{"id":5012,"date":"2022-10-14T09:00:00","date_gmt":"2022-10-14T07:00:00","guid":{"rendered":"https:\/\/blog.besharp.it\/?p=5012"},"modified":"2022-10-13T17:42:22","modified_gmt":"2022-10-13T15:42:22","slug":"paas-on-aws-how-to-build-it-the-perfect-way-part-ii","status":"publish","type":"post","link":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/","title":{"rendered":"PaaS on AWS: how to build it the perfect way &#8211; Part II"},"content":{"rendered":"\n<p>Welcome back to our 3-step blog post series about building PaaS on AWS the correct way. In <a href=\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way\/\" target=\"_blank\" rel=\"noreferrer noopener\">Part I<\/a>, we analyzed the key points for the correct implementation of a PaaS product. <\/p>\n\n\n\n<p>In this second episode, we are creating a <strong>Web Server vending machine<\/strong> while examining the common <strong>infrastructure stack<\/strong> for each customer. If you are new to this series, we suggest starting from here, as we are referring to the features and aspects mentioned in part I.<\/p>\n\n\n\n<p>In the repository that we will analyze we find the stacks needed for creating the following:<\/p>\n\n\n\n<ul><li>Services for interception of <strong>pushes on GitLab<\/strong>:<ul><li>API Gateway to accept GitLab webhook calls;<\/li><li>Lambda to create a configuration file with committed data;<\/li><li>CodeBuild Job to pull the repository and upload to S3.<br><\/li><\/ul><\/li><li>Dedicated <strong>IAM roles<\/strong> per environment:<ul><li>Role for the use of the infrastructural pipeline;<\/li><li>Instance profile for EC2 instances<\/li><li>Role for the use of the software pipeline<\/li><li>Role for deploying resources related to EC2 instances, such as AutoScaling Group, Application Load Balancer, etc.<br><\/li><\/ul><\/li><li>VPC per environment:<ul><li>CIDR \/16<\/li><li>9 subnet:<ul><li>3 Private<\/li><li>3 Natted<\/li><li>3 Public<\/li><\/ul><\/li><li>NAT Instance<br><\/li><\/ul><\/li><li>KMS key for the encryption of every object and service for the environment<br><\/li><li><strong>Amazon S3<\/strong> <strong>bucket<\/strong> for the management of the files used by the pipelines (for example the artifacts) and for the collection of logs divided for each environment<br><\/li><li><strong>Application load balancer<\/strong> per environment:<ul><li>Listener on 80 port with automatic redirect on 443 with HTTPS protocol<\/li><li>Listener on port 443 with return of the 503 error in case of non-match of the present rules<\/li><\/ul><\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">VPC<\/h2>\n\n\n\n<p>The VPC consists of <strong>9 subnets<\/strong> &#8211; 3 for each Availability Zone &#8211; in order to make the infrastructure <strong>highly available<\/strong>. They are divided into:<\/p>\n\n\n\n<ul><li>PUBLIC. Used for all services that must be reached from the internet (such as the ALB) or in case you need to directly expose an EC2 instance by assigning it a dedicated public IP address;<br><\/li><li>NATTED. Used for all services that need access to the internet but which must <strong>not be reachable<\/strong> from the outside; as the name suggests, the instances that will be created within these subnets will be able to access the internet through NAT gateways placed in their public subnets. In our case, we chose to opt for the 3 instances (one for AZ) only for the production VPC, while we&#8217;re using only one instance for the other environments;<br><\/li><li>PRIVATE. Used for all services that do not require internet access such as the RDS database.<\/li><\/ul>\n\n\n\n<p>With the VPC construct that AWS CDK makes available it is impossible to perform supernetting, since it has a management of the CIDRs assigned to the subnets. This deprives us of the possibility of grouping subnets with smaller netmasks. Therefore, we decided to use this construct, but making sure to <strong>overwrite the various CIDRs<\/strong> before deploying through this piece of code:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>myVpc.privateSubnets.forEach((subnet, index) =&gt; {\nlet cidr = `${startSubnetsCidr}.${firstPrivateCidr + index}.