Welcome to episode 218 of The Cloud Pod podcast - where the forecast is always cloudy! Today your hosts Justin, Ryan, and Matt discuss all things cloud - including migration services, AppFabric, state machines, and security updates, as well as the idea of shifting left versus (or in addition to) shifting down.
Titles we almost went with this week:
- The Cloud Pod Prefers to be Bought by Anyone but IBM
- What Does the F(in)O(ps)X say?
- The Cloud Pod Leverage appFabric for your SaaS Security
A big thanks to this week’s sponsor:
Foghorn Consulting, provides top-notch cloud and DevOps engineers to the world’s most innovative companies. Initiatives stalled because you have trouble hiring? Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week.
News this Week:
01:21 IBM acquires hybrid cloud software company Apptio for $4.6B
-
- IBM is acquiring software company Apptio Inc for 4.6B in cash.
- THe move comes five years after Vista Equity bought the firm for 1.94B
- Apptio was created in 2007, and was notable as the first company Andreeson Horowitz invested in. Apptio owns Cloudability, among other features.
- Apptio offers cloud-based technology and hybrid business management software for managing business in the IT field.
- IBM Chief Executive Arvind Krishna said in a statement “Technology is changing business at a rate and pace we’ve never seen before. To capitalize on these changes, it is essential to optimize investments which drive better business value, and Apptio does just that. Apptio’s offerings combined with IBM’s IT automation software and watsonx AI platform, gives clients the most comprehensive approach to optimize and manage all of their technology investments.”
2:30Ryan - “The last time I played with Apptio was very early in my cloud experience and Apptio was struggling to understand how to sort of port their methodologies into cloud. It worked really well in the data center and for IT shops, for tracking assets and managing visibility into cost and financials there, but it really struggled with stuff like dynamically changing instance groups and that sort of thing. It made sense when they bought Cloudability, and I haven’t played with it since.”
04:39 Justin goes to
FinopsX!
06:10Justin - “I did have an opportunity to talk to some startups. they're on the floor and they're thinking about kind of the next generation and what that looks like and you're really talking about bringing AI and LLM technology into FinOps and how do you get beyond the basics of it. I think we're at this kind of cusp of the end of the Gen 1 era… I suspect that we're in for a bunch of FinOps and capabilities coming out of these vendors as they try to figure out what their v2 is, and potentially new startups that are going to come in and be disruptive to the Gen 1 players, because I think it's a commodity, which was my big takeaway from the conference in general. It was good. It was a nice time. I definitely recommend going if you're in the FinOps space.”
08:07 Ryan - “I’m waiting for the first one of these players to really get the data enrichments, like AI generated data enrichment of your resources. The first person who cracks that in a reliable, useful fashion. I think it's going to change the way we do business. Cause I think there's a lot of business decisions we make on incomplete data, and I think that once that data is more complete and you can turn something loose - to do it at a very large scale. I think it's gonna change a lot about what we think of our businesses, how they run, how healthy they are, what things cost.”
Join us at FinOps X next year, and tune into The Cloud Pod in the months leading up to June - we’ll be sure to keep you updated on everything you need to join the fun in San Diego.
AWS
13:54
AWS Application Migration Service Major Updates: Global View, Import and Export from Local Disk, and Additional Post-launch Actions
- AWS has three major updates to the Application Migration Service.
- Global View - You can manage large-scale migrations across multiple accounts. This feature provides you both visibility and the ability to perform specific actions on source servers, apps and waves in different AWS accounts.
- Some actions: Launching test and cutover instances across accounts
- Monitoring migration and execution progress across accounts
- Import and Export from Local Disk- You can use AMS to import your source environment inventory list to the service from a CSV file on your local disk.
- You can also export your source server inventory list to a CSV file and download it to your local disk.
- You can always continue leveraging the previously launched import and export functionality to and from an S3 bucket if you're so inclined.
- Additional Post launch actions, adds four predefined post launch actions.
- Configure Time Sync
- Validate Disk Space
- Verify HTTP(S) response
- Enable Amazon Inspector
15:03 Ryan- “I think the reason why none of us have ever used this tool is because we don't actually like supporting cloud adoption in this way. This is a lift and shift methodology and this just isn't a problem I have with lift and shift methodology. There's a lot of tools available and generally when I'm looking at cloud adoption, even in a lift and shift scenario, I'm trying to encourage better CI and CD and deployment automation and those types of things. And I feel like this is sort of a cheat around those things where you don't have that. And so I *get* it, but I do worry about what happens day three after you use this tool.”
