SlideShare une entreprise Scribd logo

FSV308-Culture Shift How to Move a Global Financial Services Organization to DevOps Op Model

Amazon Web Services
Amazon Web Services

Many enterprises that follow regulated, process-driven workflows would like to take advantage of the innate features and benefits of AWS to become more agile, achieve operational excellence, and accelerate time-to-market while leveraging a DevOps culture and development methodology. But building a mature DevOps capability doesn’t happen overnight. Creating and implementing testing, compliance, and security automation frameworks requires time and organizational and process changes. Financial institutions are addressing this challenge by using AWS Service Catalog to help bridge the gap between traditional operations and true DevOps.

1  sur  63
Télécharger pour lire hors ligne
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. F SV308 – Cul ture shi ft: How to move a gl obal F i nanci al Servi ces organi zati on to a DevOps operati ng mod el A l a n G a r v e r , D e v O p s P r o f e s s i o n a l S e r v i c e s C o n s u l t a n t - A W S M a h d i S a j j a d p o u r , A W S B u s i n e s s D e v e l o p m e n t M a n a g e r - S e r v i c e C a t a l o g J o n n y S y w u l a k , S r . D e v O p s A u t o m a t i o n E n g i n e e r - S t e l l i g e n t November 27, 2017
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to expect from this session • How Financial Services enterprises can enable self-service DevOps capabilities on AWS • Strategy for enabling enterprise-wide transformation and ramping up quickly • Three specific strategies to try at home
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Transformation Challenge
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Technology challenges • Infrastructure automation • Monolithic applications • Tooling selection noise • Security and resiliency • Failure detection • Automated controls
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dev Operations LOB1 AppDev Prod Operations LOB1 Arch LOB1 Security LOB1 QA LOB2 Security LOB2 AppDev LOB2 QA Business Continuity Corp Risk InfoSec LOB2 Risk Organizational challenges • Organizational complexity • Skills and cloud experience • Multiple process handoffs • Long lead times • Ownership confusion LOB2 DevOps
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Financial enterprise challenges • Regulatory compliance • Encryption and security • Least privileged access • Audit and reporting • Separation of duties
Monolith development lifecycle—circa 2000 developers releasetestbuild delivery pipelineapp
2-Pizza team responsibility venn diagram Responsible for THEIR PRODUCT Deployment tools CI/CD tools Monitoring tools Metrics tool Logging tools APM tools Infrastructure provisioning tools Security tools Database management tools Testing tools …. Not responsible for * *Unless their product is in green
Microservice development lifecycle developers delivery pipelinesservices releasetestbuild releasetestbuild releasetestbuild releasetestbuild releasetestbuild releasetestbuild
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DevOps transformation takes time Technological Organizational • Infrastructure as code • Self-service • Single purpose • Microservices • Cultural philosophy • Builders have ownership • “You build it, you run it” • Let builders build
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Organizational transformation • Move from manual handoffs to “as a service” • Automate all the things • Simplify and decompose monoliths • Two Pizza service teams Database As a Service Servers As a Service Encryption As a Service App Deploy As a Service App Function As a Service
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Pipeline • Resources morph from source, to executable, to operational • Tests ensure integrity and validity of the resource
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Pipeline • Failures stop the line, and prevent breakages to production • Fast feedback provided to the developer • Customized to your software development lifecycle
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer The DevOps Pipeline Application Infrastructure
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Infrastructure as code is part of the pipeline • Infrastructure is part of the software • Purpose built infrastructure improves security The DevOps Pipeline Application Infrastructure Developer
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Self-service for developers Developer Developer Developer Developer Developer Developer per eveloper
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Yeah but, this is financial services… • Concerns over self-service access to infrastructure • Sensitive data protection • Regulatory infrastructure compliance • Maintain separation of duties
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Doesn’t this just create problems faster? Developer Developer Developer Developer
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized templates Developer Self-service access to infrastructure Policy enforcement
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-Service Infrastructure AWS Service Catalog & AWS CloudFormation
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-service infrastructure • Faster innovation • Repeatable • Scalable • Secure • Least privilege • Testable • Immutable Standardized patterns Purpose built patterns
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ease of use Agility Governance Scale What do we want to gain?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Standardize Enforce policy Integrate Automate How to get to self-service?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CloudFormation Template CloudFormation Stack JSON or YAML formatted file Parameter definition Resource creation Configuration actions Configured AWS services Comprehensive service support Service event aware Customizable Framework Stack creation Stack updates Error detection and rollback
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Service Catalog DevelopersOrganizations Control Standardization Governance Agility Self-service Time to market
