How to know OHS version

$ ./httpd.worker -v
./httpd.worker: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory

$ ps -fea | grep httpd

$ export ORACLE_HOME=/u04/Middleware/P_OHS12c/product

$ export LD_LIBRARY_PATH=/u04/Middleware/P_OHS12c/product/lib

$ cd /u04/Middleware/P_OHS12c/product/wlserver/../ohs/bin/

$ ./httpd.worker -v
Server version: Oracle-HTTP-Server/2.2.22 (Unix)
Server built:   Sep  3 2015 01:14:57
Server label:   APACHE_12.1.3.0.0_LINUX.X64_RELEASE

Sed cheat sheet

Sometimes we need to clean-up a file (ie: log prod file).

(or gsed for gnu-sed in macosx

* delete a match and backup of original file:

sed -i.bak '/<ConnectionEnv.cleanup, jconn=oracle.jdbc.driver.T4CConnection/d' ./infile

sed -i.bak '/INFO: true/d' ./infile

gsed -i.bak '/INFORMACIÓN: true> /d' ./infile


* delete two lines and the match string

gsed -i -e '/match1/,+2d'

* delete one line and the match string

gsed -i -e '/OPTIONS/,+1d' *uml*.puml

* execute more than one command in sed (use -e flag)

sed -i -e 's/File//g' -e 's/MINvac.pdb//g'

* recursive find and replace

find . -type f -print0 | xargs -0 sed -i 's/MYSQL_USER/MYSQL_ROOT_USER/g'

* no lookups by default

use: -E o -r ( -E, -r, --regexp-extended )

Inputless WLS Credentials

Awkwardly WLS develoment version does not show credentials input when booting.
Of course, the solution is to create security/boot.properties.
however if I don't press [enter] then it waits forever :S

Probably there is a patch for this, but dev version

<Aug 11, 2017 11:30:18 AM CLT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG128 to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.>
<Aug 11, 2017 11:30:18 AM CLT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 24.80-b11 from Oracle Corporation.>
<Aug 11, 2017 11:30:19 AM CLT> <Info> <Security> <BEA-090065> <Getting boot identity from user.>

---->

<Aug 10, 2017 6:01:49 PM CLT> <Info> <Management> <BEA-141298> <Could not register with the Administration Server: java.rmi.RemoteException: [Deployer:149150]An IOException occurred while reading the input. : with response code '401' : with response message 'Unauthorized'>
<Aug 10, 2017 6:01:49 PM CLT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 12.1.3.0.0  Tue Aug 11 09:00:41 UTC 2015 1697938 >
<Aug 10, 2017 6:01:52 PM CLT> <Error> <Configuration Management> <BEA-150021> <The Administration Server failed to authenticate the identity of the user  starting the Managed Server. The reason for the error is .>
<Aug 10, 2017 6:01:52 PM CLT> <Alert> <Management> <BEA-141151> <The Administration Server could not be reached at http://127.0.0.1:7001.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <Configuration Management> <BEA-150018> <This server is being started in Managed Server independence mode in the absence of the Administration Server.>
<Aug 10, 2017 6:01:52 PM CLT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <WorkManager> <BEA-002942> <CMM memory level becomes 0. Setting standby thread pool size to 256.>

Software Architect Skills/Responsabilities

There are several list of required skills/responsabilities a Software Architect should have.
One of these (a little old now, but still valid) is:

https://dzone.com/articles/architecture-%E2%80%93-top-10-traits

1.     Knowledge of relevant technologies
2.     Strong analysis & design skills
3.     Coding & POCs
4.     Architecture & design activities
5.     Modeling language/Tools
6.     Architectural frameworks/Tools
7.     Communication
8.     Training/Mentoring
9.     Sales/Pre-sales
10.     Presentation Skills

PD: as usual, I'll be updating this Post as I find new resources or my own ideas...

1. Code Review

from Simon Brown:

Java Muxer WLS

Go to Environment > Servers > your_Server > Tuning, under Advanced, set the Muxer Class based on your OS and reboot the server. 

