Slide 1
Slide 1 text
Build and Secure S3
Data Lakes
with Ahana Cloud and
AWS Lake Formation
January 11, 2021
Slide 2
Slide 2 text
Agenda
2
• AWS Lake Formation
• Ahana
• Ahana Cloud for Presto and AWS Lake Formation Integration
Slide 3
Slide 3 text
Agenda
3
• AWS Lake Formation
• Ahana
• Ahana Cloud for Presto and AWS Lake Formation Integration
Slide 4
Slide 4 text
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Companies want more value from their data
Used by
many people
Growing
exponentially
From new sources Increasingly diverse Analyzed by many
applications
Slide 5
Slide 5 text
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Building and securing data lakes can take
months
Slide 6
Slide 6 text
AWS Lake Formation
6
Slide 7
Slide 7 text
What is AWS Lake Formation?
7
1. Building data lakes quickly. Days not
months. Ability to move, store, update
and catalog your data faster.
Automatically organize and optimize
your data.
2. Simplify security management.
Centrally defining and enforcing
security, governance, and auditing
policies.
3. Making easy to discover and share
data. Cataloging all of an organization's
data assets and easily share datasets
between consumers.
Slide 8
Slide 8 text
Agenda
8
• AWS Lake Formation
• Ahana
• Ahana Cloud for Presto and AWS Lake Formation Integration
Slide 9
Slide 9 text
Presto
9
1. Distributed query engine
ANSI SQL on databases and data lakes.
2. Low latency performance on petabytes of data
3. Pluggable connector architecture
Supports many data sources. Federated querying.
4. Open source
Originally developed at Meta. Currently, under
auspices of the Linux Foundation.
Data Lakehouse
analytics
Reporting &
dashboarding
Interactive
ad hoc querying
Transformation
using SQL (ETL)
Federated querying
across data sources
Slide 10
Slide 10 text
Presto Overview
10
Presto
Cluster
Coordinator Worker Worker Worker Worker
Slide 11
Slide 11 text
Managing Presto Remains Complex
Hadoop complexity
▪ /etc/presto/config.properties
▪ /etc/presto/node.properties
▪ /etc/presto/jvm.config
Many hidden parameters –
difficult to tune
Just the query engine
▪ No built-in catalog – users
need to manage Hive
metastore or AWS Glue
▪ No data lake S3 integration
Poor out-of-box perf
▪ No tuning
▪ No high-performance
indexing
▪ Basic optimizations for even
for common queries
Slide 12
Slide 12 text
Ahana Cloud For Presto
12
1. Zero to Presto in 30 Minutes.
Managed cloud service: No installation
and configuration.
2. Built for data teams of all experience
level.
3. Moderate level of control of
deployment without complexity.
4. Dedicated support from Presto
experts.
Slide 13
Slide 13 text
How Ahana Cloud Works
~ 30 mins to create the compute plane
https://app.ahana.cloud/signup Create Presto Clusters in your account
Slide 14
Slide 14 text
Agenda
14
• AWS Lake Formation
• Ahana
• Ahana Cloud for Presto and AWS Lake Formation Integration
Slide 15
Slide 15 text
Benefits
15
Bring Presto to your
existing AWS stack
You’ve stored all your data in AWS S3
and may have already defined your
data catalog resources and IAM roles
with Glue and Lake Formation.
Ahana Cloud for Presto can integrate
natively with all these services.
Enforce access controls in
Presto down to row level
Define access control policies
through Lake Formation to protect
confidentiality & handle sensitive
data. Presto will honor these policies,
returning only accessible data in
queries or denying access
altogether.
Configure Lake Formation
with Ahana in a few clicks
Ahana Cloud for Presto streamlines
AWS Lake Formation configuration
and allows you to visually map your
Presto users to IAM roles. You define
a data source once and apply it to all
your Presto clusters.
Fine-Grained
Access Control
Easy to Use
AWS Native
Slide 16
Slide 16 text
Data Lake on AWS S3
16
Slide 17
Slide 17 text
Single Click Enable
17
Slide 18
Slide 18 text
Easy Presto User to IAM Role Mapping
18
Presto
User
AWS IAM to
Presto User
Mapping
Slide 19
Slide 19 text
Fine-Grained Permissions
19
Column-level
security
Row-level
security
Table-level
security
Database-level
security
Slide 20
Slide 20 text
DEMO
Slide 21
Slide 21 text
Sales Transactions
21
transactions
transactions
sales
customers
employees
hr
Slide 22
Slide 22 text
Customers
22
transactions
sales
customers
employees
hr
customers
Slide 23
Slide 23 text
Company Employees
23
transactions
sales
customers
employees
hr
employees
Slide 24
Slide 24 text
24
Annie
Admin
transactions
sales
customers
employees
hr
Slide 25
Slide 25 text
25
Sally
Sales Analyst
transactions
sales
customers
employees
hr
Slide 26
Slide 26 text
26
Sally
Sales Analyst
Transactions
Slide 27
Slide 27 text
27
Wally
Marketing
Customers
Slide 28
Slide 28 text
28
Olivia
Marketing
Customers
Slide 29
Slide 29 text
29
Harry
HR
Employees
Slide 30
Slide 30 text
30
Oscar
Other
transactions
sales
customers
employees
hr
Slide 31
Slide 31 text
Review
31
User Role Permission Fine-Grained Access Control
Annie Admin All All Access
Sally Sales Analyst transactions Table Database, Table, and Column Level Security
Wally Marketing Analyst - WA customers Table Database, Table, Column and Row Level Security
Olivia Marketing Analyst - OR customers Table Database, Table, Column and Row Level Security
Harry HR Analyst All tables in HR database (employees) Database and Table Level Security
Oscar None None No Access
Slide 32
Slide 32 text
No content