Trent Hornibrook's AWS re:Invent recap

1. re:Invent 2018 wrap
Version: 0.1 Date: 18th De 2018 Status: Draft
Contact: Trent Hornibrook Email: trent.hornibrook. Web: www.cevo.com.au Phone: 1300 518 265 Address: Level 14, 303 Collins St, Melbourne VIC

2. Overview
● About me
● AWS Ambassador program
● re:Invent overview
● Highlights

3. About me

4. Kaizen vs Kaikaku
https://spitmarket.com/downloads/three-horizons-innovation-strategy-introduction-and-templates-keynote-and-powerpoint/

5. Work philosophy

6. AWS Ambassador
Program
● 25 odd people in Australia
● Info on upcoming roadmap
iteams
● Connection with AWS product
teams
● 5 Meetups / year

7. re:Invent

8. re:Invent
● Wednesday through Friday
● Monday and Tuesday are extra training days
● 60,000 people
● re:Play party on Thursday night
● A mess to get around!

9. re:Invent

10. re:Invent
● Monday - Ambassador day
● Tuesday - ML bootcamp
● Wednesday through Friday - conference proper
● Hallway track
● Casino track

11. re:Invent
● Roadmap for re:Invent with Jeff Barr
● James Gosling - Mr Java - fireside chat
● AWS maturity is quite high in APAC

12. Highlights
● Summary of all releases
● Details of some of the key
releases

13. Highlights
● Nitro instances
○ https://www.youtube.com/watch?v=e8DVmwj3OEs
○ New instance types
○ Significant network throughput increases
○ Significant storage performance changes
● Amazon FSx for Windows & Lustre
● New databases
○ Managed blockchain
○ Timestream
○ Quantum ledger database
○ Aurora Global DB
○ DynamoDB Transactions
○ DynamoDB on-demand

14. Highlights
● Monitoring, Alerting space & Containers
○ App Mesh
○ Cloud map
● Lambda
○ Bring your own runtime
○ Lambda Layers
○ ALB invocation of Lambdas
● Cloudfront & API Gateway changes
○ Websocket support
● Global accelerator
○ For region failure

15. Highlights
● S3
○ Intelligent tiering - just turn this on!
○ Block public objects (prior to re:Invent)
● Glacier
○ deep archive
● Managed Kafka (similar to Managed AMQ)
● DataSync
○ Hosted rsync / hosted robocopy boxes
● Transfer for SFTP
● Step functions
○ 8 new integrations - lambda, ecs, fargate, sqs, sns, dynamodb 27th Nov

16. Highlights
● Lots in the AI/ML space
○ Didn’t record these, as I was focused on other areas
○ More hosted AI/ML services like
■ Texttract
■ Personalise
■ Forecast
● License Manager
● Ground Station
● DeepRacer
● Outposts
○ Think ‘run your own AZ/region’

17. Details
● Security
● AWS Account strategy
● VPC Networking

18. Security
● Control tower
● Security Hub

19. Control Tower

20. Control Tower
● Extension to the “Landing Zone”
● Deploy good security governance for all new accounts
○ Guard duty
○ CIS rules
○ Maice
○ etc

21. Security Hub
● Problem
○ Wanting a single pane of glass of the security posture
○ Wanting to integrate AWS security things & third party things
together
● Demo
○ https://youtu.be/TdT8ds_C8Gs?t=1107

22. AWS Account strategy

23. AWS Account strategy
● Things that Amazon are trying to address
○ Waste is ipv4 space
○ True separation of duties (from Networking management to
Development/Deployment)
○ Management overhead - peering can get hard!
● RAM (Resource Access Manager)
○ Demo
○ https://youtu.be/fnxXNZdf6ew?t=585

24. AWS Account strategy (before)

25. AWS Account strategy (after)

26. AWS Account strategy
● What about having a pair of business domain accounts
instead?
● What does the participant actually see!?
● No doubt there will more interesting ways to break AWS
here

27. VPC Networking

28. VPC Networking

29. VPC Networking

30. VPC Networking

31. VPC Networking

32. VPC Networking
● Transit Gateway
○ Demo
○ https://youtu.be/ar6sLmJ45xs?t=943

33. Thank you.