Sessions

KICK-OFF

AWS Community Day NL 2024

Room: Zaal 11 | Time: 09:15 | Duration: 75

We kick-off this AWS Community Day with fireside chats with Milou Verheij, Danielle Gorlick, Keren Wade and Tim Nolet. They’ll share some valuable insights, technical tips & tricks, and lessons learned from their journeys.

Speakers

Danielle Gorlick , Kieren Wade , Tim Nolet , Milou Verheij , Martijn van Dongen

Danielle Gorlick

General Manager Benelux at Amazon Web Services

Kieren Wade

Senior Director of Cloud Engineering at Booking

And 3 more speakers.

ACD321

A Fresh Take on Modernization

Room: Zaal 9 | Time: 11:00 | Duration: 60

When companies are asked why they move to the cloud, their answers typically focus on technology and infrastructure. Upon closer examination, the true drivers emerge, such as gaining a competitive edge, increasing business value, and empowering teams to focus on innovation. The cloud journey is viewed more as a process of business and cultural transformation than simply technology adaptation. Join me for a short modernization walkthrough.

Katerina Tashoska

AWS Architect | Consultant @Xebia

ACD308

Advanced VPC Architectures: Saving costs with better connectivity

Room: Zaal 7 | Time: 11:00 | Duration: 60

Every AWS account begins with a default VPC, which is often set up once and then forgotten. However, unlocking the full potential of the VPC can yield numerous benefits. Enhance security with defense in depth within your network, optimize costs by leveraging shared VPC connectivity resources, connect easily using private DNS, and streamline developer access to databases. These best practices are helpful for small startups that want to minimize costs as well as big corporates that wish to enhance security.

Steffan Norberhuis

Founder Rocketleap

ACD417

Data Platforms: The Bedrock Beneath the GenAI Sandcastles

Room: Zaal 8 | Time: 11:00 | Duration: 60

In the era of (Gen)AI and LLMs, organizations are rushing to adopt this transformative technology. However, the key to success lies in the data platforms that support them. This talk explores how data platforms enable fast flow and manage cognitive load in LLM initiatives, using the lens of Team Topologies. We’ll dive into the unique challenges and opportunities of building and managing data platforms. Attendees will learn strategies for designing and managing these platforms to foster collaboration, ensure seamless integration, and optimize performance.

Thiago de Faria

Hands-on Data & AI Architect

ACD206

DDoS as a service: Running load tests in the Cloud for the Cloud

Room: Zaal 10 | Time: 11:00 | Duration: 60

Building applications on AWS comes with many potential advantages, such as less responsibility, reduction in costs, and ““infinite”” scaling to name a few. Because of this, we tend to rely completely on AWS when it comes to certain properties of our applications, such as performance and scalability. However, simply using AWS is not a guarantee that your AWS application will be able to handle the load as your business grows. How certain are you that your AWS application can handle 2x the current load on production?

Evertson Croes

Organising success via Luminis

ACD315

Demystifying Serverless: A deep dive into AWS Lambda

Room: Zaal 11 | Time: 11:00 | Duration: 60

This talk aims to provide a comprehensive understanding of the inner workings of AWS Lambda, one of the most popular serverless computing services. We will cover the mechanisms behind AWS Lambda, including how it achieves effortless scalability and resilience, the pricing model, and techniques for cost optimization. Attendees will learn about the process of provisioning, using, and tearing down new runtime instances, and discover the possibilities of customizing runtime behavior or even creating a completely custom runtime from scratch.

Moukarram Kabbash

Leader Software Development at SenseGuard GmbH

ACD320

Affordable Alternatives: Breaking Appstream's limitations to replace AWS Workspaces

Room: Zaal 10 | Time: 13:00 | Duration: 30

AWS Workspaces and AWS Appstream are two examples of services that enable users to put their desktop interface on the cloud to offload their compute requirements. They do this however in two completely different manners (and as such, have completely different pricetags). We will be talking about a scenario we encountered in which we migrated 260 users to appstream, the challenges we encountered in that transistion and about our solution in overcoming a very big limiting factor in using Appstream at scale.

Bart Mommers

AWS Cloud Engineer

Yaika Zeeman

AWS Cloud Engineer

ACD326

Making sense of AWS Serverless operations. Serverless service quotas and how to deal with them.

