A Journey into local AWS credentials management

From a single AWS Account management to a complex cloud environment.

This is the Journey that took me building my open-source project to let him manage AWS credentials most securely: Leapp.

Data Architectures for Cloud & AWS services to build them

Data is leverage. Fast evolution of cloud is demanding data solutions that can keep up with its pace. In this talk, I will cover the modern data architectures that leverage the cloud and keeps up with the pace. I will cover Data Lakes, Data LakeHouse and Data Mesh from the perspective of

1. What are these exactly?

2. When to use them?

3. What's required to implement them?

4. What are the architectural philosophies behind these patterns? (eg. Data Mesh is applied Domain Driven Design to data silos)

I will close each of these sections with a walkthrough high level architectural implementations of each of these using AWS Services and tools. All these architectures will primarily use AWS Serverless and ephemeral components.

Von Seen, Häusern und Daten - Aufbau einer Datenplattform mit AWS Lake Formation

Data Warehouse, Data Lake und nun Lakehouse. In diesem Talk klären wir, was hinter diesen Begriffen steckt und demonstrieren wie eine unternehmenszentrale Datenplattform in AWS realisiert werden kann: von der Erfassung, Transformation und Visualisierung von Daten, bis hin zur zentralen Verwaltung und Zugriffssicherung. Teilnehmer erwartet folgendes:

- Sie lernen die Kernfunktionalitäten von AWS Lake Formation kennen und steuern damit Zugriffsberichtigungen

- Sie speichern Daten in einem Data Lake und transformieren diese mit AWS Glue

- Sie aggregieren Daten und visualisieren die Ergebnisse mit AWS Athena und Amazon Quicksight

- Zum Schluss sehen sie, wie man mit AWS Lake Formation den Zugriff auf einzelne Spalten, Zeilen oder Zellen für Usergruppen beschränken kann um sensible Daten zu schützen

A song of Decentralization and Observability: Dance with open telemetry

Following the announcement of general availability on tracing with AWS Distro for OpenTelemetry, There has been quite a buzz in the AWS developers community to enable a single pane of glass to enable tracing in the world of decentralized architectures, There will always be a challenge this pattern while developing large enterprise cloud infrastructure for multi-layered accounts and development teams. Along with AWS CDK(the new way of IaaC development), there can be a modular way of approaching this use case for producing a solution that is juxtaposed alongside the microservice application boilerplate. This Session will be focused on the open telemetry features in the Cloud realm and how AWS helps us to enable this inside the production workloads.

Introduction to AWS IoT Services based on a practical example

AWS offers a wide variety in IoT services.

We want to show on a practical example how the AWS IoT services are connected to each other and which services can be used for which use case.

To archive this we want to present following:

Part One: An ESP32 based representation of a solar plant which is connected to AWS IoT Core.

A functional hardware setup containing a solar panel, several sensors and an energy consumer.

The hardware setup is connected to AWS IoT Core via MQTT.

Hardware component list, Wiring plan, ESP32 software code, terraform script (contains IoT Core representation of the esp32, could also be cloud formation if requested) and documentation will be public available.

This part should demonstrate that hardware programming and connection to the cloud can be done by everyone without huge knowledge requirements.

Part Two: Interaction of AWS services with IoT Core.

Introduction to IoT Core Rules and how to distribute and use data in various IoT services.

Data which is created and ingested to IoT Core in Part One will be used for this demonstration.

This part follows a Use-Case based presentation mode.

Following Use Cases will be available:

Data Analytics (Prediction): Data will be ingested into IoT Core Analytics and a forecast of generated power of the solar plant will be available.

Live Monitoring: Live data will be ingested into IoT SiteWise and visualized by using AWS SiteWise Monitor.

Alerting: Alerts will be configured in IoT Events reacting to a threshold based on a sensor metrics.

Ingestion into "classic" AWS services: Data will send via IoT Core Rules to "classic" AWS services like DynamoDB or S3 for further processing.