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key benefits Standardize Enforce consistency and compliance Limit access Enforce tagging Developer autonomy Guardrail resources Automate deployments Single-pane for provisioning
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Standardized patterns • Common infrastructure patterns • Traditional policy enforcement • Doesn’t depend on policy automation • New user friendly Purpose-built patterns • Purpose built • Increased security and least privilege • Requires policy enforcement automation • Experimentation and innovation Types of self-service infrastructure AWS CloudFormation AWS Service Catalog
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer AWS Service Catalog CloudFormation Template Standardized patterns Purpose built patterns - Preapproved, Verified, Secure - Common Application Pattern - Security/Governance Enforced - Immediately Available - Requires security checks - Specific to application needs - Longer provisioning time - New application pattern
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Standardized patterns ITSM AWS Service Catalog Deployed Stack
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GIT Purpose built patterns Developer CloudFormation Template Security Controls ITSM
NumberofApplicationsonAWS Cloud Maturity 80% - Standardized 20% - Purpose Built Provisioning Mechanism 100% Manual 20% - Standardized 80% - Purpose Built Template Factory Security/Governance Automation 5-6 Common Application Patterns Agile Governance DevOps Policy Engineering Shift to DevOps operating model
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized template catalog Developer Select from a catalog of pre-built compliant templates Policy enforcement ? ?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized templates Policy enforcement Effort intensive
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Governance bottleneck Developer Developer Developer Developer Developer Developer per eveloper Policy enforcement
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Authorized template catalog Scale through automation Policy enforcement Policy automation engine
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Policy Automation with cfn_nag
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Policy in the pipeline How do you test policy?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Analysis of CloudFormation templates
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Static code analysis of AWS CloudFormation Block undesirable resource specifications Proactive preventative control, stop before creating resources Enforceable in a pipeline What is cfn_nag?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EC2 Instance Security Groups with ingress of 0.0.0.0/0 IAM Permissions given to all (*) resources or all (*) actions EBS volumes for full disk encryption Custom rules cfn_nag will check for things like…
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Would you like to learn more? Using AWS to Achieve Both Autonomy and Governance at 3M DEV332—Tuesday, Nov 28 1:45-2:45 Security Validation Through Continuous Delivery at Verizon DEV403—Friday, Dec 1, 10:45 AM - 11:45 AM https://stelligent.com/fsv308
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Self-service policy automation? Developer Developer Developer Developer Developer Developer per eveloper Policy enforcement X
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enforcing Policy at Scale Simple Orchestrator
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Simple consistent experience • Standardized pattern vs. Custom infrastructure • What about ? : • Configuration Management • Logging • Monitoring • Artifact Management • ITSM
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Simplify repetitive tasks Consistent interface Best practices and guardrails Orchestrate all the things Portable functions
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Orchestration • Enable direct access to a native capability • Common interface for multiple tools • Automate reparative tasks • Stand up automated guardrails • Goal is speed and ease of best practice use Abstraction • Create common provider schema • Aimed at multi-cloud portability • Limits use of capabilities to least common • Longer customization development cycles • Goal is preventing vendor lock-in Orchestration, not abstraction
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Orchestrating confidence in the pipeline Developer Customer Unit Development Environment Production Environment Iterate & Test Commit Deploy No Access Needed Consistency
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Python-based CLI example • Easy to build and maintain • Single interface for all the tools • Modular and opinionated • Built to purpose • Enforceable in the Pipeline
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Python CLI Example with Click
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Modular
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-service policy automation Developers are customers Consistent interface for all the things Enforcement at scale
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling DevOps transformation • Ramp quickly with infrastructure as code governance • https://aws.amazon.com/servicecatalog/ • Automate and codify all our policy • https://stelligent.com/fsv308 • Enforce at scale through consistent low friction developer experience • https://github.com/pallets/click
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you! F S V 3 0 8 – C u l t u r e s h i f t : H o w t o m o v e a g l o b a l F i n a n c i a l S e r v i c e s o r g a n i z a t i o n t o a D e v O p s o p e r a t i n g m o d e l A l a n G a r v e r , D e v O p s P r o f e s s i o n a l S e r v i c e s C o n s u l t a n t - A W S M a h d i S a j j a d p o u r , A W S B u s i n e s s D e v e l o p m e n t M a n a g e r - S e r v i c e C a t a l o g J o n n y S y w u l a k , S r . D e v O p s A u t o m a t i o n E n g i n e e r - S t e l l i g e n t

