AWS re:Invent re:Cap 2016Mark Nunnikhoven, Vice President, Cloud Research
Audience: Public
1
© Trend Micro, 20162
© Trend Micro, 20163
AWS YouTube Channelre:Invent 2016 Playlist
http://bit.ly/2016-recap-01
AWS SlideShare http://bit.ly/2016-recap-02
© Trend Micro, 20164
AWS re:Invent main site http://bit.ly/2016-recap-03
© Trend Micro, 20165
AWS re:Invent main site http://bit.ly/2016-recap-03
Great insight in AWS internal technology
© Trend Micro, 20166
Detailed in a keynote
Break out session
Brief mention in a keynote
Mention in a break out session
Blog post (http://bit.ly/2016-recap-06)
Mention in a blog post
Week In Review (http://bit.ly/2016-recap-05)
Documentation update (http://bit.ly/2016-recap-04)
© Trend Micro, 20167
Detailed in a keynote
Break out session
Brief mention in a keynote
Mention in a break out session
Blog post (http://bit.ly/2016-recap-06)
Mention in a blog post
Week In Review (http://bit.ly/2016-recap-05)
Documentation update (http://bit.ly/2016-recap-04)
Most people know about these
Some real gold here
© Trend Micro, 201611
Amazon EC2
© Trend Micro, 201612
IPv6 support in us-east-2 (http://bit.ly/2016-recap-07)
Bigger T2 burstable instance types (xlarge, 2xlarge)
R4 memory optimized instance types
I3 I/O intensive instance types
C5 compute intensive instance types (leveraging Intel Skylake)
Elastic GPUs For EC2 (coming soon, http://bit.ly/2016-recap-08)
F1 instances: configurable FPGA (limited preview, http://bit.ly/2016-recap-09)
Amazon Lightsail (http://bit.ly/2016-recap-10)
© Trend Micro, 201613
Amazon EC2 Systems Manager (http://bit.ly/2016-recap-11)
NEW
© Trend Micro, 201614
© Trend Micro, 201614
© Trend Micro, 201615
© Trend Micro, 201616
© Trend Micro, 201617
© Trend Micro, 201618
© Trend Micro, 201619
© Trend Micro, 201622
AWS Shield
© Trend Micro, 201624
© Trend Micro, 201624
© Trend Micro, 201625
© Trend Micro, 201626
© Trend Micro, 201626
© Trend Micro, 201627
AWS Shield AWS WAF
Amazon CloudFront
Amazon ALB
© Trend Micro, 201628
AWS Shield AWS WAF
AWS Lambda@Edge
Amazon ALB
Amazon CloudFront
More at http://bit.ly/2016-recap-13 and http://bit.ly/2016-recap-14
More at http://bit.ly/2016-recap-15
© Trend Micro, 201629
Amazon S3
© Trend Micro, 201631
© Trend Micro, 201631
© Trend Micro, 201632
© Trend Micro, 201633
© Trend Micro, 201634
© Trend Micro, 201635
Amazon QuickSight (http://bit.ly/2016-recap-17)
NEW(ish)
© Trend Micro, 201636
© Trend Micro, 201637
© Trend Micro, 201638
© Trend Micro, 201639
© Trend Micro, 201640
Event Sources
AWS CloudTrail
• All API calls • IAM identity for action
Available data;
• Δ to expected (Alarms) • Host logs (Logs) • 3rd party logs (Logs) • API call push (Events)
Available data;
Amazon CloudWatch
© Trend Micro, 201641
S3 data storage is inexpensive
Use S3 Infrequent Access to lower costs (S3 IA, http://bit.ly/2016-recap-18)
Bucket policies to push to Amazon Glacier (http://bit.ly/2016-recap-19)
Very inexpensive, highly effective data store for ops
© Trend Micro, 201642
AI
© Trend Micro, 201643
Amazon Rekognition (http://bit.ly/2016-recap-20)
NEW
© Trend Micro, 201644
© Trend Micro, 201650
© Trend Micro, 201653
© Trend Micro, 201659
AWS Lambda
© Trend Micro, 201660
C# support in AWS Lambda (http://bit.ly/2016-recap-23)
AWS Lambda@Edge (http://bit.ly/2016-recap-24)
AWS GreenGrass (http://bit.ly/2016-recap-25)
AWS Import/Export Snowball Edge (http://bit.ly/2016-recap-26)
© Trend Micro, 201661
AWS Step Functions (http://bit.ly/2016-recap-27)
NEW
© Trend Micro, 201662
© Trend Micro, 201667
© Trend Micro, 201668
© Trend Micro, 201669
What’s Next
© Trend Micro, 201670
Mark NunnikhovenVice President, Cloud Research Trend Micro@marknca
© Trend Micro, 201671
AWS YouTube Channelre:Invent 2016 Playlist
http://bit.ly/2016-recap-01
AWS SlideShare http://bit.ly/2016-recap-02
© Trend Micro, 201672
IOT401 Serverless IoT Backends (http://bit.ly/2016-recap-34)
SAC322 AWS Shield—A Managed DDoS Protection Service (http://bit.ly/2016-recap-35)
SAC323 Manage Multiple AWS Accounts with AWS Organizations (http://bit.ly/2016-recap-36)
DEV209 Another Day in the Life of a Netflix Engineer (http://bit.ly/2016-recap-37)
© Trend Micro, 201673
SAC318 Life Without SSH: Immutable Infrastructure in Production (http://bit.ly/2016-recap-38)
ARC402 Serverless Architectural Patterns and Best Practices (http://bit.ly/2016-recap-39)
SVR401 Using AWS Lambda to Build Control Systems for Your AWS Infrastructure (http://bit.ly/2016-recap-40)
SAC306 Encryption: It Was the Best of Controls, It Was the Worst of Controls (http://bit.ly/2016-recap-41)
© Trend Micro, 201674
CMP305 Serverless to 32XLarge, A Unified Security Approach To AWS Compute (http://bit.ly/2016-recap-42)
SAC201 Lessons from a Chief Security Officer: Achieving Continuous Compliance (http://bit.ly/2016-recap-43)
© Trend Micro, 201676
© Trend Micro, 201677
Thank [email protected] | @marknca