Two days of cloud packed information, knowledge and networking. Frans and Jari took a trip to Stockholm for the first on-site conference since forever! The conference had two parts, first one was for AWS partners on Tuesday and the second one was the actual summit on Wednesday.
-
Day 1 – Partner Summit
About 400 AWS partners gathered into Stockholmmässan to hear about the latest updates about AWS partner programs and a talk about Nordic cloud market trends and insights. No big surprises in the trends, C-level knowledge with organization support, automation etc are as important as ever in successful transformations. Nordics - with the help of Netherlands – are driving the cloud transformations in Europe, and public sector is the largest segment in all nordic markets. Nordics is the third biggest cloud market in europe, after Germany and UK.
AWS are developing their partner program based on the feedback they get from their partners. Recently they have introduced Partner Paths: this divides the partner program into five paths, which are software, hardware, service, training and distribution (which is invite only). Siili is in the Service path on the second highest (advanced) level, and we are working on achieving differentiators like DevOps competency program. AWS representatives also talked about AWS Service validation program, which aims to help service delivery companies validate the provided service with AWS' aid.
We had great discussions with Marcel, who is one of our main AWS contacts, about integrating with the AWS Partner Portal and about the AWS DevOps competency program. To our great benefit we also networked with Hashicorp representative Amir Altamimi, with whom we started to plan our partnership!
In the evening we had a great dinner in a psychedelic thai-restaurant with AWS and some of our dearest competitors. Discussions were active and interesting including co-operation possibilities between the rivals.
-
Notes on Partner Summit talks
-
International Data Corporation
IDC gave a talk on global cloud trends, with specific focus on Nordic markets. Some of the key highlights included:
-
War: companies are worried and focusing on future enterprise resilience. Building new strategies so that their businesses would not be fatally impacted by the conflict. They publish a resource to aid in this respect: https://www.idc.com/ukraine-conflict. Self-determination is seen as supremely important and something that should be protected with vigor. Local security risk and digital sovereignty are highlighted.
-
Digital first: "digital infrastructure" seen as the core of business enablement
-
Smart partnering: build B2B relations such that businesses can help each other in more lenient processes, rather than strict client-supplier relations
-
Computational upgrade of the C level with machine learning: simply put, data driven leadership
-
In the Nordics, purpose-built solutions are driving the markets, with public manufacturing financing at the lead for dominant industry.
-
Nordcloud and Distribution Innovation
The talk focused on how Nordcloud was able to help Distribution Innovation (https://www.di.no/) build their logistics business to a new level. Some key takeaways:
-
Build standardized modules from custom resources
-
Move toward a product company, away from being service oriented
-
Employ enterprise cloud architectures and a CAF for the client
-
Build CCOE
-
DI saw that Nordclouds business understanding was important in succeeding
-
Newly built analytics platform to understand own data
-
Mutual trust and transparency were highlighted
-
Knowledge building via Partnership Program
-
AWS panel
The final talk of the Partner Summit was a panel format discussion between AWS representatives. The host asked each of the panelists some questions about current state of the market and trends. For Siili, we should understand the following themes that dominated the conversation:
-
Big Bet drivers: cloud spending is increasing constantly; this is a massive business opportunity. Security is highlighted at every turn. Companies are in dire need of talent and skills. Sustainability (of the business but cloud specifically) is seen as important, and while not a new trend, comes up rather constantly.
-
Malicious actors, security policies, continuance of governance and US + EU talks about transatlantic data migration - themes relating to business sovereignty and data protection.
-
Strategic partners, well architected reviews, local zones (especially upcoming Helsinki LZ) - themes relating to how business value is created.
-
Maintaining speed: customer experience is key, as is being well prepared for the evolution of your business - themes relating to agile and data driven business.
-
Day 2: Summit Day
On the actual summit day, thousands of participants flooded Stockholmsmässan to partake in the talks, gather around partner booths and to network. There were about 50 vendor booths ranging from global through bronze sponsorship partners and start-ups. The talks were hosted on 10 stages throughout the venue. The atmosphere was gripping since most all present were happy about meeting in person, as were we!
