NPW Insights (Free): Week 4 of 4 for Solution Architect

Security

Threat Detection and Response Report

A key theme from a Google Cloud survey of 400 SecOps practitioners included comparisons between on-prem and cloud security. 25% more respondents said cloud offers more “opportunities to learn” because of richer telemetry and more automation. 84% believed they need to automate more to manage evolving threats better, and that the biggest threats on cloud, compared to on-prem, were crypto mining and data leakage. And that skills and knowledge of SecOps teams, who the majority thought were well-staffed, are inadequate. REPORT

Open source security report

Synopsis report looked at findings of 1,703 commercial codebase audits. 96% contained open source code, and 89% had an open source codebase that was more than 4 years out of date - an increase of 5 percent over 2022. 91% didn’t apply updates because they weren’t aware an update was available. RECOMMENDATIONS

Cost Management

David Hansson’s cloud warnings

Co-owner of Basecamp and Hey, and co-creator of Ruby-on-Rails had announced a few months ago why his companies were exiting the cloud. In the latest blog, he warns against serverless economics and shows why serverless is ultimately a bad deal if your workloads don’t experience big swings, or require the computing power of the entire machine. And then, there is the bigger cost of lock-in that you cannot get out of. BLOG

AWS Trusted Advisor Dashboard

AWS Trusted Advisor gives recommendations to optimize around cost, performance, security, fault tolerance and service quotas. This walkthrough of its dashboard has many tips to query that data in useful ways, and how to access various features and set up useful alerts. There is a section for each of the five “pillars” with specifics that can help pinpoint issues at a granular level. Good to check out, especially for features that you might have missed so far. GUIDE

Architecture Design

ML-based telemetry analytics in AWS

Post describes architecture to collect telemetry from data pipeline jobs and identify abnormal runtimes, slow-running jobs, detect insider threats, and monitor proactively. Automated monitoring metrics are collected from AWS analytics services and sent to CloudWatch, alarm is set for event detection, and notification is set to SNS topic. CloudWatch provides anomaly detection on metrics, and OpenSearch Service is used to combine query access  times with employee data to detect insider threats. AWS ARCHITECTURE BLOG

Data Management

Amazon EMR Managed Scaling gains

The 2022 update in the Managed Scaling algorithm saves up to 19% costs with better utilization and targeted scale-down, according to this AWS blog. It presents data from two customers but what’s more useful: it tells you how to figure your EMR cluster cost savings through the CloudWatch console. Check it out. AWS BLOG

Batch Load in Amazon TImestream

Batch Load is a serverless way to move batched, time-series data in CSV files from S3 directly to the time series database. UPDATE

Higher write throughput on Amazon Kinesis

Amazon Kinesis Data Streams increases On-demand write throughput from 200MB/s to 1GB/s. UPDATE

Applications

Telecom Data Fabric from Google Cloud

An end-to-end data management and analytics platform introduced at the Mobile World Congress 2023. It enables centralized data governance and analytics for telcos. It comes with adapters to ingest data from multiple sources, and supports open data models and APIs. Key use cases include multi-domain unified data modeling, data normalization, and correlation. UPDATE

Strategy

Biggest antipattern in cloud-native strategy

Cloud native engineer at Container Solutions, Ian Miell says this: Conflating Gartner’s all four stages of cloud adoption and treating them as an unchanging monolith when planning cloud-native transformation. This leads to wasted effort and organizational indigestion. This can be avoided by treating north-south journeys (from one stage to next) as transformation journeys, journey through a single stage as an optimization journey, and following gradually raising the stakes pattern which advocates exploratory experiments. IN-DEPTH

Career

New job roles in the coming years

Next generation of cloud will be defined by modern compute, polyglot DBs, AI/ML, and hybrid multicloud. Consequently, DevOps will branch out into Cloud-native Ops, Edge-native Ops, AI/MLOps, and multi-cloud architects. Here are links to Google Cloud learning pathways and free courses for skill sets that will be needed for these roles. GOOGLE BLOG

App Building

Google Cloud AlloyDB global

The PostgreSQL-compatible database service is now available in 16 new regions, and coming to more soon. Google Cloud claims the service is 4 times faster for transactional workloads and up to 100 times faster for analytical queries than standard PostgreSQL. UPDATE

Why use message brokers

Developer advocate at AWS, David Boyne, offers four reasons: To ensure downstream services don’t get overloaded, and can process messages in any batch size. Prevent loss of messages, as brokers can retry in case of delivery and processing failure. Enable parallel processing downstream using pub/sub patterns or message queues. Achieve better isolation and decoupling as producers don’t need to know about downstream consumers. LINK

AI/ML

Choose SageMaker Autopilot algorithms now

When creating an Autopilot experiment, Amazon SageMaker will now let you select from the available algorithms for the training mode. UPDATE

Provisioning + Runtime

Azure VMware Solution for government

Azure VMware Solution is now available in Microsoft Azure Government in public preview. UPDATE

AWS Lambda and its dated Python runtime

Cloud consultant Corey Quinn says that despite numerous requests, the AWS Lambda team has failed to bring v3.10 support to its Python-managed runtime while v3.12 is in development. Calls it a sign of irresponsibility as it adds overheads for users and dilutes the value proposition of serverless. BLOG

Top reads last week for Solution Architects

• With CNCF proclaiming “containers are the new normal and WebAssembly the future”, the future of Wasm article had some useful ground truths.
• Google-IDC data and AI trends report highlights, among others, open data ecosystems and ways companies are discovering their unknown data.
• How SQL Server on Azure VM compared to EC2 are 57% faster and 54% less expensive got big attention.