Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,690 --> 00:00:03,270
Now let's talk about the center of SSM,
2
00:00:03,270 --> 00:00:04,670
which are documents.
3
00:00:04,670 --> 00:00:07,430
And documents can be written either in JSON or YAML,
4
00:00:07,430 --> 00:00:09,100
in which you define parameters,
5
00:00:09,100 --> 00:00:11,350
to define what the document does, so actions,
6
00:00:11,350 --> 00:00:14,020
and then you will have the document being executed
7
00:00:14,020 --> 00:00:15,620
by a specific service.
8
00:00:15,620 --> 00:00:17,370
So many documents already exist in AWS
9
00:00:17,370 --> 00:00:19,148
and we can leverage them obviously
10
00:00:19,148 --> 00:00:21,140
to go faster in what we do.
11
00:00:21,140 --> 00:00:23,190
So this is what a documents may look like.
12
00:00:23,190 --> 00:00:25,150
So as you can see, there's a description,
13
00:00:25,150 --> 00:00:26,470
there's a bunch of parameters,
14
00:00:26,470 --> 00:00:29,060
and then there's some steps and each step has an action
15
00:00:29,060 --> 00:00:30,970
in which maybe you can run a command.
16
00:00:30,970 --> 00:00:33,270
So this is just a simple example.
17
00:00:33,270 --> 00:00:35,360
And if you start using SSM a lot
18
00:00:35,360 --> 00:00:38,220
you will write your own SSM documents, okay?
19
00:00:38,220 --> 00:00:40,130
But what we get out of this
20
00:00:40,130 --> 00:00:42,890
is that they sort of look like
21
00:00:42,890 --> 00:00:44,130
the idea behind CloudFormation,
22
00:00:44,130 --> 00:00:47,730
but this is at the center of SSM now we have documents
23
00:00:47,730 --> 00:00:51,270
and they're gonna be how we can describe what SSM does.
24
00:00:51,270 --> 00:00:54,040
So these documents can be simply used to run commands,
25
00:00:54,040 --> 00:00:55,540
and we'll see this in this lecture,
26
00:00:55,540 --> 00:00:57,400
but also these documents can be applied
27
00:00:57,400 --> 00:01:01,290
to other SSM features such as state manager, patch manager,
28
00:01:01,290 --> 00:01:05,100
automation, and documents can even retrieve some data
29
00:01:05,100 --> 00:01:07,440
from the SSM parameter store
30
00:01:07,440 --> 00:01:09,930
to be able to give you some kind of modularity
31
00:01:09,930 --> 00:01:11,090
and dynamicity
32
00:01:11,090 --> 00:01:14,480
in the way you want to have the documents behave, okay?
33
00:01:14,480 --> 00:01:15,313
So let's have a look
34
00:01:15,313 --> 00:01:17,320
at how we can create documents right now.
35
00:01:17,320 --> 00:01:20,490
So if I scroll down on a systems manager at the very bottom
36
00:01:20,490 --> 00:01:21,910
under shared resources,
37
00:01:21,910 --> 00:01:23,110
we have documents,
38
00:01:23,110 --> 00:01:24,540
and documents are in this page.
39
00:01:24,540 --> 00:01:26,650
So we have documents owned by Amazon,
40
00:01:26,650 --> 00:01:27,483
some owned by me,
41
00:01:27,483 --> 00:01:28,316
but of course,
42
00:01:28,316 --> 00:01:30,100
none has been owned me because I haven't created one.
43
00:01:30,100 --> 00:01:30,933
Shared with me.
44
00:01:30,933 --> 00:01:32,530
If you can share documents with other people,
45
00:01:32,530 --> 00:01:34,840
or all documents, if you have to have the three of them.
46
00:01:34,840 --> 00:01:35,730
So in this example,
47
00:01:35,730 --> 00:01:38,370
I'm going to show you the documents owned by Amazon,
48
00:01:38,370 --> 00:01:40,640
and one of them for example, is called
49
00:01:40,640 --> 00:01:41,790
AWS-ApplyPatchBaseline.
50
00:01:43,510 --> 00:01:44,580
So I click on it
51
00:01:44,580 --> 00:01:48,040
and I can see that this is useful for scanning
52
00:01:48,040 --> 00:01:49,610
or installing patches from a patch baseline,
53
00:01:49,610 --> 00:01:52,010
as we'll see what that means in a few lecturers.
