AWS re:Invent 2020: Santa Cloud Wish List
Dear Andy Jassy,
This year, we’ve been good Continis and would like to share with you our seasonal “AWS-mas” wish list for AWS re:Invent 2020, which kicks off on 30 November.
We’re not just asking for new toys from the AWS catalogue, however. In some cases, we’d be happy to just have our favourites given a lick of paint.
In this blog, we’ll cover the new AWS services on our 2020 wish list as well as those that we hope will be updated and improved.
1. AppStream in the London Region!
Amazon AppStream is an offering that allows customers to provide their users with applications as a streaming service, using AWS infrastructure. This helps customers manage applications centrally, and to rapidly scale access up and down in line with demand.
AppStream is currently available across a number of AWS Regions: US East (N. Virginia), US West (Oregon), AWS GovCloud (US West), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Seoul), Asia Pacific (Mumbai).
We would love to see London added to this list!
Some of our customers here in the UK are subject to strict requirements around data sovereignty–making the consumption of cloud services from a nearby region impossible. So making AppStream available in London would allow them to also make the most of this useful service!
On top of this, the current circumstances have accelerated the need for scalable cloud services. Many of our customers are seeing spikes and troughs of demand that their existing technical estate isn’t able to cope with. AppStream would certainly help in this case.
So, on behalf of all our UK customers, we’re hoping this will be in our stocking this year!
2. AWS Nuke
This year, we would also love to see an official or AWS-sanctioned version of AWS Nuke.
AWS Nuke is a simple but powerful tool that works to clear out all resources from an AWS account that aren’t default or AWS-managed–rolling the account back to a ‘day one’ status.
In any organisation, you’ll find waste and AWS infrastructure is not immune. Many accounts are used for activities like experimentation, point-in-time testing or for engineers to orient themselves around new services (and so on) and aren’t always cleared out.
At the enterprise level, some of these accounts are not only able to accrue cost but also start to represent a potential security risk when left idle.
We’d like to be able to confirm that nothing is left in an account when we're finished working in it.
An AWS-approved and supported version of Nuke, with the appropriate guardrails in place to mitigate any potential mistakes in its use, would really help ensure our customers are paying only for what they need and mitigate against the risks of orphaned accounts. No one wants to become Scrooge, controlling accounts with a fine-toothed comb and stomping on developer freedom.
3. Elliptic Curve SSL Certificates
Elliptic Curve Cryptography (or ECC) is a smaller, more scalable and more quantum-resistant approach to cryptography than the standard RSA public-key driven approach.
Increasingly, organisations are becoming more cognizant of the risks associated with breaches, and more likely than ever before to proactively mitigate against such occurrences. Bringing ECC to AWS as a first-class citizen, so that it’s supported across all relevant AWS services, will help accelerate the adoption of a more modern cryptography approach across our customers, and allow us to sleep better on Christmas Eve, not only this year, but in years to come.
4. Better CloudFormation Support on Product Release
Infrastructure as code is at the heart of every Contino engagement, helping customers accelerate their journey by providing an automated approach to managing their infrastructure.
CloudFormation is AWS’ core offering in this space; a service that provisions and configures AWS resources using templates, reducing the need for repeated manual effort, and providing a single means to control infrastructure.
We do have one small request though. We’d love to see better CloudFormation support on release day for AWS services. Some, for example, ship with only CLI or console support on Day one, allowing people to experiment, which is great. But for customers to meaningfully adopt the new service, they need to bring it into their infrastructure as code, otherwise it will slow the team down over time.
We want to see everything on the nice list of CloudFormation resources, not the naughty list of CLI and console only.
5. (More) Reductions for S3 Pricing
S3 remains at the core of many of our customers’ experience of using AWS. As the size of enterprise organisations’ public cloud estates grows, a common trap that procurement departments fall into is to not appreciate the differentiation between ‘commoditised’ services such as S3 or EC2 compared to higher-level services like AWS Lambda and SageMaker.
Whilst AWS has driven reductions in price of circa 80% between 2006 and 2018, we’d love to see this reduced further–on the basis that investment can instead be directed to higher-level, cloud-native services that drive tangible business value.
Hopefully the data centre elves have spent the year in the workshop working on a discount for our customers for S3, that will enable them to pursue more cloud-native transformation.
6. AWS VPN
Alongside the tangerine at the bottom of the stocking, it’d be nice to see some more SSO integration with more providers for AWS VPN. We’ve seen customers roll back to using network appliances as a response to a perceived lack of support, and we’d love that trend to cease in 2021!
7. AWS VPN Client
When the VPN Client was released last year, we wondered if we’d been put on the naughty list. It’s not something we can use with confidence, and we’re seeing customers use services like TunnelBlick instead.
We’d love to see this improved so that our customers can benefit from a more tightly-coupled ecosystem of services rather than increasing their reliance on third-party services.
With AWS re:Invent this year being an online-only, 3-week long affair, there are a lot of changes to the usual format. However, one thing that doesn’t change is the scale and the rate of innovation–and as such we’re anticipating a raft of new service announcements as well as updates to existing services.
Re:Invent has a global audience, and our customers will all be watching closely - keen to adopt both new and updated AWS offerings if they see a means for their businesses and customers to benefit.
As a Premier Consulting Partner, we work shoulder-to-shoulder with our customers’ engineering teams to ensure that they have the best chances of success–our wish-list reflects that!
Don't Miss These AWS Re:Invent Sessions
Kubernetes: Do or Do Not, There is No Try
Thursday 3 December 2:45pm -3:45pm PST
Register Here: https://bit.ly/3mrK5JX
The Recipe to SRE, a Proven Method
Friday 4 December 9:15am - 10:15am IST
Register Here: https://bit.ly/3msWIEn
Transformation on AWS Cloud at UK Enterprise Customers
Friday 4 December 11:45am - 12:45pm GMT
Register Here: https://bit.ly/3mm83Gm
See you there!