 |
|
|
SnatchRabbit posted:Speaking of certs is there a good resource for free practice exams? I just finished a course for associate solutions architect so I'm looking for some more exams to make sure I'm on my A game. A Cloud Guru is what I used. You can get a membership for $20/mo that gives you access to all their courses plus the exam simulations which I would say were a HUGE help in my passing the exam. https://acloud.guru/membership
|
|
#
?
Jan 10, 2018 03:41
|
|
|
I have a question - over the Christmas break one of my coworkers decided to wind down some EC2 instances that are only used for testing etc (i.e. not needed outside business hours). This is fine for most of our stuff, but some of the instances he terminated were actually belonging to Elastic Beanstalk stacks. Since they've been started back up, they've been having funny behaviour (constant cycle of scaling up and down, CPU strain etc). In each case, rebuilding the environment fixed the problem. I'm just wondering three things: 1) Is manually terminating the instances definitely what caused this issue or am I suffering confirmation bias? Has anyone experienced this before? 2) Is there a simpler, lower impact way to fix this problem other than a complete environment rebuild? 3) Is there a recommended way to do what my coworker was trying to do (i.e. pause the environment's underlying instances while they were not required)?
|
|
#
?
Jan 10, 2018 03:53
|
|
|
a hot gujju bhabhi posted:I have a question - over the Christmas break one of my coworkers decided to wind down some EC2 instances that are only used for testing etc (i.e. not needed outside business hours). This is fine for most of our stuff, but some of the instances he terminated were actually belonging to Elastic Beanstalk stacks. Since they've been started back up, they've been having funny behaviour (constant cycle of scaling up and down, CPU strain etc). In each case, rebuilding the environment fixed the problem. I'm just wondering three things: My experience with EB has been that sometimes its an annoying black box and you don't know why its failing, so spinning up a replacement environment is easier. Its really just there to prototype things and make it easier for developers, and not meant for a production environment. My last company we eventually got rid of it and just ran the same deployment code everywhere, we just scaled back the instances (smaller types, scheduled shutoffs, or spin up environments on demand to test and then destroy when done. If you stick with EB then I think you have to manage it through the cli or its own dashboard. If you start screwing with the EC2 instances it is using it tends to get confused.
|
|
#
?
Jan 10, 2018 18:31
|
|
|
My company is now paying for free cloud guru access for employees.  Guess that's a sign I need to work on my certs.
|
|
#
?
Jan 10, 2018 19:17
|
|
|
So the security exam is back in beta - first sessions to sit are on Monday. https://aws.amazon.com/certification/beta-exam/
|
|
#
?
Jan 10, 2018 23:58
|
|
|
Rapner posted:So the security exam is back in beta - first sessions to sit are on Monday. https://aws.amazon.com/certification/beta-exam/ Free online training for it too. Couldn't hurt to go through that.
|
|
#
?
Jan 11, 2018 22:37
|
|
|
JHVH-1 posted:Its really just there to prototype things and make it easier for developers, and not meant for a production environment. Is this really the case? I mean I can see that it would be the case in practice perhaps, if it's unreliable or a bit lovely or whatever. But is this truly AWS's intent for the service? JHVH-1 posted:If you stick with EB then I think you have to manage it through the cli or its own dashboard. If you start screwing with the EC2 instances it is using it tends to get confused. Thanks, this is kind of what I thought and I was honestly pretty annoyed that the tech lead went ahead and just started directly loving with the instances.
|
|
#
?
Jan 23, 2018 23:01
|
|
|
a hot gujju bhabhi posted:Is this really the case? I mean I can see that it would be the case in practice perhaps, if it's unreliable or a bit lovely or whatever. But is this truly AWS's intent for the service? They have improved it like everything else. Originally they didn't sell it as something you run production applications on, but now it scales out etc. From an operations perspective I found it annoying so it was originally designed so developers can throw an app at it and not think about the rest. Problem is developers seem to get used to it and then expect it so its more fleshed out now than it used to be. This is from their FAQ quote:Q: What is AWS Elastic Beanstalk? DEVELOPERS DEVELOPERS DEVELOPERS
|
|
#
?
