Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build & Query Secure S3 Data Lakes with Ahana Cloud and AWS Lake Formation

Ahana
January 11, 2022
0
3.4k

Build & Query Secure S3 Data Lakes with Ahana Cloud and AWS Lake Formation

In this webinar, we’ll share more on the recently announced AWS Lake Formation and Ahana integration. The AWS & Ahana product teams will cover:

Quick overview of AWS Lake Formation & Ahana Cloud
-The details of the integration
-How data platform teams can seamlessly integrate Presto natively with AWS Glue, AWS Lake Formation and AWS S3 through a demo

Ahana

January 11, 2022
Tweet

More Decks by Ahana

See All by Ahana
Data Lake, Real-time Analytics, or Both? Exploring Presto and ClickHouse
ahana
0
41
Build & Query Secure S3 Data Lakes with Presto and Apache Ranger
ahana
0
77
Hands-on Virtual Lab - Querying Data in S3 With Presto
ahana
0
63
Virtual Lab: Building an Open Data Lakehouse with Presto, Hudi and AWS S3
ahana
0
2.9k
[Presto Meetup] Optimizing Table Layout for Presto using Apache Hudi
ahana
0
52
SQL on the Data Lake: Presto on AWS S3
ahana
0
86
Data Warehouse or Data Lake, which one do I choose?
ahana
0
3.3k
An Introduction to Ahana Cloud for Presto on AWS
ahana
0
3.3k
How to Build an Open Data Lakehouse Analytics Stack
ahana
0
3.5k

Featured

See All Featured
Understanding Cognitive Biases in Performance Measurement
bluesmoon
2
460
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
7
660
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Side Projects
sachag
451
38k
Art, The Web, and Tiny UX
lynnandtonic
284
18k
No one is an island. Learnings from fostering a developers community.
thoeni
12
1.6k
How GitHub (no longer) Works
holman
299
140k
Fireside Chat
paigeccino
16
2k
YesSQL, Process and Tooling at Scale
rocio
159
12k
Teambox: Starting and Learning
jrom
124
7.9k
Writing Fast Ruby
sferik
613
58k
Principles of Awesome APIs and How to Build Them.
keavy
117
16k

Transcript

  1. Build and Secure S3
    Data Lakes
    with Ahana Cloud and
    AWS Lake Formation
    January 11, 2021

    View Slide

  2. Agenda
    2
    • AWS Lake Formation
    • Ahana
    • Ahana Cloud for Presto and AWS Lake Formation Integration

    View Slide

  3. Agenda
    3
    • AWS Lake Formation
    • Ahana
    • Ahana Cloud for Presto and AWS Lake Formation Integration

    View Slide

  4. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
    Companies want more value from their data
    Used by
    many people
    Growing
    exponentially
    From new sources Increasingly diverse Analyzed by many
    applications

    View Slide

  5. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
    Building and securing data lakes can take
    months

    View Slide

  6. AWS Lake Formation
    6

    View Slide

  7. What is AWS Lake Formation?
    7
    1. Building data lakes quickly. Days not
    months. Ability to move, store, update
    and catalog your data faster.
    Automatically organize and optimize
    your data.
    2. Simplify security management.
    Centrally defining and enforcing
    security, governance, and auditing
    policies.
    3. Making easy to discover and share
    data. Cataloging all of an organization's
    data assets and easily share datasets
    between consumers.

    View Slide

  8. Agenda
    8
    • AWS Lake Formation
    • Ahana
    • Ahana Cloud for Presto and AWS Lake Formation Integration

    View Slide

  9. Presto
    9
    1. Distributed query engine
    ANSI SQL on databases and data lakes.
    2. Low latency performance on petabytes of data
    3. Pluggable connector architecture
    Supports many data sources. Federated querying.
    4. Open source
    Originally developed at Meta. Currently, under
    auspices of the Linux Foundation.
    Data Lakehouse
    analytics
    Reporting &
    dashboarding
    Interactive
    ad hoc querying
    Transformation
    using SQL (ETL)
    Federated querying
    across data sources