Introduction to AWS IoT Services based on a practical example

AWS offers a wide variety in IoT services.

We want to show on a practical example how the AWS IoT services are connected to each other and which services can be used for which use case.

To archive this we want to present following:

Part One: An ESP32 based representation of a solar plant which is connected to AWS IoT Core

A functional hardware setup containing a solar panel, several sensors and an energy consumer.

The hardware setup is connected to AWS IoT Core via MQTT.

Hardware component list, Wiring plan, ESP32 software code, terraform script (contains IoT Core representation of the esp32, could also be cloud formation if requested) and documentation will be public available.

This part should demonstrate that hardware programming and connection to the cloud can be done by everyone without huge knowledge requirements.

Part Two: Interaction of AWS services with IoT Core.

Introduction to IoT Core Rules and how to distribute and use data in various IoT services.

Data which is created and ingested to IoT Core in Part One will be used for this demonstration.

This part follows a Use-Case based presentation mode.

Following Use Cases will be available:

Data Analytics (Prediction): Data will be ingested into IoT Core Analytics and a forecast of generated power of the solar plant will be available.

Live Monitoring: Live data will be ingested into IoT SiteWise and visualized by using AWS SiteWise Monitor.

Alerting: Alerts will be configured in IoT Events reacting to a threshold based on a sensor metrics.

Ingestion into "classic" AWS services: Data will send via IoT Core Rules to "classic" AWS services like DynamoDB or S3 for further processing.

DynamoDB Single Table Modelling

Along an example, I'll discuss the concept of single-table-modelling for DynamoDB or NoSQL databases in general. What are the options? What are best practices? How do I go about creating such a model? What are the key thought processes involved?

And just as important: How do I make sure to integrate and support my Dev team along the way?

Serverless multi-region

Multi-region applications are complex and used to be expensive to maintain hardware in each region. The Cloud gave us Multi-AZ, but now Serverless infrastructure combined with a pay-as-you-go pricing model shattered this barrier.

The AWS Pricing Calculator - An ultra-low-cost product. How to save every penny?

The AWS Pricing Calculator - It is a tool which many of us know and use in our daily business.

Some may love it, some hate it, but have you ever looked behind the shiny front?

We will dive deep into what we reversed engineered and show how it is designed and built.

Among others, we will answer the questions: Why was this design approach chosen? What are the consequences for you as a user? What if you would like to adopt this design? How much money is AWS saving with this design?

Furthermore, we demonstrate how it could be improved and show a few performance examples.

Everything is an event on AWS

On AWS everything is an event. This talk is about how to use cloud events to build or improve your current solutions to be fully event-driven and take advantage of serverless services.

Event-driven architecture improve your cost efficiency, the system scalability and improve your development agility. Let’s learn together!

How FICO build a serverless, event-driven platform using ECS Fargate and AppSync

In this talk we are going to introduce you to FICOs event-driven governance platform. Using AppSync and ECS Fargate, FICO built a serverless event-driven platform that ensures high quality of our software delivery by at same time reducing costs and time to production. We will cover architecture details and introduce you to our Open Source model that helped us drive innovation in a collaborative way across all governance units of the organization. Eating our own dogfood, the platform validates itself before deploying any new feature.

How to simplify building AWS CDK constructs with Projen

AWS CDK constructs are reusable cloud components that can be used to increase efficiency when building AWS based cloud solutions. AWS CDK constructs are developed as software projects. Dependency management, build steps, integration tests, managing versioning and releases, publishing to package managers are topics that must be considered when defining a new project.

Using AWS CDK constructs as an example, this talk explains how these software project configurations can be simplified with Projen, a new kind of project generator. A main difference between Projen and other templating tools is the recurring generation of configurations. Improvements in Projen are thus simply adopted in the configurations and do not have to be added manually to the existing templates.

Migration from relational databases to Serverless AWS DynamoDB

In dieser Session stellen wir ein cloud-native Microservice-Setup auf AWS vor, dass wir erfolgreich bei einem unserer großen Kunden aus der Automobilbranche implementiert haben.

