Open source news and updates #89

{"value":"##### **November 8th, 2021 - Instalment #89**\n\nNewsletter #89. This week we have another selection of great new projects for you to take a look at. Kicking things off with the latest open source project from Airbnb, ottr, a Public Key Infrastructure framework that handles end-to-end certificate rotations, the other projects include cloudkey, clock-bound, amazon-recon, cdk-dia and more. Make sure you check these out.\n\nAs always, we have a wide selection of new blog posts from the Amazon Web Services and Community bloggers covering topics from Alphafold, BayerCLAW, and Babelfish to OpenSearch, Amazon Web Services CDK, ffmpeg, Amazon Corretto, Spring Boot, Bottlerocket, Snyk, MariaDB and GitHub actions.\n\nTo finish things off we have a new video covering Suricata on Amazon Web Services, as well as a new event coming up later this week which you still have time to sign up for.\n\n\n##### **Celebrating open source contributors**\n\nThe articles posted in this series are only possible thanks to contributors and project maintainers and so I would like to shout out and thank those folks who really do power open source and enable us all to build on top of what they have created.\n\nSo thank you to the following open source heroes: Qi Wang, Tom Roshko, Christos Matskas, Vadivelu Murali Pranavan, Kenneth Yang, Danny Gitelman, Daniel Begimher, Afza Wajid, Sudhir Reddy Maddulapally, Alexey Vorovich, Jesse Butler, Damien Martins, Masahiro Imai, Hidenori Koizumi, Jorge Lanzarotti, Ramesh Kumar Venkatraman, Dave Currie, Frank Dallezotte, Maxwell Moon, Jack Tabaska, Ian Davis, Jani Muuriaisniemi, Jose Juhala, Vacha Shah, Sarat Vemulapalli, Irshad Buchh and Yang Xiao.\n\nMake sure you find and follow these builders and keep up to date with their open source projects and contributions.\n\n##### **Community noticeboard**\n###### **Hackathon winners**\n\nGreat news from Vadivelu Murali Pranavan last week, where he shared the following updated:\n\nI'm happy to share with you that myself along with my peers Sanjay Thiyagarajan, Naresh Kumar, Jayanth Vikash S, Xavier Emmanuel and Sri Varmaa won the first place in Amazon Web Services (Amazon Web Services) Graviton Hackathon 2021 in Migration track. Check out the project they created, ++[Genie](https://aws-oss.beachgeek.co.uk/12a)++\n\n##### **Latest open source projects**\n###### **ottr**\n\n++[ottr](https://aws-oss.beachgeek.co.uk/12d)++ this is the latest open source project from Airbnb engineering, Ottr. Ottr is a serverless Public Key Infrastructure framework that handles end-to-end certificate rotations without the use of an agent. You can check out the super detailed blog post, ++[Meet Ottr: A Serverless Public Key Infrastructure Framework](https://aws-oss.beachgeek.co.uk/12e)++ from Kenneth Yang provides an overview on Ottr with details of the architecture, logical and network flows and details on how to deploy.\n\n\n\n\n###### **cloudkey**\n\n++[cloudkey](https://aws-oss.beachgeek.co.uk/12p)++ this project from Aidan Steele is perfect if you have a Yubikey and want to use it to assume IAM roles to interact with Amazon Web Services. As Aidan says:\n\n\"I could create certificates on the Yubikey, enrol them into Amazon Web Services IoT (for free) and assume roles in Amazon with no IAM secret access keys stored on disk.\"\n\nWorth checking out Aidan's ++[thread on twitter, here](https://aws-oss.beachgeek.co.uk/12q)++ for more context.\n\n###### **clock-bound**\n\n++[clock-bound](https://aws-oss.beachgeek.co.uk/12b)++ this new project provides you with a consistent, trusted time service will allow you to compare timestamps to determine order and consistency for events and transactions, independent from the instances’ respective geographic locations.\n\n\n\n###### **Amazon Web Services-recon**\n\n++[amazon-recon](https://aws-oss.beachgeek.co.uk/12h)++ this project from Darkbit is a multi-threaded Amazon security-focused inventory collection tool written in Ruby, and was created to facilitate efficient collection of a large amount of Amazon Web Services resource attributes and metadata. It aims to collect nearly everything that is relevant to the security configuration and posture of an Amazon Web Services environment. It is being used by some interesting customers, so well worth checking this out.\n\n###### **cdk-dia**\n\n++[cdk-dia](https://aws-oss.beachgeek.co.uk/12i)++ this project from Tom Roshko looks super neat, it diagrams your CDK provisioned infrastructure using the Graphviz dot language. After getting Graphviz running on my Macbook (thanks Mac Ports) I tried it on one of my projects, and here is the output. What do you think? A great start, so it will be interesting to see how this project evolves and develops. Nice work Tom!