54
00:01:52,010 --> 00:01:53,540
The platform is Windows.
55
00:01:53,540 --> 00:01:55,870
We can see when it was created, okay?
56
00:01:55,870 --> 00:01:56,910
And who is the owner,
57
00:01:56,910 --> 00:01:58,470
and what is the latest version.
58
00:01:58,470 --> 00:02:01,300
So this document looks good.
59
00:02:01,300 --> 00:02:03,130
We can look at the contents of the patch baseline.
60
00:02:03,130 --> 00:02:06,760
So this is written for this one in JSON,
61
00:02:06,760 --> 00:02:09,140
and as we can see, there is a parameter,
62
00:02:09,140 --> 00:02:09,990
one or two parameters.
63
00:02:09,990 --> 00:02:12,460
So operation and snapshot ID,
64
00:02:12,460 --> 00:02:14,900
and then there is a bunch of runtime config
65
00:02:14,900 --> 00:02:16,970
as well as lot of commands that is going to happen.
66
00:02:16,970 --> 00:02:18,990
So complicated, but not for us to maintain
67
00:02:18,990 --> 00:02:20,940
because this is maintained by AWS.
68
00:02:20,940 --> 00:02:22,160
We can look at the version.
69
00:02:22,160 --> 00:02:24,580
So currently we cannot view the document versions
70
00:02:24,580 --> 00:02:25,413
because we don't own it.
71
00:02:25,413 --> 00:02:26,690
So it will always be version one,
72
00:02:26,690 --> 00:02:28,850
but your own documents could be versioned.
73
00:02:28,850 --> 00:02:29,683
And in details,
74
00:02:29,683 --> 00:02:31,500
we can have a look at the different parameters.
75
00:02:31,500 --> 00:02:34,240
For example, this one is on document version one,
76
00:02:34,240 --> 00:02:37,800
and it has two parameters, operation and snapshot ID,
77
00:02:37,800 --> 00:02:40,820
which are relevant to this document.
78
00:02:40,820 --> 00:02:42,370
Okay, so if I look at the document itself,
79
00:02:42,370 --> 00:02:43,710
we could create our own documents.
80
00:02:43,710 --> 00:02:45,870
So it could be a command or session document,
81
00:02:45,870 --> 00:02:47,430
or an automation document,
82
00:02:47,430 --> 00:02:49,010
and we'll see commands in this one,
83
00:02:49,010 --> 00:02:51,410
but I want you to show you this at a high level.
84
00:02:52,360 --> 00:02:54,860
So the first way we're going to apply our documents
85
00:02:54,860 --> 00:02:57,520
is using the run command SSM feature.
86
00:02:57,520 --> 00:02:59,030
So the idea is that with run command
87
00:02:59,030 --> 00:03:00,750
we're going to execute an entire document,
88
00:03:00,750 --> 00:03:02,690
which is indeed a script,
89
00:03:02,690 --> 00:03:04,020
or just run a single command
90
00:03:04,020 --> 00:03:06,700
across a fleet of EC2 Instances.
91
00:03:06,700 --> 00:03:07,533
And for this,
92
00:03:07,533 --> 00:03:09,770
we can use resource groups that we have created from before.
93
00:03:09,770 --> 00:03:12,520
So the run command has a feature of rate control
94
00:03:12,520 --> 00:03:13,353
and error control.
95
00:03:13,353 --> 00:03:17,080
So imagine you're playing a command to 1,000 instances
96
00:03:17,080 --> 00:03:19,200
and it will take them down for a minute or two.
97
00:03:19,200 --> 00:03:21,930
Then you want to make sure you do this progressively,
98
00:03:21,930 --> 00:03:23,420
and that in case you have any errors,
99
00:03:23,420 --> 00:03:26,720
you are able to stop running the command in your fleets.
100
00:03:26,720 --> 00:03:28,127
It is fully integrated with IAM and CloudTrail.
101
00:03:28,127 --> 00:03:30,520
So you can see who runs commands.
