Challenge #2 of Knowledge Watcher, a weekly publication of curated content material on subjects associated to information administration and information safety
Welcome to Knowledge Watcher #2, the place I curate fascinating articles on information administration and safety for information practitioners and executives. This week’s themes are S3 misconfigurations, MLOps, and vertical integration.
Final yr, Cloudanix revealed A Full Record of AWS S3 Misconfigurations. It’s a brief however useful reference, written by @kedarghule, that enumerates all of the methods through which S3 buckets might find yourself weak or insecure, together with brief decsriptions of every misconfiguration and its on influence on compliance (PCI, HIPAA, and so on.).
The most typical misconfigurations (publicly accessible buckets, buckets with no encryption, and so on.) are what get talked about often, however the article serves as a pleasant and handy guidelines (maybe to automate, even) to make sure your entire S3 buckets are provisioned utilizing safety greatest practices. Test it out!
- Cloudanix additionally has a companion article on recipes / greatest practices to go an AWS S3 Audit that’s fairly useful, too.
Brian Costa at TheNewStack has revealed The Architect’s Information to Utilizing AI/ML with Object Storage.
It makes a case for why object storage (AWS S3, Azure Blob Storage) is a greater match for information curation, storage, and coaching of complicated AI / ML fashions in comparison with conventional SAN or NAS storage. Utilizing object storage has the next benefits:
- Massive scale coaching datasets are often within the vary of 10s or 100s of petabytes, which far exceed the capabilities of typical SAN and NAS architectures.
- Object storage is best suited to the storage, versioning, and processing of structured, semi-structured, and unstructured information.
- Object storage helps object locking and lifecycle administration, that are important to make sure coaching information is legitimate, hasn’t been tampered with, and is compliant with privateness legal guidelines.
- RESTful APIs, such because the S3 API, are a contemporary strategy to constructing complicated distributed techniques, and permit the decoupling of compute from storage, and interoperability throughout a number of providers.
In Knowledge Watcher #1, we had checked out The Collision of App Platforms and Database, that talked about combining functions and databases right into a single unit of abstraction, just like what the Heroku and Aptible platforms present.
@monkchips at Redmonk discusses the launch of Postgres Container Apps by Cruncy Knowledge, which relies on this concept. It’s meant to offer builders a easy approach to construct, check, and run PostgreSQL apps rapidly, as within the following examples:
- Including RESTful APIs, similar to these offered by PostgREST, and so on., on high of the database.
- Working administrator and reporting instruments on high of the database.
- Deploying monitoring brokers (Datadog, New Relic, pganalyze) alongside the database. That is the traditional sidecar sample that has been popularized by Istio and Kubernetes!
That’s all for this version of Knowledge Watcher. Hope you get pleasure from studying the linked articles!
Cheers, and hope you’re having an amazing weekend!
*** This can be a Safety Bloggers Community syndicated weblog from Weblog Archive – Cyral authored by Srini Vadlamani. Learn the unique put up at: https://cyral.com/weblog/s3-misconfigurations-mlops-vertical-integration/