本文の内容は、2024年11月25日に Alejandro Villanueva が投稿したブログ(https://sysdig.com/blog/26-aws-security-best-practices/)を元に日本語に翻訳・再構成した内容となっております。 セキュリティは、 AWS Foundational セキュリティベストプラクティスの基本的な柱です。セキュリティリスクを最小限に抑え、環境を保護するには、サービス別にまとめられた AWS セキュリティベストプラクティスに従うことが不可欠です。この構造化されたアプローチは、潜在的な脆弱性に積極的に対処し、堅牢で安全なクラウドアーキテクチャーを維持するのに役立ちます。 AWS IAM(1) IAMポリシーでは、フルの ” * ” 管理者権限を許可すべきではない (2) IAMユーザーにはIAMポリシーを添付してはならない (3) I
「Postgres で試した?」と聞き返せるようになるまでもしくはなぜ私は雰囲気で技術を語るのか? — Just use Postgres 読書感想文 - じゃあ、おうちで学べる
はじめに 「Just use Postgres」という言葉を初めて聞いたのは、いつだったか覚えていません。Twitter か Hacker News か、あるいは社内の Slack か。どこで聞いたにせよ、私の反応は決まっていました。「また極端なことを言う人がいる」と。 「それ、〇〇でもできますよ」——この手のフレーズはもう100回は聞いてきました。そして大抵の場合、その〇〇は専用ツールに置き換えられていきます。技術が専門分化していくのは自然な流れです。 全文検索なら Elasticsearch。時系列データなら InfluxDB。メッセージキューなら RabbitMQ。それぞれの分野に専門家がいて、専用のソリューションがあって、ベストプラクティスがあります。「とりあえず Postgres で」なんて、それは思考停止ではないか、と。でも、心のどこかで気になっていたんです。 www.mann
大実験!ChatGPTは競プロの問題を解けるのか (2024年5月版) - E869120's Blog
1. はじめに 2024 年 5 月 14 日、OpenAI 社から新たな生成 AI「GPT-4o」が発表され、世界に大きな衝撃を与えました。これまでの GPT-4 よりも性能を向上させただけでなく1、音声や画像のリアルタイム処理も実現し、さらに応答速度が大幅に速くなりました。「ついにシンギュラリティが来てしまったか」「まるで SF の世界を生きているような感覚だ」という感想も見受けられました。 しかし、いくら生成 AI とはいえ、競技プログラミングの問題を解くのは非常に難しいです。なぜなら競技プログラミングでは、問題文を理解する能力、プログラムを実装する能力だけでなく、より速く答えを求められる解法 (アルゴリズム) を考える能力も要求されるからです。もし ChatGPT が競技プログラミングを出来るようになれば他のあらゆるタスクをこなせるだろう、と考える人もいます。 それでは、現代最強の
This post is part of a collection on UUIDs. What is IDOR? Indirect Object Reference (IDOR) occurs when a resource can be accessed directly by its ID even when the user does not have proper authorization to access it. IDOR is a common mistake when using a separate service for storing files, such as a publicly readable Amazon S3 bucket. The web application may perform access control checks correctly
Another year passes. I was hoping to write more articles instead of just these end-of-the-year screeds, but I almost died in the spring semester, and it sucked up my time. Nevertheless, I will go through what I think are the major trends and happenings in databases over the last year. There were many exciting and unprecedented developments in the world of databases. Vibe coding entered the vernacu
REST API Design Best Practices Handbook – How to Build a REST API with JavaScript, Node.js, and Express.js
By Jean-Marc Möckel I've created and consumed many API's over the past few years. During that time, I've come across good and bad practices and have experienced nasty situations when consuming and building API's. But there also have been great moments. There are helpful articles online which present many best practices, but many of them lack some practicality in my opinion. Knowing the theory with
[Hacker News discussion, LinkedIn discussion, Twitter thread] Update: My upcoming book, AI Engineering (late 2024/early 2025) will cover building aplications with foundation models in depth. A question that I’ve been asked a lot recently is how large language models (LLMs) will change machine learning workflows. After working with several companies who are working with LLM applications and persona
This post is about why we need a coroutine package for Go, and what it would look like. But first, what are coroutines? Every programmer today is familiar with function calls (subroutines): F calls G, which stops F and runs G. G does its work, potentially calling and waiting for other functions, and eventually returns. When G returns, G is gone and F continues running. In this pattern, only one fu
Introducing Ezno
Ezno is an experimental compiler I have been working on and off for a while. In short, it is a JavaScript compiler featuring checking, correctness and performance for building full-stack (rendering on the client and server) websites. This post is just an overview of some of the features I have been working on which I think are quite cool as well an overview on the project philosophy ;) It is still
ソースコード & ドキュメントに対応したGraph RAGの実装(Tree-sitter + LightRAG)
(module (function_definition (identifier) # ← ここに関数名「sample_func」が含まれます (parameters) (block (expression_statement (call (identifier) (argument_list (string)))))) (expression_statement (call (identifier) (argument_list)))) ノードが色々取れましたが、「function_definition」が関数、その子である「identifier」が関数名を表すため、 function_definition == 子ノード ==> identifier となっている箇所を探索すれば抽出できます(関数ではあっても「lambda」など異なる場合もあります)。 今回は上記のようにTree-si
A few months ago, I set myself the challenge of writing a C compiler in 500 lines of Python1, after writing my SDF donut post. How hard could it be? The answer was, pretty hard, even when dropping quite a few features. But it was also pretty interesting, and the result is surprisingly functional and not too hard to understand! There's too much code for me to comprehensively cover in a single blog
PostgreSQL 15 Released!