102
00:03:30,520 --> 00:03:31,590
There is no need for SSH,
103
00:03:31,590 --> 00:03:34,500
so the agent itself will be running the commands,
104
00:03:34,500 --> 00:03:37,530
but systems manager does not need SSH access
105
00:03:37,530 --> 00:03:38,990
to your instances to run the command,
106
00:03:38,990 --> 00:03:40,700
which is quite magical and cool.
107
00:03:40,700 --> 00:03:43,350
The command outputs can be shown in the console,
108
00:03:43,350 --> 00:03:45,840
but it can also be sent to your S3 buckets
109
00:03:45,840 --> 00:03:47,470
or to CloudWatch Logs.
110
00:03:47,470 --> 00:03:50,050
And finally, to know the status of your run command,
111
00:03:50,050 --> 00:03:51,640
you can look in the console obviously,
112
00:03:51,640 --> 00:03:55,570
but you can also send them to SNS to get information around
113
00:03:55,570 --> 00:03:58,890
in progress, success, failed and so on.
114
00:03:58,890 --> 00:04:01,400
And finally, for automations and EventBridge
115
00:04:01,400 --> 00:04:02,850
for CloudWatch Events,
116
00:04:02,850 --> 00:04:05,630
can be used to invoke run commands.
117
00:04:05,630 --> 00:04:06,490
So let's take an example.
118
00:04:06,490 --> 00:04:09,970
Run command can be run across a fleet of EC2 Instances.
119
00:04:09,970 --> 00:04:13,230
The outputs of the command itself can be sensed for analysis
120
00:04:13,230 --> 00:04:15,070
in CloudWatch Logs or Amazon history,
121
00:04:15,070 --> 00:04:16,700
notifications is through SNS,
122
00:04:16,700 --> 00:04:19,060
and events triggered in EventBridge
123
00:04:19,060 --> 00:04:22,363
could have a rule to trigger a run command itself.
124
00:04:23,920 --> 00:04:26,730
So what we want to do is to install an HTTP server
125
00:04:26,730 --> 00:04:29,100
onto my three instances, okay?
126
00:04:29,100 --> 00:04:30,860
But first, to verify that it will work,
127
00:04:30,860 --> 00:04:32,870
we need to open up the security group.
128
00:04:32,870 --> 00:04:35,080
So let's go into the security group rules.
129
00:04:35,080 --> 00:04:36,320
And under the inbound rule,
130
00:04:36,320 --> 00:04:40,500
I'm going to add a rule for HTTP on port 80
131
00:04:40,500 --> 00:04:42,130
coming from anywhere.
132
00:04:42,130 --> 00:04:47,130
So this is allowing us to access our instances of HTTP,
133
00:04:47,210 --> 00:04:49,060
and we can make sure that our instances
134
00:04:49,060 --> 00:04:51,020
currently do not run a web server
135
00:04:51,020 --> 00:04:52,730
by taking, for example, one of these IPs.
136
00:04:52,730 --> 00:04:56,690
So we'll copy this IP and then paste it here.
137
00:04:56,690 --> 00:04:58,470
And as we can see,
138
00:04:58,470 --> 00:05:00,380
we are not getting anything.
139
00:05:00,380 --> 00:05:04,883
So let's go back into my security group.
140
00:05:05,760 --> 00:05:07,350
HTTP port 80,
141
00:05:07,350 --> 00:05:08,350
and it should not time out,
142
00:05:08,350 --> 00:05:10,160
it should just give me an error.
143
00:05:10,160 --> 00:05:11,363
So let's try again.
144
00:05:13,750 --> 00:05:16,010
Which is just a weird behavior of Firefox.
145
00:05:16,010 --> 00:05:19,070
So I'm going to copy this and I'm gonna go into Chrome.
146
00:05:19,070 --> 00:05:21,300
And as you can see, if I go into my IP,
147
00:05:21,300 --> 00:05:22,510
I get a site can't be reached.
148
00:05:22,510 --> 00:05:24,040
That means that the port 80 is open,
149
00:05:24,040 --> 00:05:28,410
but no HTTP server is currently running on my EC2 Instance.
150
00:05:28,410 --> 00:05:29,410
So, okay, so that's cool.
151
00:05:29,410 --> 00:05:32,960
We want to now install our web server onto these instances.
152
00:05:32,960 --> 00:05:35,520
So let's go into systems manager
153
00:05:35,520 --> 00:05:36,700
and we're going to run a command,
154
00:05:36,700 --> 00:05:38,970
but first we're gonna need to create our own documents.
