Services I’m glad to be here this is actually my first dream force so how about you guys make some noise from me in my first dream core I’m really excited because my team in AWS as well as working with our Salesforce colleagues we today announced a expanded strategic alliance where we’re building on how AWS and Amazon has been.
Using Salesforce across the company and the work we’ve done over the past few years to have Salesforce applications run on AWS today we announced an expanded.
Strategic alliance where we’re introducing new product integrations that will make it easier for our customers to use our services together and allow developers and IT teams to build on top of Salesforce and AWS and a more seamless secure and real-time way so today what I’m going to talk about is how today kind of how you can use AWS and Salesforce and some specific integration scenarios also in the AWS booth we have.
A demonstration live that if you want to leave this session and go check it out of how.
Our teams have built some of these integrations and seeing them working and ask questions of our our folks there but I’ll talk about some of the background and what we’ve heard AWS and Salesforce as we’ve worked together over the past few months to understand what customers are looking for how they’ve been trying to use our services together what are some of the points of friction in those interactions and.
How can you make things easier and in and secure for you to do what you want to do and essentially what we hear is to do more with your data your customer data that is in Salesforce and leveraging the breadth of.
AWS services whether it’s machine learning data warehousing analytics.
And more to get more value and to put more of that data to work so I’m the general manager of industry and I see.
And essentially what that means is making AWS cloud best place to run your workloads your applications that are specific to your industry or ice bees or SAS.
Providers that you use so the Salesforce is.
A very strategic customer and partner for AWS so with that we’ll get right into it interestingly I found this interesting that Salesforce conducted their state of the connected customer research which is a research that they.
Do each year and there were some specific findings that came out of that after surveying thousands of consumers and you see them listed here and it absolutely resonated with the live discussions that I personally had with customers where it’s how can I kind.
Of simplify the hops that my data has to do today between different systems that I’m using and not even just AWS and Salesforce but the myriad of applications that you’re using and how do you enable that data to flow without that friction so that you can serve your customers and build a better experience one of the other big things.
That we hear is absolutely security is critical and how can you minimize the challenges of data moving between different network boundaries and through the internet without exposing your data to leaks how do you satisfy the compliance and and other corporate governance requirements that you.
Have so it’s not only something that’s imperative for organizations to get right but it’s important to customers that there are organizations and companies that they do business with get this right it means that their data is protected it also means that they have a better overall experience doing business with those organizations there was also as part of that research some work that.
Sales words had done with catherine fetus and he’s co-author of beyond advertising and it was again tying to this point of having seamless interactions between systems and how critical that is so what we see is that customers are both AWS and.
Salesforce have already embarked and done various things to try to integrate our services together to do what you want to get done and we see some patterns that have emerged from those different.
Implementations and what customers have shown us they’ve tried to do themselves and you know really we like to think.
Of ourselves need WS is taking over that undifferentiated heavy lifting so that you don’t have to spend time in the infrastructure you can focus on the.
Applications you can focus on building up love experiences for your customers so we see these emerging patterns and it kind of runs the gamut and what I’ll do is I’ll talk about these.
Some of these today and then also kind of how we’re trying to demonstrate the art of the possible with some best practices and like I said is we also showing that in the booth but the announcement that we made together with Salesforce today is how do we take that forward into the future how do these things become more out of the box and pre-built so that you don’t have to go and build those.
Things they’re just ready to use and easy so one of the interesting things about the new integrations that we’re building together with Salesforce is that.
It’s it’s different networks right because Salesforce has its own data center it’s own cloud infrastructure for many years and and part of our partnership Salesforce.
Is bringing more and more of those workloads onto AWS but in the meantime really how do you have the seamless.
Experience with two different clouds and most likely many of you here in the room your organization’s are pursuing multi called strategies and so with that is not even just AWS in Salesforce but this is a conundrum.
That our customers are seeing just in general as they look to use various size and clouds so with that the first challenge we sought to solve is how to make.
This more seamless and part of that is at the user level in terms of identities of users identities in Salesforce I in AWS and.
How can we enable Federation of those identities between the environments so that if you’re logged into Salesforce you don’t have to log in again to AWS and vice versa and then if you’re able to have permissions and roles and groups within Salesforce for example how can those things propagate over to AWS.
Rather than setting those things up all over again the other area around this is in terms of seamlessness is the.
Network boundaries that we operate in our clouds and so what we want to do is remove that boundary so it feels.
