AWS PrivateLink Opens Up Platform To Third Party SaaS Apps

netflix, AWS

New additions to AWS sees threat detection, a new managed service, and a new bare metal instance

Amazon Web Services has used its AWS re:Invent to announce a number of new offerings for its cloud service.

The announcement includes a fully managed intelligent threat detection service called Amazon GuardDuty; a bare metal instance offering for Amazon Elastic Compute Cloud called Amazon EC2 Bare Metal Instances; and finally a managed services called AWS PrivateLink to deliver access to third-party SaaS applications.

It has been a busy period for the e-commerce giant. Earlier this month Amazon launched the ML Solutions Lab to offer Amazon machine learning experts to help AWS customers develop their machine-learning features and products.


New Offerings

But now the company has announced the arrival of three new offerings, the first of which is Amazon GuardDuty, a fully managed threat detection service to help protect AWS accounts and workloads.

It works by continuously monitoring account activity for malicious or unauthorised behaviours.

But perhaps the next two offerings are more noteworthy for corporate clients. The preview of Bare Metal instance offering for Amazon Elastic Compute Cloud (Amazon EC2) will allow customers to run workloads directly on AWS hardware, or alternatively bring their own hypervisor or virtualisation stack

“The Amazon EC2 I3 Bare Metal instances are the first AWS instances to allow customer applications to run directly on the underlying hardware while still providing access to all the elasticity, scalability, and security of the cloud,” said the firm.

It said it has been designed for non virtualised workloads and will give applications direct access to Intel Xeon E5-2686 v4 processors, 512 GiB of memory, 36 hyperthreaded cores, and 15.2 TB of local, SSD-based NVME storage.

According to Amazon, I3 Bare Metal instances are not just repackaged bare metal servers, but rather will deliver the flexibility and capability that customers have come to expect from EC2 instances.

“AWS continues to expand and enhance what was already the cloud’s broadest and most capable compute service,” said Matt Garman, VP AWS Compute Services, AWS. “Today, we expand the options we give customers across three dimensions, introducing a brand new capability with Bare Metal instances for the I3 High I/O family, launching a new family of Storage Optimized instances designed for big data workloads with H1, and providing higher performance and lower prices for general purpose workloads with the launch of M5.”

Open VPC

Meanwhile Amazon has also revealed that customers can now use AWS PrivateLink to access third-party SaaS applications from their Virtual Private Cloud (VPC), without exposing their VPC to the public Internet.

It said that the vast majority of Amazon EC2 instances now run in Amazon VPCs, and many customers rely on the ability to limit access to their VPC from the Internet as a critical component of their security.

But what should happen when they use third-party SaaS applications? This often means that customers have to make a choice between allowing Internet access from their VPC in order to access these SaaS applications, or not use them at all.

But AWS PrivateLink will allow customers to connect their VPCs to third-party services in a secure manner.

Customers no longer have to choose between using a third-party SaaS offering or exposing their critical data to the Internet, as traffic stays within the AWS network and doesn’t traverse the Internet.

“We have seen a growing desire from our enterprise customers to move from traditional on-premises applications to SaaS offerings hosted in the cloud,” said Garman. “However, we have also heard that adoption of many SaaS offerings is limited by customers’ desire not to expose their data to the Internet. With AWS PrivateLink, customers now have a way to access third-party services over their dedicated AWS network.”

These new offerings continues Amazon’s AWS expansion around the world. In August for example it unveiled a machine learning-based tool (called Macie) aimed at securing sensitive data held in the cloud.

And AWS remains a strong performer for the Amazon group overall, as the unit leads its public cloud rivals such as Microsoft Azure and Google Cloud Platform by some distance.

Quiz: How much do you know about Amazon Web Services?