Insights from AWS Summit Brussels
AWS Summit Brussels 2022 is the first post-COVID conference I attended. This document summarizes my insights from the conference!
AWS Summit was a daily event and I attended the following presentations:
- Practical guide to incident response with NXP
- AWS Well-Architected Framework for sustainability
- Simplify cloud governance with AWS Control Tower
- Highly Regulated workloads on AWS
- ̶B̶u̶i̶l̶d̶ ̶a̶ ̶z̶e̶r̶o̶-̶t̶r̶u̶s̶t̶ ̶a̶r̶c̶h̶i̶t̶e̶c̶t̶u̶r̶e̶ ̶o̶n̶ ̶A̶W̶S̶ (I accidentally got in the wrong room, so I watched about VMWare Tanzu instead)
Feel free to reach out if you’d like to discuss about the specifics of any presentation!
I don’t know if it was the same before COVID-19, but the conference hall filled up pretty quickly. I entered the hall at 8:30, at 09:30 queues were longer than 30 minutes, and at around 10:00 they locked the event due to capacity. If I had gone with a daily train I would probably not have been able to make it. Being early at a conference is pretty worth it in the current state of things.
As a reminder, if you wanna work with Juanita and I, VanMoof is hiring!
Incident response (IR)
- Nearly impossible to do IR without a definition of a Cloud Consumer within the company, explicitly accountable as resource owner
- It takes years to build and automate such a process, but you can start by just writing response playbooks after a few events and executing them manually
- Don’t forget the post-mortem! People often do
- Plan to have security controls that cover both both Preventive (before) and Detective (after) measures
- AWS has a managed service for IR: AWS Systems Manager Incident Manager. It’s probably not the best fit for VanMoof because we are already multi-cloud and that service seems AWS-specific
- Responders who acknowledge an event can be required to provide some authentication (e.g an access code sent by mail). It is unclear to me how helpful that would be in VanMoof’s case, but it is an interesting feature.
- AWS has reduced their timeline for hitting net 0 carbon from 2030 to 2025. I’m not sure how much they’re "cheating" (e.g buying CO2 credits) or just legitimately good at converting to renewable energy, probably both. Either way, climate targets seem possible to hit and the industry is picking up steam.
- AWS has released a report that allows you to see the total carbon footprint of your organization. Cloudflare also has such a report feature, I don’t know about other providers
- Resilience and Sustainability may have opposite pulls in SLAs, prepare to balance them
- Sustainability has been added as the 6th pillar of the AWS Well-Architected Framework
- Sustainable scheduling: Reducing peaks optimizes your resource usage, schedule smartly to distribute load on low periods and vice-versa
- Hardware patterns: Aim for 70-80% utilization in a CPU, autoscale everything, Graviton=good, Graviton3=better
- Data patterns: Optimize your log storage, set up deletion policies, consider ZSTD instead of Gzip/LZ4 as a compression algorithm
- KPN found it easier not to lift-n-shift but rather rebuild a lot of apps for the Cloud
- Cloud Council of European Commission’s position on cloud providers: "happy to stay, if we are free to leave"
- (EU Commission) Serverless but not cloud native, which I took to mean “Yes to KNative, no to Lambda”
- (EU Commission) "The business people think our data is not safe in the cloud, the technical people think the opposite"
- Data Residency includes both storage and processing of data, but people often forget or ignore the latter
- GDPR compliance is much harder when you need to have people from different organizations working together
- AWS LandingZone is no longer maintained
- "Choose application" - "Choose dataset" - "Choose storage" are the 3 choices presented to cloud consumers at SURF
- To help research orgs get in the cloud, SURF have the concept of "IT supporter", who is someone who helps the team onboard into tooling
Being back on the conference circuit feels great! The event was pretty fun. I’ve had a lot of VanMoof-specific thoughts and ideas based on this conference, but they are covered in an internal article that will not be published here :)
Until next time!