Native it feels like you’re using one set of cloud services from a kind of combined entity if you will rather than disjoint experiences and having to come up with your own networking infrastructure and designed to resolve the complexity of moving data between different networks the second area of security ties into that as well and then real time is you know event-driven right how can you respond to customer events events in your business and trigger processes trigger activities to.
You know get things done in different applications so that you can respond quickly to changes in demand and changes that are needed to address your customers so that’s really kind of the vision that we have together and the demonstration is you know we developed an architecture to envision how this could work now today we did not introduce those in general availability however like I said we wanted to show kind of what’s possible but there are many many things that we’re still working.
On that when we do introduce the integrations in GA will have solved some of those other areas so to dive into this demonstration a little.
Bit first of all how many of you using AWS in some form okay and all of.
Your Salesforce so that’s great so almost all of you of using AWS in some form so you’re likely familiar with AWS terminology so I don’t have to kind of go into those basics as far as what is a VPC and and things like that so in the demonstration we have an application that we created basic web content management application using Drupal deployed in the.
Ec2 instance and we’re using that to simulate any kind of application you might have on AWS and then you want to be able to get some data from Salesforce Internet application or your users of that application we’re going to push data from.
That application into Salesforce the second aspect of this is the interaction between Salesforce and AWS so we’ve created a additional VPC that is a kind of in go between the two environments and we call this the.
Integration service or sass integration service VPC and in this VPC we’ve created a kind of integrator module that deals with things such as event management data integration response and pushing results back into salesforce and some other things under the covers that we build as services in the integration service so with that the other thing to know is a service called privately and I’ll talk about it in a bit more later but this integration service one of the important things that.
It does is resolving that network boundary so that there’s trust between Salesforce and between AWS and one way that it’s doing that was with this service.
Called AWS private link so I’ll talk more about that in a moment so those are the layers of this that I just mapped out so then let’s go into the seamlessness aspect right because what our customers have.
Told us is that typically what they would do if you envision sort of a V PC and.
AWS with ec2 instance running some kind of workload if you imagine in this diagram on the or to your left there’s different workflows that you’re going to have you.
Didn’t have many different applications and what customers have tried to do is have point-to-point integration between each of those workloads and with Salesforce and sometimes not even a bi-directional integration they’ll have additional kind of single direction point-to-point for each of those workloads and then if you imagine you’re scaling up instances and you’re scaling those down how do you handle the.
The integration so that they’re skeletal and they’re bi-directional so rather than having these point-to-point integrations where you’re integrating between for example Amazon Kinesis or.
S3 and Salesforce differently from how you’re integrating an ec2 instance in Salesforce it should have a consistent framework for how you do that communication and ideally it’s built already for you.
And you don’t have to go and custom build that each time so that’s what we see here is if we put the customer at the center and for many of you with Salesforce be a system of regulator or customer master and for others the.
May sit outside Salesforce but you’re also synchronizing that and we’re cell sources bringing data in and out from an externalized customer master needs.
To resolve all those different scenarios so we call this the shared security context so of course we.
Know the various different threats the 62% was one of.
The findings in that study I mentioned that Salesforce has conducted each year in the the connected customer and when we want to create that shared context that what we want to.
Do is create something called private endpoints and so essentially normally.
What you would do when you have an either with your service or VPC is the service running in your V PC you would if you’re communicating with s3 or you’re.
Communicating with Amazon athena which is our query service for querying data in s3 or if you’re communicating with redshift which is a data warehousing service even though they’re both AWS the communication between the two but route over the public Internet.
Right and then if you have a service say a partner who’s running on a 30 s as well they have their own DPC and you have your V PC the communication between those two V pcs unless you use V PC peering I’m using terminology assuming many people who are AWS familiar so I’m going to keep doing that but I’ll have I seen these strange faces I’ll try to explain.
Some of those terms but essentially if you’re doing V PC tiering.
Which is one way to connect V pcs otherwise you’re going to have that data route over the Internet and then the other scenario is if you have on-premise workloads your own data centers your own applications running in your data center and then you want.
To connect those with services in AWS or with Salesforce.
Again you’re going to course those network boundaries you’re going.
To have data transiting than that so what private link does is it enables the ability to have secure and scalable sharing of course network boundaries without routing the data over the Internet and what this does if you have your V PC now rather than peering your V PC with another one which would essentially allow.
