Amazon Web Services (AWS) has introduced a new managed edge service under the banner AWS Dedicated Local Zones. The new services means enterprises can build their own compute infrastructure on their own privately-owned premises, either at a main operational site or a dedicated server facility, for their own exclusive usage, and hand management duties over to AWS.
The new managed edge service is geared for public sector and industrial customers running critical workloads in private edge setups, including those jigsawed into new private 5G network deployments in order to stand-up new Industry 4.0 applications.
It is designed by AWS as an alternative to its central cloud, regional cloud (AWS Regions), and local cloud (AWS Local Zones) options, which all use server infrastructure that is owned by AWS. A press note said AWS-managed on-site edge infrastructure will afford enterprises the benefits (in terms of “performance, innovation, elasticity, scalability, and resiliency”) of its own central cloud and edge-cloud services – which it suggested are sacrificed in local enterprise-owned and managed private edge deployments.
It stated: “Public sector and regulated industry customers… want dedicated infrastructure for their most critical workloads to help meet regulatory or other compliance requirements. Many of these customers manage their own infrastructure on premises for workloads that require isolation. This forgoes the… benefits of the cloud.” AWS said the Singapore government is the first to take the service to outsource management of edge workloads to AWS.
The move is also pitched as a way for critical industrial sectors to meet requirements on their data sovereignty, which restrict local data from being processed abroad under different regulatory rules. AWS made a ‘digital sovereignty pledge’ last year that promised “the most advanced set of sovereignty controls and features available in the cloud”. AWS stated: “Our approach is to continue to make AWS sovereign-by-design – as it has been from day one.”
AWS notes the latency benefits of processing data closer to the edge, where it is to be used, but implies this is compromised in enterprise-managed far-edge deployments, versus even MEC-style local network edge arrangements, as offered with Local Zones. The new Dedicated Local Zones resolve this, it implies, just by virtue of the fact AWS is managing the enterprise edge as AWS infrastructure.
It said: “Dedicated Local Zones are… fully managed by AWS, built for exclusive use by a customer or community, and placed in a customer-specified location or data centre to help comply with regulatory requirements. Dedicated Local Zones can be operated by local AWS personnel and offer the same benefits of Local Zones, such as elasticity, scalability, and pay-as-you-go pricing, with added security and governance features.”
Features include data access monitoring and audit schemes, and controls to limit infrastructure access and enforce security clearance for local AWS service managers. Dedicated Local Zones come with the Nitro System hardware-and-hypervisor combination, as with all of Amazon’s Elastic Compute Cloud (Amazon EC2) instances, to support data confidentiality and integrity.
The Singapore government has engaged with AWS to support its Smart Nation and Digital Government Group (SNDGG), which handles its digital government activities. Chan Cheow Hoe, chief digital technology officer for the group, stated: “We have collaborated with AWS to define and build Dedicated Local Zones to help us meet our stringent data isolation and security requirements, enabling Singapore to run more sensitive workloads in the cloud securely… [They] enable us to offer [government] agencies a seamless and consistent cloud experience.”