Solaris/HP­UX Native Muxer : weblogic.socket.DevPollSocketMuxer 
POSIX Native Muxer : weblogic.socket.PosixSocketMuxer
Windows Native Muxer : weblogic.socket.NTSocketMuxer
Java Muxer : weblogic.socket.JavaSocketMuxer

java.lang.Thread.State: RUNNABLE
at sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
at sun.nio.ch.EPollArrayWrapper.poll(EPollArrayWrapper.java:269)
at sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:79)
at sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:87)
­ locked <0x0000000789f2b040> (a sun.nio.ch.Util$2)
­ locked <0x0000000789f2b030> (a java.util.Collections$UnmodifiableSet)
­ locked <0x0000000789f2adf8> (a sun.nio.ch.EPollSelectorImpl)
at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:98)
at weblogic.socket.NIOSocketMuxer$NIOInputStream.readInternal(NIOSocketMuxer.java:815) at weblogic.socket.NIOSocketMuxer$NIOInputStream.read(NIOSocketMuxer.java:759)
at weblogic.socket.NIOSocketMuxer$NIOInputStream.read(NIOSocketMuxer.java:742)
at weblogic.socket.JSSEFilterImpl.readFromNetwork(JSSEFilterImpl.java:462)
at weblogic.socket.JSSEFilterImpl.read(JSSEFilterImpl.java:424)
at weblogic.socket.JSSESocket$JSSEInputStream.read(JSSESocket.java:64)

Catastrophic Regexp (again)

Hitting a stuck thread:

"main" prio=5 tid=0x00007fd577005800 nid=0x1c03 runnable [0x00007000035db000]
   java.lang.Thread.State: RUNNABLE
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$CharProperty.match(Pattern.java:3694)
    at java.util.regex.Pattern$Curly.match0(Pattern.java:4158)
    at java.util.regex.Pattern$Curly.match(Pattern.java:4132)
    at java.util.regex.Pattern$Start.match(Pattern.java:3408)
    at java.util.regex.Matcher.search(Matcher.java:1199)
    at java.util.regex.Matcher.find(Matcher.java:592)
    at java.util.regex.Pattern.split(Pattern.java:1200)
    at java.lang.String.split(String.java:2313)
    at RegExpTest.main(RegExpTest.java:28)

Once again it's a "stuck" thread for the catastrophic issue in regexp:
https://github.com/devwebcl/regexp-playground/blob/master/src/main/java/cl/devweb/regexp/exploit/JxlsBug.java

Software Architecture Books

List of most important of Software Architecture books:

Software Architecture in Practice (3rd Edition)
Len Bass, Paul Clements, Rick Kazman

Software Systems Architecture: Working With Stakeholders Using Viewpoints and Perspectives (2nd Edition)
Nick Rozanski, Eóin Woods


“Software Architecture: Foundations, Theory, and Practice”
R. N. Taylor, N. Medvidovic, E. M. Dashofy



Design Patterns: Elements of Reusable Object-Oriented Software
Erich Gamma, Richard Helm, Ralph Johnson y John M. Vlissides. 1994













Software Architecture for Developers
Simon Brown
 

97 Things Every Software Architect Should Know: Collective Wisdom from the Experts
 


The Mythical Man-Month: Essays on Software Engineering
Frederick P. Brooks Jr.
 