Room: Zaal 8 | Time: 13:00 | Duration: 30

There is a misunderstanding, that everything is possible with the Serverless Services in AWS, for example that your Lambda function may scale without limitations. But each AWS service (not only Serverless) has a big list of quotas that everybody needs to understand and take into account during the development. In this talk I’ll explain the most important things to be aware of for the scalability of the AWS Serverless services, explain quotas (from the hyper scalability point of view, but not only) of the services like API Gateway, Lambda, DynamoDB, Aurora Serverless, SQS, S3 and others and how to architect your solution with these quotas in mind.

Vadym Kazulkin

Head of Development at ip.labs in Bonn, Germany

ACD302

Rearchitecting for scalability: Moving a mission critical application from single tenant to multi tenant

Room: Zaal 11 | Time: 13:00 | Duration: 30

Both single tenant and multi-tenant approaches have their own pros and cons. While the single tenant approach is easy to start with, as your system grows it might not be sufficient enough. In this talk we are going to discuss how one of the mission critical applications in PostNL that was initially designed for single tenants was moved to a multi-tenant approach.

Pubudu Jayawardana

AWS Community Builder | Senior Solutions Software Engineer @ PostNL

Ryno Marree

Senior Solution Software Engineer @ PostNL

ACD305

Sensible Security for AWS Workloads

Room: Zaal 7 | Time: 13:00 | Duration: 30

We’ve all read the Well Architected Framework and followed best practices to build security into our workloads, but of all the controls and recommendations, which make the difference? Using real-world data and his ten years of cybersecurity experience, Nick will talk through the most common attack scenarios against AWS workloads, and the key security controls to have in place. Attendees will come away with a better understanding of the real security threats to their projects, and guidance on which controls to prioritise, why they matter, and how to balance them against engineering effort.

Nick Jones

Global Head of Research @ WithSecure Consulting

ACD223A

Unlocking Innovation with Red Hat OpenShift Service on AWS: A Collaborative Path to Success

Room: Zaal 9 | Time: 13:00 | Duration: 60

Be aware this session is 60 minutes. In today’s fast-paced cloud-native world, businesses need a seamless platform to build, deploy, and manage applications with speed and scalability. Join us for an engaging and interactive session where we introduce Red Hat OpenShift Service on AWS (ROSA), a powerful collaboration between Red Hat and AWS. Through a lively discussion and a fun role-play with different “hats” representing key stakeholders-CTO, architect, and developer-we’ll demonstrate how ROSA empowers organizations to streamline operations, improve collaboration, and accelerate innovation.

Anton Nesterov

Senior EMEA Global Black Belt for Red Hat Cloud Services

ACD216

Building And Automating Serverless Auto-Scaling Data Pipelines In AWS

Room: Zaal 8 | Time: 13:35 | Duration: 30

The modern data professional navigates a dynamic data landscape, handling high-velocity raw data at ever-changing volumes. In this 30-minute intermediate session, I demonstrate a fully serverless auto-scaling data pipeline using AWS services. This session includes: Getting and storing API data with AWS Lambda and Amazon S3. Transforming the API data with AWS Glue & Amazon Athena. Pipeline automation and orchestration with AWS Step Functions and Amazon EventBridge. Ideal for Data, DevOps, and Architecture professionals, this session offers practical insights into building efficient serverless data pipelines.

Damien Jones

💻 UK AWS Consultant 🎤 Speaker 🦈 Creator @ amazonwebshark ☁️ AWS Certified | Fin Fan | Dog Dad | He/Him

ACD310

Building Secure and Efficient SaaS Platforms on AWS Serverless

Room: Zaal 7 | Time: 13:35 | Duration: 30

Let’s go on a journey through the world of multi-tenant architectures on AWS using serverless technologies. In this talk, we will uncover the key aspects of multi-tenancy, including security, tenant isolation, and performance. We will learn how to utilise Cognito for authentication, DynamoDB to store millions of tenant-partitioned records and lambda for compute. We will also explore different deployment models and their tradeoffs, and, finally, we will learn how to implement policy-based isolation with IAM to keep our execution context tied to one specific tenant and avoid data leakage.

Guilherme Dalla Rosa

CTO at MerCloud

Luciano Mammino

AWS Serverless Hero, Senior Architect @ fourTheorem

ACD207

Migration of a PCI DSS workload to AWS

Room: Zaal 10 | Time: 13:35 | Duration: 30

Summary of how CloudNation designed the architecture and migrated a mobility transaction provider platform that processes cardholder data with VISA to AWS. To adhere to the many requirements of PCI-DSS, we used a combination of Amazon Payment Cryptography, restricted networking in a hub-spoke setup, centralized governance with AWS Landing Zone Accelerator and several other security controls.

