Sergey Nivens - Fotolia

AWS developer tools ease security, machine learning pains

AWS technology evangelist Jeff Barr surveys the technology needs addressed by new security and ML-focused AWS developer tools disclosed at AWS Summit 2018, such as Secrets Manager.

AWS checked a lot of boxes for those who seek AWS developer tools at its recent AWS Summit 2018 in San Francisco.

Some disclosures included AWS Secrets Manager, which uses AWS Lambda capabilities to enable more control over credentials access, and an update to SageMaker to build AI in a local mode. In this Q&A, AWS technology evangelist Jeff Barr discussed demand for security, machine learning (ML) and serverless capabilities, and the software engineering challenges behind the latest AWS developer tools.

The new AWS developer tool that Summit attendees mentioned most is Secrets Manager. Why is secrets management so important?

Jeff Barr: Every application has a set of keys and codes that must be kept secure. That's harder today, because of the ever-increasing amount of regulation. Look at movements like the European Union's GDPR (General Data Protection Regulation), which will have a huge impact globally. Meanwhile, there are increasing demands for integration, data sharing and so on from the environment. Enterprises need better ways to protect and to secure everything from the start.

The secrets are usually the first step. You've got a set of secrets that might be login keys or access keys for an API. Secrets are as simple as passwords. In a business environment, commonly shared secrets can include account info and password. Then, there's always the Post-it note with the password on it taped to the display. That password is a secret that protects some other level of information. There's no way you can go and track down all those Post-it notes that are on people's desks or underneath their keyboards. Secrets management is the high-tech way to do that.

Jeff Barr, AWS technology evangelistJeff Barr

Do you think that security gets overlooked because AWS developer tools, such as AWS Lambda, help developers quickly build and deploy so much code?

Barr: There is a development model where developers might build things in isolation, and toward the end of the development they'll say, 'Let's put a nice, secure shell around it and protect everything.' We prefer to go the opposite way for what we build, and we encourage our customers to follow those same practices. Start with your security principles, and figure out your security model, and then go onto an implementation."

Amazon developers have said they use Lambda to build and deploy serverless APIs and small features and bits of code. Where are use cases for serverless going?

Barr: Lambda is three-and-half years old at this point. I saw enterprise adoption happen pretty quickly, as they saw the value of connecting Lambda to more and different event sources. People are thinking of it as a nervous system you could connect to your incoming flow of data into S3. They're connecting it up to message queues and notifications. They've started building different packaging models around it.

At some point, serverless will sponsor more creativity. You think in terms of applications that 99-plus percent of their lifetime are effectively idle. During the 1% of the time that you need them to work, however, you want them to be fast and responsive, regardless of the amount of traffic. Examples are school registration or emergency response or annual events or sporting events. Serverless is your way to make sure you can accommodate traffic spikes without having to scramble behind the scenes to bring more capacity online.

What challenges do you see to get started with machine learning on an enterprise level?

Barr: Vendors and the press have done a good job of saying machine learning is the future. Then at some point, the poor developer thinks, 'We've got this massive amount of data. What am I actually supposed to do here with machine learning?'

Helping a regular business improve a process by 10% or 15% is a big deal ... machine learning is right there and helps customers to do that.
Jeff Barrtechnology evangelist, AWS

SageMaker gives that developer a development environment and a deployment environment. You hand it to a developer and say, 'Okay, you've got your data source and a development and deployment tool. You can build a model and do some interactive testing so you understand what you're doing. You can iterate a bunch of times, you can train it on some test data, and then you can train it on your full data sources.'

So, for enterprises, the big draw for ML is the ability to better utilize data.

Barr: Anybody who has a whole bunch of data, which is almost everybody, wants to do more with it. They ask, 'How do we get some value out of this?' The first step is to get some value and not go big. Sometimes, just go for making a business process deliver 20% more value. That's a big deal for a business.

We get so used to Moore's Law and the magnitude of improvements in tech circles that we don't realize that helping a regular business improve a process by 10% or 15% is a big deal. You can go home for the week if you've done that. I think machine learning is right there and helps customers to do that.

Dig Deeper on AWS cloud development

App Architecture
Cloud Computing
Software Quality