October 13, 2022 - The PostgreSQL Global Development Group today announced the release of PostgreSQL 15, the latest version of the world’s most advanced open source database. PostgreSQL 15 builds on the performance improvements of recent releases with noticeable gains for managing workloads in both local and distributed deployments, including improved sorting. This release improves the developer e
Today, we are excited to announce the launch of .NET 10, the most productive, modern, secure, intelligent, and performant release of .NET yet. It’s the result of another year of effort from thousands of developers around the world. This release includes thousands of performance, security, and functional improvements across the entire .NET stack-from languages and developer tools to workloads-enabl
OpenTelemetry 公式の Instrumentation ライブラリを使っていると、Requestsのspanの名前が "GET" だけだったり、 mysqlclient のspanが "SELECT" だけだったりします。 たとえばGrafanaでトレースを見ていると "SELECT" ばかりが何個も並んでいて、一つ一つクリックして attributes の db.statement を確認していかないとどのクエリを実行しているのか分かりません。非常に面倒です。 Flaskのspanであれば "GET /user/<id:int>" のように表示してくれるのに、なぜRequestsのspanの名前はtable名やpathを書いてくれないのでしょうか。それは OpenTelemetry の Semantic conventions でそう推奨されているからです。 HTTP spa
Assessing Claude Mythos Preview’s cybersecurity capabilities April 7, 2026 Nicholas Carlini, Newton Cheng, Keane Lucas, Michael Moore, Milad Nasr, Vinay Prabhushankar, Winnie Xiao Hakeem Angulu, Evyatar Ben Asher, Jackie Bow, Keir Bradwell, Ben Buchanan, David Forsythe, Daniel Freeman, Alex Gaynor, Xinyang Ge, Logan Graham, Kyla Guru, Hasnain Lakhani, Matt McNiece, Mojtaba Mehrara, Renee Nichol, A
Rewriting the Ruby parser
At Shopify, we have spent the last year writing a new Ruby parser, which we’ve called YARP (Yet Another Ruby Parser). As of the date of this post, YARP can parse a semantically equivalent syntax tree to Ruby 3.3 on every Ruby file in Shopify’s main codebase, GitHub’s main codebase, CRuby, and the 100 most popular gems downloaded from rubygems.org. We recently got approval to merge this work into C
In 2021 Ben Bridts published a highly inventive method for finding the AWS Account ID of a public S3 bucket. This post describes a technique to find the Account ID of any S3 bucket (both private and public). I'd highly recommend reading Ben's technique first as we will re-use a lot of concepts. S3 Bucket to AWS Account IDShell output can be worth a thousand words, here's what our technique enables
Introduction⌗ Postgres queue tech is a thing of beauty, but far from mainstream. Its relative obscurity is partially attributable to the cargo cult of “scale”. The scalability cult has decreed that there are several queue technologies with greater “scalability” than Postgres, and for that reason alone, Postgres isn’t suitably scalable for anyone’s queuing needs. The cult of scalability would rathe
June 5, 2023 by Dirk Bäumer VS Code for the Web (https://vscode.dev) has been available for some time now and it has always been our goal to support the full edit / compile / debug cycle in the browser. This is relatively easy for languages like JavaScript and TypeScript since browsers ship with a JavaScript execution engine. It is harder for other languages since we must be able to execute (and t
4 Pandas Anti-Patterns to Avoid and How to Fix Them
pandas is a powerful data analysis library with a rich API that offers multiple ways to perform any given data manipulation task. Some of these approaches are better than others, and pandas users often learn suboptimal coding practices that become their default workflows. This post highlights four common pandas anti-patterns and outlines a complementary set of techniques that you should use instea
February 2022 Recently I improved the performance of GoAWK – my AWK interpreter written in Go – by switching from a tree-walking interpreter to a bytecode compiler with a virtual machine interpreter. While doing that, I thought it’d be interesting to see how much the performance of Go itself has improved over the years. There are many ways programs written in Go have gotten faster: the Go team and
