I deployed AWS WAF for my ALB(use cloudformation template). And now I want to configure scan probe and bad bot rules to work with google and other search bots.How can I identify "good" bots?
Related
I am currently building a rest api, for this I am using Google Cloud API Gateway and Google Cloud Run. I've been looking at all the google cloud documentation and researching elsewhere and I can't find how to add a custom domain to an API gateway instance. The funny thing is that there is more documentation for Google Cloud endpoints, I could find how to do it with endpoints but it does not apply to my use case.
I have 10 instances of google cloud run each one running a microservice respectively and I want to join everything in a single domain and add support with openapi, but I have failed in the attempt.
In any case, if someone has managed to customize the domain of an api gateway instance, I would appreciate if you could guide me, greetings.
For the beta release, custom domain names are not supported on GCP for API Gateway. Since it is still beta as of today, if you want to use a custom domain, you could use Cloud Endpoints in Cloud Run or you could even look into using Microservices in App Engine.
I have a Django Project deployed in AWS EC2 and have created all the REST APIs with DRF. Everything is working great. When I point public.ip.of.ec2:8000/myapi, I get the correct response and these APIs are used in Android application.
Now, day by day the API hits will be increased. So in order to maintain API requests I want to integrate my APIs with APIGateway. After a lot of reading and searching I still could not find any definitive tutorial or steps as of how to integrate APIGateway with EC2.
I've followed this but still could not integrate APIGateway with AWS Service i.e., EC2.
Please suggest a way to do this.
I have a Django Project deployed in AWS EC2 and have created all the
REST APIs with DRF. Everything is working great. When I point
public.ip.of.ec2:8000/myapi, I get the correct response
Integration type you are looking for is HTTP integration
Now, day by day the API hits will be increased. So in order to
maintain API requests I want to integrate my APIs with APIGateway
Although you can configure API caching, throttling, logging and monitoring, AWS API Gateway won't scale your backend integration. You will need to configure autoscaling on backend service as well.
I would like to put an AWS WAF in front of a web site served by CloudFront. I will need to update this WAF via automated calls though its API.
Where is this API documented?
I quickly found the Making HTTPS Requests to AWS WAF or Shield Advanced page, which states that
Many AWS WAF and Shield Advanced API actions require you to include
JSON-formatted data in the body of the request.
This is followed by a random example of how to insert an IP match condition rule.
I cannot believe that this is the only "documentation" available (making the REST interface hardly usable).
Here is the api documentation for WAF http://docs.aws.amazon.com/waf/latest/APIReference/API_Operations_AWS_WAF.html
and this if you are using Python https://boto3.amazonaws.com/v1/documentation/api/latest/index.html
Just curious to understand if there are any logical reasoning behind in naming AWS products and services. For example, it has been named as AWS Lambda and not Amazon Lambda & it is Amazon S3 and not AWS S3.
If you hover over the Products menu in AWS homepage, you can see list of all products and services at a glance prefixed with both 'Amazon' and 'AWS'.
Managed to find an answer on naming analogy for AWS products and services from another similar question posted here. Response provided by a Senior Technical Trainer working at Amazon Web Services.
The pattern is that utility services are prefixed with AWS, while
standalone services are prefixed by "Amazon".
Services prefixed with AWS typically use other services, for example:
• AWS Elastic Beanstalk, AWS OpsWorks and AWS CloudFormation launch
other services
• AWS Lambda is triggered by other services
• AWS Data Pipeline moves data between other services
• AWS CloudFormation launches
other services
The AWS documentation page is a great reference for
determining the official name of a service.
As far as I understand, the prefix AWS is used for PaaS ( Platform as a Service) and prefix Amazon is used for IaaS (Infrastructure as a Service). The term AWS(Amazon Web Service) is used whenever it is offered in terms of service/platform, where as Amazon is used whenever a hardware resource/infrastructure is provided.
For example: In the product page of AWS site, in compute category the Amazon EC2 is IaaS providing compute capacity where as AWS Elastic BeanStalk is PaaS which is a platform for deploying web services and web-apps/wesites, likewise AWS Lambda is PaaS for server-less computing which lets us run code without provisioning or managing servers. Similarly in Storage category Amazon S3 is an IaaS which provides storage capabilities where as AWS Snownball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud,which is kind of PaaS.
Although this is just a logical assumption, as we never really know about how Amazon has named it's products and services. So please forgive if there are difference of opinions regarding this.
In one of AWS Meetups it was told that Amazon itself uses few of its cloud services and these are named with 'Amazon' prefix.
I am not sure how much of this is true..
Web Service definition (wiki):
A web service (WS) is either:
a service offered by an electronic device to another electronic device, communicating with each other via the Internet, or
a server (n.e. an Operating System Service) running on a computer device, listening for requests at a particular port over a network, serving web documents (HTML, JSON, XML, images).
Context: Web Service, initially designed as a replacement for Remote Procedure Call (RPC) was a revolutionary idea during the Internet Boom based mainly on XML. Amazon's philosophy was to manage all the ERP and Customer request using IT (Web Services) instead of traditional paper based processes (or RPC or not automated tools). The same approach was then applied from books to compute resources (that's how S3 and EC2 products came to be).
Any service designed to be used by the customer mainly through an API (or Web Service - today it will be called API first product ) it is part AWS collection of services, and when the service is seen as a traditional product (like replacement of a service that you would install on your desktop or use it from Cloud, mainly through an UI) is part of Amazon collection of services. Today we can see exceptions to this rule. Initially this was the thought of Jeff Bezos. To understand more about his philosophy, read: The Secret of Amazon success internal APIs:
Think about what Bezos was asking! Every team within Amazon had to interact using Web Services.
Anyone who doesn’t do this will be fired. Thank you; have a nice day!
I have a java web application running on Tomcat deployed on an EC2 instance. Is there any way I can monitor/set alarms for when the web application goes down or stops responding? Essentially what I would like to do is to check if a HTTP request to the web app responds with status 200. If it does not respond with 200 (for a few times) then it should raise an alarm and send an e-mail to some ops people.
I know there are third party options like Nagois / uptimerobot that I could use but I wanted to know if there are any AWS offerings for this? Is it possible to set up such automated monitoring using AWS Cloud Watch? I could not find a way to do this based on what I read up about Cloud Watch. If this isn't the sort of thing Cloud Watch can handle, then is there another AWS service suited for this?
I think Port Monitoring Feature is available under AWS Beanstalk.
You can consider checking this http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.healthstatus.html
Ashutosh,
Ec2 is an IAAS service from AWS and you will not have an AWS offering to monitor your Tomcat server. However, you have custom-built solutions, which I think you are not looking for here.
However, if you are using an Application Load balancer or Beanstalk you get options to trigger alarms.
Yes , you can achieve it through a cloudwatch . collect your logs with a cloudwatch agent and upload it on cloudwatch logstream. below is the reference url for configuring cloudwatch agent.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Install-CloudWatch-Agent.html
After that with "create matrix filter" you can set up an email trigger as per your requirements.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/MonitoringPolicyE
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Counting404Responses.htmlxamples.html