Jan 24, 2018 16:54
|
|
|
I've seen beanstalk used in production when someone just wanted to run a single instance of a docker container. It's also good for quickly moving between versions of code.
|
|
#
?
Jan 24, 2018 20:29
|
|
|
I booked my Solutions Architect - Associate exam for Feb 12 so I'm going to try and do as many labs and practice exams as I can until then. I've heard that there are a lot of scenario questions, so it seems best to have a well-rounded knowledge of the material instead of just mastering AWS trivia questions. Looking at the A Cloud Guru forums, however, it seems that the exams take a keen interest in subjects that one would never think to focus on initially - like bastion hosts, SWF use cases, and so on. I'm also studying data engineering at a local place and the teacher who runs it says he has employers requesting AWS-certified people all the time - to the degree that he's thinking of starting an AWS course just to fill the demand. But I wonder if SAA alone will help me get my foot in the door. I mean, it's kind of the "paper trainee hat" level of AWS certs.
|
|
#
?
Feb 1, 2018 21:54
|
|
|
Seventh Arrow posted:I booked my Solutions Architect - Associate exam for Feb 12 so I'm going to try and do as many labs and practice exams as I can until then. I've heard that there are a lot of scenario questions, so it seems best to have a well-rounded knowledge of the material instead of just mastering AWS trivia questions. Looking at the A Cloud Guru forums, however, it seems that the exams take a keen interest in subjects that one would never think to focus on initially - like bastion hosts, SWF use cases, and so on. If you're on A Cloud Guru I assume you're using their training material? In that case, try doing the exam simulation, it's reasonably close to what the real exam will be like.
|
|
#
?
Feb 1, 2018 22:11
|
|
|
a hot gujju bhabhi posted:If you're on A Cloud Guru I assume you're using their training material? In that case, try doing the exam simulation, it's reasonably close to what the real exam will be like. Yes I am, thanks; I've also gone through the Sybex book, which is very detailed. Perhaps too detailed, even.
|
|
#
?
Feb 2, 2018 02:43
|
|
|
Seventh Arrow posted:I booked my Solutions Architect - Associate exam for Feb 12 so I'm going to try and do as many labs and practice exams as I can until then. I've heard that there are a lot of scenario questions, so it seems best to have a well-rounded knowledge of the material instead of just mastering AWS trivia questions. Looking at the A Cloud Guru forums, however, it seems that the exams take a keen interest in subjects that one would never think to focus on initially - like bastion hosts, SWF use cases, and so on. Echoing that doing the practice exam on ACG will set up you fairly well for the exam. SA Associate is what my company generally recommends for our engineers, and I imagine many others are similar. It's definitely good for getting your foot in the door and/or being at the top of the list.
|
|
#
?
Feb 2, 2018 03:11
|
|
|
The place where I'm studying is letting me volunteer as their AWS guy to set up their environment. I'm not sure why, but he wants a script that will remove the buckets and create them anew each semester. So I'm wondering if an S3 script would be as simple as, say:code:Thanks for any help.
|
|
#
?
Feb 6, 2018 15:11
|
|
|
Seventh Arrow posted:The place where I'm studying is letting me volunteer as their AWS guy to set up their environment. I'm not sure why, but he wants a script that will remove the buckets and create them anew each semester. So I'm wondering if an S3 script would be as simple as, say: You're not making buckets there, you're making keys in one bucket. This is a perfect use case for Terraform. It's idempotent, meaning if you add a new key to your list of keys, it'll check your existing infrastructure and know to only add that key, whereas your script would fail on all the existing ones. At the end of the semester, taint all the resources and run a terraform apply to recreate them. Store its state in s3://mybucket/tfstate or something, and put your Terraform configuration on github or wherever you store important code. If you're feeling frisky, you can do TDD for Terraform with kitchen-terraform. If you're managing other things in that AWS account, you should use Terraform for everything. Or CloudFormation or whatever, just not the console. Congrats on the new resume keyword.
|
|
#
?