155
00:05:38,970 --> 00:05:41,840
So this document is going to be for a command or session.
156
00:05:41,840 --> 00:05:45,270
And then we'll call this one, InstallApache.
157
00:05:45,270 --> 00:05:49,770
And the target type is going to be for an EC2 Instance.
158
00:05:49,770 --> 00:05:53,470
Now, the document type is going to be a command document
159
00:05:53,470 --> 00:05:56,150
and we can specify it either in JSON or YAML.
160
00:05:56,150 --> 00:05:57,320
So we'll specify in YAML form
161
00:05:57,320 --> 00:05:59,530
because I think this is a bit easier to read.
162
00:05:59,530 --> 00:06:00,730
And to make it easy,
163
00:06:00,730 --> 00:06:04,120
you can just get the code directly from the SSM directory
164
00:06:04,120 --> 00:06:08,850
and copy this entire file document-install-apache, okay?
165
00:06:08,850 --> 00:06:12,500
And going back here, paste it and we're good to go.
166
00:06:12,500 --> 00:06:15,680
So in this YAML document, we can easily read it.
167
00:06:15,680 --> 00:06:17,820
We have one parameter, which is a message,
168
00:06:17,820 --> 00:06:19,860
which by default is Hello World,
169
00:06:19,860 --> 00:06:21,570
and this is the welcome message we want you to have
170
00:06:21,570 --> 00:06:24,290
as part of our EC2 Instances, their web server.
171
00:06:24,290 --> 00:06:27,010
And then the main step is to run a ShellScript
172
00:06:27,010 --> 00:06:29,330
and it has several run commands in it, okay?
173
00:06:29,330 --> 00:06:30,870
So we update the instance,
174
00:06:30,870 --> 00:06:32,260
we install HTTPD,
175
00:06:32,260 --> 00:06:33,940
we start HTTPD, we enable it.
176
00:06:33,940 --> 00:06:35,260
So this is in case of restarts.
177
00:06:35,260 --> 00:06:38,350
And then we echo message from host name
178
00:06:38,350 --> 00:06:41,520
into this file right here, in this HTML.
179
00:06:41,520 --> 00:06:45,330
And so this message under this double brackets
180
00:06:45,330 --> 00:06:49,870
is coming from the parameter message above, okay?
181
00:06:49,870 --> 00:06:51,480
So I will go and create the document.
182
00:06:51,480 --> 00:06:53,700
So this document is now owned by me
183
00:06:53,700 --> 00:06:55,650
and it's called Intel HTTP.
184
00:06:55,650 --> 00:06:58,370
And so now we need to go into the run command and run it.
185
00:06:58,370 --> 00:07:01,690
So lets go into the run command direct here.
186
00:07:01,690 --> 00:07:03,850
We're going to run a command,
187
00:07:03,850 --> 00:07:08,850
and we need to find the document itself.
188
00:07:09,090 --> 00:07:11,050
So we're going to go on owned by me.
189
00:07:11,050 --> 00:07:13,210
Find Apache.
190
00:07:13,210 --> 00:07:16,020
I will select this one, version one.
191
00:07:16,020 --> 00:07:17,530
And then we can customize the message.
192
00:07:17,530 --> 00:07:21,023
So for example, we can say, Custom Hello World.
193
00:07:22,280 --> 00:07:23,490
And for the targets,
194
00:07:23,490 --> 00:07:25,990
we can either specify instance tags
195
00:07:25,990 --> 00:07:28,330
or we can choose instances manually,
196
00:07:28,330 --> 00:07:29,780
or we can choose a resource group,
197
00:07:29,780 --> 00:07:30,613
and as you can see,
198
00:07:30,613 --> 00:07:32,510
the resources we've created from before
199
00:07:32,510 --> 00:07:34,830
are available in this console.
200
00:07:34,830 --> 00:07:37,460
So I will choose my instances manually,
201
00:07:37,460 --> 00:07:39,810
and I will actually choose my three instances right here,
202
00:07:39,810 --> 00:07:42,170
because I want to be able to install HTTP
203
00:07:42,170 --> 00:07:44,740
to all them three, okay?
204
00:07:44,740 --> 00:07:45,840
Next, for other parameters.
