Видео

Hi, thank you for your comment, and I understand. What do you have set as the origin for the CloudFront distribution? We currently offer something called AWS Well-Architected, which can help answer these questions and provide an overall check against AWS best practices - www.stormit.cloud/aws-well-architected-review/. You can contact us here: www.stormit.cloud/contact/.

Hi, thank you for your question. I tested this in our testing account, and I don't see similar behavior. Have you waited for some time to allow WAF to gather more information? If you need any deeper consultation regarding AWS WAF rules or AWS in general, feel free to contact us at: www.stormit.cloud/contact/

@@stormit9507 Thanks for your reply. The WAF ACls is generated by CloudFront automatically with four rules: AWS-AWSManagedRulesAmazonIpReputationList, AWS-AWSManagedRulesCommonRuleSet, AWS-AWSManagedRulesKnownBadInputsRuleSet and AWS-AWSManagedRulesBotControlRuleSet. I do nothing else, just enabled WAF. My CloudFront is associated with S3 website, I also tried to create a new CloudFront distribution with S3 images, but I got the same error. So it seems strange😭.

Hi Antoni, thank you for your comment. If you want to learn more about AWS services visit our website and blog at - www.stormit.cloud/blog/

Hi, thank you for your comment. Please check this documentation from AWS: docs.aws.amazon.com/prescriptive-guidance/latest/implementing-logging-monitoring-cloudwatch/amazon-ecs-logging-monitoring.html or this docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html If you still have issues, contact us for a consultation at: www.stormit.cloud/contact/

Hi, thank you for your question. I don't think so. If you need help with the setup, contact us on our website - www.stormit.cloud/contact/

Hi, thank you for your comment. Targeted options are more use-case specific and it would be hard to explain them at a high level. If you are interested in learning more and have a production AWS environment, we offer something called an AWS Well-Architected Review for free - www.stormit.cloud/aws-well-architected-review/. One part of this review is security, and I always try to find the best option for using AWS WAF because it's clear that this is becoming a major service for many of our customers. Let me know here, or contact us at www.stormit.cloud/contact/.

Hi, Thank you for your comment. I'm not sure how to help you with this issue; I would need more information. You can contact our team for a consultation at: www.stormit.cloud/contact/.

Hi, you'll propably need a specific setup for caching behaviors in CloudFront. Basically you will have to use two origins and two caching behaviors based on a path. repost.aws/knowledge-center/cloudfront-distribution-serve-content If you need technical help with it, don't hesitate to contact us at www.stormit.cloud/contact/

Hi, thank you for your question. Do you have the AWS CLI installed and configured? You can find the installation guide here: docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html You can also contact us for a consultation at: www.stormit.cloud/contact/

Hi, thank you so much! I'm really glad to hear that the explanation helped you. Visit our blog for more interesting content about AWS Cloud at: www.stormit.cloud/blog/

Hi, thank you for your comment. It's great to see that this video helped you :) If you want to learn more about AWS services or StormIT, visit our blog at: www.stormit.cloud/blog/

Hi, thank you for your comment. If you are interested in learning more about AWS Cloud, visit our blog at www.stormit.cloud/blog/

Hi, thank you for your comment. I don't think AWS Elastic BeanStalk has an AWS Managed Prefix list - docs.aws.amazon.com/vpc/latest/userguide/working-with-aws-managed-prefix-lists.html I would need more information about your project in order to assist you effectively. Please contact us to schedule a consultation at: www.stormit.cloud/contact/

​@@stormit9507 If there is no such prefix list, please tell me how to set up the network design(instance security rules) for a production backend server to only allow the inbound network traffic from the Elastic Beanstalk service and block all the public internet traffic.

​@@raghuraghav6636 Hi, based on your description, the Elastic Beanstalk service doesn't directly communicate with other services like EC2, CloudFront, or S3. It functions as a management service. To achieve what you need, you'll likely want to allow inbound traffic from the IPs of the instances deployed by Elastic Beanstalk. This can be either the CIDR block they use or specific IP addresses. For us to understand this better i would recommend you to contacting us at: www.stormit.cloud/contact/. We can also provide a free "optimization" of your architecture via Well-Architected review, you can read more here: www.stormit.cloud/aws-well-architected-review/

I did send an email to you(the contact mail mentioned in the website). But I didn't receive any reply mail yet, please check...

Please tell me, where can I find more about the Elastic beanstalk service, like the internal services it uses stuff like that. Deep dive article resources kind of these.

Hi, you will need to change the port exposed in the Dockerfile as well as the port in the container task. If you require more specific assistance, please feel free to contact us for a consultation at: www.stormit.cloud/contact/

Hello, yes, I think you can use this for Amazon RDS instances too. If you need assistance with setting it up, please don't hesitate to contact us here: www.stormit.cloud/contact/

Hi, yes, this was my special testing domain that I have in Route 53 as a hosted zone. You can check, for example, this video - ruclips.net/video/FtNfhwyPMAs/видео.html or read this article - www.stormit.cloud/blog/setup-an-amazon-cloudfront-distribution-with-ssl-custom-domain-and-s3/ where the domain creation is described. If you need a technical help, contact us for a consultation here - www.stormit.cloud/contact/

Hi, thank you for your comment. I would probably need to understand better what you are trying to achieve because health checks + DNS failover are usually necessary for services that may experience unexpected downtime. Amazon S3 and CloudFront is a highly available service, so it shouldn't have major downtime. However, to answer your question, I believe you should definitely be able to check what you are describing via Route 53 Health Checks, but it might be unnecessary. You can contact us for a deeper technical consultation if you need a better understanding. Have a nice day.

