AWS re:Invent 2019
This year I was lucky enough to attend Amazon Web Services re:Invent. Now if you do not know what re:Invent is, AWS re:Invent is a learning conference hosted by AWS for all of us that live in the cloud (or are even thinking about it) in Las Vegas.
If you have been to the AWS Summit in Sydney, it is a lot like that just way bigger.
re:Invent hosts over 60,000 attendees from around the world during five main days in six hotels on the Las Vegas strip. During the week there were four keynotes, over 3,500 sessions, giant dance parties, fun runs, ping pong tournaments, deep racer competition, an expo hall that felt the size of a football field and so much more.
To try and put things into perspective of how large this event is, with all the walking/travel between venues out of those 3,500+ sessions you would physically only be able to get to around 24 during your week.
But first, you must get to Las Vegas. After a 13-hour flight, my trip actually started with my honeymoon the week before in Anaheim, California. Disneyland to be more precise where I got to see one of the coolest things ever.
The Millennium Falcon (yes, my wife wanted to see this as much as I did)
After three days at Disneyland we made our way to Las Vegas on the day before Thanksgiving (note to self, don’t attempt any form of travel in the US the day before a major holiday.)
Now I have been to Las Vegas before but getting off the plane, you always know you're in Vegas. This is what you will be greeting to stepping off the air bridge.
Viva Las Vegas!
After a few days of shopping, eating and seeing the sights its was time to get back to work and start re:Invent
Now I had a mission for re:Invent, after talking to some friends that had gone before I decided to focus on hands-on workshops, hackathons and jams. This allowed me to learn some new things and get to touch and play. I then used sessions to fill any gaps I had in my schedule. (All of the sessions are recorded and now available on the AWS Events YouTube page)
My first workshop was about something I have an interest in but never tried before, Cloud Robotics. AWS RoboMaker is a service that enables you to easily develop, simulate and deploy robot apps that integrate with AWS services.
First up we needed to set up our development environment. This was pretty simple, AWS RoboMaker uses AWS Cloud9 so everything is set up for you ready to go
After getting our code ready we were able to simulate the actual robot for testing.
In this simulation I was able to drive my little robot around its virtual space.
Now that we have finished our simulation, we can move onto the really cool part. A real robot.
Using our AWS RoboMaker console we packaged up our code for the robot, adopted our robot into our robot fleet and deploy!
Once deployed, my robot came online and I was able to drive it around using the same controls from the simulation!
Monday night we where invited to the Australia & New Zealand reception where we got to catch up with vendors, customers and other partners (quite an impressive turnout)
Day two started with watching Andy Jassy’s Keynote from the hotel room (the reserved seating for the keynotes book out super fast!) Some of my favourite takeaways from this keynote was:
- 97% of companies in the world are still on premises (lots to still migrate then!)
- S3 Access Points – Making it even easier to control S3 security
- SageMaker Studio – Even though I personally don’t do any Machine Learning (ML) at the moment this is going to give me something to play with over the Christmas break
- Contact Lens for AWS Connect – Introducing ML to your contact centre by monitoring sentiment, trend and compliance with natural language processing
- Amazon Kendra – Enterprise search powered by ML
Building a migration factory using CloudEndure and Migration Hub
My workshop for day two was Building a migration factory using CloudEndure and Migration Hub. At Idea 11 we have been using CloudEndure before AWS acquired them to help with lift and shift migrations(and now its free!). This workshop gave some great insight into automating large scale migrations and integration with Migration Hub for reporting.
After the workshop I headed over to the Venetian.
Yes, that’s inside.
In the Venetian in the Expo Hall, this place was massive and had a lot of vendors, both new and old. It was great to see whats going on in vendor world, meet some new people and get some socks.
Day three was my big day where a managed to get in three sessions and the AWS Security Jam.
Session One - Access Management in 4D
Now time is often thought as the fourth dimension and this session focus’d on applying time as a dimension to access management in AWS. This allows us to provide access and permission only when required (“just in time”)
My key takeaway from this session was conditions in policies are continuing to become more powerful and can be used to provide extremely granular levels of control.
Session Two – Reduce TCO for your file-based applications.
This session covered utilising AWS file services to reduce the time, cost and complexity of supporting file systems. This session looked at File systems for business workloads (Amazon EFS and Amazon FSx for Windows File Server) and File system for fast-processing workloads (Amazon FSx for Lustre).
Amazon EFS allows you to get rid of your shared NFS file clusters and Amazon FSx for Windows File Server allows you to get rid of Microsoft DFS file servers.
My key takeaway from this session is if you’ve looked at these services in the past and didn’t think they would work for you, give them another look. They have received quite a few updates recently (especially Amazon FSx for Windows File Server) that give quite a bit more functionality and a lower cost point.
Session Three – Access control confidence: Grant the right access to the right things
Getting your permissions right in AWS environments is kinda important. This session showed us how to use attribute-based access control (ABAC) to enable you to do fine-grained access control at scale without massive administrative overhead.
This would have been probably my most favourite session that I attended at re:invent, ABAC is actually quite simple and powerful, make sure you give this session a watch.
AWS Security Jam
My last event for day three was the AWS Security Jam. This is an absolute must do at re:Invent. If you have ever done a hack challenge (such as the Holiday Hack Challenge) you’ll love this one.
Everyone is divided up into teams and each team competes to complete security based challenges. The team to complete the most challenges while using the least amount of hints wins.
This event really gets you thinking and doing things you’ve probably never done before, some of the challenges we did was:
- Retrieving encrypted ciphertext stored on Amazon S3 using KMS
- Troubleshooting network connectivity then implementing Intrusion Prevention and SSL Deep Packet Inspection with AWS Transit Gateway and Fortinet
- Identifying patient zero from within a compromised network using ExtraHop’s NDR analytics solution (hint: it was the unpatched Drupal box – no surprises there!)
The security jam was great fun and something everyone should try.
Day 4 for me started with Dr. Werner Vogels Keynote from the hotel room. Some of my favourites from this was:
- Deepdive into Nitro and how its now powering the next generation of EC2
- Amazon Builders’ Library – articles on how AWS build things internally
After the keynote I participated in the Migration Gameday. In this gameday you work as a team to migrate a live production eCommerce website (that sells unicorns!). You gain points by keeping the website online, migrating it to AWS and ensuring you can keep up with the ever increasing load of your popular website.
This gameday was great fun and my team was lucky enough to come third!
Security best practices for the Amazon EC2 instance metadata service.
This session covered the introduction of Amazon EC2 Instance Metadata Service (IMDS) v2. This service has had some spotlight recently after the Capital One Hack and version 2 helps with locking it down even further.
If you run EC2 you should probably give this session a watch to see if you need to be doing anything.
The last day was a quiet one with the event winding down and people catching their flights.
Last Session: AWS Outposts: Extend the AWS experience to on-premises environments.
AWS Outposts in short is a rack of fully managed AWS infrastructure and services in your data-centre so you can provide low latency access to on-premises systems and local data storage.
This session went into the process of procurement, installation and architecture.
Outposts are now generally available so if this is something you need (or just like looking at hardware) have a look at the you tube video
With this session done it was time to head to the airport and start the long 18+ hour journey home.