207: AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

Episode 207 April 15, 2023 00:31:18
207: AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity
tcp.fm
207: AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

Apr 15 2023 | 00:31:18

/

Show Notes

AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

AKA Welcome to April (how is it April already?) This week, Justin, Jonathan, and Matt are your guides through all the latest and greatest in Cloud news; including VPC Lattice from AWS, the one and only time we’ll talk about Service Catalog, and an ultra premium DDoS experience. All this week on The Cloud Pod. 

This week’s alternate title(s):

News this Week:

AWS

@00:56 -  Lots from AWS – Terraform and Service Catalog, Supply Chain and its crazy pricing, and VPC Lattice  -Self-service provisioning of Terraform open source configured with AWS Service Catalog. This means you can define your service catalog resources with either cloud formation *or* Terraform. And yes, Service Catalog inception is potentially a viable thing.  Matt: “It’s useful when you want to give people who don’t know what they’re doing very specific things; if you’re in a large organization, really just defining exactly what people can do…but to me it really starts to remove a lot of the innovation… but if you really want your teams to leverage the cloud and innovate I feel like it does start to limit some of the different aspects of the cloud.” Justin: “Don’t drink the ITSM kool-aid on Service Catalog.” @ 04:32 - AWS Supply Chain is now generally available; and yes, this is the same Supply Chain that was introduced at re:Invent. AWS says it will help mitigate risks, lower costs, increase visibility and help give actual insights on the supply chain. -Honestly, we’re talking about Supply Chain because the pricing is all over the place. For example, the first 100,000 Supply Chain insights are .40/each; the next 900,000 are .13/each, and over 900,000 its .065/each.  @ 09:26 - VPC Lattice is finally here! Also announced at re:Invent, this gives you the ability to connect, secure, & monitor communications between services. It also gives the ability to refine policies for both traffic management and network access.  -Since the announcement, a few new capabilities have been added, including the ability to use custom domains, deploy open source AWS gateway API controllers to use Lattice with a Kubernetes-native experience, as well as giving the ability to configure SSL/TLS certificates when using HTTPS that matches the custom domain.  You can also: Justin: “Their examples of Lattice pricing hurts my brain just a little bit.” @ 13:36 - Guard Duty now supports Amazon EKS Runtime monitoring, which lets you detect Runtime threats from over 30 security findings via an EKS add on, which gives increased visibility on individual container Runtime activity. Guard Duty can tell you which potential containers are compromised, and it can be combined with audit logs. It’s kind of nice to see AWS growing the Guard Duty platform. @ 18:40 - AWS Data Sync now supports copying data from Azure Blob in a moment of “us too” when compared to Blob’s data sync.  Justin: “Now you can set up a really cool loop, where you can have your AWS data sync take your Blob data and then your Blob sync take the data back from S3 and that’s how you can burn a lot of money really quickly.”

GCP 

@20:23 - Nothing of interest from GCP this week, just like last week. They had two things in their “what's new this week” but neither of those things were really new. One of them centered around the Looker Modeler for BI metrics. So that happened. 

Azure 

@ 21:24 - Announcing! Firewall enhancements for Azure! Now you have the ability to troubleshoot network performance and traffic visibility. The announcement included enhancements to logging and metrics, and offered a preview of three new tools for network administrators, including latency probe metrics, a flow trace log, and the unfortunately named fat flows (or top flows) log. It’s fine if you want to prove it’s not your firewall causing the problems, but otherwise, is it too much to ask for this all to just *work*?  Justin: “Of course Azure firewall is a cloud native firewall, so I don't want any of those things; just provide those to me in a dashboard or a security tool that would tell me these things are broken…instead you’re going to charge me a bunch of money for those other three tools, so thanks for that… but I prefer not worrying about this in my cloud.” Jonathan: “I like the visibility, but I don’t want to have to worry about this stuff.” @ 24:44 - DDos IP protection is entering general availability  - a whole new skew on DDoS protection! This is geared towards small businesses, although the guys agree that you must be a REALLY small business to make this make sense monetarily, since Rapid Response Support, cost protection, and Azure Firewall Manager, and AWAF discounts are all missing from the base package. As a group, we’re just really looking forward to that ultra-premium DDos experience from Azure. 

Oracle 

Continuing our Cloud Journey Series Talks

Spotted on the Horizon

News That Didn’t Make the Main Show

AWS

GCP

Azure

Oracle 

Other Episodes

Episode 271

August 14, 2024 00:53:48
Episode Cover

271: AWS Deprioritizes 7 Services, Cloud Pod Hosts Prioritize Therapy

Welcome to episode 271 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin, Jonathan and Matthew are your hosts today...

Listen

Episode 168

June 10, 2022 00:40:05
Episode Cover

168: The Cloud Pod Celebrates GCP Madrid Region With Sangria

On The Cloud Pod this week, the team discusses the new Madrid region’s midday siesta shutdown. Plus: Broadcom acquires VMWare for $61 billion, Azure...

Listen

Episode 280

October 31, 2024 00:55:53
Episode Cover

280: Evidently, The Cloud Pod Was Always Right

Welcome to episode 280 of The Cloud Pod, where the forecast is always cloudy! This week Justin, Jonathan, Ryan, and Matthew are your hosts...

Listen