Hi, thank you for your comment! Be sure to visit our blog at www.stormit.cloud/blog/ and subscribe to our newsletter for more updates.

Hi, thank you for your comment! Be sure to visit our blog at www.stormit.cloud/blog/ and subscribe to our newsletter for more updates.

Glad it helped. Visit our website www.stormit.cloud/ , if you want to learn more about our services.

Hi, glad to help. Don't forget to check out our blog at www.stormit.cloud/blog/

Hi, I would need more information about your issue. If you are interested, you can contact us for a consultation at: www.stormit.cloud/contact/

Hi, thank you for your comment. If you're interested in learning more, be sure to check out our blog at www.stormit.cloud/blog/

Hi, thank you for your comment. If you're interested in learning more about StormIT or reading some interesting blog posts about AWS, visit our blog at www.stormit.cloud/blog/

Hi, I've tested this, and I didn't receive this message when attempting to redeploy the architecture. Why do you need to use 'cdk deploy' again?

Hi, yes, it will leave the S3 bucket public. However, when you use S3 for static website hosting, making it private is not possible. You won't be able to use OAC or OAI. For more information, please refer to our blog post: www.stormit.cloud/blog/cloudfront-origin-access-control/#oac-use-s3-website

Hello, thank you for your comment. If you'd like to learn more about AWS services, please visit our blog at: www.stormit.cloud/blog/

Glad you liked it!

@@stormit9507 Yes bro, Clear, short and precise I love all your content!

Hello, I don't understand your question very well. Could you please provide a bit more explanation? If you have more in-depth issues with ECS, feel free to contact us via: www.stormit.cloud/contact/

If your looking to use autoscaling with ECS. Desired tasks should be the same as min.

Hi, thank you for your comment. If you are interested in learning more about AWS Cloud, visit our blog at www.stormit.cloud/blog/

Hi, I would need more information to assist you with your issue. Could you please provide further details? Or you can contact us for a consulation here: www.stormit.cloud/contact/

Hi, I don't exactly understand what you are trying to achieve. In this video, I demonstrate how to use header-based access to the CloudFront staging distribution. There are definitely many ways to set headers. I would need more information about your project. If you are interested, please contact us via this form for a consultation: www.stormit.cloud/contact/

Hi, the choice depends on your preference or application. In this case, I've chosen HTTP, but you should be able to use both methods. Ultimately, we installed the certificate on the EC2 instance, allowing us to connect to the instance via port 443. However, this might be specific to WordPress. In many cases, you can connect via port 80 without using the certificate on the instance itself. If you have further questions, don't hesitate to contact us at: www.stormit.cloud/contact/

Hi, I'm not sure what you're looking for, but you might want to check out my other video: ruclips.net/video/6-fhKSzePRc/видео.html or visit our blog post at www.stormit.cloud/blog/cloudfront-distribution-for-amazon-ec2-alb/ or if you want to learn more about Auto Scaling - www.stormit.cloud/blog/aws-auto-scaling/. In the video and in the blog post, there's one additional component - CloudFront CDN, but it still delves deeper into the setup of the ALB (Application Load Balancer) and more. If you're still encountering issues, please don't hesitate to contact us for consultation via www.stormit.cloud/contact/.

Hello, you can contact us via the form here: www.stormit.cloud/contact/ or write to info@stormit.cloud.

Hi, I don't think this depends on the type of HTTP request; it should work if CloudFront meets the failover criteria on any origin type (EC2, API Gateway, etc...). If you have further questions, please feel free to contact us here: www.stormit.cloud/contact/

Hi Ben, to be honest, this is a really specific question. We would need more information about the entire project. If you are interested in a consultation, please contact us via: www.stormit.cloud/contact/

Hi, in this video, I'm showing how to use it with the 'www' subdomain. You can leverage the same method with any other subdomain. You'll need to add this as an alternate domain name to the CloudFront distribution and also point the subdomain to the CloudFront distribution in Route 53. If you have further questions, don't hesitate to contact us via: www.stormit.cloud/contact/

tks for your help@@stormit9507

​@@stormit9507 the big question is: can i set an ec2 (main site) to a domain and another ec2 (blog site) to a subdomain? it is really so confuse for me

​@@estudetrade Yes, it should be possible. It's a bit tricky to explain, but you can create two CloudFront distributions, similar to what was shown in this video, with different configurations.

Hi, we're using AWS Certificate Manager(ACM), and the certificates provided by this service are free. But also the certificate on the EC2 instance is free, because i'm using WP plugin that is free.

Hello, what I think is the best solution in this case is something called CloudFront caching behaviors within a single distribution. You can then configure different cache settings (path patterns) for *.png files within that distribution. You can find more information here - docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern. I'm using this approach in one of our blog posts - www.stormit.cloud/blog/cloudfront-distribution-for-amazon-ec2-alb/#cache-behaviors-cloudfront. But I would really need a better understanding of what you really need to achieve. If you are interested in a consultation, please contact us here - www.stormit.cloud/contact/

Hello, I'm glad you found the video helpful! I'll try to explain how this works. In S3, there is encryption at rest, which means you need a KMS key to access/decrypt these files. However, when CloudFront accesses these files, it decrypts them, and if possible, it encrypts them using an SSL/TLS certificate. These files are then sent through HTTPS. Are you using HTTPS?