AWS re:Invent 2018 – day 3
Wow, what another massive day at re:Invent 2018. There’s been so many announcements, I’m not sure where to start.
Here’s a whistle-stop tour of our highlights!
Object Store Enhancements
S3 is AWS’s infinitely scalable, low cost object based storage solution. It has a number of tiers providing varying speeds of access at progressively cheaper prices. S3, and Glacier, the storage tier for long term archive, is the ideal place to store all that data that you need to keep. AWS has provided lifecycle management between these tiers for many years.
At re:Invent 2018, AWS have announced a few exciting enhancements. The first is Intelligent Tiering. AWS will automatically move S3 buckets to optimise storage costs based on your access patterns. You don’t have to set a lifecycle policy any more! Couple this with the new Glacier Deep Archive, with storage costs as low as 0.1c per GB per month, and you can expect to see your storage costs reducing even further.
While you are at it, do you have some data that you HAVE to keep? If so, S3 Object Lock is your friend. It allows you to prevent an S3 object from being deleted for a defined period. The lock is maintained even if you transition the object to a new S3 tier. This is a fantastic addition for highly regulated environments that may have strong compliance requirements around data retention.
Amazon FSx for Windows File Server
AWS introduced EFS, an NFS shared file system for Linux, a number of years ago but for Windows based workloads there has been no equivalent service to date. Your option was to roll your own file server on EC2 to provide a CIFS based shared file system.
Step forward Amazon File System for Windows. It’s a fully Windows compliant CIFS based file system that supports SMB and the full Active Directory set of permissions. It will no doubt prove to be a popular service for those workloads that can’t use the S3 object store and require a CIFS compliant shared file store.
It’s almost a footnote but EFS has also received a significant enhancement. EFS Infrequently Accessed will save up to 85% in cost by moving files with an infrequent access pattern to cheaper storage. It works at the file level and will significantly reduce the cost to operate EFS file stores.
Around 6 months ago, AWS released a solution blueprint called Landing Zone. The idea behind it was to provide a common best practice pattern for AWS foundations. It provides a multi-account solution providing baseline solutions for security and monitoring and uses AWS Organizations to unify billing and access. It’s a fantastic solution that helps to standardise the initial footprint for new AWS implementations.
As of today at re:Invent 2018, it has been released as an official service called Control Tower. This new service now offers a fully supported solution that enables best practice guard rails and blueprints for your AWS account foundations.
AWS has many security services. The last time we checked, over 40 more than the nearest competitor in public Cloud. They each produce security alerts and insights. To keep on top of these, you have to either constantly hop between services or use third party or home grown tools to consolidate them.
Today AWS announced Security Hub. It aggregates and prioritizes security alerts and findings from multiple AWS services, such as GuardDuty and Inspector. However, it is also integrated with a number of third party solutions. Two of our existing partners, Rapid7 and SumoLogic, are included in the initial integrations.
AWS has a super rich database ecosystem and that is only getting deeper. Here are some new features and services.
- Aurora is now available as a global database spanning multiple AWS regions;
- DynamoDB can now be enabled on demand. Previously, you had to define the read and write performance characteristics of tables and use auto-scale to deal with increasing demand. As of today at re:Invent 2018, you no longer have to do that as DynamoDB will scale in and out automatically as required;
- Finally, AWS released a new time series based database called Timestream. It’s designed for data that needs to be stored with time sensitivity in mind, such as IoT streaming data. The service runs serverless and includes time specific operations out of the box.
At last year’s re:Invent, Blockchain was a hot topic with a number of sessions devoted to running the technology on AWS and some example use cases. Earlier in 2018, RedBear IT worked with AWS to help shape a Blockchain blueprint solution for running Blockchain on the AWS Cloud.
At re:Invent 2018, AWS has identified two primary customer use cases for blockchain style solutions and has developed two services as a result.
Quantum Ledger Database
The first of these use cases for Blockchain is as an immutable ledger of transactions or changes. This ledger is often public but what if it could be private? What if you just needed a way to guarantee changes and that the history of transactions could not be altered, all without the need for publicly sharing the Blockchain network?
If so, Quantum Ledger Database may be the answer. This new service provides a fully cryptographically signed history of changes to records in the database. Your application can access that ledger at any time so that you can demonstrate the immutable audit trail of transactional changes within the application.
We see many of the uses of Blockchain today being able to satisfy their requirements using this new database service. It’s likely to be a cheaper and less complex solution than a full blockchain for such use cases.
AWS has also released a fully Managed Blockchain service for generic blockchain use cases. Now you don’t need to worry about the mechanics of setting up and running the Blockchain network as AWS will take care of that for you. It supports Hyperledger and Ethereum, two of the most popular frameworks.
We are pretty excited about this. We have done some proof of concept work previously with our customers and this announcement will allow those customers to concentrate on building their applications using Blockchain, not managing the plumbing of the network.
There’s been too much to cover today so we are saving some of the announcements for tomorrow. Look out for some networking and machine learning updates, amongst others.
Stay tuned for more updates and check out our previous posts from re:Invent 2018.