SlideShare une entreprise Scribd logo

Journey through the Cloud - Best Practices Getting Started in the AWS Cloud

Amazon Web Services
Amazon Web Services

YouTube recording: http://youtu.be/DWMfXH3OfoE Getting started with Amazon Web Services (AWS) is fast and simple. These slides from our Best Practices webinar outline best practice guidance from many customers and the Amazon Web Services team, helping you gain advantage as your implement your projects in AWS. It also covers how you can ensure your applications are simple to manage, resilient and cost effective and how to set up accounts and use consolidated billing.

Technologie
1  sur  84
Télécharger pour lire hors ligne
Best practices for getting started with AWS Ryan Shuttleworth – Technical Evangelist @ryanAWS
Journey through the cloud Common use cases & stepping stones into the AWS cloud Learning from customer journeys Best practices to bootstrap your projects
Best practices Simple things to plan for when starting with AWS Some technical and human considerations Helping you put your best foot forward from the off
Agenda 8 things you should know Where you should start Things to do up front
1 Choose your use case well
Choose use case that suits you Low hanging fruit can be easiest way to ‘cut teeth’
Choose use case that suits you Dev & Test Spin environments up and down on demand Decouple development and test environments from operations constraints Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
Choose use case that suits you Dev & Test Backup & DR Spin environments up and down Take part of your data or on demand business applications step- by- step into non-production DR use Decouple development and test environments from operations Understand cloud dynamics and constraints test during controlled failovers Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
Choose use case that suits you Dev & Test Backup & DR Greenfield Project Spin environments up and down Take part of your data or Embody best practice of cloud on demand business applications step- by- computing in unconstrained step into non-production DR use greenfield projects Decouple development and test environments from operations Understand cloud dynamics and Self contained web projects, constraints test during controlled failovers document archiving etc Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
Choose use case that suits you Dev & Test Backup & DR Greenfield Project Pain point Spin environments up and down Take part of your data or Embody best practice of cloud Move specific service aspects on demand business applications step- by- computing in unconstrained causing undue cost or step into non-production DR use greenfield projects management burden Decouple development and test environments from operations Understand cloud dynamics and Self contained web projects, Workflows, search indexing, constraints test during controlled failovers document archiving etc media streaming, document archiving, constrained databases Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
Plan evolution & set goals PoC Production Automation Understand services Implement monitoring Automate corrective measures Examples Test performance Change control and management Auto-scaling Architect for scale Security management Zero downtime deployments Build cross functional team capabilities Scalability System backup and recovery
Plan evolution & set goals PoC Production Automation Understand services Implement monitoring Automate corrective measures Examples Test performance Change control and management Auto-scaling Architect for scale Security management Zero downtime deployments Build cross functional team capabilities Scalability System backup and recovery Beanstalk APIs Beanstalk Cloud Formation CLI Cloud Watch Auto scaling IAM
2 Organize your house
Organize your house Accounts Create an account structure that makes sense Use accounts like environments where you need separation and control e.g Dev Sandboxes Test Environments Business Units Products & Services
Organize your house Accounts Billing Create an account structure Control access to billing that makes sense information Use accounts like environments Use IAM users to keep billing where you need separation and information in the master account control Consolidate billing into a e.g single account Dev Sandboxes Let one account pick up the bill for Test Environments multiple ‘sub accounts’ Business Units Products & Services Setup billing alerts and automated bill reporting Get CloudWatch notifications when billing reaches a point and output csv reports to S3 for analysis
Enable CSV & Billing settings Programmatic Access Billing Preferences
Master Account aws.invoices@mycompany.com
Master Account aws.invoices@mycompany.com consolidated billing information Division B admin@divisionB.com IAM User2 Dev2 Admin2
Master Account aws.invoices@mycompany.com consolidated billing information Tags: (key- value) Division B e.g Own=Div Proj=R admin@divisionB.com IAM User2 Dev2 Admin2 Tags: Tags: Tags: Own=Div Own=Div Own=Div Proj=P Proj=Q Proj=R
Master Account aws.invoices@mycompany.com consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
Master Account aws.invoices@mycompany.com consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
Programmatic billing access Master Account aws.invoices@mycompany.com S3 CSV consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
Programmatic billing access Master Account aws.invoices@mycompany.com S3 CSV consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