17:29Matt - “It can be good, I guess, for like, ‘Hey, we got 80% of our environment and we have this one legacy system that we just need to move.’”
18:22 Generative
AI with Large Language Models — New Hands-on Course by DeepLearning.AI and AWS
- Generative AI is a type of artificial intelligence that can create new content, such as text, images, and music.
- Large language models (LLMs) are a type of generative AI that are trained on massive amounts of text data.
- LLMs can be used to create a variety of different types of content, including:
- Text: LLMs can be used to generate text for a variety of purposes, such as writing articles, creating marketing materials, and generating customer service responses.
- Images: LLMs can be used to generate images, such as product photos, marketing images, and even art.
- Music: LLMs can be used to generate music, such as songs, jingles, and even entire albums.
- A new hands-on course by DeepLearning.AI and AWS will teach you how to use LLMs to create your own AI-generated content.
- The course will cover topics such as:
- How LLMs work
- How to train an LLM
- How to use an LLM to create content
- How to evaluate the quality of AI-generated content
- They also teach you how to use the new Amazon LLM API, but we haven’t used that so can’t really give an opinion on how it works.
- Conversely, if you’re using Google Workspaces you just hit a button in Google Docs. So that’s always an option.
19:29 Ryan - “This is the type of course that, you know, would help to step in a career, right? As technology moves on, as the ecosystem is changing, if you don't keep up - like if we don't learn AI - we are gonna sort of not understand what goes on in a couple of years. It's just gonna be the nature of the business. It's gonna be everywhere and ubiquitous and have influence everywhere. And so I love these courses for getting into some of these things at the ground level.”
22:23
New AWS AppFabric Improves Application Observability for SaaS Applications
- Many companies turn to SaaS applications to provide software to their employees.
- As SaaS app usage expands, there is an increasing need for solutions that can identify and address potential security threats, in order to maintain uninterrupted business operations.
- Integration of SaaS apps with existing security tools requires many teams to build, manage and maintain P2P integrations.
- In response AWS is launching AWS AppFabric, a fully managed service that aggregates and normalizes security data across SaaS applications to improve observability and help reduce operational effort and cost with no integration work necessary.
- When the SaaS apps are authorized and connected, AppFabric will ingest the data and normalize disparate security data such as user activity logs.
- This is accomplished using Open Cybersecurity Schema Framework, an industry standard schema and open sourced project co-founded by AWS.
- The data is then enriched with user identifiers such as corporate email addresses.
- This reduces our Security incident response time because you gain full visibility to user information for each incident. You can ingest normalized and enriched data to your preferred security tools, which allows you to set common policies, standardize security alerts and easily manage user access across multiple applications.
- Some apps supported at preview launch:
- Asana, Jira, Dropbox, Google Workspaces, M365 and M365 Audit logs, Miro, Okta, Slack, Smartsheet, Webex, Zendesk and Zoom.
- Available in N. Virginia, Ireland, Tokyo in additional AWS regions
- AWS AppFabric has Generative AI Capabilities
- AWS Appfabric will empower you to perform tasks across applications in a future release automatically.
- Audit data can be integrated into security tools such as logz.io, netskope, netwitness, rapid7 and Splunk.
- Additionally, they mention in the article that they’re going to be adding some generative AI capabilities in the future, which when (and if) it comes out will allow users to uatmoatically perform tasks across applications.
- It’s really great to see Amazon getting in the Vapoware game - announcing software they don’t have and that may - or may not - materialize at all.
25:46Justin - “Yep, well, it's like everyone was into NFTs and crypto stuff and Web 3.0 and then that all failed and then it was meta and meta universe and all that. Now we're into the chat GPT will save the world and the economy world and so everyone's gotta have features in that space.”
28:58
Deploying state machines incrementally with versions and aliases in AWS Step Functions
- AWS Step Functions now supports versions and aliases, which allow you to deploy state machines incrementally and manage multiple versions of your state machines.
- With versions, you can create a new version of your state machine without overwriting the existing version.
- With aliases, you can create an alias for a specific version of your state machine.
- This allows you to test changes to your state machine without affecting production traffic.
