Blog from September, 2024

The NET+ AWS program recently concluded a comprehensive two-part series on AWS Private Marketplace, offering valuable insights for the research and education community. The series, which included a strategic call, office hours, and a hands-on Tech Jam, illuminated the potential of this innovative tool to streamline procurement processes in higher education institutions.

Key takeaways from the series include:

• Private Marketplace enables institutions to curate catalogs of approved contracts, ensuring compliance with procurement policies.
• Institutions can create customized marketplaces for different schools or departments, offering flexibility in implementation.
• The tool supports private offerings with custom-negotiated terms, enhancing procurement options.

During office hours, the AWS Marketplace team addressed questions about the differences between Private and Public Marketplace, providing clarity on how to engage procurement and finance teams effectively. The Tech Jam session offered a practical demonstration of setting up private offers and configuring Private Marketplace within AWS organizations, complete with access control strategies.

Participants praised the clarity of the presentations and the relevance of the service to their institutions' needs. Many expressed enthusiasm about implementing Private Marketplace in their own environments, recognizing its potential to enhance procurement efficiency and policy compliance.

As institutions continue to navigate the complexities of cloud procurement, AWS Private Marketplace emerges as a powerful tool for ensuring compliance, streamlining processes, and maximizing the value of AWS services in higher education settings

Resources:

• Kickoff meeting recording and slides
• Creating a private partner offer on AWS Marketplace for public sector customers - demo
• Private Marketplace - Demo | AWS Public Sector
• Hands-on session recording

Estimated reading time: 4 minutes

The September 18th NET+ AWS Tech Share dug into issues that keep the research and education cloud professionals up at night: measuring cloud maturity, justifying costs, and simplifying storage decisions. Here's what you need to know:

Cloud Elevation Index (CEI): Penn State's Approach to Benchmarking Cloud Journey

In the meeting, we briefly talked about Penn State University’s innovative internal project: the Cloud Elevation Index (CEI). For those of you that missed their presentation this year at Cloud Forum here are the slides and recording. In a nutshell, this new metric could potentially offer research and education institutions a standardized way to quantify cloud maturity progress.

Stay tuned for updates regarding Penn State's CEI. NET+ subscribers will see CEI for their own accounts in the upcoming release of the Data Benchmarking project. Internet2 is working with Penn State to set up a working group open to the broader research and education community on this initiative.

Cloud Costs Under Scrutiny: CMA Investigation Sparks Debate

Joshua (University of Virginia) shared a recent article about AWS’s responses in the UK Competition and Markets Authority’s (CMA) investigation into anticompetitive behavior by the public cloud providers and the other major cloud providers, igniting a lively discussion:

• Bob mentioned that The Register has a history of posting anti-public-cloud articles. He also cautioned against viewing the cloud as a universal solution.
• Kelly (University of Washington-Madison) highlighted often-overlooked cloud benefits, particularly in security.
• The group explored differences in compliance and security between cloud and on-prem:
• Cloud platforms handle some compliance aspects at the platform level.
• On-prem setups vary widely in control and security ("All bets are off for researchers who have a server under their desk").

Key takeaways:

1. Evaluate cloud benefits holistically, beyond just infrastructure costs.
2. Consider how the cloud simplifies certain compliance requirements.
3. Recognize the challenges in making direct cloud vs. on-prem comparisons.
4. A more balanced analysis, including links to the hearings with each of the three public cloud vendors in the CMA investigation, can be found at How Big Cloud defended itself in the U.K. 

Taming the Wild West of Cloud Procurement

Familiar procurement headaches shared across institutions:

• Challenge: Corralling departments and researchers under a single contract. Many are either unaware of university contracts or are unwilling to comply with or have their accounts controlled by central IT management.
• Risk: If controls are too tight or if the value of joining the institutional contract and org are not made clear and compelling, there is a chance that departments and researchers (primarily researchers) will create accounts with non-university credentials, pushing IP and any chance of university support, to personal accounts.