${endSubnetsCidr}`\nconst cfnSubnet = subnet.node.defaultChild as aws_ec2.CfnSubnet;\ncfnSubnet.addPropertyOverride('CidrBlock', `${cidr}`);\nlet name =  `${configFile.projectName}-${process.env.ENVIRONMENT}-natted-${subnet.availabilityZone.replace(\/^\\w+\\-\\w+\\-\\d\/,'')}`;\nlet subName =  `Subnet-Natted-${subnet.availabilityZone.replace(\/^\\w+\\-\\w+\\-\\d\/,'').toUpperCase()}-${process.env.ENVIRONMENT}-Name`;\nlet subId =  `Subnet-Natted-${subnet.availabilityZone.replace(\/^\\w+\\-\\w+\\-\\d\/,'').toUpperCase()}-${process.env.ENVIRONMENT}-ID`;\nlet subCidr =  `Subnet-Natted-${subnet.availabilityZone.replace(\/^\\w+\\-\\w+\\-\\d\/,'').toUpperCase()}-${process.env.ENVIRONMENT}-CIDR`;\ncdk.Aspects.of(subnet).add(\nnew cdk.Tag(\n'Name',\nName\n)\n)\n})<\/code><\/pre>\n\n\n\n<p>Once the VPC has been deployed, we can deploy all the resources necessary to operate the vending machine such as the <strong>Application Load Balancers<\/strong> in the public subnets, the <strong>Web Servers<\/strong> in the natted subnets, and the <strong>databases<\/strong> dedicated to the Web Servers in the private subnets. <\/p>\n\n\n\n<p>The creation of these resources will be the subject of our next article.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Amazon S3 Bucket<\/h2>\n\n\n\n<p>The S3 bucket created by this stack is used to store logs, artifacts and the result of git pushes on GitLab; In addition, relative permissions are assigned for IAM roles, guaranteeing full access to the bucket, and the removal policies for the stored logs are created:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>const myLifeCycleLogsRule: aws_s3.LifecycleRule = {\n\tid: `logs-cleared`,\nenabled: true,\nprefix: `*-${process.env.ENVIRONMENT}-log`,\nexpiration: cdk.Duration.days(1)\n}<\/code><\/pre>\n\n\n\n<p>In order to use the S3 bucket as a pipeline source, the CloudTrail service must be activated to ensure the ability to intercept events:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>const myTrail = new aws_cloudtrail.Trail(this, `CloudTrail-${process.env.ENVIRONMENT}`, {\ntrailName: `trail-${process.env.ENVIRONMENT}`,\nsendToCloudWatchLogs: true,\nbucket: myGlobalBucketS3,\nencryptionKey: myKms,\ncloudWatchLogGroup: new aws_logs.LogGroup(this, `Logs-${upperEnvironment}`, {\nlogGroupName: `logs-${process.env.ENVIRONMENT}`,\nretention: aws_logs.RetentionDays.THREE_DAYS,\nremovalPolicy: RemovalPolicy.DESTROY\n}),\ncloudWatchLogsRetention: aws_logs.RetentionDays.THREE_DAYS,\ns3KeyPrefix: `logs-${process.env.ENVIRONMENT}`,\nisMultiRegionTrail: false\n});<\/code><\/pre>\n\n\n\n<p>But this is not enough.<\/p>\n\n\n\n<p>To ensure that the pipeline is invoked when a new file is inserted into the S3 bucket, it is necessary to configure <strong>a notification event on CloudTrail<\/strong> that listens for <em>write<\/em> operations within the S3 bucket:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>myTrail.addS3EventSelector(&#91;{\n\tbucket: myGlobalBucketS3,\n\tobjectPrefix: `software\/`,\n\t}], {\n\treadWriteType: aws_cloudtrail.ReadWriteType.WRITE_ONLY,\n})\nmyTrail.addS3EventSelector(&#91;{\n\tbucket: myGlobalBucketS3,\n\tobjectPrefix: `infrastructure\/`,\n\t}], {\n\treadWriteType: aws_cloudtrail.ReadWriteType.WRITE_ONLY,\n})<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">KMS Key<\/h2>\n\n\n\n<p>To ensure data encryption on S3, CloudTrail, and in the database, we have created a customer-managed KMS key. We have subsequently assigned a policy to this key that allows entities that must operate on encrypted services to be able to use it:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>myKms.addToResourcePolicy( new iam.PolicyStatement({\nsid: \"Allow principals in the account to decrypt log files\",\nactions: &#91;\n\"kms:Decrypt\",\n\"kms:ReEncryptFrom\"\n],\nprincipals: &#91; new iam.AccountPrincipal(`${process.env.CDK_DEFAULT_ACCOUNT}`) ],\nresources: &#91;\n`arn:aws:kms:${process.env.CDK_DEFAULT_REGION}:${process.env.CDK_DEFAULT_ACCOUNT}:key\/*`,\n],\nconditions: {\n\"StringLike\": {\n\"kms:EncryptionContext:aws:cloudtrail:arn\": \"arn:aws:cloudtrail:*:*:trail\/*\"\n},\n\"StringEquals\": {\n\"kms:CallerAccount\": `${process.env.CDK_DEFAULT_ACCOUNT}`\n}\n}\n}));<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Application Load Balancer<\/h2>\n\n\n\n<p>This ALB will manage the access to our services by automatically directing them from port 80 in HTTP to port 443 in HTTPS:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>myAppLoadBalancer.addListener(`App-80-Listener`, {\nport: 80,\ndefaultAction: elbv2.ListenerAction.redirect({\npermanent: true,\nport: '443',\nprotocol: 'HTTPS',\n})\n})\nmyAppLoadBalancer.addListener(`App-443-Listener`, {\nport: 443,\ndefaultAction: elbv2.ListenerAction.fixedResponse(503, {\ncontentType: `text\/plain`,\nmessageBody: 'host not found',\n})\n})<\/code><\/pre>\n\n\n\n<p>To manage the requests made in HTTPS on port 443, a certificate must be associated with the relative listener. We can do this using AWS Certificate Manager. This service makes it easy to create and configure certificates allowing also automatic updating.