January 19, 2022

149: The Cloud Pod BreaksFormation

1 hour 11 minutes

On The Cloud Pod this week, the team decides 2022 is already a long, cursed year — bring on 2023. Plus nuggets of wisdom from Gartner, Orca discovers breaksformation and Glue vulnerabilities, and 10 questions to help boards (and others) maximize cloud opportunities.

A big thanks to this week’s sponsors:

Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure.

JumpCloud, which offers a complete platform for identity, access, and device management — no matter where your users and devices are located.

This week’s highlights

Gartner reveals six cloud trends for 2022: Take what you need for your organization and throw away the rest.

Orca Security discovers vulnerabilities in AWS’ CloudFormation, and — more seriously — Glue.

GCP releases 10 questions to help boards safely maximize cloud opportunities — which can also give you the opportunity to bag that promotion.

Top Quotes

“Look at the rate of growth of cloud over the past few years. The rate of training new people could not possibly keep up. … [Organizations] want to hire someone who’s got 20 years’ experience in something that’s only been around for five years. I can see it being a real problem in terms of quality of output.”

“Because Orca published a blog post, we know about this — would AWS have disclosed it to us? If there are other people out there doing research against AWS and they’re not publishing these things, there could be other things that we don’t know about, that are not being addressed. Transparency is important.”

General News: Get Out the Crystal Balls

SiliconANGLE published a guest blog from Gartner’s Paul Delory on his six predictions for what is coming to the cloud in 2022.

VentureBeat has five considerations for saving more and wasting less on cloud services. We didn’t learn much, but everyone’s mileage varies.

AWS: CloudFormation’s Breaking Apart and the Glue Doesn’t Stick

Orca Security Research Team’s been hunting in AWS waters, and found a vulnerability in CloudFormation. AWS responded that on further inspection, there was no threat to customers or resources.

There’s something more troublesome afoot, though: The Orca team also discovered a vulnerability with Glue. AWS Principal Engineer Anthony Virtuoso thanked Orca for its findings: but a coordinated effort between AWS and Orca might have avoided all of this.

AWS releases its new console which, overall, looks a lot like the old one with new lipstick — it still doesn’t appear to deliver.

GCP: 10 Questions and Some Fire in the Works

GCP helpfully published a

...more

View all episodes

By Justin Brodley, Jonathan Baker, Ryan Lucas and Matthew Kohn

4.9

3434 ratings