今日已更新 339 条资讯 | 累计 19899 条内容
关于我们

标签:#certification

找到 9 篇相关文章

AI 资讯

Article: Comprehension at AI Speed: Building a Context Store for Evolutionary Architecture

AI makes the first 80% of development feel fast, but hides architectural complexity until it's too late. To prevent system instability, engineering leaders must shift from raw throughput to systemic comprehension. By unifying spec-anchored SDD, TDD, and automated fitness functions into a repo-bound "Context Store," teams can ensure AI agents and human reviewers evolve code safely. By Stella Berhe, Stephan Bragner, Vikram Maran, Anand Jayaraman

2026-07-14 原文 →
AI 资讯

Deploy Code By Using AWS Continuous Integration And Continuous Delivery (CI/CD) Services | 🏗️ Build A Complete CI/CD Pipeline

Exam Guide: Developer - Associate 🏗️ Domain 3: Deployment 📘 Task 4: Deploy Code By Using AWS Continuous Integration And Continuous Delivery (CI/CD) Services This task tests your ability to build and manage CI/CD pipelines using AWS developer tools. You need to understand how CodeCommit, CodeBuild, CodeDeploy, and CodePipeline work together, how to write buildspec and appspec files, how deployment strategies differ, and how to configure automatic rollbacks. Deployment strategies for Lambda and EC2, SAM deployment preferences, and pipeline orchestration. 📘 Concepts AWS CI/CD Pipeline Overview The four AWS developer tools form a complete CI/CD pipeline: Service Role Input Output CodeCommit Source control Git push Source artifact CodeBuild Build and test Source artifact Build artifact CodeDeploy Deploy Build artifact Running application CodePipeline Orchestration Trigger (push, schedule) Coordinated pipeline execution How they connect: CodeCommit (source) → CodeBuild (build/test) → CodeDeploy (deploy) ↑ | └──────── CodePipeline (orchestrates all) ─────┘ 💡CodePipeline is the orchestrator. It doesn't build or deploy anything itself. It connects stages (source, build, test, deploy) and manages transitions between them. Each stage can use different providers (GitHub instead of CodeCommit, Jenkins instead of CodeBuild, etc.). CodeCommit Fundamentals Feature Details What It Is Managed Git repository hosted in AWS Authentication HTTPS (Git credentials or credential helper) or SSH (SSH keys) Encryption Encrypted at rest (AWS managed keys) and in transit (HTTPS/SSH) Triggers SNS notifications or Lambda functions on repository events Cross-account Use IAM roles with AssumeRole for cross-account access Branching Standard Git branching: main, develop, feature branches 💡CodeCommit supports triggers for push events that can invoke Lambda functions or send SNS notifications. This is different from CodePipeline's source stage: triggers are repository-level events, while CodePipeline po

2026-07-08 原文 →
AI 资讯

France to Stop Certifying Non-Quantum-Safe Encryption

France is accelerating its transition to post-quantum encryption: France’s cybersecurity agency ANSSI said on Tuesday it would stop certifying security products that lack quantum-resistant encryption, a move that will force government bodies and critical operators to shift away from older systems. Samih Souissi, ANSSI’s chief of staff, said at the France Quantum conference that the agency would halt such certifications from 2027, and that businesses should be buying only quantum-safe products by 2030. ANSSI approval is required for use in French government agencies and critical infrastructure, making the policy a de facto phase-out of older encryption...

2026-07-06 原文 →
AI 资讯

Prepare Application Artifacts To Be Deployed To AWS | 🏗️ Build A Multi-Environment Serverless App

Exam Guide: Developer - Associate 🏗️ Domain 3: Deployment 📘 Task 1: Prepare Application Artifacts To Be Deployed To AWS Before you can deploy anything to AWS, you need to package it properly. This task covers Lambda deployment packaging (zip vs container), managing dependencies, structuring projects for multi-environment deployment, and using AWS AppConfig for runtime configuration. 📘Concepts Lambda Deployment Packaging Options Option Max Size Build Complexity Cold Start Best For Zip Package (inline editor) 3 MB (editor limit) None Fastest Simple functions, no dependencies Zip Package (upload) 50 MB compressed / 250 MB uncompressed Low Fast Most Lambda functions Zip + Lambda Layers 250 MB total (function + all layers) Medium Fast Shared dependencies across functions Container Image 10 GB Higher Slower (first invoke) ML libraries, large dependencies, custom runtimes 💡 If a scenario is about a deployment package exceeding 250 MB, the answer is container images. If it mentions sharing dependencies across multiple functions, the answer is Lambda Layers. Zip is the default for most workloads. Lambda Layers Aspect Detail What They Are Zip archives containing libraries, custom runtimes, or other dependencies Max Layers Per Function 5 Size Limit 250 MB total (function code + all layers uncompressed) Versioning Each publish creates an immutable version Sharing Can be shared across functions, accounts, or made public Path Contents extracted to /opt in the execution environment Dependency Management Strategies Strategy How It Works Pros Cons Bundle In Zip Install deps into package directory, zip together Simple, self-contained Larger package, duplicated across functions Lambda Layers Package deps as a layer, attach to functions Shared across functions, smaller deploys Layer version management, 5-layer limit Container Image Install deps in Dockerfile Full control, large deps supported Slower cold starts, ECR management sam build SAM resolves deps from requirements.txt automatic

