More AWS perks for business users
Amazon Web Services has beefed up its identity management and access control capabilities so that businesses can more easily apply permissions to users, groups and roles in a consistent way. As explained in a blog post, these identity and access management (IAM) policies are now treated as “first-class AWS objects” so that they can be created, named, and attached to one or more IAM users, groups, or roles.
Since I was unclear about what a first-class AWS Object really is I reached out to someone who knows who said that these policies get their own unique Amazon Resource Name (ARN). And that, in turn means users can more easily reuse common managed policies without having to write,update and maintain permissions.
These managed policies can also be managed centrally and applied across IAM entities — the aforementioned users, groups, or roles. And, customers can subscribe to shared AWS Managed Policies, so that its easier for them to appy best security or other practcies.
That news came a few days after [company]Amazon[/company] announced general availability of its AWS Config, a configuration management database (CMDB) tool, announced in November, that keeps track of the cloud resources used and the connections between them. The goal is that it can then track changes made to those resources and make sure those changes are logged in AWS CloudTrail. The data collected there can then be polled via Amazon’s own APIs
AWS Config, and AWS Service Catalog, were both announced in preview form AWS re:Invent in November. A Service Catalog is a tool used in enterprise accounts to shop for and manage authorized tools and applications and will be tied into IAM. General availability for Service Catalog was promised for early 2015, so stay tuned.
All of these services — promised and delivered — are geared to make AWS more IT friendly in bigger enterprises — to help make sure that users can access only the resources they are authorized for and that those resources are the most updated versions.
It’s also interesting that AWS, which used to announce new services only when they were ready, is now fully in enterprise software mode, pre-announcing new products weeks and months before they are broadly available.
EMC Cloudscaling aims to bridge OpenStack-AWS divide
If you’re running an OpenStack private cloud and want it to talk to Amazon’s EC2 compute service, you may want to check out this a new “drop-in”API created by EMC/Cloudscaling and available from Stackforge.
Randy Bias, co-founder of Cloudscaling and now VP of Technology for [company]EMC[/company], has long maintained that OpenStack needs to work with Amazon. He also pledged similar support for [company]Google[/company] Compute Engine APIs. Asked via email if that’s still the plan, Bias said “yes but it’s a lower priority until we see traction.”
Structure Podcast: The biologic roots of deep learning
Deep learning, which enables a computer to learn — or program itself — to solve problems — is a hot topic that Enlitic CEO Jeremy Howard and Senior Data Scientist Ahna Girshick helped explain to mere mortals on this week’s podcast. If you want to know why you don’t necessarily need a ton of data to do good work in deep learning and how the field is inspired by biology, if not the human brain, check out this show. And, to hear more from Gisrshnick on this hot topic, you can also sign up for next month’s Structure Data event.
Hosts: Barb Darrow and Derrick Harris.
This story was updated at 11:37 a.m. PST February 18 with more detail on what an AWS First-Class is.