147: Goodbye 2021, A log4j kinda year

tcp.fm
tcp.fm
147: Goodbye 2021, A log4j kinda year
/
85 / 100

EDITORIAL NOTE: Your Cloud Pod hosts are on vacation until early January!! Enjoy our 2021 wrapup and look ahead to 2022 and we’ll be back in your Podcast feed mid January! 

Justin, Jonathan, and Ryan are minus Peter in this episode as they review the year in cloud computing.

A big thanks to this week’s sponsors:

  • Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning, and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud, and Azure.

This week’s highlights

  • 🚨 It’s the last podcast of 2021. The next one premieres in the third week of January.
  • 🚨 Log4j came back with a vengeance during the holiday season.  
  • 🚨 The team looks back at its 2021 predictions and forecast for 2022.

Log4jackass

  • 📅 Using AWS security services to protect against, detect, and respond to the log4j vulnerability is still an issue. Suggestions to upgrade to version 2.16 for Apache log4j security issue for EKS, ECS, and Fargate customers wasn’t enough. Customers are asked to upgrade to 2.17. By the end of 2021, it will probably be 2.22 just to get into the spirit. 

Did The Team’s 2021 Predictions Come True?

👔 The hosts reviewed their 2021 predictions to see if they came true.

  • Johnathan’s prediction about bracket computing and other quantum technology didn’t come true to break TLS. It’s still a long way off but there are now more classes in quantum programming to prepare for the cutover. Jonathan takes half a point on his merit.
  • Peter believed The biggest blocker to cloud adoption would be costs, with individuals spending too much on poor cloud migrations. Justin believes he’s way off on this prediction. Though cost is a big consideration it’s definitely not the blocker. However, Jonathan believes more controls are needed to prevent overspending.
  • Justin’s prediction on the verticalization of the cloud in fintech, health, retail, etc. came true. Ryan says it makes a lot of sense for industries to go this route instead of building everything out. 
  • Ryan said work from home (WFH) would be a permanent trend, further breaking traditional security. Justin agreed on the first part but not the second on security issues. Though plenty of workers still log in through their companies’ VPNs, there is a big move to implement zero-trust security. 

Favorite Announcements Of 2021

📢 The hosts reviewed their favorite announcements of 2021.

  • Justin is happy that Amazon released its Redshift Serverless program to compete with Snowflake
  • Jonathan’s most favorite announcement was the introduction of OpenSearch. Especially how it went from notification to general release in a short period. Justin is impressed at the community working to improve OpenSearch. He hears more about this product now than elasticsearch.
  • Ryan puts AWS announcing the cloud control API at the top of his list. It allows one API to work across multiple cloud platforms. Although limited now, Ryan is curious to see how it works in the future. 

2022 Look Forward

🔮 Here are what the hosts see taking place in cloud computing in 2022.

  • Ryan: Google will build the first data center region under the sea.
  • Jonathan: Amazon will release a new database service.
  • Justin: Someone is going to solve the issues of designing apps that stretch from the cloud edge to the availability zone via new SDK/Programming tools.
  • Peter: Fortune 500 companies will continue to avoid an all-in-one single cloud vendor strategy in 2022. 

AWS News

💽 The holidays didn’t stop news from the AWS environment. 

  • 🕵🏿‍♂️ AWS has released guidelines on simplifying the setup of Amazon Detective at the AWS organization level. New items include focused views, expanded details on each finding, links to the profiles for each involved entity, and integration with Splunk via the Splunk Trumpet project.
  • 🗂️ AWS is now integrating with LitmusChaos to give you chaos engineering for K8. There’s a walkthrough that shows you how to configure and set up.

Google Cloud Crackdown

  • ✉️ Like all cloud providers, Google sells direct to customers and through marketplaces like Splunk and MongoDB. Though their 2018 terms of service prohibit partners from reselling third-party software it hasn’t been enforced. However, Google Cloud started to crack down on the process in November to avoid regulatory issues. 

Lightning Round

⚡ The end-of-year totals are:

  • Justin 17
  • Ryan 12
  • Jonathan 14
  • Peter 2

Other headlines mentioned:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.