AWS announces CloudFront Functions

AWS Logo
AWS Logo

AWS announced general availability of “CloudFront Functions“. The product allows deploying lightweight functions on the edge of CloudFront’s CDN deployment, bringing logic close to the end user. After CloudFlare initiated a trend with their Workers, AWS is the third major cloud player to enter the space with this offering.

The purpose of such an architecture is to bring specific logic closer to the consumer, therefore delivering richer, more personalized content with lower latency. With a distribution across 225+ CloudFront edge locations in 90 cities across 47 countries the promise is huge.

To get developers kickstarted, AWS published a Github repo with examples. As one would expect, these are primarily revolving around http header manipulation and authentication. CloudFront Functions runs JavaScript.

Slack partners with Amazon

All of Amazon’s AWS employees will now use Slack

The market for collaboration tool has been sparked by Slack a few years ago. It has been subject to heavy fights since. Microsoft Teams not only entered the market but overtook the early mover quickly. The fight escalated perceivably when Slack accused Microsoft of ripping off its ads in late 2019.

AWS and Slack recently announced a partnership, indicating how hot the market apparently still is. With these two heavyweights in the ring, expect some movement in the space.

Source: The Verge

Amazon CloudFront launches new Edge Locations
AWS Logo

Amazon CloudFront Edge Locations: AWS’ Amazon CloudFront launches 5 new CloudFront Edge Locations. These are located in Bulgaria, Greece, Hungary, Kenya, and Romania.

AWS CloudFront is a Content Delivery Network and helps webpages to distribute their content globally. To achieve this, CDN’s leverage managed reverse proxy servers. The goal is to bring content closer to the consumer. And through keeping bulky media distributed, it prevents congesting internet connections.

These added deployments will help AWS customers and their consumers experience significantly improved page load times. AWS has constantly expanded CloudFront’s Network footprint since its launch in 2008. With this recent update, CloudFront now has 216 points of presence in 84 cities across 42 countries. 

Source: aws blog.

Rumors, that Apple would switch to ARM for their computers have been floating around for a while. MacWorld just recently reaffirmed these with Annual ARM predictions.

Another important product that was announced at this years Re:Invent, AWS has ARM servers in their cloud portfolio. The Graviton2 is a custom-built 64bit processor available for EC2 workloads.

A clear signal ARM becomes ready for primetime.

It sound’s odd and definitely wrong. At 43.000 participants in 2018 at a registration fee of $1.799, that’d be $77.357.000 of revenue, which is hard to believe Oracle and IBM together cannot top. Still, it’s s still a totally fascinating thought about size of cloud and how dominant AWS is in that business.

DDoS is an annoyance not even the biggest Cloud is safe from. Apparently AWS’s Route 53 was affected and failed to resolve multiple DNS names over several hours.

DDoS, Distributed of Denial Service
Distributed of Denial Service

Parts of AWS were taken offline for hours

Source: TechRadar. The newspage also has a reference of 2019’s best DDoS Protection.

What We Can Learn from the Capital One Hack

Capital One

Earlier this week, it became public that Capital One was victim to a privacy leak, affecting more than 100 million of their customers. News revealed details about the source of the attack, that apparently an individual conducted and bragged about it publicly.

Now, a few days later and more facts known, the always excellent Krebs on Security blog offers some lessons learned from the incident. It has good statements from Netflix, CloudFlare, DisruptOS and AWS personnel, including citations about the involvement of IAM, EC2 and WAF. In particular, it points out mitigations that AWS recommends in response to Server Side Request Forgery (SSRF).

Interesting is the conclusion that Rich Mogull comes to, that the industry is facing a major gap in skills, related to this kind of cloud security. Basic skill and availability thereof has always been a major gap in the entire industry. Only with the arrival of cloud it becomes more sparse. Mostly, because corporations maintain both their existing data centers and new cloud infrastructure, leaving out on the opportunity to become more secure in the cloud.

Source: What We Can Learn from the Capital One Hack