Recommandé

HLC305_How Verge Health Leverages Automation
HLC305_How Verge Health Leverages AutomationHLC305_How Verge Health Leverages Automation
HLC305_How Verge Health Leverages AutomationAmazon Web Services
 
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSDAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSAmazon Web Services
 
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...Amazon Web Services
 
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MDEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MAmazon Web Services
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
Preparing for AWS Certification & Advanced Security Training
Preparing for AWS Certification & Advanced Security TrainingPreparing for AWS Certification & Advanced Security Training
Preparing for AWS Certification & Advanced Security TrainingAmazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsWIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsAmazon Web Services
 

Recommandé

HLC305_How Verge Health Leverages Automation
HLC305_How Verge Health Leverages AutomationHLC305_How Verge Health Leverages Automation
HLC305_How Verge Health Leverages AutomationAmazon Web Services
 
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSDAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSAmazon Web Services
 
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...Amazon Web Services
 
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MDEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MAmazon Web Services
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
Preparing for AWS Certification & Advanced Security Training
Preparing for AWS Certification & Advanced Security TrainingPreparing for AWS Certification & Advanced Security Training
Preparing for AWS Certification & Advanced Security TrainingAmazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsWIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsAmazon Web Services
 
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...Amazon Web Services
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSAmazon Web Services
 
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...Amazon Web Services
 
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017Amazon Web Services
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSAmazon Web Services
 
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...Amazon Web Services
 
CON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersCON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersAmazon Web Services
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...Amazon Web Services
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Amazon Web Services
 
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadAmazon Web Services
 
CON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesCON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesAmazon Web Services
 
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Amazon Web Services
 
SRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 MinutesSRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 MinutesAmazon Web Services
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategyAmazon Web Services
 
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...Amazon Web Services
 
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...Amazon Web Services
 
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...Amazon Web Services
 
HLC308_Refactoring to the Cloud
HLC308_Refactoring to the CloudHLC308_Refactoring to the Cloud
HLC308_Refactoring to the CloudAmazon Web Services
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 

Contenu connexe

Tendances

Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...Amazon Web Services
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSAmazon Web Services
 
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...Amazon Web Services
 
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017Amazon Web Services
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSAmazon Web Services
 
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...Amazon Web Services
 
CON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersCON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersAmazon Web Services
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...Amazon Web Services
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Amazon Web Services
 
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadAmazon Web Services
 
CON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesCON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesAmazon Web Services
 
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Amazon Web Services
 
SRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 MinutesSRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 MinutesAmazon Web Services
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategyAmazon Web Services
 
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...Amazon Web Services
 
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...Amazon Web Services
 
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...Amazon Web Services
 

Tendances (20)

Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
Advanced Patterns in Microservices Implementation with Amazon ECS - CON402 - ...
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWS
 
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
How to Assess Your Organization's Readiness to Migrate at Scale to AWS - ENT2...
 
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
Monitoring and Troubleshooting in a Serverless World - SRV303 - re:Invent 2017
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWS
 
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
GPSWKS408-GPS Migrate Your Databases with AWS Database Migration Service and ...
 
CON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersCON203_Driving Innovation with Containers
CON203_Driving Innovation with Containers
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
 
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated Workload
 
CON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesCON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized Services
 
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...
 
SRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 MinutesSRV213-Thirty Serverless Architectures in 30 Minutes
SRV213-Thirty Serverless Architectures in 30 Minutes
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account Strategy
 
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
DEV328_DevOps Lessons from Courser a Site Performance, Reliability, and Devel...
 
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
GPSTEC323-SaaS and OpenID Connect The Secret Sauce Multi-Tenant Identity and ...
 
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
Dow Jones & Wall Street Journal's journey to manage traffic spikes while miti...
 
HLC308_Refactoring to the Cloud
HLC308_Refactoring to the CloudHLC308_Refactoring to the Cloud
HLC308_Refactoring to the Cloud
 

Similaire à FSV308-Culture Shift How to Move a Global Financial Services Organization to DevOps Op Model

Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAdding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAmazon Web Services
 
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...Amazon Web Services
 
規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐Amazon Web Services
 
DEV206_Life of a Code Change to a Tier 1 Service
DEV206_Life of a Code Change to a Tier 1 ServiceDEV206_Life of a Code Change to a Tier 1 Service
DEV206_Life of a Code Change to a Tier 1 ServiceAmazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamAmazon Web Services
 
DevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSDevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSTom Laszewski
 
Serverless and DevOps
Serverless and DevOpsServerless and DevOps
Serverless and DevOpsChris Munns
 
GPSBUS208-GPS DevOps transformations leading to cloud migrations
GPSBUS208-GPS DevOps transformations leading to cloud migrationsGPSBUS208-GPS DevOps transformations leading to cloud migrations
GPSBUS208-GPS DevOps transformations leading to cloud migrationsAmazon Web Services
 
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018Amazon Web Services
 
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
 
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftDevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftAmazon Web Services
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfAmazon Web Services
 
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Amazon Web Services
 
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 Amazon Web Services
 
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017Amazon Web Services
 
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Amazon Web Services
 
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkIntroduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
 

Similaire à FSV308-Culture Shift How to Move a Global Financial Services Organization to DevOps Op Model (20)

DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAdding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps Pipelines
 
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...
GPSWKS404-GPS Game Changing C2S Services To Transform Your Customers Speed To...
 
規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐
 
DEV206_Life of a Code Change to a Tier 1 Service
DEV206_Life of a Code Change to a Tier 1 ServiceDEV206_Life of a Code Change to a Tier 1 Service
DEV206_Life of a Code Change to a Tier 1 Service
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security Team
 
DevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSDevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWS
 
Serverless and DevOps
Serverless and DevOpsServerless and DevOps
Serverless and DevOps
 
GPSBUS208-GPS DevOps transformations leading to cloud migrations
GPSBUS208-GPS DevOps transformations leading to cloud migrationsGPSBUS208-GPS DevOps transformations leading to cloud migrations
GPSBUS208-GPS DevOps transformations leading to cloud migrations
 
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018
 
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...
 
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftDevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdf
 
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
 
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
 
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017
Continuous Compliance on AWS at Scale - SID313 - re:Invent 2017
 
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...
 
Webinar-DevOps.pdf
Webinar-DevOps.pdfWebinar-DevOps.pdf
Webinar-DevOps.pdf
 
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkIntroduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption Framework
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

FSV308-Culture Shift How to Move a Global Financial Services Organization to DevOps Op Model