\n\n\n\n###### **Amazon Web Services-cdk-github-oidc**\n\n++[amazon-cdk-github-oidc](https://aws-oss.beachgeek.co.uk/12j)++ is a CDK constructs to use OpenID Connect for authenticating your Github Action workflow with Amazon Web Services IAM. These constructs allows you to harden your Amazon Web Services deployment security by removing the need to create long-term access keys for Github Actions and instead use OpenID Connect to Authenticate your Github Action workflow with Amazon Web Services IAM.\n\n\n\nYou can check out last weeks newsletter where Richard Boyd shows you using this new capability of GitHub Actions.\n\n###### **fiware-orion-on-Amazon Web Services**\n\n++[fiware-orion-on-amazon](https://aws-oss.beachgeek.co.uk/125)++ FIWARE is a curated framework of open source platform components to help with the development of smart applications and solutions. This repository is a reference implementation of one of those components, the Orion Context Broker which uses another component in that project, Cygnus. To help you get started, check out the blog post ++[How to build smart cities with FIWARE Orion Context Broker and Cygnus on Amazon Web Services](https://aws-oss.beachgeek.co.uk/124)++ from Masahiro Imai, Hidenori Koizumi, and Jorge Lanzarotti\n\n\n\n###### **Retro corner**\n\nThanks to Corey Quin for highlighting this tool I had missed.\n\n###### **Amazon Web Services-key-disabler**\n\n++[Amazon Web Services-key-disabler](https://aws-oss.beachgeek.co.uk/129)++ this open source project is a small lambda script that will disable access keys older than a given amount of days. Small but perfectly formed, I think this is a great solution if you find yourself needing to automate the vending of your keys.\n\n##### **Tweet of the week**\nThis ++[tweet](https://aws-oss.beachgeek.co.uk/11y)++ from Christos Matskas (++[@christosmatskas](https://dev.to/christosmatskas)++) came up on my timeline last week, where he shared how he was able to use the open sourced NodeJS library for verifying JWTs that I shared in the last episode, and verify AAD access tokens from Azure Active Directory. He also shared the code, which you can check out at ++[here](https://aws-oss.beachgeek.co.uk/11z)++. Christos also put this post together, ++[Open Standards, Security, Azure AD and Amazon Web Services](https://aws-oss.beachgeek.co.uk/120)++ which shows you the end to end story. Nice!\n\n##### **Amazon Web Services and Community blog posts**\n###### **Amazon Web Services CDK**\nBuilding Software as a Service (SaaS) is an increasingly popular approach for open source projects to provide customers with immediate access to their capabilities. There are several approaches you can take, but being able to well and ensure a good experience during on boarding, you need to have a reliable, fast, and multi-region capable provisioning and software lifecycle management. In the post, ++[Parallel and dynamic SaaS deployments with Amazon Web Services CDK Pipelines](https://aws-oss.beachgeek.co.uk/12k)++ Jani Muuriaisniemi and Jose Juhala describe a deployment system for achieving this using Amazon Web Services CDK and Amazon Web Services CDK Pipelines. [hands on]\n\n\n\n###### **BayerCLAW**\n\nI shared details of BayerCLAW in a previous newsletter (#86). BayerCLAW a workflow orchestration system for Amazon Web Services, targeted at bioinformatics pipelines. Jack Tabaska and Ian Davis from the Bayer Crop Sciences team have put together this blog post, ++[BayerCLAW – Open-Source, Serverless Orchestrator for Scientific Workflows on Amazon Web Services](https://aws-oss.beachgeek.co.uk/12f)++ that takes a look at the motivations and technical implementation of BayerCLAW.\n\n\n\n###### **AlphaFold**\n\nAlphaFold is an artificial intelligence program developed by Alphabets's/Google's DeepMind which performs predictions of protein structure. In this post, ++[Run AlphaFold v2.0 on Amazon EC2](https://aws-oss.beachgeek.co.uk/12m)++, Qi Wang provides a step-by-step guide on how to install AlphaFold on an EC2 instance with Nvidia GPU.\n\n\n\n###### **Babelfish**\n\nIn the post ++[Migrate from SQL Server to Amazon Aurora using Babelfish](https://aws-oss.beachgeek.co.uk/126)++, Ramesh Kumar Venkatraman provides and overview of how you can migrate from SQL Server to Babelfish for Aurora PostgreSQL. [hands on]\n\n\n\n###### **Amazon Corretto**\n\nDave Currie shares details of the Amazon Corretto support roadmap in his post, ++[Announcing Amazon Corretto 17 support roadmap](https://aws-oss.beachgeek.co.uk/127)++. Make sure you read this short post and understand what this means for any workloads you have running Amazon Corretto 8 or 11.