Best practices mentioned: Consider increasing closer collaboration between IT, Procurement, Research to develop streamlined cloud account creation processes that make the value proposition clear and balance flexibility with control.

AWS Storage Simplification

Jan from AWS has an internal project she’s working on to simplify AWS storage selection:

• Challenge: Researchers and others struggle to choose optimal AWS storage configurations for their use cases.
• Initiative: Developing user-friendly tools for accurate object storage pricing estimates.
• Goal: Enable precise cost estimation without requiring deep architectural expertise.

This initiative aligns with recent discussions in the research and education community about research data storage challenges. In fact, this past June, Oren Sreenby of Internet2 wrote an insightful blog on "Top Issues Around Research Data Storage in Higher Ed."

Jan is actively seeking insights from those working with the cloud within the research and education community to create a potential solution. This is your chance to shape tools that could make your storage decisions easier and more cost-effective! Contact Jan at janday[at]amazon[dot]com. 

Conclusion

From Penn State's Cloud Elevation Index to the ongoing debates about cloud costs and procurement strategies, it's clear that our community is still wrestling with challenges to making the most efficient use of cloud in their institutions. As we navigate these complexities, the collaborative spirit of the NET+ AWS Tech Share community remains a valuable resource. We hope you’ll join us at the next NET+ AWS Tech Share and add your voice to the conversation!

Be sure to check out the other blog posts we've written. As always, feel free to send any feedback to tmanik[at]internet2[dot]edu.

Estimated reading time: 4 minutes

The September 19th GCP Tech Share explored the highs and lows of Google Cloud adoption in higher education, from billing headaches to cutting-edge AI projects. Here's what you need to know:

GCP Experience: The Good and the Bad

The session kicked off with a discussion led by a business student from Indiana University, part of a project where Bob Flynn from Internet2 is collaborating with IU students to analyze and quantify barriers to adoption for GCP users within the research and education community. This open dialogue revealed both strengths and challenges:

Institutions praised GCP's tech support and documentation, with Pennsylvania State University highlighting positive experiences. However, challenges emerged:

• Northwestern University reported difficulties with Apigee support post-acquisition. Google seems to take a long time to fully integrate the products they acquire.
• Washington University in St. Louis cited billing as their "biggest headache," especially with third-party resellers. Better communication about charges for non-GCP Google services is needed..

To mitigate some of these issues, Washington University suggested restricting Google project creation. Google's representative assured the group that teams are working to improve integration of acquired products and enhance user experience.

RIT Pitch and Innovative Ideas

The meeting continued discussions on the Google Public Sector Rapid Innovation Team (RIT) initiative, introduced during the August 20 GCP Strat Call (recording and assets). This program offers institutions the chance to collaborate with Google on innovative prototypes for higher education challenges.

For more details, see the blog post "Google's Rapid Innovation Team Seeks Ideas from Internet2 NET+ GCP Community".

Here are a few of the potential proposals that were discussed during the call:

1. An AI-powered app for personalized GCP training suggestions (Internet2).
2. An app recommending GCP solutions for researchers based on current tools (Pennsylvania State University).
3. A tool for assessing per-user GCP cost estimates (Pennsylvania State University).

These ideas will be presented at the September 24 pitch session, with selected projects working with Google's RIT in 6-week sprints.

Cutting-Edge Projects and AI Advancements

The discussion then shifted to showcase the innovative work being done across institutions, highlighting the practical applications of GCP and AI in academic settings. Below are some of the GCP and AI projects shared by participants on the call:

• Washington University in St. Louis (WashU): Testing LLM deployment across cloud providers and developing a medical voice-to-text app.
• An AI tool for predicting cancer therapy responses was highlighted by Steven from WashU.
• Tim from Internet2 talked about his testing of Google's speech generation tools:
• NotebookLM: Converting blogs to podcasts.
• Illuminate: Generating podcasts from research papers.
• Jeff from Google highlighted the AlphaProteo project, which generates novel proteins for biological research.

