Collaborating Authors

Build a social media dashboard using machine learning and BI services Amazon Web Services


In this blog post we'll show you how you can use Amazon Translate, Amazon Comprehend, Amazon Kinesis, Amazon Athena, and Amazon QuickSight to build a natural-language-processing (NLP)-powered social media dashboard for tweets. These conversations are a low-cost way to acquire leads, improve website traffic, develop customer relationships, and improve customer service. In this blog post, we'll build a serverless data processing and machine learning (ML) pipeline that provides a multi-lingual social media dashboard of tweets within Amazon QuickSight. We'll leverage API-driven ML services that allow developers to easily add intelligence to any application, such as computer vision, speech, language analysis, and chatbot functionality simply by calling a highly available, scalable, and secure endpoint. These building blocks will be put together with very little code, by leveraging serverless offerings within AWS.

Automate Amazon EC2 instance isolation by using tags


Containment is a crucial part of an overall Incident Response Strategy, as this practice allows time for responders to perform forensics, eradication and recovery during an Incident. There are many different approaches to containment. In this post, we will be focusing on isolation--the ability to keep multiple targets separated so that each target only sees and affects itself--as a containment strategy. I'll show you how to automate isolation of an Amazon Elastic Compute Cloud (Amazon EC2) instance by using an AWS Lambda function that's triggered by tag changes on the instance, as reported by Amazon CloudWatch Events. CloudWatch Event Rules deliver a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources.

Cloud computing: Microsoft fixes Azure flaw that could have allowed access to other accounts


Microsoft has fixed a bug in the Azure Automation service that could have allowed one account owner to access another customer's accounts using the same service. Azure Automation lets customers automate cloud management tasks or jobs, update Windows and Linux systems, and automate other repetitive tasks. According to security firm Orca, the bug, which it reported to Microsoft on December 6, allowed a potential attacker on the service to "gain full control over resources and data of a targeted account, depending on the permissions of the account." SEE: What is cloud computing? Orca researcher Yanir Tsarimi says the flaw he found allowed him to interact with an internal Azure server that manages the sandboxes of other customers.

Build Custom SageMaker Project Templates – Best Practices


SageMaker Projects give organizations the ability to easily setup and standardize developer environments for data scientists and CI/CD systems for MLOps Engineers. With SageMaker Projects, MLOps engineers or organization admins can define templates which bootstrap the ML Workflow with source version control, automated ML Pipelines, and a set of code to quickly start iterating over ML use cases. With Projects, dependency management, code repository management, build reproducibility, artifact sharing and management become easy for organizations to set up. SageMaker Projects are provisioned using AWS Service Catalog products. Project templates are used by organizations to provision Projects for each of their users.

How to implement the principle of least privilege with CloudFormation StackSets


March 24, 2021: We've corrected errors in the policy statements in steps 2 and 3 of the section "To create the IAM policy document." AWS CloudFormation is a service that lets you create a collection of related Amazon Web Services and third-party resources and provision them in an orderly and predictable fashion. A typical access control pattern is to delegate permissions for users to interact with CloudFormation and remove or limit their permissions to provision resources directly. You can grant the AWS CloudFormation service permission to create resources by creating a role that the user passes to CloudFormation when a stack or stack set is created. This can be used to ensure that only pre-authorized services and resources are provisioned in your AWS account.