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. F SV308 – Cul ture shi ft: How to move a gl obal F i nanci al Servi ces organi zati on to a DevOps operati ng mod el A l a n G a r v e r , D e v O p s P r o f e s s i o n a l S e r v i c e s C o n s u l t a n t - A W S M a h d i S a j j a d p o u r , A W S B u s i n e s s D e v e l o p m e n t M a n a g e r - S e r v i c e C a t a l o g J o n n y S y w u l a k , S r . D e v O p s A u t o m a t i o n E n g i n e e r - S t e l l i g e n t November 27, 2017
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to expect from this session • How Financial Services enterprises can enable self-service DevOps capabilities on AWS • Strategy for enabling enterprise-wide transformation and ramping up quickly • Three specific strategies to try at home
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Transformation Challenge
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Technology challenges • Infrastructure automation • Monolithic applications • Tooling selection noise • Security and resiliency • Failure detection • Automated controls
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dev Operations LOB1 AppDev Prod Operations LOB1 Arch LOB1 Security LOB1 QA LOB2 Security LOB2 AppDev LOB2 QA Business Continuity Corp Risk InfoSec LOB2 Risk Organizational challenges • Organizational complexity • Skills and cloud experience • Multiple process handoffs • Long lead times • Ownership confusion LOB2 DevOps
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Financial enterprise challenges • Regulatory compliance • Encryption and security • Least privileged access • Audit and reporting • Separation of duties
  • 7. Monolith development lifecycle—circa 2000 developers releasetestbuild delivery pipelineapp
  • 8. 2-Pizza team responsibility venn diagram Responsible for THEIR PRODUCT Deployment tools CI/CD tools Monitoring tools Metrics tool Logging tools APM tools Infrastructure provisioning tools Security tools Database management tools Testing tools …. Not responsible for * *Unless their product is in green
  • 9. Microservice development lifecycle developers delivery pipelinesservices releasetestbuild releasetestbuild releasetestbuild releasetestbuild releasetestbuild releasetestbuild
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DevOps transformation takes time Technological Organizational • Infrastructure as code • Self-service • Single purpose • Microservices • Cultural philosophy • Builders have ownership • “You build it, you run it” • Let builders build
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Organizational transformation • Move from manual handoffs to “as a service” • Automate all the things • Simplify and decompose monoliths • Two Pizza service teams Database As a Service Servers As a Service Encryption As a Service App Deploy As a Service App Function As a Service
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Pipeline • Resources morph from source, to executable, to operational • Tests ensure integrity and validity of the resource
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The DevOps Pipeline • Failures stop the line, and prevent breakages to production • Fast feedback provided to the developer • Customized to your software development lifecycle
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer The DevOps Pipeline Application Infrastructure
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Infrastructure as code is part of the pipeline • Infrastructure is part of the software • Purpose built infrastructure improves security The DevOps Pipeline Application Infrastructure Developer
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Self-service for developers Developer Developer Developer Developer Developer Developer per eveloper
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Yeah but, this is financial services… • Concerns over self-service access to infrastructure • Sensitive data protection • Regulatory infrastructure compliance • Maintain separation of duties
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Doesn’t this just create problems faster? Developer Developer Developer Developer
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized templates Developer Self-service access to infrastructure Policy enforcement
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-Service Infrastructure AWS Service Catalog & AWS CloudFormation
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-service infrastructure • Faster innovation • Repeatable • Scalable • Secure • Least privilege • Testable • Immutable Standardized patterns Purpose built patterns
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ease of use Agility Governance Scale What do we want to gain?
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Standardize Enforce policy Integrate Automate How to get to self-service?
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CloudFormation Template CloudFormation Stack JSON or YAML formatted file Parameter definition Resource creation Configuration actions Configured AWS services Comprehensive service support Service event aware Customizable Framework Stack creation Stack updates Error detection and rollback
  • 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Service Catalog DevelopersOrganizations Control Standardization Governance Agility Self-service Time to market
  • 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key benefits Standardize Enforce consistency and compliance Limit access Enforce tagging Developer autonomy Guardrail resources Automate deployments Single-pane for provisioning
  • 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Standardized patterns • Common infrastructure patterns • Traditional policy enforcement • Doesn’t depend on policy automation • New user friendly Purpose-built patterns • Purpose built • Increased security and least privilege • Requires policy enforcement automation • Experimentation and innovation Types of self-service infrastructure AWS CloudFormation AWS Service Catalog