Speakers

Erik van Dijk , Tom Eigenraam , Christiaan Rakowski

Erik van Dijk

Tech Lead AWS / DevOps engineer at CloudNation

Tom Eigenraam

AWS Cloud Consultant at CloudNation

And 1 more speaker.

ACD223B

Session Continues

Room: Zaal 9 | Time: 13:35 | Duration: 30

Be aware this session is continuing from the previous block and is 60 minutes long.

ACD218

Zero to Production Serverless: An 8-Week Real-World Journey

Room: Zaal 11 | Time: 13:35 | Duration: 30

A large business contract is signed and you are given the challenge to integrate two businesses as well as to build a customer portal capable of managing orders and taking payments. Could you and your team confidently deliver on time? In this talk, you’ll hear about a real-world project journey, from concept to production in only eight weeks. From choosing the technologies, utilising Infrastructure-as-Code and serverless technologies, to the challenges of rapid development with a small team, I’ll give you the real story.

Martyn Kilbryde

Head of Engineering at Chemist4U

ACD213

Do you really need platform teams?

Room: Zaal 11 | Time: 14:10 | Duration: 30

Platform engineering is one of the emerging trends in the tech. It promises to increase developer productivity and reduce cognitive load. Platform engineering focuses on abstracting the complexity of managing infrastructure, CI/CD, and observability through Internal Developer Platforms (IDP). However, having worked in both a startup and a large bank, we experience platform engineering as a burden. The promise of empowering engineers sounds good, but the fallacy often lies in the execution.

Bart Monhemius

Solutions Architect / Tech Lead / Green IT Advocate at de Volksbank

Stef van der Wel

Software Engineer | Cloud & Serverless Enthusiast | Passionate about Green IT and FinOps

ACD124

From vulnerable web application to cloud account takeover

Room: Silent Disco | Time: 14:10 | Duration: 30

In this session we will demonstrate how attackers can abuse a misconfigured web application running on EC2 to gain full control of an entire AWS cloud account. You will be able to understand the chain of events that lead to such a disaster, and gain ideas on how it could be prevented.

Milan Krstic

Prisma Cloud Solutions Architect, Palo Alto Networks

ACD319

How to use modern serverless with GraphQL

Room: Zaal 7 | Time: 14:10 | Duration: 30

In the year 2024, serverless is much more than just AWS Lambda Functions. Now, it is a full-blown ecosystem of managed services with the concept of paying for what you use. The API level could be written without computing services like Lambda Functions or containers with Fargate. I will show the audience how to deploy the GraphQL API with JavaScript Resolvers, EventBridge, and CDK. Disclaimer: no Lambda Functions will be called during the talk and a demo.

Igor Soroka

Indie Serverless Consultant

ACD226

Policy Perils: From Misconfigurations to Account Takeovers

Room: Zaal 10 | Time: 14:10 | Duration: 30

AWS IAM becomes complicated when dealing with permissions for resources spread across different policies, roles and accounts. This opens the door for dangerous mistakes that allow for privilege escalation. In this talk, we show you real-life cases on how innocent-looking permissions can lead to full AWS account takeovers, even hop to accounts that should be out of reach. The talk will include 2 case scenarios pertaining to privilege escalation through over-permissive policies and associated roles.

Sudharshan Kumar

Senior Security Specialist

Roy Stultiens

Senior Security Specialist

ACD201

Scaling Landing Zone Customizations using ControlTower Account Factory for Terraform(AFT)

Room: Zaal 8 | Time: 14:10 | Duration: 30

This session will deep-dive into landing zone customizations using Control Tower Landing Zone accelerator & Account Factory for Terraform(AFT). In this session, we’ll dive into leveraging AWS’s ControlTower Best Practices from Customers experiences and how you can scale customizations (IAM, Custom VPC, SSO) using te AFT account-provisioning pipeline (CodePipeline) & landing zone accelerator(LZA) pipelines.

Masoom Tulsiani

Cloud Architect at Rackspace Technology

ACD203

Shimmers: building an indie mobile game in 2024

Room: Zaal 9 | Time: 14:10 | Duration: 30

Publishing a mobile game as a sole developer is harder than ever, with high user expectations, fierce competition, and stringent regulations. However, using modern tools and technologies, one man army indie developers with full time jobs can still be a thing in 2024! This talk focusses on my journey of conceptualising, building, and deploying an iOS & Android mobile game. We’ll go over the serverless AWS architecture, integrating AWS CDK and Amplify CLI, creating Midjourney art and serving it with Cloudfront and S3, and zoom in on the development journey with its many hurdles and curveballs.