Software Architecture Pattern
Mark Richards



12 More Essential Skills for Software Architects
Dave Hendricksen
 

Enterprise Integration Patterns
Gregor Hohpe, Bobby Woolf 



Cracking the IT Architect Interview
Sameer Paradkar

  

Just Enough Software Architecture
George Fairbanks



Building Evolutionary Architectures
Neal Ford, Rebecca Parsons, Patrick Kua



Essential Software Architecture
Ian Gorton


Patterns of Enterprise Application Architecture, 1st Edition
Martin Fowler


Designing Software Architectures: A Practical Approach, 1st Edition
Humberto Cervantes , Rick Kazman


Documenting Software Architectures: Views and Beyond (2nd Edition)
Paul Clements, Felix Bachmann, Len Bass, David Garlan, James Ivers, Reed Little, Paulo Merson, Robert Nord, Judith Stafford


Clean Architecture: A Craftsman's Guide to Software Structure and Design, 1st Edition
Robert C. Martin


Thinking Architecturally
Nathaniel Schutta

37 Things One Architect Knows About IT Transformation: A Chief Architect's Journey
Gregor Hohpe

Evaluating Software Architectures: Methods and Case Studies 1st Ed, 2001
Paul Clements, Peter Gordon, Rick Kazman Mark Klein

Design Patterns: A domain agnostic approach

a book about explaining in a different way GoF patterns, given several examples (use case) by pattern, this way providing a better explanation for each one, this means a leverage for a better understanding, and promoting GoF to a reference book.

A good approach used is to ask himself about different situations, including boundary cases and how each pattern may help or even not help (clarifying common misunderstanding).

A great companion book for Gof, and even Gof becomes as a reference book whereas DPA becomes the book to read.

Analyzing WLS

A very (old) common question is how to analyze (stuck) WLS.

The first we need to do here is to take Heap and Thread Dumps.

Take several Thread dump and one heap dump (although the last one has an embedded thread dump), this will help to find out issues, OOM, connection leaks, recurrent garbage collector, etc.

Heap dump:

jmap -dump:format=b,file=/home/user/tmp/heap.hprof <pid>

kill -3 <pid>

   jstack -l <PID>

i.e.:

Last login: Thu Mar 23 17:57:43 on ttys002
hola$ ps -fea | grep -i weblogic
  501  6179  6178   0  4:04PM ttys001    0:00.00 sh /Users/German/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/startWebLogic.sh
  501  6180  6179   0  4:04PM ttys001    0:00.02 /bin/sh /Users/German/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin/startWebLogic.sh
  501  6225  6180   0  4:04PM ttys001    0:56.60 /Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home/bin/java -server -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=256m -Dweblogic.Name=AdminServer -Djava.security.policy=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server/lib/weblogic.policy -Xverify:none -Djava.endorsed.dirs=/Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home/jre/lib/endorsed:/Users/German/Oracle/Middleware/Oracle_Home/wlserver/../oracle_common/modules/endorsed -da -Dwls.home=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server -Dweblogic.home=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server -Dweblogic.utils.cmm.lowertier.ServiceDisabled=true weblogic.Server
  501  8061  7485   0 10:08AM ttys002    0:00.00 grep -i weblogic
[German@KDU ~]$ kill -3 6225
[German@KDU ~]$ kill -3 6225
[German@KDU ~]$ kill -3 6225
...
[German@KDU tmp]$ jmap -dump:format=b,file=/Users/German/tmp/heap.hprof 6225
Dumping heap to /Users/German/tmp/heap.hprof ...
Heap dump file created
[German@KDU tmp]$ 

Other important information would be to retrieve PermGen stats:

$ jmap 28705 -permstat

To get information of variables of java process (including classpath)

jinfo <pid>

AWS Servicios canónicos y más

Servicios básicos de AWS:

(por SDK mirar http://devwebcl.blogspot.com/2020/02/aws-development.html)

Amazon VPC

Amazon Virtual Private Cloud enables you to launch Amazon Web Services (AWS) resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS. 

Amazon EC2
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Amazon CloudWatch 
is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. You can use these insights to react and keep your application running smoothly.

Elastic Load Balancing
Elastic Load Balancing automatically distributes your incoming application traffic across multiple targets, such as EC2 instances. It monitors the health of registered targets and routes traffic only to the healthy targets. Elastic Load Balancing supports two types of load balancers: Application Load Balancers and Classic Load Balancers. 

El producto Elastic Load Balancing tiene 2 posibilidades de uso: 

• Classic Load Balancer
• Application Load Balancer (es la opción que es mas versátil)

Amazon S3
Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable cloud storage.

