Category: 似水流年
IAM Resource The IAM service stores these resources. You can add, edit, and remove them from the IAM console. IAM user IAM group IAM role Permission policy Identity-provider object IAM Entity IAM resources that AWS uses for authentication. Specify the entity as a Principal in a resourcebased policy. IAM user IAM role IAM Identity The […]
1. IAM Role(IAM 角色) 什么是 IAM 角色? IAM 角色是 AWS 提供的一种 身份,类似于用户,但它不是为特定人创建的,而是赋予 AWS 服务或其他身份的权限集合。 角色的特点:临时性、需要通过某种机制“扮演”(assume)角色后才能使用它的权限。 使用场景: 一个 EC2 实例需要访问 S3 存储桶,但不需要使用长期密钥(如 Access Key 和 Secret Key)。 AWS Lambda 函数调用 DynamoDB 时需要临时权限。 示例: 假如一个角色被授予读取 S3 的权限,那么 EC2 或 Lambda 可以在运行时“扮演”这个角色来访问 S3。 2. IAM Policy(IAM 策略) 什么是 IAM 策略? IAM 策略是用来 定义权限 的文档,通常以 JSON 格式编写。 它规定了“谁可以做什么”,具体定义: 谁:角色、用户或组。 […]
Amazon Resource Names (ARNs) uniquely identify AWS resources. We require an ARN when you need to specify a resource unambiguously across all of AWS, such as in IAM policies, Amazon Relational Database Service (Amazon RDS) tags, and API calls. ARN format The following are the general formats for ARNs. The specific formats depend on the […]
https://docs.aws.amazon.com/pdfs/sdk-for-java/latest/developer-guide/aws-sdk-java-dg-v2.pdf
Security Token Service Security Token Service (STS) enables you to request temporary, limited-privilege credentials for users. Use AWS Security Token Service (AWS STS) to create and provide trusted users with temporary security credentials that can control access to your AWS resources. Temporary security credentials work almost identically to long-term access key credentials, with the following […]
1. Hard Skills (Technical Skills) These are the measurable, teachable skills directly related to software development. a. Programming and Software Engineering Fundamentals Programming Languages: Learn multiple paradigms (e.g., Object-Oriented, Functional, Procedural). Examples: Python, Java, C++, JavaScript, Rust, etc. Data Structures and Algorithms: Understand core concepts like arrays, linked lists, trees, graphs, sorting, and searching algorithms. […]
Identity & access management User & group management Service principals SSO MFA Role-based access control Resource-based access control Workload Identity Federation Secrets lifecycle management Static secrets Auto-rotating secrets Dynamic secrets Secrets sync Secret versioning Secret import Webhooks Integrations HCP Terraform AWS Azure Google Cloud Platform Kubernetes GitHub Vercel MongoDB Atlas Twilio Log streaming Security & […]
长文本分割是构建高效检索系统的重要步骤,好的分割方法需要兼顾语义完整性和块大小适中。我们要避免简单的固定长度切分导致语义丢失的问题: 1. 基于句子分割 方法 使用自然语言处理工具将文本分割成句子,然后再组合成适当大小的块。 实现示例 import nltk from nltk.tokenize import sent_tokenize # 下载 punkt 分词器(首次运行需要) nltk.download('punkt') def split_text_by_sentences(text, chunk_size=300): sentences = sent_tokenize(text) chunks = [] current_chunk = "" for sentence in sentences: # 如果当前块加上新句子的长度超过 chunk_size,则开始新块 if len(current_chunk) + len(sentence) > chunk_size: chunks.append(current_chunk.strip()) current_chunk = sentence else: current_chunk += " " + sentence # 添加最后一个块 […]
Overview AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources. IAM provides the infrastructure […]
XMPP 是若干年前流行的即时通信 IM 协议, 据说起初的 QQ 就采用了这个协议, 我多年以前也用过它实现过多人聊天, 类似今天的微信群, 时至今日, XMPP 由于采用了 XML 这个冗长的格式, 日趋式微, 我以前就想过用 JSON 来替换 XMPP 中的 XML 格式, 姑且叫它 JMPP(Json Messaging and Presence Protocol) 吧。 XMPP 协议基础知识 XMPP 的核心概念 消息(Message):用于传递即时消息。 状态(Presence):用户在线状态(例如在线、离线、忙碌)。 信息查询(IQ):实现请求-响应模式,用于功能扩展。 Jabber ID(JID):唯一标识用户的地址,类似于 email 地址,例如 user@domain/resource。 XMPP 的通信模型 XMPP 使用客户端-服务器架构,通信过程包括: 客户端通过 TCP 连接到服务器。 使用 TLS 加密连接。 通过 SASL 完成身份验证。 交换 […]