Jochem Kleine

Cloud Consultant by day, Indie Developer by night

ACD327

Focus on what matters - automating a comprehensive security overview in AWS Security Hub

Room: Zaal 7 | Time: 15:30 | Duration: 60

Getting overwhelmed by the amount of findings Security Hub throws at you? It can provide a very good security overview of your AWS account or organization. Still, you will need to find a way to sieve out the clutter and consolidate the rest of the findings. In this talk, I’ll share some tips & tricks on how to do this; in theory, with any tool you like: Security Hub Automations or any other popular 3rd party SIEM tool.

Carlo van Overbeek

Security DevOps Engineer Cloud

ACD212

Mitigating Layer 7 Threats to E-commerce IAM Solution with WAF

Room: Zaal 9 | Time: 15:30 | Duration: 60

Throughout this presentation, we will together trace the story of an attack targeted at an e-commerce system. I will share my experiences, attempts at mitigation, and the conclusions we drew from this incident to improve our defenses. Analogous to passport control at a border, we decided on a security method that relies on verifying the user through the analysis of unique browser characteristics - a digital fingerprint, instead of solely relying on traditional security methods.

Grzegorz Kalwig

AWS DevOps Professional & Serverless Enthusiast

ACD314

More Network Security: Forward Proxy on AWS Network Firewall & Fargate

Room: Zaal 10 | Time: 15:30 | Duration: 60

We’ve crafted a robust, scalable forward proxy solution integrating AWS Network Firewall, Squid Proxy, Fluentbit, Dnsmasq, and Telegraf - all components in containers. 🌐 The AWS Network Firewall serves as a transparent proxy, applying stateful and stateless whitelist blocking rules. 🦑 Squid Proxy, operating as an explicit proxy, is deployed in an ECS container alongside Fluentbit, which forwards logs to AWS CloudWatch. 🔧 Dnsmasq, also in an ECS container, resolves DNS issues related to Let’s Encrypt, ensuring smooth SSL/TLS certificate management.

Michal Salanci

Senior DevOps Engineer in Deutsche Telekom Systems Solutions, Slovakia

ACD322

Next-Gen Developer Experience: Boosting Developer Productivity

Room: Zaal 11 | Time: 15:30 | Duration: 60

Developers seek ways to improve speed, cost, security, and reliability without compromises. This session explores how next-generation developer tools help address these challenges. Through technical demonstrations, attendees will learn practical ways to streamline development processes and boost their productivity when building on AWS. The session will showcase examples beneficial for both experienced and beginner AWS developers, offering insights to enhance efficiency and simplify cloud application development.

Gunnar Grosch

Principal Developer Advocate at Amazon Web Services

ACD325

OCR-ing with AWS managed services

Room: Silent Disco | Time: 15:30 | Duration: 60

In today’s digital age, efficiently processing and extracting text from scanned documents and images is crucial for many businesses. This session will explore how to leverage AWS managed services to perform Optical Character Recognition (OCR) effectively. Attendees will be introduced to AWS Textract, a powerful OCR service that automatically extracts printed text, handwriting, and data from documents. Key features such as form extraction will be covered and how to improve inaccurate extracts by creating adapters and integrating other AWS services like Augmented AI for a comprehensive document processing pipeline.

Petar Damjanovic

Software Architect at Levi9

ACD411

Serverless as an Orchestration Platform - Managing cloud video editing workloads with Lambda.

Room: Zaal 8 | Time: 15:30 | Duration: 60

People often think Serverless is just used for building simple web apps, but it can do so much more. In this talk we show how we use Serverless services to automate AWS account creation, provisioning and managing GPU powered video editing suits, automating media workflows and much more. Combining Serverless solutions with more traditional architectures can result in incredibly versatile and powerful products.

Sam Williams

The Serverless Obsessive

PANEL

Closing Keynote: Innovation and Responsibility in the AWS Cloud Era

Room: Zaal 11 | Time: 16:45 | Duration: 45

In this engaging fireside chat we will explore the balance between innovation and responsibility in the AWS cloud environment. We will discuss the lessons that can be derived from the CrowdStrike incident regarding secure innovation, the evolving nature of cloud leadership amid shared responsibility, and the role of open source in driving innovation while fostering accountability. We will also highlight the power of community-driven cloud development and discuss the industry’s responsibility to promote diversity and inclusive innovation.

Speakers

Angelina Best , Carrie Carrasco , Lieke Hamers , Juliette van der Laarse , Frauke Wessel

Angelina Best

CEO Levi9 & Advisory Board Member NLdigital

Carrie Carrasco

Director Hybrid Platform Specialists

And 3 more speakers.