Organize your house Accounts Billing Create an account structure Control access to billing that makes sense information Use accounts like environments Use IAM users to keep billing where you need separation and information in the master account control Consolidate billing into a e.g single account Dev Sandboxes Let one account pick up the bill for Test Environments multiple ‘sub accounts’ Business Units Products & Services Setup billing alerts and automated bill reporting Get CloudWatch notifications when billing reaches a point and output csv reports to S3 for analysis
Organize your house Accounts Billing Access Keys Create an account structure Control access to billing Decide upon a key that makes sense information management strategy Use accounts like environments Use IAM users to keep billing Control access to EC2 instances via where you need separation and information in the master account SSH and embedded public key: control e.g. EC2 Key Pair per group of Consolidate billing into a instances, EC2 Key Pair per account e.g single account Dev Sandboxes Consider SSH key rotation & Let one account pick up the bill for Test Environments multiple ‘sub accounts’ automation Business Units Limit exposure to private key Products & Services Setup billing alerts and compromise by rotating keys and replacing authorized_keys automated bill reporting listings on running instances Get CloudWatch notifications when Consider bootstrap automation to billing reaches a point and output grant developer access with csv reports to S3 for analysis developer unique keypairs
Organize your house Accounts Billing Access Keys Groups & Roles Create an account structure Control access to billing Decide upon a key Use IAM Groups to manage that makes sense information management strategy console users and API access Use accounts like environments Use IAM users to keep billing Control access to EC2 instances via Provide developers with IAM user where you need separation and information in the master account SSH and embedded public key: login and unique API access control e.g. EC2 Key Pair per group of credentials Consolidate billing into a instances, EC2 Key Pair per account Control & restrict what IAM users e.g single account can do by placing them in groups Dev Sandboxes Consider SSH key rotation & with policies Let one account pick up the bill for Test Environments multiple ‘sub accounts’ automation Business Units Limit exposure to private key Assign EC2 Instances IAM Products & Services compromise by rotating keys and roles Setup billing alerts and replacing authorized_keys Let AWS manage API access automated bill reporting listings on running instances credentials on running instances by Get CloudWatch notifications when Consider bootstrap automation to assigning a system entitlement to an billing reaches a point and output grant developer access with instance csv reports to S3 for analysis developer unique keypairs e.g instance can only read S3 bucket
Identity & access management Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin
Identity & access management Groups Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin Multi-factor authentication
Identity & access management Groups Account Roles Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin Multi-factor authentication AWS system entitlements
IAM policies { "Statement": [ { "Effect": "Allow", "Action": [ "elasticbeanstalk:*", Policy driven "ec2:*", "elasticloadbalancing:*", Declarative definition of rights for groups "autoscaling:*", "cloudwatch:*", Policies control access to AWS APIs "s3:*", "sns:*" ], "Resource": "*" } ] }
3 Think security
Shared responsibility Customer Data Platform, Applications, Identity & Access Management You Operating System, Network & Firewall Configuration Client-side Data Encryption & Data Server-side Encryption Network Traffic Protection Integrity Authentication (File System and/or Data) (Encryption/Integrity/Identity) Foundation Services Amazon Compute Storage Database Networking Availability Zones AWS Global Edge Locations Infrastructure Regions
Leverage shared security model Understand your customer & form security stance
Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience
Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience IAM Internal Administration audience Architecture
Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience IAM AWS Certifications Internal Regulated Administration AWS White audience audience Papers Architecture AWS QSA Process
Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Don’t fear assessment – AWS meets high standards (PCI, ISO27001, SOC2…) As with any infrastructure provider, security assessments take time Derive value from architecture reviews early in deployment cycle
Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS http://aws.amazon.com/security/ Risk and compliance paper AWS security processes paper CSA consensus assessments initiative questionnaire
Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS Build upon features of AWS and implement a ‘security by design’ environment