205
00:07:45,840 --> 00:07:49,420
So we can have a timeout in terms of the commands.
206
00:07:49,420 --> 00:07:52,780
So if the commands don't finish within 600 seconds,
207
00:07:52,780 --> 00:07:53,830
so 10 minutes,
208
00:07:53,830 --> 00:07:55,600
then you should fail the command.
209
00:07:55,600 --> 00:07:57,250
So this is a much larger timeout
210
00:07:57,250 --> 00:07:59,520
than what we need for this command, this is fine.
211
00:07:59,520 --> 00:08:00,410
And then rate control.
212
00:08:00,410 --> 00:08:01,540
So this is pretty cool.
213
00:08:01,540 --> 00:08:02,373
The concurrency.
214
00:08:02,373 --> 00:08:05,630
So do we want to run the commands on 50 targets at a time
215
00:08:05,630 --> 00:08:08,440
or maybe one target at a time, so one by one?
216
00:08:08,440 --> 00:08:11,110
Or maybe percentage, so 33% at a time?
217
00:08:11,110 --> 00:08:12,430
It's up to you.
218
00:08:12,430 --> 00:08:16,090
But I will choose for this example, one target at a time.
219
00:08:16,090 --> 00:08:17,150
And then the error threshold.
220
00:08:17,150 --> 00:08:19,023
So that means just after one error,
221
00:08:19,950 --> 00:08:20,920
you know, on the first error,
222
00:08:20,920 --> 00:08:23,900
then this will stop the entire task, okay?
223
00:08:23,900 --> 00:08:25,940
But maybe you know that some of these commands
224
00:08:25,940 --> 00:08:27,640
will have errors and so maybe you're saying that
225
00:08:27,640 --> 00:08:32,430
as long as 5% of my instances don't error out,
226
00:08:32,430 --> 00:08:34,170
this is fine, please keep on going,
227
00:08:34,170 --> 00:08:37,310
but if you go above this 5% of error threshold,
228
00:08:37,310 --> 00:08:38,820
then stop running the command.
229
00:08:38,820 --> 00:08:40,630
So right now we'll keep the error at zero
230
00:08:40,630 --> 00:08:42,460
because we don't want any errors.
231
00:08:42,460 --> 00:08:43,560
Now, for the output options,
232
00:08:43,560 --> 00:08:46,277
we can create an S3 buckets to send the output to,
233
00:08:46,277 --> 00:08:47,620
but I will disable it,
234
00:08:47,620 --> 00:08:49,910
or we can send logs to CloudWatch Logs,
235
00:08:49,910 --> 00:08:53,320
and for example, I will call it runCommandOutput
236
00:08:53,320 --> 00:08:55,023
as my log group name.
237
00:08:55,950 --> 00:08:56,870
SNS notifications.
238
00:08:56,870 --> 00:08:57,990
If you wanted to get notifications
239
00:08:57,990 --> 00:08:59,880
about the status of this run command.
240
00:08:59,880 --> 00:09:02,740
And this is nice, we can get the equivalent
241
00:09:02,740 --> 00:09:04,400
AWS CLI interface command
242
00:09:04,400 --> 00:09:07,832
if we wanted to run this directly from within the CLI.
243
00:09:07,832 --> 00:09:09,290
So I'll click on run.
244
00:09:09,290 --> 00:09:10,123
And as we can see,
245
00:09:10,123 --> 00:09:13,510
we have three targets and one of them is in progress
246
00:09:13,510 --> 00:09:15,090
while the other two are pending.
247
00:09:15,090 --> 00:09:17,400
So let me refresh this.
248
00:09:17,400 --> 00:09:19,010
And as we can see now,
249
00:09:19,010 --> 00:09:20,420
because we did one at a time,
250
00:09:20,420 --> 00:09:22,650
it will go this one in progress and it will be successful,
251
00:09:22,650 --> 00:09:24,620
then this one, and then that one.
252
00:09:24,620 --> 00:09:27,470
So in here, I'm able to refresh and here we go.
253
00:09:27,470 --> 00:09:30,330
The first one in the first two actually were a success.
254
00:09:30,330 --> 00:09:33,700
So we can see the start time and the end time.
255
00:09:33,700 --> 00:09:36,930
And for each of the targets, we can click on view outputs.