\n\n###### **Spring Boot**\n\n++[Build and deploy a Spring Boot application to Amazon Web Services App Runner with a CI/CD pipeline using Terraform](https://aws-oss.beachgeek.co.uk/12o)++ is the perfect post if you want to learn about how to setup a really nice automated deployment pipeline for your Spring Boot applications on Amazon Web Services. Irshad Buchh and Yang Xiao walk you through setting up a pipeline for automatic build and deployment onto Amazon Web Services App Runner. Read on to find out more [hands on]\n\n\n\n###### **Bottlerocket**\n\nJesse Butler opens this post up with the question “Does the OS even matter anymore?” - intrigued? Have your own opinion? Well find out what he thinks in the excellent post, ++[Bottlerocket, A Year in the Life](https://aws-oss.beachgeek.co.uk/123)++ - (and I totally agree, for anyone interested!) [hands on]\n\n\n\n###### **Snyk**\n\nDanny Gitelman and Daniel Begimher share how to use tools like Snyk in combination with an automated workflow to reduce the risk of downloading new packages from public repositories. Read more in their post, ++[How to automate your software-composition analysis on Amazon Web Services](https://aws-oss.beachgeek.co.uk/121)++ [hands on]\n\n++[arch](https://d2908q01vomqb2.cloudfront.net/b7eb6c689c037217079766fdb77c3bac3e51cb4c/2021/10/15/software-composition-analysis-architecture-diagram.jpg)++\n\n###### **MariaDB**\n\nSkySQL is a database as a service (DBaaS) solution on Amazon Web Services that makes it easy for customers to start using MariaDB Enterprise in the cloud. In the post, ++[MariaDB Collaborates with Amazon Web Services to Deliver SkySQL on Amazon](https://aws-oss.beachgeek.co.uk/122)++ Afza Wajid and Sudhir Reddy Maddulapally speak with Alexey Vorovich, VP of Engineering for SkySQL at MariaDB Corporation, about the recent SkySQL launch.\n\n###### **FFmpeg**\n\nDamien Martins shares with you a how-to guide describes the steps to invoke an automatic extraction of media asset metadata through ffprobe (part of the FFmpeg project) in his post,\n++[Analyzing media files using ffprobe in Amazon Lambda](https://aws.amazon.com/blogs/media/analyzing-media-files-using-ffprobe-in-aws-lambda/)++ [hands on]\n\n###### **GitHub Actions**\n\nFrank Dallezotte and Maxwell Moon have collaborated on this post, ++[Building ARM64 applications on Amazon Web Services Graviton2 using the Amazon Web Services CDK and Self-Hosted Runners for GitHub Actions](https://aws-oss.beachgeek.co.uk/128)++ where they show how to configure of a self-hosted GitHub Runner on an EC2 instance with a Graviton2 processor, the required network resources, and a workflow that will run on the Runner on each repository push or pull request for the example application. This will allow you to start to create multi architecture builds so that you can start leveraging Arm based Amazon Graviton2 instances and the improved price/performance as well as power characteristics. [hands on]\n\n\n\n###### **OpenSearch**\n\nIn the post, ++[Backwards Compatibility Testing for OpenSearch](https://aws-oss.beachgeek.co.uk/12n)++ Vacha Shah and Sarat Vemulapalli show you how backwards compatibility testing works within OpenSearch, something that is used to test and determine the safe upgrade paths from a supported version to the current version.\n\n##### **Quick updates**\n###### **Amazon Time Sync Service**\n\nAmazon Time Sync Service now allows you to easily generate and compare timestamps from Amazon EC2 instances with ClockBound, an open source daemon and library. This information is valuable to determine order and consistency for events and transactions across EC2 instances, independent from the instances’ respective geographic locations. ClockBound calculates your Amazon EC2 instance’s clock error bound to measure its clock accuracy and allows you to check if a given timestamp is in the past or future with respect to your instance’s current clock. On every call, ClockBound simultaneously returns two pieces of information: the current time and the associated absolute error range. This means that the actual time of a ClockBound timestamp is within a set range.\n\nTo get started, first make sure you are using Chrony. Then install the ClockBound daemon and library, or build your own library to integrate ClockBound into your application. For the best clock accuracy, we also recommend using the Amazon Time Sync Service. The Amazon Time Sync Service and Chrony are configured by default on Amazon Linux 2 instances.\n\nCheck out the code repo at the top of this post.