Understanding the roles of Workload Identities, Cluster Service Accounts, IAM Policies, and IAM Roles in managing access controls within AWS environments.
Exploring real-world use cases to illustrate the importance of effective IAM policy management in securing multi-tenant environments and aligning access controls with business requirements.
Comparing manual IAM policy management with streamlined approaches, such as Wayfinder's Package Workload Identities, to highlight the benefits of automation and centralised policy management.
Sustainability is a topic that is becoming ever more prevalent in conversations spanning across industries, geographies and generations, particularly off the back of the Cop26 Summit held in late 2021.
Whether it’s reducing fossil fuel consumption or something as simple as minimising the consumption of single-use plastics, people are starting to take a look at how they can do their part to be environmentally friendly.
Sustainable Cloud and Kubernetes might not be the first thing that comes to mind when you think of eco-friendly, but there are quite a few ways that businesses can use cloud more sustainability. Here's what tops our list:
From a sustainability standpoint, there is a pretty strong argument that the main public cloud providers (Azure, AWS & GCP) offer the most carbon neutral way of consuming cloud in datacenter terms. So if you’re considering environmental impact, a public cloud strategy might be the best option. Microsoft, for example, encourages customers to consider this aspect when moving to the cloud and report that their compute is 52-79% and storage 71-79% more efficient in terms of energy consumption than traditional enterprise data centres.
This energy efficiency is achieved by innovating at a scale that is unattainable to most businesses and, for the data centre enthusiasts, includes liquid immersion cooling, hydrogen fuel cells and a lot of algorithms!
Whereas single-tenancy is when a single application or workload, dedicated to a single tenant, lives on a single cluster, multi-tenancy is when multiple tenants operate on a cluster. The ability for multiple tenants to operate on the same cluster and utilising the same namespaces allows for less infrastructure to be consumed. In a single-tenancy model, the proliferation of clusters means ultimately you’re spinning up more infrastructure and this requires more cloud resources. Although the correlations aren’t always linear, this is a good rule of thumb: Resources require energy at some point, somewhere, so the less you use the more energy you save.
Due to certain security restrictions, multi-tenancy isn’t an option for everyone, however, if you bake in best practice around role-based access control it’s definitely an option for most.
There’s a theme going on in this blog that you might’ve uncovered if you’ve read this far: If you want to operate more sustainably, you need to use the minimal possible resources which, in turn, consumes the least amount of energy. The next topic under this principle is around the way your applications are architected. Is there a better, more sustainable way to build apps than the traditional, monolithic way?
Absolutely, yes. If your current state of play is a large, somewhat legacy, monolithic application then this is inherently resource heavy compared to a cloud-native architecture. Cloud-native applications are containerized and should include the minimum information required to run said app (i.e. single binary and certs). On the other hand, those large legacy applications are usually deployed on their own virtual machines and require significantly more resources to run (think start-up services, shell scripting, unused operating system libraries, the list goes on).
By adopting this more ‘modern’ approach to building applications you’ll likely be helping to overcome a number of business challenges and also doing so in a more sustainable way.
Lastly, that theme that we mentioned earlier: Use. Less. Resources. There are a whole host of things you can do to help use as little cloud resources as possible. Only use just as much as you need to do what you need to do. Apart from being more sustainable, your bosses will probably thank you too as there are some cost savings to be made along the way as well. For the sake of focusing the attention on our area of expertise, these are some of the things you can do with Kubernetes or by utilising a product in the ecosystem (such as Wayfinder).
The above is by no means an exhaustive list of all the things you can do to work sustainably across the cloud and Kubernetes, but it’s a great starting place. This was designed to be a high-level view of what changes organisations can make to have the biggest impact on sustainability. While making a migration to public cloud might take some food for thought, getting started with cloud-native applications, multi-tenancy clusters and, in particular, starting to use minimal resources are potentially much easier to get started with today.
We all, collectively, should start thinking about the cost of using cloud resources in terms of using up C02 or energy. And in monitoring our own energy use — keep on asking providers for visibility of what is being spent or find solutions that will provide that level of visibility.
Have you seen success putting ideas into practice to work more sustainably?
We’d love to hear from you.
.png)