Feb 6, 2018 16:44
|
|
|
Thank you for the suggestion - although it just occurred to me that since the guy is a python nerd, I can probably also whip something up using Boto.
|
|
#
?
Feb 6, 2018 17:09
|
|
|
he wants the buckets removed or the contents of the buckets? either way I'd do something with boto probably
|
|
#
?
Feb 6, 2018 20:39
|
|
|
Also because s3 has a unique namespace and bucket deletion can take unexpectedly long sometimes, you might run into issues if deleting and recreating buckets with the same name. It's good to put some kind of time/date stamp in the name, or even just a random number if you're going to fully automate this.
|
|
#
?
Feb 7, 2018 00:08
|
|
|
Seems like it would make more sense just to have IAM policies you can disable so access gets cut off. Then the content can get updated (if it even changes) before putting the policy back again before next semester. Boto would work fine, and probably good to try as an exercise though. The CLI is just more straight forward is all, like you could probably do it all from a single line if its in the same bucket using the flags rm provides.
|
|
#
?
Feb 7, 2018 18:22
|
|
|
Yes, his motives for tearing it all down and building it up again are a little mysterious to me but I managed to slap something together anyways:code:
|
|
#
?
Feb 7, 2018 18:36
|
|
|
Also, my exam is on Monday but I'm still fuzzy on encryption of volumes. How can I lock this down better?
|
|
#
?
Feb 7, 2018 18:39
|
|
|
Seventh Arrow posted:Also, my exam is on Monday but I'm still fuzzy on encryption of volumes. How can I lock this down better? I actually have been going through the training for the beta security exam since its free and they cover it in the second section of the course: https://aws.amazon.com/training/course-descriptions/security-fundamentals/ Though you might not want to go through the whole class till after your exam and just find that part so you don't overload yourself with info. There is also a corresponding whitepaper: https://d0.awsstatic.com/whitepapers/AWS_Securing_Data_at_Rest_with_Encryption.pdf AWS has whitepapers for like EVERYTHING it seems.
|
|
#
?
Feb 7, 2018 20:20
|
|
|
Seventh Arrow posted:I booked my Solutions Architect - Associate exam for Feb 12 so I'm going to try and do as many labs and practice exams as I can until then. I've heard that there are a lot of scenario questions, so it seems best to have a well-rounded knowledge of the material instead of just mastering AWS trivia questions. Looking at the A Cloud Guru forums, however, it seems that the exams take a keen interest in subjects that one would never think to focus on initially - like bastion hosts, SWF use cases, and so on. I scraped by on my AWS Solutions Architect exam. I took courses and practice exams. My experience is that I got way more questions about newer stuff like lambda than I was led to believe would be there. They seem to favor newer technologies even though the courses say to focus on core services like EC2, S3, EBS, etc. So definitely don't skip on the obscure stuff.
|
|
#
?
Feb 7, 2018 21:48
|
|
|
some student is gonna snipe your bucket names
|
|
#
?
Feb 7, 2018 22:35
|
|
|
They're just placeholders for now. I'm pretty sure the instructor will change them to something more unique. Also, thanks for the heads up re: more recent technologies appearing on the exam, like Lambda. The Sybex book doesn't really touch upon that stuff so it's easy to overlook. I've been looking over a thread at A Cloud Guru where people report their exam experiences and one guy's exam was quote:my exam was mostly about auto-scaling, API/web development, Containers/ECS, Lambda and Cloudfront. I feel that this course covered maybe 20%-30% of what was in the exam. I guess they was Solution Architects to be ready to architect for "serverless"; at least, I felt that is where it was going... Anyways I'll do as many labs and practice exams as I can in the next few days and hope for the best.
|
|
#
?