\n\n\n##### **Video of the week**\n###### **Suricata**\n\nNick Coval & Adam Palmer presented \"++[Building an Open Source IDS/IPS Service on Amazon with Suricata](https://aws-oss.beachgeek.co.uk/12l)++\" at SuriCon, where they talk about how they built a quick-start solution on Amazon Web Services that creates a Suricata-based solution, powered by Amazon Web Services Gateway Load Balancer service (GWLB); enabling centralized and distributed deployment models.\n\n<video src=\"https://dev-media.amazoncloud.cn/b85d80042c9c4d2b90fa4185b75e9622_Building%20an%20Open%20Source%20IDS%E2%A7%B8IPS%20Service%20on%20AWS%20with%20Suricata.mp4\" class=\"manvaVedio\" controls=\"controls\" style=\"width:160px;height:160px\"></video>\n\n##### **Events for your diary**\n###### **MLOps: End-to-End Hugging Face Transformers with** \n###### **the Hub & SageMaker Pipelines**\n###### **November 10th 2021 - 6:00 PM (GMT)**\n\nLater this week, we have this workshop where you will learn how to build an End-to-End MLOps Pipeline for Hugging Face Transformers from training to production using Amazon SageMaker. Join the always amazing Julien Simon, together with Matteu Desve and Phillip Schmid for this webinar. ++[Read more and register here](https://aws-oss.beachgeek.co.uk/12g)++.\n\n###### **Databricks | Amazon Web Services Lakehouse Dev Day Live Workshop**\n###### **November 16th 9:00 AM PT**\n\nDelta Lake is an open source storage layer that provides ACID transactions, scalable metadata handling, and unifies streaming and batch data processing. You can use Delta Lake on top of your existing data lake. During this workshop you will learn how to:\n\n- Make your existing Amazon S3 data lakes into a lakehouse with Delta Lake.\n- Provide an easy-to-use platform for analysts to directly query data on your data lake using SQL Analytics\n- Simplify and automate data pipelines for streaming and batch data to lower costs and boost productivity for your data teams\n\n++[Read more and sign up here.](https://aws-oss.beachgeek.co.uk/zs)++\n\n##### **Stay in touch with open source at Amazon**\nI hope this summary has been useful. Remember to check out the ++[Open Source homepage](https://aws.amazon.com/opensource/?opensource-all.sort-by=item.additionalFields.startDate&opensource-all.sort-order=asc)++ to keep up to date with all our activity in open source by following us on ++[@Amazon Web ServicesOpen](https://twitter.com/AWSOpen)++\n\n\n\n\n\n\n","render":"<h5><a id=\"November_8th_2021__Instalment_89_0\"></a><strong>November 8th, 2021 - Instalment #89</strong></h5>\n<p>Newsletter #89. This week we have another selection of great new projects for you to take a look at. Kicking things off with the latest open source project from Airbnb, ottr, a Public Key Infrastructure framework that handles end-to-end certificate rotations, the other projects include cloudkey, clock-bound, amazon-recon, cdk-dia and more. Make sure you check these out.</p>\n<p>As always, we have a wide selection of new blog posts from the Amazon Web Services and Community bloggers covering topics from Alphafold, BayerCLAW, and Babelfish to OpenSearch, Amazon Web Services CDK, ffmpeg, Amazon Corretto, Spring Boot, Bottlerocket, Snyk, MariaDB and GitHub actions.</p>\n<p>To finish things off we have a new video covering Suricata on Amazon Web Services, as well as a new event coming up later this week which you still have time to sign up for.</p>\n<h5><a id=\"Celebrating_open_source_contributors_9\"></a><strong>Celebrating open source contributors</strong></h5>\n<p>The articles posted in this series are only possible thanks to contributors and project maintainers and so I would like to shout out and thank those folks who really do power open source and enable us all to build on top of what they have created.</p>\n<p>So thank you to the following open source heroes: Qi Wang, Tom Roshko, Christos Matskas, Vadivelu Murali Pranavan, Kenneth Yang, Danny Gitelman, Daniel Begimher, Afza Wajid, Sudhir Reddy Maddulapally, Alexey Vorovich, Jesse Butler, Damien Martins, Masahiro Imai, Hidenori Koizumi, Jorge Lanzarotti, Ramesh Kumar Venkatraman, Dave Currie, Frank Dallezotte, Maxwell Moon, Jack Tabaska, Ian Davis, Jani Muuriaisniemi, Jose Juhala, Vacha Shah, Sarat Vemulapalli, Irshad Buchh and Yang Xiao.</p>\n<p>Make sure you find and follow these builders and keep up to date with their open source projects and contributions.