Dabei wurde für eine bestehende on-premise enterprise Anwendung mit einer relationalen Datenbank eine neue cloud-native Architektur auf AWS designed, welche auf NoSQL mit AWS DynamoDB setzt.

Anhand eines echten Use Cases zeigen wir, welche Möglichkeiten und Vorteile AWS DynamoDB mit sich bringt und was man beachten muss, wenn man eine relationale on-premise Datenbank auf AWS DynamoDB migriert. Wir zeigen best practises bei der Erstellung eines no-sql DynamoDB table design sowie bei der eigentlichen Implementierung einer

cloud-native Anwendung für DynamoDB anhand von Java mit dem DynamoDB Java SDK.

Der Vortrag beinhaltet auch eine kleine live demo.

Automating Operations Workflows and Incident Resolution using AI on AWS

Automation has become an essential tool to face the challenges imposed by the fast-paced and continuously changing market. To overcome these challenges and improve our DevOps and AMS delivery services to our clients, both in quality and price, NTT Data developed a cloud-based solution to automate workflows and ticket resolution. We call it SmartOps, and it has a proven track record of automating ticket resolution at one of our major automotive customers.

SmartOps is a microservice-architectured application that anonymizes and processes incidents in real-time and uses AI and Knowledge-based applications to identify issues and automation triggers. Depending on the identified triggers, SmartOps instantly and automatically schedules and executes several automation scenarios interacting with various applications, systems, data sources, and AWS services like Athena, EKS, SageMaker, and SES/SNS. SmartOps can assess if the automation was successful or not and decides on the next steps.

In this session, we will go over the functional flow of automated incident resolution on the one hand. On the other hand, we describe the technical blueprint of SmartOps and show how you can combine different AWS services to guarantee application scalability, reliability, customer data privacy, and security. We also exhibit how we used services like Macie, Comprehend, and SageMaker to speed up the development cycle and deliver high added-value fast.

Extensive GitOps - How to extend GitOps across your AWS infrastructure with Argo CD and Crossplane

GitOps has become incresingly popular recently to manage services and continuously reconciling the desired state stored in Git to the actual state running in a live environment to eliminate the need for continuous deployment pipelines and to prevent drift. Especially when we talk about managing infrastructure and Infrastructure as Code (IaC), as used in most projects, drift can become a serious issue over time. How to make sure that resources remain the same in the cloud as they are defined in code once provisioned? Being able to continuously reconcile and prevent drift in our infrastructure is a very valuable benefit.

So why have we only used GitOps for services? In this session we take a look at how we can use Crossplane and leverage Kubernetes as a control plane to manage both our services and AWS infrastructure to become 100% GitOps ready as we successfully did with one of our major automotive customers.

We will give an introduction to Crossplane and also show how an additional layer of abstraction can enable developers to easily claim AWS resources on the fly as they need them and do a demo how to spin up and integrate AWS infrastructure from small things like an S3 Bucket to even fully production ready EKS clusters.

Cloud Engineering & Testing

Insbesondere Themen wie schnelle Feedbackschleifen, testfokussierte Workflows und Troubleshooting werden nach wie vor heiß und kontrovers diskutiert - genau wie die Frage ob man wirklich die ganze Cloud lokal auf dem Rechner simulieren muss um hierfür gute Antworten zu finden.

Diese Themen lassen sich unter dem Thema “Developer Experience” zusammenfassen. Unter diesem Aspekt werden wir uns gemeinsam einen Überblick verschaffen und verschiedene Ansätze genauer beleuchten. Unser Ziel hierbei ist: Die Vorteile von Serverless Architekturen zu nutzen und gleichzeitig ein produktives “Developer Experience“ zu erlangen.

Wenn selbst ‘erlaube allen Verkehr von 0.0.0.0/0’ nicht hilft - Verbindungsprobleme in AWS lösen

Was tun, wenn die Netzverbindung zwischen zwei AWS-Diensten will einfach nicht zu Stande kommen will - obwohl schon alle Security Groups weit offen wie Scheunentore sind?