Build upon AWS features Tiered Access Security Groups VPC Direct Connect & VPN IAM Instance firewalls Subnet control Private connections to VPC Control users and allow AWS to Firewall control on instances via Create low level networking Secured access to resources in AWS manage credentials in running Security Groups constraints for resource access, such over software or hardware VPN and instances for service access as public and private subnets, dedicated network links (allocation, rotation) CLIs and APIs internet gateways and NATs Instantly audit your entire AWS APIs vs Instance infrastructure from scriptable APIs – Bastion hosts Provide developer API credentials generate an on-demand IT inventory Only allow access for management and control access to SSH keys enabled by programmatic nature of of production resources from a AWS bastion host. Turn off when not Temporary Credentials needed Provide developer API credentials and control access to SSH keys
4 Architect to use cloud strengths
Architect to use cloud strengths Review application architectures early – assess fit for cloud ? e.g. variable capacity requirements, ‘standard’ technology stacks, reference architectures* Can cloud benefits be leveraged with minimum effort outlay? ? e.g. Application performance improvement by migration of static content to S3/CloudFront Will cloud yield cost savings & agility improvements? ? e.g. Faster development cycles for dev/test, reduced cap-ex for application environments Can automation lead to a more agile & secure service? ? e.g. fully scripted deployments, IAM & EC2 instance roles, rolling deployments *http://aws.amazon.com/architecture
Architect to use cloud strengths Disposable compute ✓✓ Design systems that can suffer instance loss Dispose of compute when it is not ✓ ✓ required
Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Design for systems that potentially scale from zero instances to hundreds Use Auto-scaling (events, schedules etc) to ✓ ✓ ✓ drive capacity availability
Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Utilize 99.999999999% durability of objects in S3 Scale databases with RDS and use Cost effective & reliable storage ✓ ✓ ✓ DynamoDB for high throughput NoSQL
Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Automate everything from scaling to instance recovery from failure Cost effective storage Automation and control
Bootstrapping – custom AMIs Instanc e AMI Custom machine 1 Create instance for your OS choice image 2 Configure environment Auto-scaling Manual deployments 3 Install software Programmatic deployments 4 Create AMI from instance 5 Launch fully configured instances from AMI
Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image ami-id local-hostname Receive custom Metadata data to drive ami-launch-index local-ipv4 Service bootstrapping ami-manifest-path mac block-device-mapping network hostname placement instance-action profile instance-id public-hostname Instance-type public-ipv4 kernel-id public-keys reservation-id
Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image + user data Receive custom data to drive Metadata Service bootstrapping Scripts in user-data field of metadata will be executed on launch e.g. #!/bin/sh yum -y install httpd chkconfig httpd on /etc/init.d/httpd start Or: <powershell> … </powershell>
Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image + user data Receive custom data to drive Metadata Service bootstrapping Scripts in user-data field of metadata will be executed on launch Install software e.g. web server, app server, proxy Pull data and application packages from S3 Publish metadata for instance to other systems e.g. monitoring systems Setup security profile of instance based upon intended use e.g. pull latest config
1. Use multiple availability zones
2. Use RDS with replicas and slaves
3. Use auto-scaling groups
4. Use Elastic Load Balancing
5. Use Route53 to host DNS zones
Architect to use cloud strengths Elastic Load Balancing Route 53 RDS Auto-scaling Use at regional level Leverage SLA Scale databases without Dynamically scale resources & Combined with autoscaling will Improve application reliability with admin overhead control costs balance requests and resource Route 53’s SLA on requests served Choose instance size for databases Only provision the resources that capacity across availability zones and scale up over time are required with scale up and cool Weighted routing down policies that match demand Within VPC Perform A/B analysis, and staged Add high availability from Use to loadbalance between application roll-outs by moving a management console application tiers within an portion of traffic to new Create master-slave configurations availability zone infrastructure and read-replicas. AWS takes care of the failover and recreation of a new Instance migrations Control TTLs and updates slave in event of master DB loss Easily move instances from dev Take absolute control of DNS environments to test environments updates for more decisive system by moving between ELBs updates
5 Services not software
Services not software 30% 70% Self Managed Software & Your Managing All of the Infrastructure Business “Undifferentiated Heavy Lifting” AWS More Time to Focus on Configuring Your Cloud-Based Your Business Cloud Assets Infrastructure & Services 70% 30%
Services not software Relational Database Service Use RDS for databases Database-as-a-Service No need to install or manage database instances Scalable and fault tolerant configurations DynamoDB Use DynamoDB for Provisioned throughput NoSQL database high performance key- Fast, predictable performance value DB Fully distributed, fault tolerant architecture
Services not software Processing results Amazon SQS Reliable message Reliable, highly scalable, queue service Amazon SQS queuing without for storing messages as they travel between instances additional software Processing task/processing trigger 1 2 Push inter-process Simple Workflow Task A workflows into the Reliably coordinate processing steps Task B 3 across applications cloud with SWF (Auto-scaling) Integrate AWS and non-AWS resources Manage distributed state in complex systems Task C