</p>\n<h5><a id=\"Community_noticeboard_17\"></a><strong>Community noticeboard</strong></h5>\n<h6><a id=\"Hackathon_winners_18\"></a><strong>Hackathon winners</strong></h6>\n<p>Great news from Vadivelu Murali Pranavan last week, where he shared the following updated:</p>\n<p>I’m happy to share with you that myself along with my peers Sanjay Thiyagarajan, Naresh Kumar, Jayanth Vikash S, Xavier Emmanuel and Sri Varmaa won the first place in Amazon Web Services (Amazon Web Services) Graviton Hackathon 2021 in Migration track. Check out the project they created, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12a\" target=\"_blank\">Genie</a></ins></p>\n<h5><a id=\"Latest_open_source_projects_24\"></a><strong>Latest open source projects</strong></h5>\n<h6><a id=\"ottr_25\"></a><strong>ottr</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12d\" target=\"_blank\">ottr</a></ins> this is the latest open source project from Airbnb engineering, Ottr. Ottr is a serverless Public Key Infrastructure framework that handles end-to-end certificate rotations without the use of an agent. You can check out the super detailed blog post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12e\" target=\"_blank\">Meet Ottr: A Serverless Public Key Infrastructure Framework</a></ins> from Kenneth Yang provides an overview on Ottr with details of the architecture, logical and network flows and details on how to deploy.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/35b7e19d4fe54c858ba7d8b06a417efb_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"cloudkey_32\"></a><strong>cloudkey</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12p\" target=\"_blank\">cloudkey</a></ins> this project from Aidan Steele is perfect if you have a Yubikey and want to use it to assume IAM roles to interact with Amazon Web Services. As Aidan says:</p>\n<p>“I could create certificates on the Yubikey, enrol them into Amazon Web Services IoT (for free) and assume roles in Amazon with no IAM secret access keys stored on disk.”</p>\n<p>Worth checking out Aidan’s <ins><a href=\"https://aws-oss.beachgeek.co.uk/12q\" target=\"_blank\">thread on twitter, here</a></ins> for more context.</p>\n<h6><a id=\"clockbound_40\"></a><strong>clock-bound</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12b\" target=\"_blank\">clock-bound</a></ins> this new project provides you with a consistent, trusted time service will allow you to compare timestamps to determine order and consistency for events and transactions, independent from the instances’ respective geographic locations.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/52f044a383504de0a1cd214a1ef5839c_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Amazon_Web_Servicesrecon_46\"></a><strong>Amazon Web Services-recon</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12h\" target=\"_blank\">amazon-recon</a></ins> this project from Darkbit is a multi-threaded Amazon security-focused inventory collection tool written in Ruby, and was created to facilitate efficient collection of a large amount of Amazon Web Services resource attributes and metadata. It aims to collect nearly everything that is relevant to the security configuration and posture of an Amazon Web Services environment. It is being used by some interesting customers, so well worth checking this out.</p>\n<h6><a id=\"cdkdia_50\"></a><strong>cdk-dia</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12i\" target=\"_blank\">cdk-dia</a></ins> this project from Tom Roshko looks super neat, it diagrams your CDK provisioned infrastructure using the Graphviz dot language. After getting Graphviz running on my Macbook (thanks Mac Ports) I tried it on one of my projects, and here is the output. What do you think? A great start, so it will be interesting to see how this project evolves and develops. Nice work Tom!</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/d610de88e4894723a4f921a9dde1c56e_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Amazon_Web_Servicescdkgithuboidc_56\"></a><strong>Amazon Web Services-cdk-github-oidc</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12j\" target=\"_blank\">amazon-cdk-github-oidc</a></ins> is a CDK constructs to use OpenID Connect for authenticating your Github Action workflow with Amazon Web Services IAM. These constructs allows you to harden your Amazon Web Services deployment security by removing the need to create long-term access keys for Github Actions and instead use OpenID Connect to Authenticate your Github Action workflow with Amazon Web Services IAM.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/504d298c212e411b81b7e7feb0155695_image.png\" alt=\"image.png\" /></p>\n<p>You can check out last weeks newsletter where Richard Boyd shows you using this new capability of GitHub Actions.