Insbesondere bei komplexen Netzwerktopologien kann sich die Fehlersuche schwierig gestalten. Daher begeben wir uns gemeinsam auf die Suche nach dem Fehler und lernen dabei, welche Möglichkeiten AWS bietet, Netzwerkproblemen auf die Spur zu gehen.

Während Metriken oft einen ersten Anhaltspunkt geben können, verspricht der Reachability Analyzer die Antwort auf dem Silbertablett zu servieren. Tiefer einsteigen und die Hände wirklich schmutzig machen wir uns dann mit Flow Logs und Port Mirroring.

How to integrate traffic-mirroring for serverless applications using Fargate

This talk will demonstrate how to create a fully automated traffic-mirroring implementation into a serverless application deployment running on AWS Fargate.

By that you are able to mirror the Ip traffic of each running container within your serverlesss deployment.

The serverless application in this case is a central nginx proxy that handles api calls to backend systems.

SupraTix goes China - lessons learned

SupraTix has been making its digital ecosystem available to its customers in China since May 2022. In order to be able to offer all functions and services there as well, the platform solution has to be operated additionally at AWS China. In doing so, the SupraTix e-commerce marketplace was expanded to a global service. The presentation is intended to provide insights into the challenges and solution approaches in the technical implementation.

---------------------

SupraTix stellt sein digitales Ökosystem seit Mai 2022 seinen Kunden auch in China zur Verfügung. Um alle Funktionen und Services auch dort anbieten zu können, muss die Plattformlösung zusätzlich bei AWS China betrieben werden, dabei wurde der SupraTix E-Commerce Marktplatz zum globalen Service ausgebaut. Der Vortrag soll Einblicke in die Herausforderungen und Lösungsansätze bei der technischen Umsetzung geben.

Revolutionize DevOps with ML capabilities. Deep dive into Amazon CodeGuru and DevOps Guru

AWS is on a journey to revolutionize DevOps using the latest technologies. AWS thinks of it this way: code, logs, and application metrics are all data that we can optimize with machine learning (ML).

In this talk I will introduce two AWS completely managed Serverless services: CodeGuru and DevOps Guru.

Amazon CodeGuru Reviewer uses ML and automated reasoning to automatically identify critical issues, security vulnerabilities, and hard-to-find bugs during application development. I also provides recommendations to developers on how to fix issues to improve code quality and dramatically reduce the time it takes to fix bugs before they reach customer-facing applications and result in a bad experience

Amazon DevOps Guru analyzes data like application metrics, logs, events, and traces to establish baseline operational behavior and then uses ML to detect anomalies. The service uses pre-trained ML models that are able to identify spikes in application requests, so it knows when to alert and when not to.

Automating Operations Workflows and Incident Resolution using AI on AWS

Automation has become an essential tool to face the challenges imposed by the fast-paced and continuously changing market. To overcome these challenges and improve our DevOps and AMS delivery services to our clients, both in quality and price, NTT Data developed a cloud-based solution to automate workflows and ticket resolution. We call it SmartOps, and it has a proven track record of automating ticket resolution at one of our major automotive customers.

SmartOps is a microservice-architectured application that anonymizes and processes incidents in real-time and uses AI and Knowledge-based applications to identify issues and automation triggers. Depending on the identified triggers, SmartOps instantly and automatically schedules and executes several automation scenarios interacting with various applications, systems, data sources, and AWS services like Athena, EKS, SageMaker, and SES/SNS. SmartOps can assess if the automation was successful or not and decides on the next steps.

In this session, we will go over the functional flow of automated incident resolution on the one hand. On the other hand, we describe the technical blueprint of SmartOps and show how you can combine different AWS services to guarantee application scalability, reliability, customer data privacy, and security. We also exhibit how we used services like Macie, Comprehend, and SageMaker to speed up the development cycle and deliver high added-value fast.