Overall, we participated in 10 talks throughout the day, many back-to-back. When we did have some time between talks, we mingled and toured the booths. We made some interesting contacts and even had a relaxing time at the AWS Certified VIP area.
Figure 1: Big screens!
-
Notes on Summit Day talks
Keynote
After a warm welcome and some info on the Summit Day itself, we were presented with some hot topics on the AWS Services front. Josefine Boqvist from Telia gave a talk on how she and her team helped Telia bring about a new era of data analytics at the company, leveraging the vast service offering of AWS. Antti Koskelin from Kone was also speaking at the keynote, bringing with him inspiration from their success in building their services on AWS.
Some takeaways from the keynote, technology wise:
-
AWS Nitro system has enabled a vast array of virtualization capabilities as new differentiated instance types enabling EC2 for diverse computing needs
-
New EC2 instance type Graviton 3 as the C7 lineup is launched, try it out and improve your sustainability!
-
AWS Lake Formation can be powerful in the right circumstance
-
Local Zones are here, specifically of import for Siili is the upcoming local Helsinki Local Zone
-
What’s new on EC2?
The talk focused on various aspects of the Elastic Compute Cloud service of AWS’ offering. While the talk didn’t go deep into the technical details of the service, I found it interesting as a refresher and as a cross section of what is happening. Heikki Tunkelo was not the most inspiring talker, but sure did know his thing!
-
Key takeaways from the talk:
-
-
We should check out memory optimized instance types, they can be useful in situations where the hosted application does not need disk as such, but rather functions as an in-memory cache. I have a client case that maybe could benefit from this.
-
Instance type list is a feature that is often overlooked. It will benefit those who are looking to optimize costs. The same goes for the Compute optimizer service.
-
Some things to keep in mind as well when architecting: enhanced networking, EKS and ai/ml based solutions that use custom clusters.
-
Figure 2: How easy is it to adopt the Graviton (arm64) processors?
Figure 3: Local Zones offer core services
Transform data into information with ML-powered business intelligence
The talk focused on AWS QuickSight service. Unfortunately, I missed a portion of the talk from the beginning, so there remain some questions that remain unanswered for the moment, such as what data and where can it live? AWS QuickSight can enable a leaner method of accessing, processing and reasoning about data. It can be especially useful for those who do not use programming languages or are not versed in the technicalities of data analysis, but still require or wish to have access to data and reasoning tools.
Some key takeaways include:
-
QuickSight supports displaying natural language narratives in the dashboards, which ease business reporting.
-
The service supports natural language queries that provide accurate and fast reasoning from the collections, these queries can be further refined and boosted by developers and analysts via built- in feedback mechanisms.
-
There are powerful tools to help the system to understand the data better: tagging, keying, combining etc. Using these the service will provide more accurate reasoning, faster.
-
Resilient and well-architected apps with chaos engineering
-
The talk focused on how engineers might use AWS Fault Injection Simulator to test and build more reliable architectures on AWS. The speaker, Gunnar Grosch, nicely demonstrated some simple scenarios where the tool may give important feedback on the reliability of the architecture. The talk was level 300, which indicates a deeper technical discussion, but the talk did not, in my opinion, delve deep enough. The demo scenario was simplistic, which meant that I still have many questions about the applicability of the service.
-
These questions include:
- How to simulate larger service outages
- Is it possible? Maybe through much work to build testing templates?
- Is it possible? Maybe through much work to build testing templates?
- Is it possible to simulate various network conditions, without touching the actual services?
- Is only AWS API based fault injection possible?
