DevSecOps Notes

Data security -> PC over - IP (PCoIP) - provides on interactive video stream without transmitting actual data.

When you choose AWS KMS with Redshift there is a four-tier hierarchy of encryption keys a) master key b) cluster key c) database key d) data encryption keys

EMR protects access to the cluster -the master node is launched into a SG that allows SSH and service access -while the slave nodes are launched into a separate SG that only permits communication with master node.

Kinesis -enabled to work with large data streams Kinesis Firehose: -saves streams to AWS storage services Kinesis Streams: -ability to process the data in the streams

AWS  KMS CMKs (Customer Master Keys) are the fundamental resources that AWS KMS manages. CMKs can never leave AWS KMA unencrypted, but data? keys can. AWS KMS uses envelope encryption to protect data. 1.AWS KMS create data key 2. encrypts it under a CMK 3. and returns plaintext and encrypted versions of the data key You can retrive a plaintext data key only if you have the encrypted data key and you have permission to use the corresponding master key . Encryption context is a set of key/value pairs that you can pass to AWS KMS when you call the: -Encrypt -Decrypt -reencrypt -Generate DataKey -Generate DataKey Without PlainText API -Although the encryption context is not included in cipher text, it is cryptographically bound to the ciphertext during ejncryption and must be passed again when you call the Decrypted ( or Recrypt) API. Invalid ciphertext for decryption is plaintext that has been encrypted in a diffrent AWS account or ciphertext that how ...

1) UDP -> DNS primary uses to serve request TCP -> when response data size exceeds 512 b, or for task such as zone transfer 2) Hosted zones -> represents a collection of response records sets that are managed togheter a) public b) private 3) Types of DNS records a) NS (name server) - specifies an authoritive name server to given host b) PTR (Reverse - lookup pointer records) -as oppased to forward DNS resolution (A, AAAA DNS records) -IP address -> Domain Record c) SOA (Stort of authority Record) -the record specifies core information about DNS zone, including the primary 1. name server 2. the email of the domain admin 3. the domain serial number 4. several timers to refreshing the zone d) TXT E) SPF (Sender POlicy Framework) -to prevent fake emails to apped to be sent be gon...?

Multiple queues can subscribe to on SNS topic, which can enable parallel asyn processing.

Message ID + Body

B) Zad 1. Przygotować program tworząc a następnie czytający, pliki tekstowe zawierające 10,100, 1000, 10 000, 100 000, 1 000 000 liczb zmiennoprzecinkowych. Liczby mają być obliczane przez generator liczb losowych, a ich wartości mieścić się w zakresie [a, b0). Porcje liczb zapisać do oddzielnych plików. Zad 2. Ustalić czas wyklonania programu dla każdego z wyżej opisanych rozmiarów plików danych w postaci tabeli o następującej zawartości: rozmiary danych | czas_tworzenia_danych | czas_pisania_do_pliku | czas_czytania_z_pliku #include "sort.h" #include <iostream> #include <fstream> #include <cstdlib> #include <ctime> #include <string> #include <sstream> #include <iomaninp> #define zmierz_czas (X, wektor_czas) { czas = clock();                                                         ...

1) Amazon DynamoDB -NoSQL -fast, predictable performance -seamless scalability -hardware scalowanie -scales throught capability -synchronisty replicate data across 3 AZ facility in region ↑avability ↑durability -supports PUT/GET + primary key -primary :   *only required for items in table   *unigly identiufies each item 2) Read consistency a) eventual consistent reads (default) -max read throughput -might not reflect results of a complete write -consistency within a sec b) strongly consistent reads 3) Inplace atomic update: -fast -you increment or decrement a numeric attribute in a new wing a single API call -you can atomically add or remove sets, lists, or maps. 4) Why on SSD -low latancy -accessing data at any scale -high 10 in low price 5) Cost: -request -data store Not for large data rare access -> S3 6) Flexible quering: -on non -primary key attributes   *Global Secondary Indexes   *Local Secondary Indexes 7...

https://d1.awsstatic.com/whitepapers/Storage/aws-storage-options.pdf STORAGE GATEWAY Storage Gateway -> allows you to access data in S3 locally Gateway- Cached Volume -> allow you to expand a relatively small amount of local storage into S3 1. File Gateway -flat files -> S3 2. Volume Gateway a) Stored Volumes -dataset stored on site -asyn backup to S3 b) Cached Volumes -datasets stored S3 -cache on site 3. Gatway Virtual Tape Libirary (VTL) -> used for backup

AWS provides the root or system privileges only for limited set of services: -EC2 -EMR -Beanstalk -OpsWork

https://aws.amazon.com/blogs/big-data/implement-continuous-integration-and-delivery-of-serverless-aws-glue-etl-applications-using-aws-developer-tools/ https://aws.amazon.com/blogs/compute/implementing-dynamic-etl-pipelines-using-aws-step-functions/ https://aws.amazon.com/blogs/big-data/etl-processing-using-aws-data-pipeline-and-amazon-elastic-mapreduce/

1. Sensory czynników środowiskowych - Niska cena, zaskakująco dobre parametry oraz niewielkie rozmiary to główne czynniki decydujące o ich popularności.  - Linux w krótkim czasie zaczyna oferować dla nich wsparcie w postaci dedykowanego podsystemu IIO (ang. Industrial Input/Output)... Linux zyskuje nowe moce; Sposoby dodawania sensorów do systemu; Krótko o mechanizmie instancjonowania urządzeń w Linuksie; Drzewo urządzeń; Dodanie sensora I2C do drzewa urządzeń; Dodanie sensora SPI do drzewa urządzeń; Dodanie sensora 1wire do drzewa urządzeń; Dodanie sensora I2C poprzez zapis do pliku w /sysfs; Modyfikacja DT w locie; IIO; Podstawy; Obsługa zdarzeń; Wyzwalanie pomiaru; Trigger loop; Bufory; Bezpośredni dostęp do rejestrów sensora. LINUX ZYSKUJE NOWE MOCE  - Prace nad IIO rozpoczynają się przed 2009 rokiem. Jest to spowodowane coraz większą ilością napływających sterowników dla sensorów, z których wiele oferowaną funkcjonalnością nie do końca pasu...

aws ecr get-login --no-include-email --region us-east-1 docker login... docker push

1. What is CQRS? -based on the Command Query Separation principle -The CORS stand for Command Query Responsibillity Separ action and is extensional the CQS for objects -CQRS is not an architecture style, if a antipattern to use - Command can change the state of the object  but can't return any value - Query can return value but can't change the state of the object 2. Clean Architecture -Very similar to other layered architectures like Hexagonal Architectur and Onion Architecture -Nothing in an inner circle an know anything at all about something in an outer circle - Entities contains business logic -The use case layer define the data flow, H?ere we will use the CQRS -The Interface layer is a bridge between application and external parties like web be owner or mobile application -the last layer is the framework and libraries 3. Summary -The CORS is not a silver bullet, and should be use with caution -The Clean Architecture adds complexity but can prepare th...

1.   Bug - When actual result  deviates from the expected result  while testing a software application or product then it results into a  defect . Hence, any deviation from the specification mentioned in the product functional specification document is a  defect . In different organizations it’s called a  Bug .  2. Defect - If  software misses some feature  or function from what is there in requirement it is called as  defect .  3. The Capability Maturity Model for Software (CMM or SW-CMM)   -  is a model for judging the maturity of the software processes of an organization and for identifying the key practices that are required to increase the maturity of these processes. 4. Beta testing   - is testing of a release of a software product conducted by customers. 5. Black Box Testing -Testing based on an analysis of the specification of a piece of software without reference to its intern...