</p>\n<h6><a id=\"fiwareoriononAmazon_Web_Services_64\"></a><strong>fiware-orion-on-Amazon Web Services</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/125\" target=\"_blank\">fiware-orion-on-amazon</a></ins> FIWARE is a curated framework of open source platform components to help with the development of smart applications and solutions. This repository is a reference implementation of one of those components, the Orion Context Broker which uses another component in that project, Cygnus. To help you get started, check out the blog post <ins><a href=\"https://aws-oss.beachgeek.co.uk/124\" target=\"_blank\">How to build smart cities with FIWARE Orion Context Broker and Cygnus on Amazon Web Services</a></ins> from Masahiro Imai, Hidenori Koizumi, and Jorge Lanzarotti</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/2313c3a4aa304f20bbc664b8fe604de4_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Retro_corner_70\"></a><strong>Retro corner</strong></h6>\n<p>Thanks to Corey Quin for highlighting this tool I had missed.</p>\n<h6><a id=\"Amazon_Web_Serviceskeydisabler_74\"></a><strong>Amazon Web Services-key-disabler</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/129\" target=\"_blank\">Amazon Web Services-key-disabler</a></ins> this open source project is a small lambda script that will disable access keys older than a given amount of days. Small but perfectly formed, I think this is a great solution if you find yourself needing to automate the vending of your keys.</p>\n<h5><a id=\"Tweet_of_the_week_78\"></a><strong>Tweet of the week</strong></h5>\n<p>This <ins><a href=\"https://aws-oss.beachgeek.co.uk/11y\" target=\"_blank\">tweet</a></ins> from Christos Matskas (<ins><a href=\"https://dev.to/christosmatskas\" target=\"_blank\">@christosmatskas</a></ins>) came up on my timeline last week, where he shared how he was able to use the open sourced NodeJS library for verifying JWTs that I shared in the last episode, and verify AAD access tokens from Azure Active Directory. He also shared the code, which you can check out at <ins><a href=\"https://aws-oss.beachgeek.co.uk/11z\" target=\"_blank\">here</a></ins>. Christos also put this post together, <ins><a href=\"https://aws-oss.beachgeek.co.uk/120\" target=\"_blank\">Open Standards, Security, Azure AD and Amazon Web Services</a></ins> which shows you the end to end story. Nice!</p>\n<h5><a id=\"Amazon_Web_Services_and_Community_blog_posts_81\"></a><strong>Amazon Web Services and Community blog posts</strong></h5>\n<h6><a id=\"Amazon_Web_Services_CDK_82\"></a><strong>Amazon Web Services CDK</strong></h6>\n<p>Building Software as a Service (SaaS) is an increasingly popular approach for open source projects to provide customers with immediate access to their capabilities. There are several approaches you can take, but being able to well and ensure a good experience during on boarding, you need to have a reliable, fast, and multi-region capable provisioning and software lifecycle management. In the post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12k\" target=\"_blank\">Parallel and dynamic SaaS deployments with Amazon Web Services CDK Pipelines</a></ins> Jani Muuriaisniemi and Jose Juhala describe a deployment system for achieving this using Amazon Web Services CDK and Amazon Web Services CDK Pipelines. [hands on]</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/7e5def1225ab49b2b176e76bba52cad0_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"BayerCLAW_87\"></a><strong>BayerCLAW</strong></h6>\n<p>I shared details of BayerCLAW in a previous newsletter (#86). BayerCLAW a workflow orchestration system for Amazon Web Services, targeted at bioinformatics pipelines. Jack Tabaska and Ian Davis from the Bayer Crop Sciences team have put together this blog post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12f\" target=\"_blank\">BayerCLAW – Open-Source, Serverless Orchestrator for Scientific Workflows on Amazon Web Services</a></ins> that takes a look at the motivations and technical implementation of BayerCLAW.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/17f8371cb827446aa6f96728ebc83524_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"AlphaFold_93\"></a><strong>AlphaFold</strong></h6>\n<p>AlphaFold is an artificial intelligence program developed by Alphabets’s/Google’s DeepMind which performs predictions of protein structure. In this post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12m\" target=\"_blank\">Run AlphaFold v2.0 on Amazon EC2</a></ins>, Qi Wang provides a step-by-step guide on how to install AlphaFold on an EC2 instance with Nvidia GPU.