I had the honor of attending the Amazon Web Services (AWS) re:Invent 2016 and wanted to highlight some of my key takeaways from the conference.
Since Centrify was a sponsor, I was able to talk with many folks with an interest in learning more about Centrify’s announcement, “Centrify Delivers Innovative Capabilities and Best Practices to Streamline and Secure Adoption of Hybrid Cloud.”
1. AWS is Innovative as a Large Company
A good proxy for innovation is the number of features and products a company releases. AWS currently has tens of thousands of employees, and AWS announced 24 new products at the AWS Re-Invent show. Over the year, they have released 1000+ features, to put that in perspective that is almost three features a day, amazing! There are only a handful of companies at the scale of AWS that can innovate at this pace.
2. AWS Embraces the Ecosystem Well
I attended the keynotes and a few sessions around the ecosystem. This slide around, “What’s the journey of successful partners?” caught my attention in particular. It talks about the seven steps that AWS uses to operationalize a successful partnership as shown below -- it all starts with building a cohesive business plan together, of course, that is the foundation for any good partnership.
We, at Centrify, have seen first-hand how motivated AWS is to align with partners to help make their customer’s successful. This attitude probably comes from their relentless “customer focus” vision as shown below in Werner’s presentation.
3. AWS Delivers Automation Across Use Cases
When I think of automation choices around AWS, the first thing that comes to mind is Dev-ops automation. I have realized now that there is more than Dev-ops that can be automated within AWS; take security and compliance for example -- to make it continuous you need automation.
This slide in particular illustrates the importance of automation for AWS Compliance. AWS has 2670 controls and over 60 services and growing -- for a customer to prove compliance around these controls, automation is a repeatable way out! AWS CloudTrail, AWS CloudWatch and AWS Config are a few of the AWS services that make the automation around security and compliance easy for their customers.
If you want to understand this in more details, here are three sessions I would recommend you checkout.
- SEC301 – Audit Your AWS Account Against Industry Best Practices: The CIS AWS Benchmarks
- SEC307 – Microservices, Macro Security Needs: How Nike Uses a Multi-Layer, End-to-End Security Approach to Protect Microservice-Based Solutions at Scale
- SEC312 – State of the Union for re:Source Mini Con for Security Services
4. AWS Makes Server-less Execution a Reality
As a computer science graduate, this was probably the most exciting for me because I believe you cannot get more granular than this in terms of providing an execution unit as a service. You can create countless program functions with Lamda, you can leverage step functions to create your own programs. You would only be charged for the memory and the processing used.
The slide above on “A Spectrum of Compute” summarizes the various compute options AWS provides and shows that Lamda is just a natural progression from VMs and containers. One downside I see with Lamda is that Customer’s will become increasingly AWS platform dependent, this limits their ability to diversify amongst IaaS vendors. The other downside I see is for the highly regulated industries, Lamda reduces the control over compute and storage that Customers have, this might make adoption of Lamda hard for them.
5. AWS is on the Analytics Bandwagon
To me a simple, but key, takeaway was how Werner introduced the analytics initiative. AWS does not want customers to spend too much time preparing for analytics -- it wants its customers to get to it quickly and efficiently. To enable this, Amazon announced a bunch of new services -- a couple are around Amazon Athena, which helps query petabytes of data from S3 and Amazon Glue, which is a fully managed ETL service.
I think the Amazon Athena is the most interesting because it enables querying the data in S3 without the need for complex ETL jobs to prepare the data. This reduces the need to duplicate data for analytics. The other cool thing about this is it’s server-less, and customers are only charged on per query basis.
In conclusion, with over 32,000 attendees and over 400 breakout sessions, I was blown away by AWS Re:invent -- in terms of both the breadth and the depth of sessions.
Learn more about how Centrify helps secure AWS here.
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.