Operational Excellence, Microsoft on AWS, Tech & Velocity: Writeup of AWS Summit Online EMEA
By Aled Sage, VP of Engineering, Cloudsoft
The AWS Summit Online EMEA on 17th June was excellent! What follows are some things that stood out for me on Microsoft Applications, Operational Excellence within Amazon and beyond, Automating threat detection and remediation, plus how every company can move faster.
In his keynote, Werner Vogels talked about changes caused by Covid-19: lots more video and media, and lots of interesting apps launched to help with the crisis. There are great stories of apps, such as Filaindiana, being launched in 30 hours and scaling to millions of users - great benefits of serverless architectures!
Microsoft Applications on AWS
There was lots of content about Microsoft on AWS.
This covered lots of reasons to choose AWS (see Cloudsoft’s whitepaper for more details). Steven Bryen described benefits such as the maturity of the Windows offering (over 10 years, and twice as many workloads as Azure), improved reliability and cost savings, licensing options, guidance for migrations, and much more.
There were also a lot of Microsoft-focused tech-talks. For example, Martin Beeby gave a live coding session showing a .NET Core application running in containers on Fargate.
Towards Operational Excellence
One of my favourite sessions was by Adrian Hornsby, about operational excellence. It was pitched at a much higher level than the best practices described in the well-architected framework’s operational excellence. See Adrian’s blog for details (and part two and part three).
Adrian called out the need for culture + tools + processes.
For culture, he called out some of the AWS leadership principles - in particular “customer obsession” and “ownership”. Giving a two-pizza team the complete ownership of a (miro)service is really important. The team ships and operates the code they write, ensuring a fast feedback loop and a focus on continual improvement - no “throwing it over the wall” to another team.
For tools, Adrian described Amazon’s journey in adopting microservices, improving pipeline and automations to ship code faster and more reliably. There was a drive for consistency, standardization, and simplification. An important part of this nurturing a culture of measuring everything!
Processes was the most interesting section. Adrian told a story of when Jeff Bezos took part in customer connection training and heard a very experienced customer-service representative handling a customer complaint. Pulling up the order details, she correctly predicted to Jeff that the customer would want to return the table. She said “Those tables always come back, and they’re always damaged. They’re not packaged right, so the surface of the table always gets scratched.” Jeff’s first attempt to fix the problem didn’t work: he asked the customer service leadership team to do a better job and to fix the feedback loop between the customer service and retail department. The problem is people [almost] always have good intentions; asking them to do better doesn’t fix it.
To quote Jeff: “Good intentions never work, you need good mechanisms to make anything happen.” Amazon introduced the equivalent of Toyota’s Andon Cord (allowing anyone to stop the production line if a fault was detected): Amazon employees can “stop the line”, causing the product to be removed from sale on the Amazon site within minutes! Other versions of the Andon process include pre-emptive refunds to users.
I also enjoyed hearing a few very technical talks. It’s hard to keep up with the rate of AWS announcements, and I got some useful pointers from these.
Steven Bryen’s session on automating threat detection and remediation was well worthwhile. He only touched on a few of the services in this space, but good coverage for a half-hour session.
GuardDuty is a must-have service in my opinion. Steven pointed us to recent improvements for how to set up GuardDuty with AWS Organizations, which will make life a lot simpler for new customers or for people who frequently add new AWS accounts.
Security Hub also has some great recent improvements. The Foundation Security Best Practices standard adds 31 fully automated security controls, beyond the CIS Benchmark checks. The Payment Card Industry Data Security Standard (PCI DSS) checks are another really useful addition.
Lastly, Amazon Detective went GA on 31st March 2020. This service helps to identify root causes of security issues - it uses techniques based on machine learning and graph theory to explore relationships between different events. This speeds up the analysis and investigation of security issues.
Closing Remarks by Andy Jassy
As expected, Andy Jassy said some noteworthy things!
In talking about running AWS, he stressed how incredibly large a logistics and operational challenge it is to operate a hyper-scale cloud. At this scale and in this type of low-margin business, you need to think differently about the way you approach operations, costs and innovation. Amazon have grown up as a high-volume low-margin business. In contrast, other providers don’t think that way. He pointed out that AWS are the only hyperscale cloud provider who report and break out financials cleanly.
Andy spoke about how leaders can help their companies move quickly.
- Hire builders: people that like to invent, who are honest about customer experience, and who realise the launch is the starting line rather than the finish line.
- Organise builders into small, autonomous teams that own their own destiny.
- Realise which decisions are “one-way doors” and which are “two-way doors”. Of the decisions we make each day, the number of one-way doors is vanishingly small.
For (3), I still love that analogy (first used by Jeff Bezos in 1997). If you can change your mind about a decision, you can come back through that door - let folk experiment, innovate and fail safely. For one-way doors (e.g. making an AWS service GA, where it’s API will be supported for many years to come), those are the ones you need to spend a long time thinking about.
The Summit’s Online Format
I was really impressed with the online content and format - keynotes plus 55 breakout sessions over 4 hours. There was material aimed at IT managers, developers, devops, infosec, data scientists, and much more. Compared to previous summits, I missed the face-to-face conversations with AWS experts and those in the wider partner network and ecosystem. But I got to see a lot more of the sessions than normal!
I see the videos of all the sessions are already available on-demand (via the original unique login link, used to access the live event) - I look forward to watching some of the parallel sessions that I missed.
So if we can’t have a beer let’s keep chatting on Twitter and virtual meetups.
If you do have questions about your AWS use-cases or anything else cloudy, Cloudsoft are offering some free Virtual AWS Surgeries run by experienced solutions architects.