NPW Insights (Free): Week 4 of 4 for Solution Architect
Google Threat Detection and Response report, open source security report, Telecom Data Fabric from Google Cloud, Amazon Timestream and Amazon Kinesis updates, AlloyDB goes global.
Threat Detection and Response Report
A key theme from a Google Cloud survey of 400 SecOps practitioners included comparisons between on-prem and cloud security. 25% more respondents said cloud offers more “opportunities to learn” because of richer telemetry and more automation. 84% believed they need to automate more to manage evolving threats better, and that the biggest threats on cloud, compared to on-prem, were crypto mining and data leakage. And that skills and knowledge of SecOps teams, who the majority thought were well-staffed, are inadequate. REPORT
Open source security report
Synopsis report looked at findings of 1,703 commercial codebase audits. 96% contained open source code, and 89% had an open source codebase that was more than 4 years out of date - an increase of 5 percent over 2022. 91% didn’t apply updates because they weren’t aware an update was available. RECOMMENDATIONS
David Hansson’s cloud warnings
Co-owner of Basecamp and Hey, and co-creator of Ruby-on-Rails had announced a few months ago why his companies were exiting the cloud. In the latest blog, he warns against serverless economics and shows why serverless is ultimately a bad deal if your workloads don’t experience big swings, or require the computing power of the entire machine. And then, there is the bigger cost of lock-in that you cannot get out of. BLOG
AWS Trusted Advisor Dashboard
AWS Trusted Advisor gives recommendations to optimize around cost, performance, security, fault tolerance and service quotas. This walkthrough of its dashboard has many tips to query that data in useful ways, and how to access various features and set up useful alerts. There is a section for each of the five “pillars” with specifics that can help pinpoint issues at a granular level. Good to check out, especially for features that you might have missed so far. GUIDE
ML-based telemetry analytics in AWS
Post describes architecture to collect telemetry from data pipeline jobs and identify abnormal runtimes, slow-running jobs, detect insider threats, and monitor proactively. Automated monitoring metrics are collected from AWS analytics services and sent to CloudWatch, alarm is set for event detection, and notification is set to SNS topic. CloudWatch provides anomaly detection on metrics, and OpenSearch Service is used to combine query access times with employee data to detect insider threats. AWS ARCHITECTURE BLOG
Amazon EMR Managed Scaling gains
The 2022 update in the Managed Scaling algorithm saves up to 19% costs with better utilization and targeted scale-down, according to this AWS blog. It presents data from two customers but what’s more useful: it tells you how to figure your EMR cluster cost savings through the CloudWatch console. Check it out. AWS BLOG
Batch Load in Amazon TImestream
Batch Load is a serverless way to move batched, time-series data in CSV files from S3 directly to the time series database. UPDATE
Higher write throughput on Amazon Kinesis
Amazon Kinesis Data Streams increases On-demand write throughput from 200MB/s to 1GB/s. UPDATE
Telecom Data Fabric from Google Cloud
An end-to-end data management and analytics platform introduced at the Mobile World Congress 2023. It enables centralized data governance and analytics for telcos. It comes with adapters to ingest data from multiple sources, and supports open data models and APIs. Key use cases include multi-domain unified data modeling, data normalization, and correlation. UPDATE
Biggest antipattern in cloud-native strategy
Cloud native engineer at Container Solutions, Ian Miell says this: Conflating Gartner’s all four stages of cloud adoption and treating them as an unchanging monolith when planning cloud-native transformation. This leads to wasted effort and organizational indigestion. This can be avoided by treating north-south journeys (from one stage to next) as transformation journeys, journey through a single stage as an optimization journey, and following gradually raising the stakes pattern which advocates exploratory experiments. IN-DEPTH
New job roles in the coming years
Next generation of cloud will be defined by modern compute, polyglot DBs, AI/ML, and hybrid multicloud. Consequently, DevOps will branch out into Cloud-native Ops, Edge-native Ops, AI/MLOps, and multi-cloud architects. Here are links to Google Cloud learning pathways and free courses for skill sets that will be needed for these roles. GOOGLE BLOG
Google Cloud AlloyDB global
The PostgreSQL-compatible database service is now available in 16 new regions, and coming to more soon. Google Cloud claims the service is 4 times faster for transactional workloads and up to 100 times faster for analytical queries than standard PostgreSQL. UPDATE
Why use message brokers
Developer advocate at AWS, David Boyne, offers four reasons: To ensure downstream services don’t get overloaded, and can process messages in any batch size. Prevent loss of messages, as brokers can retry in case of delivery and processing failure. Enable parallel processing downstream using pub/sub patterns or message queues. Achieve better isolation and decoupling as producers don’t need to know about downstream consumers. LINK
Choose SageMaker Autopilot algorithms now
When creating an Autopilot experiment, Amazon SageMaker will now let you select from the available algorithms for the training mode. UPDATE
Provisioning + Runtime
Azure VMware Solution for government
Azure VMware Solution is now available in Microsoft Azure Government in public preview. UPDATE
AWS Lambda and its dated Python runtime
Cloud consultant Corey Quinn says that despite numerous requests, the AWS Lambda team has failed to bring v3.10 support to its Python-managed runtime while v3.12 is in development. Calls it a sign of irresponsibility as it adds overheads for users and dilutes the value proposition of serverless. BLOG
NPW Weekly Trends
What CSP products got the highest attention. Topics that generated keen interest. Based on what was read by 12,000+ solution architects, DevOps engineers and software engineers the previous week.
Top reads last week for Solution Architects
- With CNCF proclaiming “containers are the new normal and WebAssembly the future”, the future of Wasm article had some useful ground truths.
- Google-IDC data and AI trends report highlights, among others, open data ecosystems and ways companies are discovering their unknown data.
- How SQL Server on Azure VM compared to EC2 are 57% faster and 54% less expensive got big attention.