Symetra built a self-service solution that allows teams to migrate applications from data centers to the AWS Control Tower multi-account environment using CloudEndure, infrastructure resources from AWS Service Catalog, and secure third-party solutions from AWS Marketplace. We heard from Chuck Chemis, Enterprise Cloud Architect - Symetra and Matthew Carlisle, Solutions Cloud Architect - 2ndWatch.
The basic problem should be familiar to all enterprises: the intense friction of moving your software teams over to cloud architectures. Along with all the retraining and re-framing necessary to be a cloud engineer, the work of making sure that newly deployed infrastructure is compliant is a huge task.
While early on in a cloud migration it can work to have a few trusted people managing changes, at some point they need to take a vacation!
By automating this for a self-service model, Chuck Chemis was able to go much further than before: "This year were able to achieve our ISO 27,000, and passed multiple security audits. We do see a feature, or a set of features, whereby we can leverage this style of compliance reporting and hopefully displace our needs as a company to have to bring in different auditors and third parties, where instead we can actually provide these reports to them. “
A great piece of advice from Matthew, “Prepare do some tooling ahead of time so that we can move slow and then move fast.” So much of our agility mindset is focused on delivering quickly, but when it comes to deployment and compliance, a little work spent on deliberately planning tools can mean the rest of the work happens much more smoothly.
To wrap up, they talked about how there really isn’t any end to how far you can go with integrating compliance with AWS, and Symetra plans to get into AWS Service Management Connector tooling next, to build skills through ownership and will think Cloud first.
This talk was so strong I want to quote right from the abstract:
More than 50,000 customers use AXA’s usage-based, pay-as-you-drive insurance solution, which requires real-time data processing and analytics to generate a driver score (each moving car sends an update every second). AXA originally built the system using a traditional VM approach, but it was not scalable and created maintenance overhead, so the company fully rearchitected to serverless. The solution now leverages AWS Lambda, Amazon API Gateway, Amazon Kinesis, Amazon DynamoDB, and Amazon Aurora PostgreSQL serverless. I heard from Xavier Loup of AWS with Vincent Hiribarren, Lead Architect - AXA.
Really how much more perfect can you get? A massive need for data ingestion and processing, and a Virtual Machine solution that wasn’t working.
And not just any Virtual Machine setup either, but well-selected EC2 instances! Of course it’s possible to hand this scale with EC2 but it will take expertise on your team and maintenance. Using serverless you can get better results without needing a team to monitor virtual machines or maintain load balancing and synchronization.
Serverless compute added flexibility to their structure and integration with tools like kinesis. No need to write handlers when Lambda handles Kinesis streams natively.
Vincent gave a bunch more data that showed the improvement in performance, but really it’s the last point on his slide that stood out to me:
In the end we don’t start tech companies to become experts at platforms and systems engineering. Using cloud tools means freeing yourself to focus on features rather than how they’re hosted. That change is a big one and we’re still seeing the effects!
We haven’t really seen the full potential of AWS IoT and serverless. It’s a match made in heaven since most devices should need only occasional access to web services with occasional scale-ups.
As the use of connected devices in the home continues to grow, so does the rate of enabling innovations in connected home applications with the latest IoT and machine learning technologies. Speakers were Mary Miller of AWS with Bart Strong and Ryan Tarver from Traeger Grills.
This slide really breaks down the three key directions for evolution of IoT products: either the device gets smarter, the fleet of devices learns to act together, or the whole system gets more connected.
A great quote from Mary:
“As that journey is happening on the product side, product builders go through an evolution too. If you're a connected product builder, your mission is growth. So your goal is more customers using more of your devices to do more things. So from the outset, you've got to plan to enable that scale. You've got to plan to build in such a way that you spend your time figuring out how to deliver new experiences to customers, not managing device fleets and operations.”
I don’t want to build this article totally of direct quotes from Mary but gosh this one is good too:
“We think about IoT by asking three fundamental questions. First, how can I build devices that operate at the edge.
Then how can I manage and secure those devices at scale.
And, of course, the reason why you do the first two things, how I can make sense of my IoT data and take appropriate action.”
Mary talks about how the IoT tools remove the “undifferentiated heavy lifting” we all love to foist off to cloud tools.
Ryan from Traeger talked about the benefits of relying on AWS and the managed services Serverless capabilities as much as possible. When considering an on-prem or multi-cloud approach will be a very big challenge. Finding the right professionals to lead these efforts that are experts with marketing technology, traditional IT cloud web, mobile data product management, and even customer experience, will be a very tall order. But with AWS and managed services, you can complete projects in just a few short months when other teams and historical projects may take years.
It’s startling to see the number of devices and transactions per second that Traeger already handles, but what stands out even more is their cost per device. This includes the cost of the server side and a reduction to 1/6th the cost is outstanding!
I’m interested to see how IoT and serverless grow together in 2021. The data ingest from these devices is massive and their latency and bandwidth requirements are unique. I think we’ll see more and more networking specifically geared to them like the way Lambda@Edge is.
This was an interesting talk because, okay, maybe you’re sold on cloud migration, but once you’re over that hurdle the governance problems with cloud architecture are just as real as they are with self-hosted applications.
Eli from Capital One went through some of the requirements that his team has for new AWS tooling which he described as "North Star" tenets for solution design.
My favorite quote: “Given the nature of our environment, which consists of hundreds of accounts and 1000s of applications using all these resources. Serverless was a really good fit. “
Take a look at their map of capabilities. In the lower left is CloudWatch Kinesis, Lambda and RDS. These services allowed Capital One to meet several needs of a new application through growth. They selected these services for their built in auto scaling and simplified scale scaling pattern functionality. These services also allow for built in retry patterns and managed servers.
It’s one thing to have an ‘AWS Expert’ or team to vet changes, but Capital One is making 400 scheduled changes a month! For anything of that scale, you need tooling. (Stackery, is a good tool for this). This was another reminder about ‘move slow to move fast,’ how the ability to automate change management is a key part of maintaining agility.
It has been so exciting to see so many customers achieving cost savings, faster development speeds, and scale they did not anticipate on day one. I am further convinced that if you are making a bet on Serverless, it’s going to be the right one.
What were some of your favorite quotes or talks at re:Invent this week? Hit me up on Twitter and let me know!
Serverless Success for teams across the globe
re:Invent 2020 Week 2
LEGO, BMW, Liberty Mutual, and Equinox all talk Serverless Success
What I'm looking forward to this year at re:Invent