- You can also use aliases to point to different versions of your state machine for different environments, such as development, staging, and production.
29:32 Ryan - “So my fellow podcast hosts were like, we can get rid of this one. This isn't it. And I'm like, no, this is super awesome, guys. And I realized how much of a nerd I sounded like.”
29:41 Justin- “I thought this already existed! I just thought this already existed because lambdas under the hood, which is kind of what I've always used step functions with, you know, already have that. So when we talked about it, I guess I was just surprised that it didn't exist.”
GCP
14:26
Expanding 24/7 multilingual support: Now in Mandarin Chinese and Korean
- Google decided they were taking an extended 4th of July holiday, so this is the only thing they had to report this week.
- If you require multilingual support for GCP, you can find it at https://cloud.google.com/support.
Azure
33:41
Azure Virtual Network encryption - now in Public Preview!
- With Virtual Network encryption, customers can enable encryption of traffic between Virtual Machines and Virtual Machine Scale Sets within the same virtual network and between regionally and globally peered virtual networks.
- This new feature enhances the existing encryption in transit capabilities in Azure.
- Available in East US 2 EUAP, Central US EUAP, West Central US, East US, East US 2, West US, West US 2.
33:58 Justin - “This is one of those features that you have for your application - that isn't owned by you - and you need to encrypt it for a security compliance reason. And now you have an option, so I appreciate that.”
34:07 Ryan - “Or that one thing that's still running on like a 2012 server and you can't move it off because it's not supported on a more modern thing, but it comes up in the security audit every single time.”
34:34 Matthew - “And in true Microsoft fashion, it’s in public preview, so you have a little while until it’s *actually* usable.”
35:37 Ryan - “Yeah, I feel like the preview is really, especially in GCP and Azure is a way to sort of not be bound by SLA, right? it's more contractual than it is about the product and the functionality of the app.
36:26 Ryan - “I mean, now in the Google space, though, we have to worry about something being in preview for years and then going general available and then get sold to Squarespace. So…”
Oracle
Continuing our Cloud Journey Series Talks
36:55
The Modernization Imperative: Shifting left is for suckers. Shift down instead
- We’ve got a really interesting article for this week’s Cloud Journeys discussion!
- Have you heard the term shift down? We hadn’t!
- Essentially shifting down is the process of moving testing to earlier stages of the software development lifecycle.
- Shifting left is the process of integrating testing into the software development process.
- Both shifting down and shifting left can help to improve the quality of software.
- Shifting down can help to identify and fix defects earlier, which can save time and money.
- Shifting left can help to improve communication and collaboration between developers and testers.
- Both shifting down and shifting left can help to improve the overall quality of software
- According to the article, shifting down is mostly just taking advantage of managed services, which is interesting - given the fact that Google doesn’t really have a lot of managed services… but we’ll just ignore that fact for the time being.
38:22 Justin - “ So there is an overall kind of thread that you'll see on Twitter occasionally, or other subreddits ( if you're still using that) that basically say, you know, shift left is failing us as an industry, and it's not getting the value we want, it's not increasing the productivity we want, and it's not really working. I don't agree with that, I think shift left is working if it's done right... I'm intrigued mostly in this article about the idea of shift down, which is something I advocate for all the time. Managed services are something I love, because it takes away toil from my teams, and allows us to focus on things that matter. And so I do encourage this capability of shifting down to your managed service to help ease your burden, but shifting left, I still think has value.”
42:05 Ryan- “One point of the article I don't agree with - I don't think anyone is expecting a single person to do all the things. But I think that the important part to remember - with a full stack engineer - and that is, don't define yourself in the boundaries. There's gonna be, just like any engineering team, if you're solely focused on the front end, there's people that are gonna understand frameworks and technologies. at different levels of experience. You're gonna have React experts and Rails experts and those things. So it's no different, but the differences between full-stack engineers is that you're not tossing anything over a wall. You may not know, but it's still on you to go figure it out. And so leverage your team, leverage your peers. I don't think we're expecting everyone to know these things and be experts in these things, but the idea that... You have to know every technology front to end is ridiculous.”
After Show
Closing
And that is the week in the cloud! We would like to thank our sponsors Foghorn Consulting. Check out our website, the home of the cloud pod where you can join our newsletter, slack team, send feedback or ask questions at thecloudpod.net or tweet at us with hashtag #thecloudpod