Amazon RDS
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. Amazon RDS provides you six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server.

 

Amazon Aurora
is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Amazon DynamoDB 
is a fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale.

Amazon SQS Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, fully managed message queuing service.

Amazon CloudFront 
is a global Content Delivery Network (CDN) service that accelerates delivery of your websites, APIs, video content or other web assets. It integrates with other Amazon Web Services products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments. It is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application.

 

--- 2020:

 

Amazon Kinesis Data Firehose
is the easiest way to reliably load streaming data into data lakes, data stores, and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you’re already using today.


AWS CloudFormation
provides a common language for you to model and provision AWS and third-party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third-party resources.

AWS Fargate
is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.

Amazon ECS - Elastic Container Service
Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cookpad use ECS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.

ECS is a great choice to run containers for several reasons (container orchestration services). First, you can choose to run your ECS clusters using AWS Fargate, which is serverless compute for containers. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design. Second, ECS is used extensively within Amazon to power services such as Amazon SageMaker, AWS Batch, Amazon Lex, and Amazon.com’s recommendation engine, ensuring ECS is tested extensively for security, reliability, and availability.

Amazon ECR - Elastic Container Registry
Easily store, manage, and deploy container images
Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon Elastic Container Service (ECS), simplifying your development to production workflow. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and scalable architecture, allowing you to reliably deploy containers for your applications.

AWS IoT Core
is a managed cloud service that lets connected devices easily and securely interact with cloud applications and other devices.


AWS Secrets Manager
helps you protect secrets needed to access your applications, services, and IT resources
AWS Secrets Manager
is a secrets management service that helps you protect access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

 

Amazon Kinesis Data Streams
enables you to build custom applications that process or analyze streaming data for specialized needs. You can continuously add various types of data such as clickstreams, application logs, and social media to an Amazon Kinesis data stream from hundreds of thousands of sources. Within seconds, the data will be available for your Amazon Kinesis Applications to read and process from the stream.

 

Amazon Cognito
provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, Google or Apple.
(The /oauth2/token endpoint gets the user's tokens.)
https://aws.amazon.com/blogs/security/how-to-add-authentication-single-page-web-application-with-amazon-cognito-oauth2-implementation/

With Amazon Cognito, you can easily add user sign-up, sign-in, and data synchronization to serverless applications. Amazon Cognito user pools provide built-in sign-in screens and federation with Facebook, Google, Amazon, and Security Assertion Markup Language (SAML). Amazon Cognito Federated Identities lets you securely provide scoped access to AWS resources that are part of your serverless architecture.

Amazon Athena
is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.  


Amazon Macie
is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as Personally Identifiable Information (PII) or intellectual property and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved. 

Amazon EMR
An Amazon EMR release is a set of open-source applications from the big-data ecosystem. Each release comprises different big-data applications, components, and features that you select to have Amazon EMR install and configure when you create a cluster. Applications are packaged using a system based on Apache BigTop, which is an open-source project associated with the Hadoop ecosystem. This guide provides information for applications included in Amazon EMR releases.
(Hadoop, Spark, Sqoop). Presto is a fast SQL query engine (~Hive) designed for interactive analytic queries over large datasets from multiple sources. 

 

AWS Glue
is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. (Data Lake = (job, crawler)).
 

AWS Cloud9

A cloud IDE for writing, running, and debugging code.

AWS KMS

Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs.

AWS SQS
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message-oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.


Amazon Simple Workflow Service (SWF)
helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the Cloud.


Amazon MSK
Amazon Managed Streaming for Apache Kafka is a fully managed service, highly available, and secure Apache Kafka service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data.


AWS Cloud Map
is a cloud resource discovery service. With Cloud Map, you can define custom names for your application resources, and it maintains the updated location of these dynamically changing resources. This increases your application availability because your web service always discovers the most up-to-date locations of its resources.
 