Photo by Claudio Schwarz on Unsplash. How to create a Python package? In order to create a Python package, you need to write the code that implements the functionality you want to put in your package, and then you need to publish it to PyPI. That is the bare minimum. Nowadays, you can also set up a variety of other things to make your life easier down the road: continuous testing of your package;
I don't build systems. I imagine them, then write them. …that were written in a military training camp and accidentally grew to 5k words. I am writing this on my phone, in a barrack that houses some 200+ of my brothers-in-arms in the Ukrainian army’s training camp; I use short periods of rest between training, mostly at night and on Sundays. TBH, since joining the army, I didn’t expect to have tim
Ruby is an interpreted, open-source programming language with a focus on simplicity and productivity. Ruby is already 30 years old, and it has become one of the most used programming languages. Some claim Ruby is dead; others use it widely in their companies. Join me in this blog post as we learn about Ruby's history and where it stands today. How It StartedRuby was born on Feb. 24th, 1993. This w
September 2021 Summary: Python 3.10, which is due out in early October 2021, will include a large new language feature called structural pattern matching. This article is a critical but (hopefully) informative presentation of the feature, with examples based on real-world code. Go to: What it is | Where it shines | My code | Other projects | Problems | Wrapping up At a recent local Python meetup,
Internet Engineering Task Force (IETF) K. Davis Request for Comments: 9562 Cisco Systems Obsoletes: 4122 B. Peabody Category: Standards Track Uncloud ISSN: 2070-1721 P. Leach University of Washington May 2024 Universally Unique IDentifiers (UUIDs) Abstract This specification defines UUIDs (Universally Unique IDentifiers) -- also known as GUIDs (Globally Unique IDentifiers) -- and a Uniform Resou
Prompt Engineering
Date: March 15, 2023 | Estimated Reading Time: 21 min | Author: Lilian Weng Prompt Engineering, also known as In-Context Prompting, refers to methods for how to communicate with LLM to steer its behavior for desired outcomes without updating the model weights. It is an empirical science and the effect of prompt engineering methods can vary a lot among models, thus requiring heavy experimentation a
Golang Mini Reference 2022: A Quick Guide to the Modern Go Programming Language (REVIEW COPY)
Golang Mini Reference 2022 A Quick Guide to the Modern Go Programming Language (REVIEW COPY) Harry Yoon Version 0.9.0, 2022-08-24 REVIEW COPY This is review copy, not to be shared or distributed to others. Please forward any feedback or comments to the author. • feedback@codingbookspress.com The book is tentatively scheduled to be published on September 14th, 2022. We hope that when the release da
Agents
Intelligent agents are considered by many to be the ultimate goal of AI. The classic book by Stuart Russell and Peter Norvig, Artificial Intelligence: A Modern Approach (Prentice Hall, 1995), defines the field of AI research as “the study and design of rational agents.” The unprecedented capabilities of foundation models have opened the door to agentic applications that were previously unimaginabl
Weird Lexical Syntax
I just learned 42 programming languages this month to build a new syntax highlighter for llamafile. I feel like I'm up to my eyeballs in programming languages right now. Now that it's halloween, I thought I'd share some of the spookiest most surprising syntax I've seen. The languages I decided to support are Ada, Assembly, BASIC, C, C#, C++, COBOL, CSS, D, FORTH, FORTRAN, Go, Haskell, HTML, Java,
GitHub - cozodb/cozo: A transactional, relational-graph-vector database that uses Datalog for query. The hippocampus for AI!
