April 14, 2023

207: AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

31 minutes

AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

AKA Welcome to April (how is it April already?) This week, Justin, Jonathan, and Matt are your guides through all the latest and greatest in Cloud news; including VPC Lattice from AWS, the one and only time we’ll talk about Service Catalog, and an ultra premium DDoS experience. All this week on The Cloud Pod.

This week’s alternate title(s):

AWS Finally makes service catalogs good with Terraform

Amazon continues to believe retailers with supply chain will give all their data to them

Azure copies your data from S3… AWS copies your data from Azure Blobs… or how I set money on fire with data egress charges

News this Week:

AWS

@00:56 – Lots from AWS – Terraform and Service Catalog, Supply Chain and its crazy pricing, and VPC Lattice

–Self-service provisioning of Terraform open source configured with AWS Service Catalog. This means you can define your service catalog resources with either cloud formation *or* Terraform. And yes, Service Catalog inception is potentially a viable thing.

Matt: “It’s useful when you want to give people who don’t know what they’re doing very specific things; if you’re in a large organization, really just defining exactly what people can do…but to me it really starts to remove a lot of the innovation… but if you really want your teams to leverage the cloud and innovate I feel like it does start to limit some of the different aspects of the cloud.”

Justin: “Don’t drink the ITSM kool-aid on Service Catalog.”

@ 04:32 – AWS Supply Chain is now generally available; and yes, this is the same Supply Chain that was introduced at re:Invent. AWS says it will help mitigate risks, lower costs, increase visibility and help give actual insights on the supply chain.

-Honestly, we’re talking about Supply Chain because the pricing is all over the place. For example, the first 100,000 Supply Chain insights are .40/each; the next 900,000 are .13/each, and over 900,000 its .065/each.

@ 09:26 – VPC Lattice is finally here! Also announced at re:Invent, this gives you the ability to connect, secure, & monitor communications between services. It also gives the ability to refine policies for both traffic management and network access.

-Since the announcement, a few new capabilities have been added, including the ability to use custom domains, deploy open source AWS gateway API controllers to use Lattice with a Kubernetes-native experience, as well as giving the ability to configure SSL/TLS certificates when using HTTPS that matches the custom domain.

You can also:

use the Kubernetes gateway API to connect services across multiple clusters

use an ALB or an NLB as a target for service

support IPv6 connectivity with IP address target type

-be confused by pricing

Justin: “Their examples of Lattice pricing hurts my brain just a little bit.”

@ 13:36 – Guard Duty now supports Amazon EKS Runtime monitoring, which lets you detect Runtime threats from over 30 security findings via an EKS add on, which gives increased visibility on individual container Runtime activity. G

...more