Amazon Elasticsearch Service
is a fully managed service that makes it easy for you to deploy, secure, and run Elasticsearch cost-effectively at scale. You can build, monitor, and troubleshoot your applications using the tools you love, at the scale you need. The service provides support for open-source Elasticsearch APIs, managed Kibana, integration with Logstash and other AWS services, and built-in alerting and SQL querying. Amazon Elasticsearch Service lets you pay only for what you use – there are no upfront costs or usage requirements. With Amazon Elasticsearch Service, you get the ELK stack you need, without the operational overhead.


Amazon Elastic Transcoder
is media transcoding in the cloud. It is designed to be a highly scalable, easy to use and a cost-effective way for developers and businesses to convert (or “transcode”) media files from their source format into versions that will playback on devices like smartphones, tablets, and PCs.


AWS Lambda
lets you run code without provisioning or managing servers. You pay only for the compute time you consume.
With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Not everything can be triggered by lambdas (i.e.: RDS).



AWS X-Ray
helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components.


Amazon ElastiCache
allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache is a popular choice for real-time use cases like Caching, Session Stores, Gaming, Geospatial Services, Real-Time Analytics, and Queuing.
Amazon ElastiCache offers fully managed Redis and Memcached for your most demanding applications that require sub-millisecond response times.


Amazon EC2 C5 instances
are the next generation of the Amazon EC2 Compute Optimized instance family. C5 instances offer the lowest price per vCPU in the Amazon EC2 family and are ideal for running advanced compute-intensive workloads. This includes workloads such as high-performance web servers, high-performance computing (HPC), batch processing, ad serving, highly scalable multiplayer gaming, video encoding, scientific modeling, distributed analytics and machine/deep learning inference.


NAT Gateways
You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances.


AWS EventBridge
Amazon EventBridge allows you to route events between AWS services, integrated software as a service (SaaS) applications, and your own applications. Event producers publish events onto an event bus, which uses rules to determine where to send those events. The rules can specify one or more targets, which can be other AWS services or Lambda functions. This model makes it easy to develop scalable, distributed serverless applications by handling event routing and filtering.

AWS WAF - Web Application Firewall
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define. You can get started quickly using Managed Rules for AWS WAF, a pre-configured set of rules managed by AWS or AWS Marketplace Sellers. The Managed Rules for WAF address issues like the OWASP Top 10 security risks. These rules are regularly updated as new issues emerge. AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of security rules.

2021 ----

AWS Batch
has limit of 20 job queue. Before you can submit jobs in AWS Batch, you must create a job queue. When you create a job queue, you associate one or more compute environments to the queue and assign an order of preference for the compute environments.

You also set a priority to the job queue that determines the order in which the AWS Batch scheduler places jobs onto its associated compute environments. For example, if a compute environment is associated with more than one job queue, the job queue with a higher priority is given preference for scheduling jobs to that compute environment.

AWS Landing Zone
This solution is delivered by AWS Solutions Architects or Professional Services consultants to create a customized "baseline" of AWS accounts, networks, and security policies.

ACM
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/

AWS VPN
AWS Virtual Private Network solutions establish secure connections between your on-premises networks, remote offices, client devices, and the AWS global network. AWS VPN is comprised of two services: AWS Site-to-Site VPN and AWS Client VPN. Together, they deliver a highly-available, managed, and elastic cloud VPN solution to protect your network traffic.
 
AWS Direct Connect
enables you to securely connect your AWS environment to your on-premises data center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection.

- AWS Transfer Family
- Amazon Glacier

- AWS Redshift
- AWS QuickSight
- AWS SNS

- AWS Cloudtrail
- Amazon GuarDuty
- AWS Config
- AWS trusted Advisor
 

AWS EKS - Amazon Elastic Kubernetes Service
gives you the flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises. Amazon EKS helps you provide highly-available and secure clusters and automates key tasks such as patching, node provisioning, and updates. (EKS = Managing Kubernetes cluster on AWS infrastructure).