Those two VP cease to exist as if they’re part of the same network which from a compliance perspective is not necessarily what you want to do you want to keep that segregation in terms of service provider service consumer and that controls that you.
Have on your network you don’t necessarily want to merge that.
With external services right so you want a better way to govern you want to connect them but you still want to have governance so you can distinguish and you can revoke access to your network at any time and you can manage.
Those external services in a very scalable way so that’s what private link does is enable you to plug into your vb c access to these external services such as salesforce but using a private IP address in the IP range that you have for your network so to your network these external services feel like they’re part of your network and they’re easy for your developers to access they in grab these end points like they would.
Any other of API endpoint or URL and begin working with them to access those resources except the data doesn’t.
Go over the internet so if you think about private link I mentioned a few scenarios from on-premise into AWS between Salesforce and AWS between multiple services on AWS and you want to be able to have an application use multiple AWS services but you want all that traffic you want all that data to flow privately on the AWS network and not route over public Internet addresses so that’s.
One of the exciting things we’re doing if you think about all the Salesforce API is that are out there and endpoints that you work with to pull data from.
Salesforce or to publish data back today what you would do is that would go over the public Internet you would put some technology in place which creates complexity you would put in an Internet gateway you would put in maybe some IP whitelisting for strategic partners or connections you would put in a bunch of things to try to protect that traffic as it’s flowing but here primarily it replaces all that it’s a simple way to have sharing and use external services.
When you’re VPC and so if you think of all those Salesforce api’s or endpoints now you bring those into your V PC as if they’re private services within your network so the second area aside from this issue of resolving network boundaries and how to bring external services in and specifically in this case bringing.
Salesforce resources in to your V.
PC the other area that I spoke with a lot of customers such as Autodesk and Capital One that they had challenges in using our services together is in this space of data ingestion.
Data synchronization so there’s multiple scenarios of this right there’s of hey I want to get opportunity data customer data backed up in s3 I want to be able to use that as sort of an archival but.
Then once I have it there I have that copy of my data there I can do more with it I can use other services in AWS to use that data another scenario is I’m trying to keep AWS and let’s say a database such as.
Already as a relational database service I’m trying to keep those.
In the same or my data warehouse with Fred ships I’m trying to keep that in sync with what.
I have in Salesforce so that’s by directional they’re always synchronized the third scenario that we’ve seen is that customers want to take action on data multi-step processing and then send the results of that processing back to Salesforce so we’ve seen.
These different scenarios of the data moving not just resolving security and access rights of course the network but now it’s time for the data to move how can I make sure that data moves the right way it is efficient and scalable and ultimately my systems of record whether it’s inside Salesforce or outside Salesforce are of high integrity so what we are able to do is provide integration capabilities that you don’t have to build yourself to provide a central pattern repository.
For these different scenarios of bringing your data between Salesforce and AWS so that you can do the synchronization you can have that one-way copy from a backup or archive.
Perspective and you can also do that multi-step processing on your data and send results back and have that be a set of recipes available rather than having to wire this stuff up.
From scratch so that’s one of the things we did in the demo that you’ll see is that we went in and implemented that in a way you know so that.
Advantage of that and by the way the demo that I’m referring to that we’re showing here at the event in the AWS booth we’re also making available a blog.
Post I would today so you can see the details of how.
That and then also where we’ll publish the artifacts associated with that as open source so you can pick that up now the point is that’s just a demo that we’re showing here the integrations that we announced strategically are going to make that product eyes.and gonna make that something pre-built that you can just pick up configure rather than code so in one of the the big.
Things that customers have said is look I want to have the ability to build my data like on Amazon on AWS and so you know one way is if your center of gravity is in Salesforce and then you might want to just keep your data there in Salesforce and.
Number of things you can do there but many times our customers are saying that hey I have multiple data sources I want to bring this all together I want to use Amazon.
S3 it’s a kind of key building block of my data link strategy and so in this case is important that Salesforce has a highly resilient way to bring the data into that.
Data Lake and then at the same time you have a consistent set of capabilities to bring data in from other sources as well so then the next scenario is okay great I now know I can handle kind of security challenges resolving that between the clouds I can move data back and forth between the two environments.
But I want that to be a venture event I want that to be a result of I created a new opportunity or I converted a lead into an opportunity or I’ve added a contract a digital asset to a closed or one opportunity or any of these different events that may be generated in Salesforce.
I want to take some kind of action on those events and so today you know if you think of it in AWS with the various services we have different ways to generate events and.