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">To conclude<\/h2>\n\n\n\n<p>The resources configured within this repository can be considered the foundation for the entire solution.<\/p>\n\n\n\n<p>In the next episode, we will analyze the application stack dedicated to each customer who uses the services we have seen today. <\/p>\n\n\n\n<p>To have a solid solution from the security and scalability point of view, reliability must be firstly ensured to the underlying infrastructure. For this reason, we have relied solely on services managed by AWS, thus reducing the effort of administration and monitoring.<\/p>\n\n\n\n<p>Is everything running smoothly till now?<\/p>\n\n\n\n<p>At this point, we are ready to create the resources. But for this last step see you in 14 days with the last! <\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">About Proud2beCloud<\/h4>\n\n\n\n<p>Proud2beCloud is a blog by&nbsp;<a href=\"https:\/\/www.besharp.it\/en\/\" target=\"_blank\" rel=\"noreferrer noopener\">beSharp<\/a>, an Italian APN Premier Consulting Partner expert in designing, implementing, and managing complex Cloud infrastructures and advanced services on AWS. Before being writers, we are Cloud Experts working daily with AWS services since 2007. We are hungry readers, innovative builders, and gem-seekers. On Proud2beCloud, we regularly share our best AWS pro tips, configuration insights, in-depth news, tips&amp;tricks, how-tos, and many other resources. Take part in the discussion!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome back to our 3-step blog post series about building PaaS on AWS the correct way. In Part I, we [&hellip;]<\/p>\n","protected":false},"author":24,"featured_media":5024,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[242],"tags":[316,536,252,292,294,286,365,599,601,603],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.9.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>PaaS on AWS: how to build it the perfect way - Part II - Proud2beCloud Blog<\/title>\n<meta name=\"description\" content=\"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PaaS on AWS: how to build it the perfect way - Part II\" \/>\n<meta property=\"og:description\" content=\"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/\" \/>\n<meta property=\"og:site_name\" content=\"Proud2beCloud Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-14T07:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-13T15:42:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2022\/10\/Copertina-blog-14-10-22-copia_14-10-22-social-eng.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Antonio Callegari\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"PaaS on AWS: how to build it the perfect way - Part II\" \/>\n<meta name=\"twitter:description\" content=\"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2022\/10\/Copertina-blog-14-10-22-copia_14-10-22-social-eng.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Antonio Callegari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/\",\"url\":\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/\",\"name\":\"PaaS on AWS: how to build it the perfect way - Part II - Proud2beCloud Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.besharp.it\/#website\"},\"datePublished\":\"2022-10-14T07:00:00+00:00\",\"dateModified\":\"2022-10-13T15:42:22+00:00\",\"author\":{\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/980d9719e11f1d62bfb85ae2c78bba28\"},\"description\":\"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.besharp.it\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PaaS on AWS: how to build it the perfect way &#8211; Part II\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.besharp.it\/#website\",\"url\":\"https:\/\/blog.besharp.it\/\",\"name\":\"Proud2beCloud Blog\",\"description\":\"il blog di beSharp\",\"alternateName\":\"Proud2beCloud Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.besharp.it\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/980d9719e11f1d62bfb85ae2c78bba28\",\"name\":\"Antonio Callegari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8e56339cc88d9062c917820606727f83?