</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/16061e8de49b4cb1ad8ce0503ad7f4b5_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Babelfish_99\"></a><strong>Babelfish</strong></h6>\n<p>In the post <ins><a href=\"https://aws-oss.beachgeek.co.uk/126\" target=\"_blank\">Migrate from SQL Server to Amazon Aurora using Babelfish</a></ins>, Ramesh Kumar Venkatraman provides and overview of how you can migrate from SQL Server to Babelfish for Aurora PostgreSQL. [hands on]</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/d6bcdae49c2b460ba8c671f9600c5335_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Amazon_Corretto_105\"></a><strong>Amazon Corretto</strong></h6>\n<p>Dave Currie shares details of the Amazon Corretto support roadmap in his post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/127\" target=\"_blank\">Announcing Amazon Corretto 17 support roadmap</a></ins>. Make sure you read this short post and understand what this means for any workloads you have running Amazon Corretto 8 or 11.</p>\n<h6><a id=\"Spring_Boot_109\"></a><strong>Spring Boot</strong></h6>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/12o\" target=\"_blank\">Build and deploy a Spring Boot application to Amazon Web Services App Runner with a CI/CD pipeline using Terraform</a></ins> is the perfect post if you want to learn about how to setup a really nice automated deployment pipeline for your Spring Boot applications on Amazon Web Services. Irshad Buchh and Yang Xiao walk you through setting up a pipeline for automatic build and deployment onto Amazon Web Services App Runner. Read on to find out more [hands on]</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/787f5bd9519544eeba21b9b9ce86c873_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Bottlerocket_115\"></a><strong>Bottlerocket</strong></h6>\n<p>Jesse Butler opens this post up with the question “Does the OS even matter anymore?” - intrigued? Have your own opinion? Well find out what he thinks in the excellent post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/123\" target=\"_blank\">Bottlerocket, A Year in the Life</a></ins> - (and I totally agree, for anyone interested!) [hands on]</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/98eabca1cb574916b9b446d204974d60_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"Snyk_121\"></a><strong>Snyk</strong></h6>\n<p>Danny Gitelman and Daniel Begimher share how to use tools like Snyk in combination with an automated workflow to reduce the risk of downloading new packages from public repositories. Read more in their post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/121\" target=\"_blank\">How to automate your software-composition analysis on Amazon Web Services</a></ins> [hands on]</p>\n<p><ins><a href=\"https://d2908q01vomqb2.cloudfront.net/b7eb6c689c037217079766fdb77c3bac3e51cb4c/2021/10/15/software-composition-analysis-architecture-diagram.jpg\" target=\"_blank\">arch</a></ins></p>\n<h6><a id=\"MariaDB_127\"></a><strong>MariaDB</strong></h6>\n<p>SkySQL is a database as a service (DBaaS) solution on Amazon Web Services that makes it easy for customers to start using MariaDB Enterprise in the cloud. In the post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/122\" target=\"_blank\">MariaDB Collaborates with Amazon Web Services to Deliver SkySQL on Amazon</a></ins> Afza Wajid and Sudhir Reddy Maddulapally speak with Alexey Vorovich, VP of Engineering for SkySQL at MariaDB Corporation, about the recent SkySQL launch.</p>\n<h6><a id=\"FFmpeg_131\"></a><strong>FFmpeg</strong></h6>\n<p>Damien Martins shares with you a how-to guide describes the steps to invoke an automatic extraction of media asset metadata through ffprobe (part of the FFmpeg project) in his post,<br />\n<ins><a href=\"https://aws.amazon.com/blogs/media/analyzing-media-files-using-ffprobe-in-aws-lambda/\" target=\"_blank\">Analyzing media files using ffprobe in Amazon Lambda</a></ins> [hands on]</p>\n<h6><a id=\"GitHub_Actions_136\"></a><strong>GitHub Actions</strong></h6>\n<p>Frank Dallezotte and Maxwell Moon have collaborated on this post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/128\" target=\"_blank\">Building ARM64 applications on Amazon Web Services Graviton2 using the Amazon Web Services CDK and Self-Hosted Runners for GitHub Actions</a></ins> where they show how to configure of a self-hosted GitHub Runner on an EC2 instance with a Graviton2 processor, the required network resources, and a workflow that will run on the Runner on each repository push or pull request for the example application. This will allow you to start to create multi architecture builds so that you can start leveraging Arm based Amazon Graviton2 instances and the improved price/performance as well as power characteristics. [hands on]</p>\n<p><img src=\"https://dev-media.amazoncloud.cn/e21644c287a249eb807890a1ff31f727_image.png\" alt=\"image.png\" /></p>\n<h6><a id=\"OpenSearch_142\"></a><strong>OpenSearch</strong></h6>\n<p>In the post, <ins><a href=\"https://aws-oss.beachgeek.co.uk/12n\" target=\"_blank\">Backwards Compatibility Testing for OpenSearch</a></ins> Vacha Shah and Sarat Vemulapalli show you how backwards compatibility testing works within OpenSearch, something that is used to test and determine the safe upgrade paths from a supported version to the current version.