Slide 1

Slide 1 text

Build and Secure S3 Data Lakes with Ahana Cloud and AWS Lake Formation January 11, 2021

Slide 2

Slide 2 text

Agenda 2 • AWS Lake Formation • Ahana • Ahana Cloud for Presto and AWS Lake Formation Integration

Slide 3

Slide 3 text

Agenda 3 • AWS Lake Formation • Ahana • Ahana Cloud for Presto and AWS Lake Formation Integration

Slide 4

Slide 4 text

© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Companies want more value from their data Used by many people Growing exponentially From new sources Increasingly diverse Analyzed by many applications

Slide 5

Slide 5 text

© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Building and securing data lakes can take months

Slide 6

Slide 6 text

AWS Lake Formation 6

Slide 7

Slide 7 text

What is AWS Lake Formation? 7 1. Building data lakes quickly. Days not months. Ability to move, store, update and catalog your data faster. Automatically organize and optimize your data. 2. Simplify security management. Centrally defining and enforcing security, governance, and auditing policies. 3. Making easy to discover and share data. Cataloging all of an organization's data assets and easily share datasets between consumers.

Slide 8

Slide 8 text

Agenda 8 • AWS Lake Formation • Ahana • Ahana Cloud for Presto and AWS Lake Formation Integration

Slide 9

Slide 9 text

Presto 9 1. Distributed query engine ANSI SQL on databases and data lakes. 2. Low latency performance on petabytes of data 3. Pluggable connector architecture Supports many data sources. Federated querying. 4. Open source Originally developed at Meta. Currently, under auspices of the Linux Foundation. Data Lakehouse analytics Reporting & dashboarding Interactive ad hoc querying Transformation using SQL (ETL) Federated querying across data sources

Slide 10

Slide 10 text

Presto Overview 10 Presto Cluster Coordinator Worker Worker Worker Worker

Slide 11

Slide 11 text

Managing Presto Remains Complex Hadoop complexity ▪ /etc/presto/config.properties ▪ /etc/presto/node.properties ▪ /etc/presto/jvm.config Many hidden parameters – difficult to tune Just the query engine ▪ No built-in catalog – users need to manage Hive metastore or AWS Glue ▪ No data lake S3 integration Poor out-of-box perf ▪ No tuning ▪ No high-performance indexing ▪ Basic optimizations for even for common queries

Slide 12

Slide 12 text

Ahana Cloud For Presto 12 1. Zero to Presto in 30 Minutes. Managed cloud service: No installation and configuration. 2. Built for data teams of all experience level. 3. Moderate level of control of deployment without complexity. 4. Dedicated support from Presto experts.

Slide 13

Slide 13 text

How Ahana Cloud Works ~ 30 mins to create the compute plane https://app.ahana.cloud/signup Create Presto Clusters in your account

Slide 14

Slide 14 text

Agenda 14 • AWS Lake Formation • Ahana • Ahana Cloud for Presto and AWS Lake Formation Integration

Slide 15

Slide 15 text

Benefits 15 Bring Presto to your existing AWS stack You’ve stored all your data in AWS S3 and may have already defined your data catalog resources and IAM roles with Glue and Lake Formation. Ahana Cloud for Presto can integrate natively with all these services. Enforce access controls in Presto down to row level Define access control policies through Lake Formation to protect confidentiality & handle sensitive data. Presto will honor these policies, returning only accessible data in queries or denying access altogether. Configure Lake Formation with Ahana in a few clicks Ahana Cloud for Presto streamlines AWS Lake Formation configuration and allows you to visually map your Presto users to IAM roles. You define a data source once and apply it to all your Presto clusters. Fine-Grained Access Control Easy to Use AWS Native

Slide 16

Slide 16 text

Data Lake on AWS S3 16

Slide 17

Slide 17 text

Single Click Enable 17

Slide 18

Slide 18 text

Easy Presto User to IAM Role Mapping 18 Presto User AWS IAM to Presto User Mapping

Slide 19

Slide 19 text

Fine-Grained Permissions 19 Column-level security Row-level security Table-level security Database-level security

Slide 20

Slide 20 text

DEMO

Slide 21

Slide 21 text

Sales Transactions 21 transactions transactions sales customers employees hr

Slide 22

Slide 22 text

Customers 22 transactions sales customers employees hr customers

Slide 23

Slide 23 text

Company Employees 23 transactions sales customers employees hr employees

Slide 24

Slide 24 text

24 Annie Admin transactions sales customers employees hr

Slide 25

Slide 25 text

25 Sally Sales Analyst transactions sales customers employees hr

Slide 26

Slide 26 text

26 Sally Sales Analyst Transactions

Slide 27

Slide 27 text

27 Wally Marketing Customers

Slide 28

Slide 28 text

28 Olivia Marketing Customers

Slide 29

Slide 29 text

29 Harry HR Employees

Slide 30

Slide 30 text

30 Oscar Other transactions sales customers employees hr

Slide 31

Slide 31 text

Review 31 User Role Permission Fine-Grained Access Control Annie Admin All All Access Sally Sales Analyst transactions Table Database, Table, and Column Level Security Wally Marketing Analyst - WA customers Table Database, Table, Column and Row Level Security Olivia Marketing Analyst - OR customers Table Database, Table, Column and Row Level Security Harry HR Analyst All tables in HR database (employees) Database and Table Level Security Oscar None None No Access

Slide 32

Slide 32 text

No content