Conclusion

The September GCP Tech Share revealed both the value and challenges we all face with GCP in higher education. While administrative issues, billing and integration can hamper adoptions, innovative projects and AI advancements demonstrate GCP's potential in advancing research and education. As the academic community leverages these tools, we anticipate groundbreaking applications in cloud computing and AI. We invite you to join us at next month’s NET+ GCP Tech Share on October 17.

Be sure to check out the other blog posts we've written. As always, feel free to send any feedback to tmanik[at]internet2[dot]edu.

Estimated reading time: 4 minutes

The September 4th AWS NET+ Tech Share covered a wide range of topics including the Landing Zone Accelerator (LZA), campus-wide help desk unification, cloud engineering recruitment, and the state of DevOps education in universities. Here are the key points from the discussion:

Recent and Upcoming Events

• NET+ AWS Strat Call - Unlocking AWS Private Marketplace (recording | blog)
• REMINDER: Office Hours 9/11 11am PT/2pm ET https://internet2.zoom.us/j/81114348919  
• NET+ AWS Tech Jam - Building Your AWS Private Marketplace: Hands-On Lab 9/18 11am PT/2pm ET (Registration required)
• Technology Exchange registration rates increase by $200 on Friday, September 6th. If you are reading this after the price change, it’s still worth attending!
• Call for proposals for Community Exchange closes on September 13th. If you have been or are working on an interesting project or encountering unique challenges that you think others should hear about, consider submitting a proposal!
• AWS Landing Zone Accelerator (LZA)Community of Practice continues to meet monthly. Sign up and join in.

LZA Community of Practice: Purpose and Potential Spin Off

The discussion on LZA began with a question from Loyola Marymount University (LMU) about where institutions can discuss maintaining customized landing zone deployments, and whether the LZA Community of Practice was the right place for such discussions.

In response, AWS clarified the dual purpose of the LZA Community of Practice:

1. To gather feedback from institutions currently using LZA
2. To provide a platform for those seeking to learn more about LZA

An important point raised was the need for a dedicated space where institutions can discuss maintaining customized lower-case lz/landing zone deployments. This is different than LZA. See the blog I wrote for September’s AWS LZA Community of Practice meeting for more explanation.

To address these growing needs, a suggestion was made to dedicate a quarterly call to Cloud Center of Excellence (CCoE) and/or custom landing zone deployment. It's worth noting that this was just an initial idea proposed during the discussion, and the most suitable platform for such conversations is yet to be determined.

Help Desk Unification: Seeking Success Stories

Jan from AWS raised an interesting question about unifying multiple independent help desks across a campus with a central service desk. If any institutions have experience with such a project, AWS is keen to facilitate connections and share learnings. Contact Jan at janday@amazon.com

Hands-on "Barn-raising" Topics

The community expressed interest in hands-on sessions to collectively build out modular projects together. A couple of suggestions to start with are:

1. Vanderbilt University's Amplify AI Platform
2. Indiana University's Automated Transcription Service 

These practical sessions would guide institutions through the steps of deployng them in their own environments. If you have ideas for similar done-in-a-day-or-less projects with broad appeal, contact Bob Flynn bflynn@internet2.edu. 

Cloud Engineering Recruitment and Cloud Computing Courses 

The University of Wisconsin-Madison shared their experience in hiring for a new Cloud Engineer position. The role requires multi-cloud experience (AWS, Azure, GCP) and proficiency in Infrastructure as Code (IaC). 

They are seeing lots of resumes for the position. More than a few cover letters and even some resumes look AI generated. The discussion turned from the challenge many organizations are facing finding experienced candidates to cloud computing and DevOps courses offered at universities and technical institutes. Kelly Rivera shared her insights into the training offered at a local Wisconsin technical college:

• They offer courses on Terraform, cloud platforms, and CI/CD pipelines.
• While the program provides a solid foundation, graduates lacked the stresses of managing production environments and the benefits of working in a team. AWS GameDays were suggested as a way to help bridge those gaps. .
• The University of Wisconsin-Madison has considered sourcing interns from this program.

