Co-hosted by AWS Solution Architects and Evangelists, Shai Perednik, Dean Samuels and guest hosts!
AWS TechChat AWS TechChat
Co-hosted by AWS Solution Architects and Evangelists, Shai Perednik, Dean Samuels and guest hosts!
Episode 90 - Confidential Compute on AWS
In this podcast episode, learn about confidential computing and data privacy in the context of AWS services. The hosts - Shai, Anton, and Arindam, who are AWS Solution Architects, provide insights into AWS's security technologies and operational practices that exceed customer standards for confidential computing and data privacy.
The podcast delves into the Nitro system and its protection categories for confidential computing, as well as AWS Nitro Enclaves - a feature that provides isolation for sensitive data and applications. The hosts discuss the many use cases of Nitro enclaves, including cryptographic attestation capabilities, and explore how it can be used in various blockchain use cases, containerization, and Kubernetes. Additionally, the podcast provides resources for listeners to learn more about Nitro enclaves.
Throughout the episode, the hosts emphasize the importance of keeping customers' workloads secure and confidential. They provide insights into how confidential computing can be used in blockchain networks and modern advanced enterprise architectures.
Overall, the podcast provides a comprehensive understanding of confidential computing and how it can be implemented for enhanced security. It's a valuable resource for those interested in AWS services and data privacy.
[00:02:30] Confidential computing explained.
[00:05:13] AWS Nitro system.
[00:10:36] Cryptographic attestation.
[00:13:39] Nitro Enclave's use cases.
[00:18:11] Cryptographic attestation capabilities.
[00:21:11] Bridging multiple blockchain chains.
[00:26:41] Nitro enclaves workshop.
Workshop: https://nitro-enclaves.workshop.aws/en/ (also available in Japanese)
Workshop (“one module if you only have 30 min”): https://nitro-enclaves.workshop.aws/en/my-first-enclave/cryptographic-attestation.html
Confidential computing: an AWS perspective: https://aws.amazon.com/blogs/security/confidential-computing-an-aws-perspective/
Announcement Nitro Enclave: https://aws.amazon.com/blogs/aws/aws-nitro-enclaves-isolated-ec2-environments-to-process-confidential-data/
Nitro Enclaves + windows: https://aws.amazon.com/blogs/compute/getting-started-with-aws-nitro-enclaves-on-microsoft-windows/
Nitro Enclaves + Blockchain
Part 1: https://aws.amazon.com/blogs/database/part-1-aws-nitro-enclaves-for-secure-blockchain-key-management/
Part 2: https://aws.amazon.com/blogs/database/part-2-aws-nitro-enclaves-for-secure-blockchain-key-management/
Part 3: https://aws.amazon.com/blogs/database/part-3-aws-nitro-enclaves-for-secure-blockchain-key-management/
EKS + Nitro Enclaves
Confidential computing with AWS compute - https://www.youtube.com/watch?v=pyRBOHYgHc0
Episode 89 - Containers on AWS
In this episode of AWS Techchat, we talk briefly about container basics, difference between VMs and containers, and how customers are leveraging containers to modernize their legacy workloads. We look at different orchestration options for building modern applications and talk about various AWS tools that could be used. We cover use cases for automated infrastructure provisioning and integrating with Continuous Integration and Continuous Deployment. We cover Karpenter from autoscaling perspective and few new feature releases in containers space and Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere support on bare metal and also discuss security best practices at high level.
• Hands On workshop for Amazon EKS - ecsworkshop.com/
• Live streams and videos featuring AWS Container Services and demos - www.youtube.com/c/ContainersfromtheCouch/featured
• Amazon EKS Best Practices Guide - aws.github.io/aws-eks-best-practices/
• Architecting Amazon EKS workload for PCI DSS compliance white-paper -d1.awsstatic.com/whitepapers/arch…s-compliance.pdf
• Architecting Amazon EKS workload for HIPAA compliance white-paper - docs.aws.amazon.com/whitepapers/lat…amazon-eks.html
• Amazon EKS Blueprints Quick Start *-*aws-quickstart.github.io/cdk-eks-blueprints/
• Karpenenter Documentation - karpenter.sh/
Shai Perednik - Global Tech Lead - Blockchain www.linkedin.com/in/shaiperednik/
Arindam Chatterji - Senior Solution Architect - US SMB www.linkedin.com/in/arinchat/
Prasad Shetty - Senior Solution Architect - US NE Enterprise www.linkedin.com/in/prasadshetty3/
Episode 88 - AWS Graviton
In this episode of AWS TechChat, we talk about history of AWS Graviton, difference between ARM and x86, and how to get workloads running on AWS Graviton. We then talk about how to assess your application for ARM compatibility. First understanding the type of application, follow by the features and libraries used, then onto the components of the application like the database.
