Thursday, 20. November 2014

AWS re:Invent Round Up

It’s been a week since re:Invent, and the dust is still settling.

The content from the event is being posted quickly. You can find all of the videos (with a few still coming), audio podcast versions, and slides from the sessions online. The challenge here is the how to process this massive amount of content.

Webinar To help, I hosted a webinar to provide my perspective on the key announcements and information from re:Invent. During the webinar, I covered what Trend Micro announced, the new AWS services, and–more importantly–where you should be focusing your energies.

You can now view the webinar on demand.

Trend Micro Resources Deep Security in the AWS Marketplace The big announcement from Trend Micro was the release of Deep Security 9.5 in the AWS Marketplace.

Deep Security is now available billed per hour (or annually for significant savings), or you can bring your own license.

The AMI supports multiple configurations of Deep Security, free trial, single node, or multi-node deployments are all supported from the one AMI via a simple setup process. You’ll be up and running in just a few minutes, regardless of your deployment.

Awareness A big push from Trend Micro during the show was around awareness of your security responsibilities in the AWS Cloud.

I wrote a four-part series of posts describing the shared responsibility model for security in AWS:


•  Cloud Security: Shared Responsibility in Action
•  Shared Responsibility Examples: The Re:Boot
•  Shared Responsibility Examples: POODLE
•  Shared Responsibility Examples: Shellshock


I also wrote a wrap-up post that highlighted some of our efforts and a few of my favorite breakout sessions.

SEC313, Updating Security Operations For The Cloud One of our sessions, “Updating Security Operations For The Cloud,” was very well-received. So much so that I was invited to give it again as a repeat session.

A big part of the talk was the demo for an event-based security response that uses auto scaling groups to automate the restoration of production. This allows the security team time to analyze the situation.

You can read the details of that workflow, watch the demos, and get the SNS http endpoint sample code over at my site.

theCube Trend Micro was also lucky enough to be the headline sponsor of theCube at this year’s show. theCube was broadcasting live from the show floor in Las Vegas. They had a fantastic line-up of guests on the show.

The interviews are available now and are a great perspective on the current state of the AWS Cloud.

A few of our clients were on the show, and their stories are of particular interest:


Aaron Hughes, systems architect at the Washington State Department of Fish and Wildlife
Jason Cradit, VP of information systems at the Willbros Group, Inc
Barry Nowak, manager of technical support & operations at Great Lakes Health Connect


I also did a segment on theCube. You should also check out the segments from our partners at Cloudticity and CloudNexa.

On the partner front, you should also see what we’re up to with CloudNexa.

AWS Resources Links to the resources I cover in the webinar:


New services announcement & overview from AWS
“New AWS Tools for Code Management and Deployment” post by Jeff Barr on the new code workflow tools (AWS CodeDeploy, AWS CodeCommit, AWS CodePipeline)
Jeff Barr’s breakdown of the new AWS Key Management Service. It’s a great overview of the new offering and how to get up and running with it
A great session from AWS’s Ken Beer & Todd Cignetti on the encryption & key management options available to you in AWS. SEC301, “Encryption and Key Management in AWS
The entire re:Invent security track is worth watching. The videos are available on the AWS YouTube channel
AWS Lambda is set up to really revolutionize what you can deliver quickly on AWS. Read Jeff Barr’s post, “AWS Lambda – Run Code in the Cloud”, and be sure to watch “Getting Started with AWS Lambda” (MBL202)
This one slipped by most people and also the #1 reason why people don’t “get” Lambda. S3 now supports events. It’s the first step to a fully event-driven AWS
Amazong EC2 Container Service makes is significantly easier to run your Docker workloads on AWS. This is a huge win for users given the explosion in the Docker ecosystem right now. Read all about it in Jeff’s summary post
AWS Aurora made waves right from the first mention in the keynote. Fully MySQL compatible with the added bonus of seamless scaling and low cost. Amazing advancement for RDBMS. Watch SDD415, “Amazon Aurora: Amazon’s New Relational Database Engine” for all of the details


Bonus links:


So You Think You Can Architect?” (ARC313) is a great talk by Constantin Gonzalez & Jan Metzner of AWS Germany. In the talk, they highlight how you can leverage key AWS services to ensure that your applications can meet demand. They use a live TV voting show as the key use case, but this applies to a lot of uses
Under the Covers of AWS: Its Core Distributed Systems” (SPOT302) is a fantastic talk by Al Vermeulen and Swami Sivasubramanian. Al & Swami are two of the original AWS engineers, and between them, they have a wealth of knowledge and insight. Even better is the dynamic between these two. There’s a great contrast here that only enhances the content… which is fascinating
James Hamilton, VP & Distinguished Engineer at AWS, delivered an amazing talk called, “AWS Innovation at Scale” (SPO301). In the talk, James provides a look at the challenges that AWS has had to address in order to grow to the scale it has. It’s a rare look under the covers at what makes AWS tick. Also check out James’ interview on theCube
a great talk from Andy Troutman on deploying code. “Lessons Learned From Over a Decade of Deployments at Amazon” (APP311) is a fantastic talk highlighting the motivations behind AWS CodeDeploy. Fantastic talk around what it takes to consistently deploy software at a fast pace


The Why With some much new information to dive into, I think it’s important to remember why we build these systems and why security is important. This short video is aimed at reminding you why we do what we do.



Read the write-up for the video, and please take it to heart.

What’s Next? There still more content coming out from the event itself. But the thing to watch for over the next few weeks are the solutions that people are starting to build with all of the new services and features from AWS.

We’re in for an amazing explosion of new apps and services that leverage this new functionality. It’s a very exciting time to be building solutions in AWS.

Want more tips & tricks? Follow me on Twitter where I’m @marknca. I’m always trying to learn more and love to share.