Another institution mentioned that they offer a few Master's level courses in the Business School using cloud services for data analytics and machine learning. These courses use AWS Cloud Academy, but most computer science and MIS coursework remains theoretical rather than applied. This discussion highlights the growing need for practical, hands-on cloud and DevOps education in academic settings to prepare students for the evolving job market.

The AWS NET+ Tech Share continues to be a valuable venue for knowledge sharing, community building, and addressing the evolving needs of research and education institutions in their cloud journey.

Be sure to check out the other blog posts we've written. As always, feel free to send any feedback to tmanik[at]internet2[dot]edu.

Estimated reading time: 5 minutes

On September 3, 2024, the AWS Landing Zone Accelerator (LZA) Community of Practice gathered for its monthly meeting, bringing together representatives from various institutions and AWS experts. The session focused on providing a comprehensive introduction to LZA, its architecture, and best practices for implementation.

LZA 101: Understanding the Foundations

The meeting began with an informative LZA 101 presentation by Brian from the AWS LZA team. He introduced attendees to landing zones and their role in cloud adoption. Key takeaways include:

1. Landing Zone Defined: A critical cloud foundation component that provides a framework for account provisioning and management, establishing a secure and compliant multi-account AWS environment.
2. Cloud Foundation Alignment: The importance of aligning with the AWS Cloud Adoption Framework's Platform, Operations, and Security pillars.
3. Historical Context: The evolution from customer-built systems to AWS-managed services like Control Tower.
4. Differentiating landing zone and LZA: While a landing zone is the overall environment and structure for AWS account management, LZA is a specific tool for implementing and managing that environment.
5. LZA Overview: An open-source solution accelerating the implementation of security controls and infrastructure foundation on AWS.
6. Key Benefits: Well-Architected framework alignment, compliance documentation, and ability to programmatically implement and track AWS Organization-wide configuration changes.
7. Architecture: Utilizes AWS CloudFormation, CodePipeline, and Cloud Development Kit (CDK) for deployment.

Q&A Insights: Real-world Implementation Concerns

The Q&A session provided valuable insights into the practical aspects of implementing LZA:

• Configuration Management: The University of Idaho raised questions about best practices for editing YAML files, particularly for CMMC compliance. AWS experts recommended establishing a RACI matrix for effective people and processes management.
• Change Management: Internet2 inquired about config management locations, to which AWS said one way is to use internal code repositories (like GitHub) with actions to trigger the LZA deployment pipeline.
• Testing Strategies: The importance of having separate test and production organizations for making changes was emphasized, with AWS experts noting that account boundaries alone are insufficient for containing organization-wide changes.
• Third-party Integrations: While specific third-party tools weren't recalled, AWS highlighted the LZA account creation workflow available on GitHub as a valuable resource.

Looking Ahead: Roadmap and Community Engagement

The meeting concluded with important announcements and future plans:

1. TechEx Check-in: Internet2 and Amazon have a session at  TechEx conference to talk about the effectiveness of these community gatherings. They are looking for members of the CoP who are attending the event to join the discussion.
2. Next Meeting Preview: The October meeting will feature a roadmap discussion, requiring an NDA with AWS for participation. This session promises to provide exclusive insights into the future direction of LZA. If you wish to attend, please email bflynn@internet2.edu with confirmation that your institution has an NDA.

The September AWS LZA Community of Practice meeting successfully demystified Landing Zone Accelerator, providing attendees with a solid foundation for understanding the benefits of implementing this powerful tool. As institutions continue to navigate their cloud adoption journeys, the insights shared in this session will undoubtedly prove invaluable.

Be sure to check out the other blog posts we've written. As always, feel free to send any feedback to tmanik[at]internet2[dot]edu.