Feb 7, 2018 23:14
|
|
|
I get massively intimidated by the prospect of taking any of the AWS exams due to the ridiculously quick pace that it's developing at. Should really put some effort in and give it a shot.
|
|
#
?
Feb 7, 2018 23:57
|
|
|
Thanks Ants posted:I get massively intimidated by the prospect of taking any of the AWS exams due to the ridiculously quick pace that it's developing at. Should really put some effort in and give it a shot. The core services aren't likely to change (EC2, S3, DDB, EBS, RDS, SNS, IAM, SQS, etc...) they're just going to add more features to them and add new "frills" services. So it's definitely important to understand those core services especially since most of the others are some form of abstracted versions thereof.
|
|
#
?
Feb 8, 2018 00:44
|
|
|
Thanks Ants posted:I get massively intimidated by the prospect of taking any of the AWS exams due to the ridiculously quick pace that it's developing at. Should really put some effort in and give it a shot. The exams are almost all still very 2015, and the pace of change on them isn't huge.
|
|
#
?
Feb 8, 2018 01:29
|
|
|
Well I got the Certified Solutions Architect (Associate) cert today, but just barely - my score was 58%. I was surprised, I thought it was usually 65%, but I know it differs from place to place. I wasn't sure how to manage my time at first. I didn't want to fly through the questions and overlook some sort of trick in the wording (something Amazon likes to do), but I didn't want to run out of time because I hemming and hawing over a handful of questions. So I just marked questions that were suspect and came back to them later. I finished with about 10 minutes to spare. There's only one question that had a concept I had never heard of before, it was something called 'CORS'. I think it had to do with API Gateway. If I recall correctly, the question had to do with having a web application that uses - it was either 'javascript' or a Java script - that interacts with the Amazon API. It connects to the API just fine but when you try to go to the website you get an error that has something to do with the origin. The answers were all variations of enabling or disabling CORS, either in java or in the VPC. There were two questions on STS. One of them was a "gimme." It asked what was associated with a web sign in for users of FB, Google, Amazon.com and this was Web Federation. There was, I think, only one Lambda question and it asked what were valid triggers...I answered DynamoDB and I think the other one was SNS, which are both right. There were lots of questions about VPC's - subnets, bastion hosts, VPN's, that sort of thing. Quite a few questions on load balancing, too. One question threw me a bit, it had a to do with things that can be done to prepare Auto Scaling ahead of the fact. One of the answers I knew for sure had to do with scheduled scaling; the other answers (desired capacity, maximum capacity)...the only other answer was lifecycle hooks, which I selected, but now that I'm reading about it, it doesn't seem quite right either. To prepare, I used A Cloud Guru, the whizlabs practice exams and the Sybex books. There were questions on the exam (like at least 5) that were verbatim copies of what I saw on whizlabs. I'm wondering if they get people to take the exams and write down the questions when no one's looking or something; on the other hand, brain dumps have been around since the 90s so who knows. The Sybex book is good, but a little unwieldy (and a bit out of date - no Lambda or anything newer). I think the Sybex book is good for making you understand the concepts and making you a good Cloud Admin, instead of just making you a guy who can answer AWS trivia questions. A Cloud Guru was a big help, but doing the labs is really important. Anyways, I wish I had done better, but I was glad to get the cert nonetheless. I'm mulling over whether to go for the Developer next, or Cloud Architect Professional.
|
|
#
?
Feb 13, 2018 00:18
|
|
|
CORS is an S3 bucket thing. Though I don't remember much more than that. I know I've seen it in the options with the bucket policies. Edit: misread, maybe in confused on what CORS is then jiffypop45 fucked around with this message at 00:37 on Feb 13, 2018 |
|
#
?