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8e56339cc88d9062c917820606727f83?s=96&d=mm&r=g\",\"caption\":\"Antonio Callegari\"},\"description\":\"DevOps Engineer @ beSharp. Born as a hardware-addicted, \u201cclassic\u201d system engineer, I also like jumping to the dark side: the Cloud! And you know the effect that this mix can make :) Hand-making is my first choice, but a bit of high-quality automation is welcome in my projects. My free time is split between my family and the music, both as a player, and sound engineer.\",\"url\":\"https:\/\/blog.besharp.it\/author\/antonio-callegari\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PaaS on AWS: how to build it the perfect way - Part II - Proud2beCloud Blog","description":"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/","og_locale":"en_US","og_type":"article","og_title":"PaaS on AWS: how to build it the perfect way - Part II","og_description":"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.","og_url":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/","og_site_name":"Proud2beCloud Blog","article_published_time":"2022-10-14T07:00:00+00:00","article_modified_time":"2022-10-13T15:42:22+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/blog.besharp.it\/wp-content\/uploads\/2022\/10\/Copertina-blog-14-10-22-copia_14-10-22-social-eng.png","type":"image\/png"}],"author":"Antonio Callegari","twitter_card":"summary_large_image","twitter_title":"PaaS on AWS: how to build it the perfect way - Part II","twitter_description":"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.","twitter_image":"https:\/\/blog.besharp.it\/wp-content\/uploads\/2022\/10\/Copertina-blog-14-10-22-copia_14-10-22-social-eng.png","twitter_misc":{"Written by":"Antonio Callegari","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/","url":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/","name":"PaaS on AWS: how to build it the perfect way - Part II - Proud2beCloud Blog","isPartOf":{"@id":"https:\/\/blog.besharp.it\/#website"},"datePublished":"2022-10-14T07:00:00+00:00","dateModified":"2022-10-13T15:42:22+00:00","author":{"@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/980d9719e11f1d62bfb85ae2c78bba28"},"description":"Building PaaS on AWS the perfect way - Part II: Creating a Web Server vending machine examining the common infrastructure stack.","breadcrumb":{"@id":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.besharp.it\/paas-on-aws-how-to-build-it-the-perfect-way-part-ii\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.besharp.it\/"},{"@type":"ListItem","position":2,"name":"PaaS on AWS: how to build it the perfect way &#8211; Part II"}]},{"@type":"WebSite","@id":"https:\/\/blog.besharp.it\/#website","url":"https:\/\/blog.besharp.it\/","name":"Proud2beCloud Blog","description":"il blog di beSharp","alternateName":"Proud2beCloud Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.besharp.it\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/980d9719e11f1d62bfb85ae2c78bba28","name":"Antonio Callegari","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8e56339cc88d9062c917820606727f83?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8e56339cc88d9062c917820606727f83?s=96&d=mm&r=g","caption":"Antonio Callegari"},"description":"DevOps Engineer @ beSharp. Born as a hardware-addicted, \u201cclassic\u201d system engineer, I also like jumping to the dark side: the Cloud! And you know the effect that this mix can make :) Hand-making is my first choice, but a bit of high-quality automation is welcome in my projects. My free time is split between my family and the music, both as a player, and sound engineer.","url":"https:\/\/blog.besharp.it\/author\/antonio-callegari\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts\/5012"}],"collection":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/comments?post=5012"}],"version-history":[{"count":0,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts\/5012\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/media\/5024"}],"wp:attachment":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/media?parent=5012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/categories?post=5012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/tags?post=5012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}