https://jackkuo.org/categories/aws/Recent content in AWS on JackKuo's BlogHugo -- gohugo.iozh-TWTue, 14 Jun 2022 00:00:00 +0000https://jackkuo.org/post/aws_elb_common_issues/Tue, 14 Jun 2022 00:00:00 +0000https://jackkuo.org/post/aws_elb_common_issues/前言 當了一陣子鍵盤柯南，回饋一下社群，希望大家上雲之路可以少踩點坑。 閱讀本文章建議先看 H1 標題、H2 症狀來快速找到對應內容。 如何選擇 ELB？ 建https://jackkuo.org/post/aws_ga_performance_analysis_and_trap/Mon, 13 Jun 2022 00:00:00 +0000https://jackkuo.org/post/aws_ga_performance_analysis_and_trap/前言 Global Accelerator (GA) 是 AWS 提供的網路加速服務，透過提早 TCP Termination 與品質較佳的 AWS 骨幹網路來加速傳輸，來達到網路傳輸加速效果，其原理類似於 Proxy。 原理 透過 Slhttps://jackkuo.org/post/aws_anf_suricata_intro/Sat, 11 Jun 2022 00:00:00 +0000https://jackkuo.org/post/aws_anf_suricata_intro/前言 知名開源入侵偵測系統（IDS）有兩個：Suricata、Snort，兩者都有相當不錯的效率跟彈性，而 AWS 提供的防火牆服務在有狀態規則部分是https://jackkuo.org/post/aws_s2s_vpn_intro/Sat, 26 Mar 2022 00:00:00 +0000https://jackkuo.org/post/aws_s2s_vpn_intro/前言 基本上兩個 VPC 互連會建議使用 VPC Peering、Transit Gateway，而 AWS Site-to-Site VPN（S2S VPN） 主要是用來給地端 ↔ 雲端的連線，採用https://jackkuo.org/post/aws_cloudwatch_alarm_calc/Sun, 20 Feb 2022 00:00:00 +0000https://jackkuo.org/post/aws_cloudwatch_alarm_calc/前言 計算方式不難，但官方文件卻把簡單的事情寫的很複雜，每次要用到重看都得看很久。 趁最近又理解了一次，趕快寫下來。 基本概念 會以 M out of N 方式來設https://jackkuo.org/post/aws_waf_automations_log_parsers_comparison/Sat, 04 Dec 2021 00:00:00 +0000https://jackkuo.org/post/aws_waf_automations_log_parsers_comparison/Preface If you want to enable “HTTP flood protection” or “Scanner & Probe protection” in AWS WAF Automations, both of them have these 2 log parser options: AWS Lambda log parser Amazon Athena log parser Now, you may want to know what are the differences between them? Basically, you can choose from 2 aspects: Do you need to customize URL path or block period or threshold? If you worry that malicious IP addresses are distributed in different log files so that it’s hard to analyze?https://jackkuo.org/post/aws_elastic_beanstalk_nginx_reverse_proxy_websocket/Thu, 02 Dec 2021 00:00:00 +0000https://jackkuo.org/post/aws_elastic_beanstalk_nginx_reverse_proxy_websocket/Preface In general, WebSocket uses another port against a normal HTTP application port. It’s possible to use multiple ports on Elastic Beanstalk (EB) via ebextensions [1]. In my test environment, I have a Node.js application with 2 listening ports, one for a normal web application, another for WebSocket. In order to separate these 2 ports, I use ebextensions [1] to overwrite NGINX configuration in Beanstalk’s EC2. The way to retrieve the default configuration files is to log into EC2 console and find out the files.https://jackkuo.org/post/%E5%8F%B0%E7%81%A3%E4%BA%9E%E9%A6%AC%E9%81%9C%E5%AF%A6%E7%BF%92%E5%BF%83%E5%BE%97/Sat, 29 Aug 2020 00:00:00 +0000https://jackkuo.org/post/%E5%8F%B0%E7%81%A3%E4%BA%9E%E9%A6%AC%E9%81%9C%E5%AF%A6%E7%BF%92%E5%BF%83%E5%BE%97/前言 關於我怎麼找到這個實習的，請參考「AWS 雲端技術支援工程師體驗營心得」 2020 農曆過年前，很幸運的錄取 AWS 雲端支援工程師的實習，當初想說面試結果https://jackkuo.org/post/aws%E9%9B%B2%E7%AB%AF%E5%B7%A5%E7%A8%8B%E5%B8%AB%E9%AB%94%E9%A9%97%E7%87%9F%E5%BF%83%E5%BE%97/Mon, 30 Sep 2019 00:00:00 +0000https://jackkuo.org/post/aws%E9%9B%B2%E7%AB%AF%E5%B7%A5%E7%A8%8B%E5%B8%AB%E9%AB%94%E9%A9%97%E7%87%9F%E5%BF%83%E5%BE%97/前言 在 Amazon 工作的學長某天丟了個雲端體驗營的報名連結給我，其實他之前就丟給我過了，那時剛好衝到畢業典禮，而我提畢又在當兵只能週六早上八點離營，忍