Feb 13, 2018 00:29
|
|
|
Apparently it has to do with receiving requests from other domains: https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html I was really hoping that they had just misspelled "Coors," indicating that you were supposed to pop open a beer while you troubleshoot your code.
|
|
#
?
Feb 13, 2018 00:55
|
|
|
CORS is how you bypass the same-origin policy in browsers. site served from whatev.com has some JS that wants to fetch from somewhereelse.com, you need CORS support.
|
|
#
?
Feb 13, 2018 02:25
|
|
|
How on earth do you guys handle Environment Variables in Elastic Beanstalk for .NET projects? I can set them up just fine, but how do I access the values in code? The AWS documentation seems to imply that they will be made available in the AppSettings dictionary, but it's not working. A bit of Googling has revealed that apparently this is a known issue, but the suggestions I've found for addressing it aren't working and they seem kind of inelegant. Surely this is a common enough requirement that there's a well understood process for this, and my Google-fu is maybe just terrible?
|
|
#
?
Feb 15, 2018 05:21
|
|
|
Not sure if its because Elastic Beanstalk is being weird, but just use the Environment class; https://msdn.microsoft.com/en-us/library/77zkk0b6(v=vs.110).aspx pre:Environment.GetEnvironmentVariable("MYVAR");
|
|
#
?
Feb 16, 2018 10:11
|
|
|
Cancelbot posted:Not sure if its because Elastic Beanstalk is being weird, but just use the Environment class; Yeah it doesn't work correctly apparently. There's a workaround to manually load in the JSON configuration file EB creates on the instances, and that's about the only option. It worked well once I got it set up, but what a pain in the arse...
|
|
#
?
Feb 21, 2018 06:48
|
|
|
Has anyone messed around with Lambda functions? My boss asked me to come up with a function to do some penetration testing on our instances, essentially, check to see whether a certain port on a certain instance is open. I'm thinking about using the API gateway and maybe a simple webpage front end that will run the lambda function but I'm open to ideas. I kind of suck with coding in python but this should be a pretty simple. Anyone have any suggestions?
|
|
#
?
Feb 21, 2018 16:34
|
|
|
Lambda supports other languages if you don't want to write python. I think penetration testing is a weird use case for Lambda though
|
|
#
?
Feb 21, 2018 18:38
|
|
|
SnatchRabbit posted:Has anyone messed around with Lambda functions? My boss asked me to come up with a function to do some penetration testing on our instances, essentially, check to see whether a certain port on a certain instance is open. I'm thinking about using the API gateway and maybe a simple webpage front end that will run the lambda function but I'm open to ideas. I kind of suck with coding in python but this should be a pretty simple. Anyone have any suggestions? Sounds pretty complicated, could just run nc or something. I had a script like this I wrote in python though a couple jobs ago to make sure a port was open so the app was running just using sockets I think. Also a heads up, technically if you are doing penetration testing you are supposed to notify them https://aws.amazon.com/security/penetration-testing/ If you have your rules set up properly and only allow what you need to though you shouldn't be needing to poll this kind of thing frequently. Based on the network rules you should be able to tell if something is allowed or not. Just stumbled upon this while googling a second ago: https://nccgroup.github.io/Scout2/ You could also enable flow logs on a VPC: https://aws.amazon.com/blogs/security/how-to-optimize-and-visualize-your-security-groups/
|
|
#
?
Feb 21, 2018 21:14
|
|
|
|
| # ? May 17, 2024 19:17 |
|
|
JHVH-1 posted:Sounds pretty complicated, could just run nc or something. I had a script like this I wrote in python though a couple jobs ago to make sure a port was open so the app was running just using sockets I think. Thanks, those are very useful links. Re: Lambda, I wasn't sure how feasible it was, it was more like an idea for us to dip our toe into serverless. Yeah, I'll bring that up that we are supposed to notify AWS. the problem with flow logs is that this is a build/test environment so I don't think there's much traffic flowing through as of yet.
|
|
#
?
Feb 21, 2018 21:26
|
|