2026-07-01 原文 →
AI 资讯

Manage Sensitive Data In Application Code | 🏗️ Build A Secure Configuration Service

Exam Guide: Developer - Associate 🏗️ Domain 2: Security 📘 Task 3: Manage Sensitive Data In Application Code Managing Sensitive Data In Application Code is about keeping secrets out of your code, classifying data properly, and building applications that handle sensitive data safely. You need to know when to use Secrets Manager vs Parameter Store, how to mask PII in API responses and logs, and how to isolate data in multi-tenant applications. The ability to choose the right secret management service, implement data sanitization, and enforce tenant-level data boundaries, is vital. 📘Concepts Data Classification Understand data sensitivity levels and how each should be handled: Classification Examples Handling Requirements PII (Personally Identifiable Information) Name, email, SSN, phone number, address Encrypt at rest and in transit, mask in logs and API responses, restrict access PHI (Protected Health Information) Medical records, insurance IDs, lab results HIPAA compliance, encryption required, audit trail mandatory Financial Credit card numbers, bank accounts, transaction data PCI DSS compliance, tokenization, never store full card numbers Public Marketing content, public API docs No special handling needed 💡 If a scenario mentions compliance or audit trail , think encryption with KMS (for CloudTrail logging) and Secrets Manager (for automatic rotation). If it mentions PII in logs , think data masking and sanitization. Secrets Manager vs SSM Parameter Store Both store configuration and secrets. Feature Secrets Manager SSM Parameter Store Automatic rotation Yes (built-in for RDS, Redshift, DocumentDB) No (you build it yourself with Lambda) Cost $0.40/secret/month + $0.05 per 10,000 API calls Free (Standard tier), $0.05/advanced parameter/month Cross-account access Yes (via resource policy) Yes (advanced parameters only) Max size 64 KB 4 KB (Standard) / 8 KB (Advanced) Versioning Automatic (AWSCURRENT, AWSPREVIOUS labels) Yes (version history) Encryption Always encrypt

2026-06-27 原文 →
AI 资讯

Implement Encryption By Using AWS Services | 🏗️ Create A KMS Customer Managed Key

Exam Guide: Developer - Associate 🏗️ Domain 2: Security 📘 Task 2: Implement Encryption By Using AWS Services. Encryption shows up everywhere, especially on this exam. S3, DynamoDB, SQS, Lambda environment variables, RDS, and more. You need to know the difference between client-side and server-side encryption, how KMS works, and when to use each approach. 📘Concepts Encryption at Rest vs Encryption In Transit Encryption At Rest Data stored on disk: S3 Objects, DynamoDB tables, EBS volumes, RDS databases. Encryption In Transit Data moving between services or between client and server: HTTPS, TLS, VPN. Where At Rest In Transit S3 SSE-S3, SSE-KMS, SSE-C HTTPS (enforced via bucket policy) DynamoDB Encrypted by default (AWS owned or KMS) HTTPS (always) RDS KMS encryption SSL/TLS connections SQS SSE-KMS HTTPS Lambda env vars KMS (default + optional CMK) HTTPS KMS Key Types Type Managed By Cost Use Case AWS owned keys AWS Free Default encryption (DynamoDB, S3 SSE-S3 ) AWS managed keys AWS (in your account) Free (per-use charges) aws/s3 , aws/dynamodb (you can't manage them) Customer managed keys (CMK) You Monthly + per-use Full control: rotation, policies, cross-account Envelope Encryption KMS can only directly encrypt up to 4 KB . For larger data, it uses envelope encryption: 1. KMS generates a data key (plaintext + encrypted copy) 2. You encrypt your data with the plaintext data key 3. You store the encrypted data key alongside the encrypted data 4. You discard the plaintext data key from memory 5. To decrypt: KMS decrypts the data key → you decrypt the data The AWS Encryption SDK handles this automatically. Server-Side Encryption Options for S3 Option Key Management Use Case SSE-S3 AWS manages everything Simplest, no KMS costs SSE-KMS You control the KMS key Audit trail via CloudTrail, key policies SSE-C You provide the key with every request Full key control, AWS doesn't store the key Client-Side vs Server-Side Encryption Aspect Server-Side Client-Side Who encrypts AWS (

2026-06-03 原文 →