256
00:09:36,930 --> 00:09:40,090
So the output is literally the output of the command itself.
257
00:09:40,090 --> 00:09:42,960
So it shows you a maximum of 48,000 characters.
258
00:09:42,960 --> 00:09:45,527
So here is all the outputs that is available from it,
259
00:09:45,527 --> 00:09:49,563
and as we can see at the very end is going to say that,
260
00:09:50,490 --> 00:09:53,840
if we're very lucky, HTTPD was installed.
261
00:09:53,840 --> 00:09:55,100
Very nice. Okay?
262
00:09:55,100 --> 00:09:57,570
And then complete, so the command is complete,
263
00:09:57,570 --> 00:09:59,510
and this is complete from the YAML install.
264
00:09:59,510 --> 00:10:01,460
And you can click on the CloudWatch Logs
265
00:10:01,460 --> 00:10:04,280
to view the logs directly of your commands
266
00:10:04,280 --> 00:10:05,290
into the CloudWatch Log groups.
267
00:10:05,290 --> 00:10:08,630
So this is my run command output log group,
268
00:10:08,630 --> 00:10:09,463
and we can see that
269
00:10:09,463 --> 00:10:11,670
we have many different streams available here
270
00:10:11,670 --> 00:10:14,160
for the standard out and standard error
271
00:10:14,160 --> 00:10:17,500
in case some errors were happening onto our instances,
272
00:10:17,500 --> 00:10:18,920
but if you go to standard outs,
273
00:10:18,920 --> 00:10:21,660
as we can see, we have the five commands,
274
00:10:21,660 --> 00:10:22,520
and what happened
275
00:10:22,520 --> 00:10:25,940
and the fact that they did install and enable HTTPD.
276
00:10:25,940 --> 00:10:27,070
So this is great.
277
00:10:27,070 --> 00:10:28,450
We're good to go.
278
00:10:28,450 --> 00:10:30,980
So back into our run command,
279
00:10:30,980 --> 00:10:32,190
we can look at the command history.
280
00:10:32,190 --> 00:10:33,870
This one was a success,
281
00:10:33,870 --> 00:10:35,460
and yes, three instances
282
00:10:35,460 --> 00:10:38,480
were having their command run on it.
283
00:10:38,480 --> 00:10:39,490
And if I go back now
284
00:10:39,490 --> 00:10:41,650
to my EC2 management console and refresh.
285
00:10:41,650 --> 00:10:43,200
So they're still here obviously,
286
00:10:43,200 --> 00:10:47,150
but now if I click on this IPv4 and paste it,
287
00:10:47,150 --> 00:10:49,270
then we're going to get a Custom Hello World
288
00:10:49,270 --> 00:10:51,610
from this IP right here.
289
00:10:51,610 --> 00:10:55,150
And if I go to another EC2 Instance,
290
00:10:55,150 --> 00:10:55,983
this one,
291
00:10:57,600 --> 00:10:59,170
we're gonna get again, a Custom Hello World.
292
00:10:59,170 --> 00:11:03,290
So this is a custom message that I did pass to my documents
293
00:11:03,290 --> 00:11:04,950
and the IP is going to be different on this one.
294
00:11:04,950 --> 00:11:07,060
That means that the command was run differently
295
00:11:07,060 --> 00:11:10,800
on two different EC2 Instances.
296
00:11:10,800 --> 00:11:11,633
So this is pretty cool
297
00:11:11,633 --> 00:11:13,480
because here we are able to run a command
298
00:11:13,480 --> 00:11:15,830
across three EC2 Instances,
299
00:11:15,830 --> 00:11:18,310
but remember, these EC2 Instances
300
00:11:18,310 --> 00:11:21,800
do not have the SSH port open, okay?
301
00:11:21,800 --> 00:11:23,780
So what happens is that the SSM agent
302
00:11:23,780 --> 00:11:25,420
did run the commands for us,
303
00:11:25,420 --> 00:11:26,280
which is super helpful
304
00:11:26,280 --> 00:11:28,680
because we don't compromise on security.
305
00:11:28,680 --> 00:11:29,640
So this is it for this lecture.
306
00:11:29,640 --> 00:11:30,480
I hope you liked it,
307
00:11:30,480 --> 00:11:32,430
and I will see you in the next lecture.
24567
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.