  • 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer AWS Service Catalog CloudFormation Template Standardized patterns Purpose built patterns - Preapproved, Verified, Secure - Common Application Pattern - Security/Governance Enforced - Immediately Available - Requires security checks - Specific to application needs - Longer provisioning time - New application pattern
  • 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Standardized patterns ITSM AWS Service Catalog Deployed Stack
  • 32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GIT Purpose built patterns Developer CloudFormation Template Security Controls ITSM
  • 33. NumberofApplicationsonAWS Cloud Maturity 80% - Standardized 20% - Purpose Built Provisioning Mechanism 100% Manual 20% - Standardized 80% - Purpose Built Template Factory Security/Governance Automation 5-6 Common Application Patterns Agile Governance DevOps Policy Engineering Shift to DevOps operating model
  • 34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized template catalog Developer Select from a catalog of pre-built compliant templates Policy enforcement ? ?
  • 36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Centralized governance and control Authorized templates Policy enforcement Effort intensive
  • 37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Governance bottleneck Developer Developer Developer Developer Developer Developer per eveloper Policy enforcement
  • 38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Authorized template catalog Scale through automation Policy enforcement Policy automation engine
  • 39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Policy Automation with cfn_nag
  • 41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Policy in the pipeline How do you test policy?
  • 42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Analysis of CloudFormation templates
  • 43. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Static code analysis of AWS CloudFormation Block undesirable resource specifications Proactive preventative control, stop before creating resources Enforceable in a pipeline What is cfn_nag?
  • 44. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EC2 Instance Security Groups with ingress of 0.0.0.0/0 IAM Permissions given to all (*) resources or all (*) actions EBS volumes for full disk encryption Custom rules cfn_nag will check for things like…
  • 45. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
  • 46. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Would you like to learn more? Using AWS to Achieve Both Autonomy and Governance at 3M DEV332—Tuesday, Nov 28 1:45-2:45 Security Validation Through Continuous Delivery at Verizon DEV403—Friday, Dec 1, 10:45 AM - 11:45 AM https://stelligent.com/fsv308
  • 47. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Developer Self-service policy automation? Developer Developer Developer Developer Developer Developer per eveloper Policy enforcement X
  • 49. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 50. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enforcing Policy at Scale Simple Orchestrator
  • 51. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Simple consistent experience • Standardized pattern vs. Custom infrastructure • What about ? : • Configuration Management • Logging • Monitoring • Artifact Management • ITSM
  • 52. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Simplify repetitive tasks Consistent interface Best practices and guardrails Orchestrate all the things Portable functions
  • 53. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Orchestration • Enable direct access to a native capability • Common interface for multiple tools • Automate reparative tasks • Stand up automated guardrails • Goal is speed and ease of best practice use Abstraction • Create common provider schema • Aimed at multi-cloud portability • Limits use of capabilities to least common • Longer customization development cycles • Goal is preventing vendor lock-in Orchestration, not abstraction
  • 54. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Orchestrating confidence in the pipeline Developer Customer Unit Development Environment Production Environment Iterate & Test Commit Deploy No Access Needed Consistency
  • 55. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Python-based CLI example • Easy to build and maintain • Single interface for all the tools • Modular and opinionated • Built to purpose • Enforceable in the Pipeline
  • 56. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Python CLI Example with Click
  • 57. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 58. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Modular
  • 59. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 60. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Self-service policy automation Developers are customers Consistent interface for all the things Enforcement at scale
  • 61. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling self-service at scale Traditional DevOps  Governance at scale  Cloud governance  Self-service governance
  • 62. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Enabling DevOps transformation • Ramp quickly with infrastructure as code governance • https://aws.amazon.com/servicecatalog/ • Automate and codify all our policy • https://stelligent.com/fsv308 • Enforce at scale through consistent low friction developer experience • https://github.com/pallets/click
  • 63. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you! F S V 3 0 8 – C u l t u r e s h i f t : H o w t o m o v e a g l o b a l F i n a n c i a l S e r v i c e s o r g a n i z a t i o n t o a D e v O p s o p e r a t i n g m o d e l A l a n G a r v e r , D e v O p s P r o f e s s i o n a l S e r v i c e s C o n s u l t a n t - A W S M a h d i S a j j a d p o u r , A W S B u s i n e s s D e v e l o p m e n t M a n a g e r - S e r v i c e C a t a l o g J o n n y S y w u l a k , S r . D e v O p s A u t o m a t i o n E n g i n e e r - S t e l l i g e n t