    View Slide

  10. Presto Overview
    10
    Presto
    Cluster
    Coordinator Worker Worker Worker Worker

    View Slide

  11. Managing Presto Remains Complex
    Hadoop complexity
    ▪ /etc/presto/config.properties
    ▪ /etc/presto/node.properties
    ▪ /etc/presto/jvm.config
    Many hidden parameters –
    difficult to tune
    Just the query engine
    ▪ No built-in catalog – users
    need to manage Hive
    metastore or AWS Glue
    ▪ No data lake S3 integration
    Poor out-of-box perf
    ▪ No tuning
    ▪ No high-performance
    indexing
    ▪ Basic optimizations for even
    for common queries

    View Slide

  12. Ahana Cloud For Presto
    12
    1. Zero to Presto in 30 Minutes.
    Managed cloud service: No installation
    and configuration.
    2. Built for data teams of all experience
    level.
    3. Moderate level of control of
    deployment without complexity.
    4. Dedicated support from Presto
    experts.

    View Slide

  13. How Ahana Cloud Works
    ~ 30 mins to create the compute plane
    https://app.ahana.cloud/signup Create Presto Clusters in your account

    View Slide

  14. Agenda
    14
    • AWS Lake Formation
    • Ahana
    • Ahana Cloud for Presto and AWS Lake Formation Integration

    View Slide

  15. Benefits
    15
    Bring Presto to your
    existing AWS stack
    You’ve stored all your data in AWS S3
    and may have already defined your
    data catalog resources and IAM roles
    with Glue and Lake Formation.
    Ahana Cloud for Presto can integrate
    natively with all these services.
    Enforce access controls in
    Presto down to row level
    Define access control policies
    through Lake Formation to protect
    confidentiality & handle sensitive
    data. Presto will honor these policies,
    returning only accessible data in
    queries or denying access
    altogether.
    Configure Lake Formation
    with Ahana in a few clicks
    Ahana Cloud for Presto streamlines
    AWS Lake Formation configuration
    and allows you to visually map your
    Presto users to IAM roles. You define
    a data source once and apply it to all
    your Presto clusters.
    Fine-Grained
    Access Control
    Easy to Use
    AWS Native

    View Slide

  16. Data Lake on AWS S3
    16

    View Slide

  17. Single Click Enable
    17

    View Slide

  18. Easy Presto User to IAM Role Mapping
    18
    Presto
    User
    AWS IAM to
    Presto User
    Mapping

    View Slide

  19. Fine-Grained Permissions
    19
    Column-level
    security
    Row-level
    security
    Table-level
    security
    Database-level
    security

    View Slide

  20. DEMO

    View Slide

  21. Sales Transactions
    21
    transactions
    transactions
    sales
    customers
    employees
    hr

    View Slide

  22. Customers
    22
    transactions
    sales
    customers
    employees
    hr
    customers

    View Slide

  23. Company Employees
    23
    transactions
    sales
    customers
    employees
    hr
    employees

    View Slide

  24. 24
    Annie
    Admin
    transactions
    sales
    customers
    employees
    hr

    View Slide

  25. 25
    Sally
    Sales Analyst
    transactions
    sales
    customers
    employees
    hr

    View Slide

  26. 26
    Sally
    Sales Analyst
    Transactions

    View Slide

  27. 27
    Wally
    Marketing
    Customers

    View Slide

  28. 28
    Olivia
    Marketing
    Customers

    View Slide

  29. 29
    Harry
    HR
    Employees

    View Slide

  30. 30
    Oscar
    Other
    transactions
    sales
    customers
    employees
    hr

    View Slide

  31. Review
    31
    User Role Permission Fine-Grained Access Control
    Annie Admin All All Access
    Sally Sales Analyst transactions Table Database, Table, and Column Level Security
    Wally Marketing Analyst - WA customers Table Database, Table, Column and Row Level Security
    Olivia Marketing Analyst - OR customers Table Database, Table, Column and Row Level Security
    Harry HR Analyst All tables in HR database (employees) Database and Table Level Security
    Oscar None None No Access

    View Slide

  32. View Slide