Version v0.7: after HNSW vector search from 0.6, in 0.7 we bring to you MinHash-LSH for near-duplicate search, full-text search, Json value support and more! See here for more details. Version v0.6 released! This version brings vector search with HNSW indices inside Datalog, which can be integrated seamlessly with powerful features like ad-hoc joins, recursive Datalog and classical whole-graph alg
AST vs. Bytecode: Interpreters in the Age of Meta-Compilation
233 AST vs. Bytecode: Interpreters in the Age of Meta-Compilation OCTAVE LAROSE, University of Kent, UK SOPHIE KALEBA, University of Kent, UK HUMPHREY BURCHELL, University of Kent, UK STEFAN MARR, University of Kent, UK Thanks to partial evaluation and meta-tracing, it became practical to build language implementations that reach state-of-the-art peak performance by implementing only an interprete
Monitor AWS resources created by Terraform in Amazon DevOps Guru using tfdevops | Amazon Web Services
AWS DevOps & Developer Productivity Blog Monitor AWS resources created by Terraform in Amazon DevOps Guru using tfdevops This post was written in collaboration with Kapil Thangavelu, CTO at Stacklet Amazon DevOps Guru is a machine learning (ML) powered service that helps developers and operators automatically detect anomalies and improve application availability. DevOps Guru utilizes machine learn
Join a VS Code Dev Days event near you to learn about AI-assisted development in VS Code. Update 1.67.1: The update addresses this security issue. Update 1.67.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the April 2022 release of Visual Studio Code. There are many updates in this version that we hope
Syntax Highlighting in Hand-Coded Websites The problem I have been trying to identify practical reasons why hand-coding websites with HTML and CSS is so hard (by hand-coding, I mean not relying on frameworks, generators or 3rd party scripts that modify the DOM). Let's say, I want to make a blog. What are the actual things that prevent me from making—and maintaining—it by hand? What would it take t
Parsing SQL - Strumenta
The code for this tutorial is on GitHub: parsing-sql SQL is a language to handle data in a relational database. If you worked with data you have probably worked with SQL. In this article we will talk about parsing SQL. It is in the same league of HTML: maybe you never learned it formally but you kind of know how to use it. That is great because if you know SQL, you know how to handle data. However
How I developed a faster Ruby interpreter | Red Hat Developer
In this article, I will describe my efforts to implement a faster interpreter for CRuby, the Ruby language interpreter, using a dynamically specialized internal representation (IR). I believe this article will interest developers trying to improve the interpreter performance of dynamic programming languages (e.g., CPython developers). I will cover the following topics: Existing CRuby interpreter a
syntaxdesign
One of the most recognizable features of a languages is its syntax. What are some of the things about syntax that matter? What questions might you ask if you were creating a syntax for your own language? Motivation A programming language gives us a way structure our thoughts. Each program, has a kind of internal structure, for example: How can we capture this structure? One way is directly, via pi
Most of my readers are probably familiar with procedural programming, object-oriented programming (OOP), and functional programming (FP). The majority of top programming languages on all of the language popularity charts (like TIOBE) support all three to some extent. Even if a programmer avoided one or more of those three paradigms like the plague, they’re likely at least aware of them and what th
AWS Lambda warms up your functions, such that 50%-85% of Lambda Sandbox initializations don't increase latency for users. In this article we'll define Proactive Initialization, observe its frequency, and help you identify invocations where your cold starts weren't really that cold. July 13, 2023 This post is both longer and more popular than I anticipated, so I’ve decided to add a quick summary: T
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
本番環境で採用すべき26のAWSセキュリティベストプラクティス
Why UUIDs won't protect your secrets
Databases in 2025: A Year in Review
Building LLM applications for production
research!rsc: Coroutines for Go
Writing a C compiler in 500 lines of Python
Announcing .NET 10 - .NET Blog
OTLPのspan nameが情報量少なすぎる件 - methaneのブログ
Claude Mythos Preview \ red.anthropic.com
How to find the AWS Account ID of any S3 Bucket | Tracebit
Choose Postgres queue technology
Run WebAssemblies in VS Code for the Web
Go performance from version 1.2 to 1.18
How to create a Python package in 2022
A few words on Ruby's type annotations state
A Brief History of Ruby
Structural pattern matching in Python 3.10
RFC 9562: Universally Unique IDentifiers (UUIDs)
April 2022 (version 1.67)
Font with Built-In Syntax Highlighting
Implementing Logic Programming
Understanding AWS Lambda Proactive Initialization