-
My key takeaways:
-
Use CloudWatch synthetics scenarios with Alarms to abort if service is severely impacted
-
Use service built-in alarms, such as ASG alarms to monitor progress
-
Use Fault Injection Simulator scenario alarms to affect changes in the environment
-
Use FIS as final integration testing system for deployed service and architecture to green/red flag
-
Use Infrastructure as Code tools to build scenarios
-
-
Building a secure analytics platform for financial data
-
The talk was given by AWS’ Miguel Ferreira and OP’s Erno Mononen. The pair introduced the analytics platform that AWS and OP developed together for all of OP’s data. While not going into exact technical details, the system was presented at a deep enough level that some interesting insights can be gleaned from it. I took a number of photos of the slides, because of the nature of the presentation. Overall, an impressive talk and system, even without technical implementation aspects.
Key takeaways:
-
Establish a data perimeter using: Organization SCP, VPC endpoint policy and resource based access control (S3 bucket policies, IAM policies)
-
KMS is costly, so use S3 bucket keys whenever possible to reduce the number of KMS requests
-
For enhanced security, use e.g. M6i instances that employ memory encryption
-
Figure 4: An overview of the data platform architecture
Figure 5: Accessing the data starts at the login application login, continues through role delegation and Key policy checks
Figure 6: As the data is accessed, a CloudTrail is logged into an S3 bucket that is used for auditing. This is standard practice.
Figure 7: Accessing the application is enabled through fine grained grouping and role delegation into the Databricks personal cluster.
Bonus: Practical Data Analytics in AWS with AWS Glue and Amazon Athena
This bonus talk I was able to attend was given at the Community Lounge by Janne Kuha, a NordHero representative. They are a small Finnish company specializing in AI/ML solutions. During his short talk, Janne demonstrated a simple, yet effective, framework and architecture for building a data analysis platform on top of S3, Glue and Athena. For me, the simplicity, flexibility and extensibility of the presented system were key selling points.
Key takeaways:
-
Simple serverless architecture on top of AWS native services: o S3
-
Glue
-
Athena
-
-
Enables effective data driven decision making
-
Enables dashboards through Athena for reporting etc.
-
Data pipelines do not need to be complex to the point of exhaustion
-
AWS Glue enables extensive customizations through Spark programming
Figure 8: A simple yet effective data pipeline
Figure 9: The pipeline that was built for Firstbeat, simple yet fast and effective
Raise the bar of your security standards with AWS native security services
Matheus Guimaraes gave an excellent presentation about using AWS native security workflow to extend the visibility and controls to improve your security. AWS has a wide range of managed and serverless tools to automate the whole security pipeline from identify and protect to detect, respond and recover.
Designing and implementing the use of services like GuardDuty, Config and Security Hub in your architecture and infrastructure early, makes it easy to scale your business while keeping your data secure.
Figure 10: The security workflow
What I’m taking to my client projects
These are some of the thoughts that spurred from conversations and talks that help me to become a better engineer and deliver higher quality work for my clients:
-
Test graviton 3 (C7 instances) for running workloads, EC2 and RDS
-
Memory optimized instance for backend server? X2 instance type
-
Deploy some workload to the Helsinki Local Zone for lower latency – test it
-
Deploy full node continuous health checks with Cloudwatch events
-
Deploy better continuous monitoring for DNS clustering, Eventbridge for lambda trigger
-
Test that the failover region is available before initiating DR!
-
Check that policies comply with data perimeter:
-
S3 bucket policy to allow only EC2 role
-
-
-
KMS key policy
-
VPC endpoint policy
-
-
Use S3 bucket keys!
-
Check RDS encryption
-
Compute optimizer
Action points
Here are some action points that we are going to be pursuing, that spurred from networking:
- Establish relations with Hashicorp
- a. Certifications and partnership – this may bring in much business
- a. Certifications and partnership – this may bring in much business
- Start planning AWS meetup in the fall
- a. IaC oriented meetup
- a. IaC oriented meetup
- Organize meeting with competitor to discuss collaboration opportunities
- a. this is going to be juicy
- a. this is going to be juicy
- Familiarize and employ AWS Customer enablement program
Final remarks
We were very happy and felt privileged to join the AWS Summit in Stockholm. We gained valuable insight to take home and to our clients and company. Thanks!
Figure 11: Swag!