- AWS Graviton Public Page - https://aws.amazon.com/ec2/graviton/
- .NET on ARM - https://aws.amazon.com/blogs/devops/build-and-deploy-net-web-applications-to-arm-powered-aws-graviton-2-amazon-ecs-clusters-using-aws-cdk/
- ARM for Databases: https://aws.amazon.com/blogs/database/key-considerations-in-moving-to-graviton2-for-amazon-rds-and-amazon-aurora-databases/
- Transitioning to ARM Best Practices: https://github.com/aws/aws-graviton-getting-started/blob/main/transition-guide.md
Shai Perednik - Global Tech Lead - Blockchain https://www.linkedin.com/in/shaiperednik/
Matthew Cline - Senior Solutions Architect https://www.linkedin.com/in/matthewbcline/
Muhammad Mansoor - Senior Solutions Architect https://www.linkedin.com/in/mmansoor/
Episode 87 - Cloud Adoption Framework v3.0
In this episode of AWS TechChat, we talk about how leveraging the AWS Cloud Adoption Framework (AWS CAF) can help you accelerate your digital transformation efforts and business outcomes. We highlight the potential value that cloud transformation can bring to organizations, identify some of the key challenges that organizations may face along their journey, and discuss how the AWS CAF can help you overcome those.
We unpack the key components of the AWS CAF, including 4 categories of business outcomes, 4 transformation domains, 6 perspectives, 47 foundational capabilities, and 4 incremental & iterative transformation phases that the AWS CAF recommends.
And finally, we talk about the AWS CAF Envisioning and Alignment workshops and how they can be leveraged to help you identify and prioritize transformation opportunities, assess your organizational cloud readiness, and evolve your transformation roadmap.
• Shai Perednik - (www.linkedin.com/in/shaiperednik/) - Global Tech Lead – Blockchain, AWS
• Dr. Saša Baškarada (www.linkedin.com/in/baskarada/) - Worldwide Lead, AWS Cloud Adoption Framework, AWS
• Jason Turse (www.linkedin.com/in/turse-262/) - Senior Practice Manager, Advisory (Defense), AWS
• AWS Cloud Adoption Framework (AWS CAF) eBook https://d1.awsstatic.com/whitepapers/aws-caf-ebook.pdf
• An Overview of the AWS Cloud Adoption Framework https://docs.aws.amazon.com/whitepapers/latest/overview-aws-cloud-adoption-framework/welcome.html
• AWS CAF Public Page https://aws.amazon.com/professional-services/CAF/
• AWS CAF Whitepaper - Kindle Edition https://www.amazon.com/dp/B09X9DBL4V/ref=cm_sw_em_r_mt_dp_49MV5ZHXJBAAXRNS4VZ9
Episode 86 - Amazon EventBridge
In this episode of AWS Techchat, we start the show by talking about foundations - an overview of Amazon EventBridge and how it is different from Amazon CloudWatch Events. Then we talk about some of the features such as Archive and Replay Events, Schema Registry, Global Endpoints, and API Destinations.
Finally, we dive into architecture patterns to touch on the need to spend time modeling your logical architecture to get a good foundation for your event-driven architecture and explored event bus topologies and best practices.
Shai Perednik - Global Tech Lead - Blockchain
Cheryl Joseph - Solutions Architect, AWS
Stephen Liedig - Principal SA - Serverless, AWS
*Amazon EventBridge resource policy samples*
*AWS re:Invent 2020 session*
Building event-driven applications with Amazon EventBridge (https://youtu.be/Wk0FoXTUEjo)
*Introducing global endpoints for Amazon EventBridge*
*ANZ Summit: Design event-driven integrations using Amazon EventBridge (Day 2)*
* AWS Summit regisration (https://aws.amazon.com/events/summits/anz/)
* Agenda at a glance (https://pages.awscloud.com/rs/112-TZM-766/images/AWS-Summit-ANZ-2022-Agenda.pdf)
* Building an event-driven application with Amazon EventBridge (https://aws.amazon.com/blogs/compute/building-an-event-driven-application-with-amazon-eventbridge/)
Episode 85 - Amazon EC2 Mac Special
In this episode of AWS TechChat, we take a journey into Amazon Elastic Compute Cloud (Amazon EC2) Mac instances. I interview two Amazon EC2 Mac Specialists, Muhammad and Scott, who help us deep dive into the depths of Amazon EC2 and supporting services and features.
We start the show by setting foundations as we talk about the single tenancy model and how that relates to billing. We then discuss the differences between instances and hosts and Amazon Elastic Block Store (Amazon EBS) storage as well as building a CI/CD pipeline with Amazon EC2 MAC for your build servers.
We wrap that all up with some use cases we’ve heard and by looking at where customers should start their Amazon EC2 Mac journey.
Shai Perednik - Senior Solutions Architect, AWS
Muhammad Mansoor - Senior Solutions Architect, AWS
Scott Malki - Senior EC2/Graviton Specialist, AWS
AWS Builders Online Series https://aws.amazon.com/events/builders-online-series/
AWS Innovate – AI/ML Edition https://aws.amazon.com/events/aws-innovate/machine-learning/
AWS Events and Webinars - http://aws.amazon.com/events/
Use Amazon EC2 Mac Instances to Build & Test macOS, iOS, iPadOS, tvOS, and watchOS Apps https://aws.amazon.com/blogs/aws/new-use-mac-instances-to-build-test-macos-ios-ipados-tvos-and-watchos-apps/
Fair source of news; painful to listen to
I like to run podcasts while I am programming. AWS is a busy place, so I appreciate a podcast which saves me the trouble of reading AWS blogs and product announcements. The gushy delivery and strange vocabulary (i.e. "amy" for AMI) can be difficult to endure, but the content is usually worthwhile (although I would keep the skeptic filters in place). Did you know Dennis Ritchie wrote LINUX? Hahaha...