</p>\n<h5><a id=\"Quick_updates_146\"></a><strong>Quick updates</strong></h5>\n<h6><a id=\"Amazon_Time_Sync_Service_147\"></a><strong>Amazon Time Sync Service</strong></h6>\n<p>Amazon Time Sync Service now allows you to easily generate and compare timestamps from Amazon EC2 instances with ClockBound, an open source daemon and library. This information is valuable to determine order and consistency for events and transactions across EC2 instances, independent from the instances’ respective geographic locations. ClockBound calculates your Amazon EC2 instance’s clock error bound to measure its clock accuracy and allows you to check if a given timestamp is in the past or future with respect to your instance’s current clock. On every call, ClockBound simultaneously returns two pieces of information: the current time and the associated absolute error range. This means that the actual time of a ClockBound timestamp is within a set range.</p>\n<p>To get started, first make sure you are using Chrony. Then install the ClockBound daemon and library, or build your own library to integrate ClockBound into your application. For the best clock accuracy, we also recommend using the Amazon Time Sync Service. The Amazon Time Sync Service and Chrony are configured by default on Amazon Linux 2 instances.</p>\n<p>Check out the code repo at the top of this post.</p>\n<h5><a id=\"Video_of_the_week_156\"></a><strong>Video of the week</strong></h5>\n<h6><a id=\"Suricata_157\"></a><strong>Suricata</strong></h6>\n<p>Nick Coval &amp; Adam Palmer presented “<ins><a href=\"https://aws-oss.beachgeek.co.uk/12l\" target=\"_blank\">Building an Open Source IDS/IPS Service on Amazon with Suricata</a></ins>” at SuriCon, where they talk about how they built a quick-start solution on Amazon Web Services that creates a Suricata-based solution, powered by Amazon Web Services Gateway Load Balancer service (GWLB); enabling centralized and distributed deployment models.</p>\n<p><video src=\"https://dev-media.amazoncloud.cn/b85d80042c9c4d2b90fa4185b75e9622_Building%20an%20Open%20Source%20IDS%E2%A7%B8IPS%20Service%20on%20AWS%20with%20Suricata.mp4\" controls=\"controls\"></video></p>\n<h5><a id=\"Events_for_your_diary_163\"></a><strong>Events for your diary</strong></h5>\n<h6><a id=\"MLOps_EndtoEnd_Hugging_Face_Transformers_with_164\"></a><strong>MLOps: End-to-End Hugging Face Transformers with</strong></h6>\n<h6><a id=\"the_Hub__SageMaker_Pipelines_165\"></a><strong>the Hub &amp; SageMaker Pipelines</strong></h6>\n<h6><a id=\"November_10th_2021__600_PM_GMT_166\"></a><strong>November 10th 2021 - 6:00 PM (GMT)</strong></h6>\n<p>Later this week, we have this workshop where you will learn how to build an End-to-End MLOps Pipeline for Hugging Face Transformers from training to production using Amazon SageMaker. Join the always amazing Julien Simon, together with Matteu Desve and Phillip Schmid for this webinar. <ins><a href=\"https://aws-oss.beachgeek.co.uk/12g\" target=\"_blank\">Read more and register here</a></ins>.</p>\n<h6><a id=\"Databricks__Amazon_Web_Services_Lakehouse_Dev_Day_Live_Workshop_170\"></a><strong>Databricks | Amazon Web Services Lakehouse Dev Day Live Workshop</strong></h6>\n<h6><a id=\"November_16th_900_AM_PT_171\"></a><strong>November 16th 9:00 AM PT</strong></h6>\n<p>Delta Lake is an open source storage layer that provides ACID transactions, scalable metadata handling, and unifies streaming and batch data processing. You can use Delta Lake on top of your existing data lake. During this workshop you will learn how to:</p>\n<ul>\n<li>Make your existing Amazon S3 data lakes into a lakehouse with Delta Lake.</li>\n<li>Provide an easy-to-use platform for analysts to directly query data on your data lake using SQL Analytics</li>\n<li>Simplify and automate data pipelines for streaming and batch data to lower costs and boost productivity for your data teams</li>\n</ul>\n<p><ins><a href=\"https://aws-oss.beachgeek.co.uk/zs\" target=\"_blank\">Read more and sign up here.</a></ins></p>\n<h5><a id=\"Stay_in_touch_with_open_source_at_Amazon_181\"></a><strong>Stay in touch with open source at Amazon</strong></h5>\n<p>I hope this summary has been useful. Remember to check out the <ins><a href=\"https://aws.amazon.com/opensource/?opensource-all.sort-by=item.additionalFields.startDate&amp;opensource-all.sort-order=asc\" target=\"_blank\">Open Source homepage</a></ins> to keep up to date with all our activity in open source by following us on <ins><a href=\"https://twitter.com/AWSOpen\" target=\"_blank\">@Amazon Web ServicesOpen</a></ins></p>\n"}