Services not software Document Cloud Search Server Don’t install search Elastic search engine based upon software, use Amazon A9 search engine CloudSearch Fully managed service with sophisticated feature set Search Scales automatically Server Results Elastic MapReduce Elastic Hadoop cluster Process large volumes Integrates with S3 & DynamoDB of data cost effectively Leverage Hive & Pig analytics scripts with EMR Integrates with instance types such as spot
6 Be elastic and cost optimized
Be elastic and cost optimized Elastic Load Balancing Auto-scaling policies Scalability Cost Optimization Availability Instance types and sizes
Auto-scaling policies Manually By Schedule Send an API call or use CLI to Scale up/down based on date launch/terminate instances – and time Only need to specify capacity change (+/-) By Policy Auto-Rebalance Scale in response to changing Instances are automatically conditions, based on user launched/terminated to configured real-time ensure the application is monitoring and alerts balanced across multiple Azs
Auto-scaling policies Manually By Schedule Preemptive manual scaling Send an API call or use CLI to Regular scaling up and down Scale up/down based on date of capacity launch/terminate instances – ofand time instances Only need marketing event add 10 e.g. before a to specify capacity e.g. scale from 0 to 2 to process SQS more instances messages every night or double change (+/-) capacity on a Friday night By Policy Auto-Rebalance Scale in response to changing Instances are automatically Dynamic scale based upon conditions, based on user Maintain capacity across launched/terminated to configuredmetrics custom real-time availability zones ensure the application is e.g. SQS queue depth, Average CPU e.g. Instance availability maintained in monitoring and alerts load, ELB latency balanced across multiple Azs event of AZ becoming unavailable
Instance types On-demand instances Reserved instances Spot instances Unix/Linux instances start at 1- or 3-year terms Bid on unused EC2 capacity $0.02/hour Pay low up-front fee, receive significant hourly Spot Price based on supply/demand, Pay as you go for compute power discount determined automatically Low cost and flexibility Low Cost / Predictability Cost / Large Scale, dynamic workload handling Pay only for what you use, no up-front Helps ensure compute capacity is available commitments or long-term contracts when needed Use Cases: Use Cases: Use Cases: Applications with flexible start and end times Applications with short term, spiky, or unpredictable workloads; Applications with steady state or predictable Applications only feasible at very low compute usage prices Application development or testing Applications that require reserved capacity, including disaster recovery
7 Use frameworks
Everything is programmable Access everything Achieve the highest levels via CLI, API or Compute of automation Console Security Scaling sophistication with ease CDN Backup DNS Database Storage Load Balancing Workflow Monitoring Networking Messaging
Elastic Beanstalk OpsWorks CloudFormation Quickly deploy and manage apps in AWS…
Elastic Beanstalk OpsWorks CloudFormation CloudFormation components & terminology CloudFormation Template Stack JSON formatted file Framework Configured AWS services Parameter definition Stack creation Comprehensive service support Resource creation Stack updates Service event aware Configuration actions Error detection and rollback Customisable
Elastic Beanstalk OpsWorks CloudFormation Powerful management framework with Chef support Stack Layers Apps Management Managed Collection of Your application Management environment resources assets services Definition of environment Blueprint for a Resources to deploy Scaling, cloning, user such as production or test collection of resources and run in layers access, self healing (instances, EBS, EIPs etc)
8 Get supported
Offering Basic 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Support for HealthChecks Enterprise
Offering Basic 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Support for HealthChecks Enterprise
Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Email Named Contacts 1 Enterprise Fastest Response Time 12 Hours Architecture Support Building Blocks Best Practice ✓ Diagnostics Tools ✓
Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Phone, Chat, Email Enterprise Named Contacts 5 Fastest Response Time 1 Hour Architecture Support Use Case Guidance Best Practice ✓ Diagnostics Tools ✓ Direct Routing ✓ 3rd Party Software ✓ Trusted Advisor ✓
Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Business Documentation ✓ Access to support Phone, Chat, Email Enterprise Named Contacts Unlimited Fastest Response Time 15 Minutes Architecture Support Application Architecture Best Practice ✓ Diagnostics Tools ✓ Direct Routing ✓ 3rd Party Software ✓ Trusted Advisor ✓ Direct TAM Access ✓ White Glove Case Handling ✓ Management Business Review ✓
Trusted advisor
Business and Enterprise Support has been enhanced to include best practice audits via AWS Trusted Advisor Security Fault Tolerance Cost Optimization Open ports in Security Groups EBS snapshot age Unused Elastic Ips World access (/0 CIDR) ELB Optimization Underutilized EC2 instances IAM use Availability Zones
3rd party software
3rd Party Software Support Enhancements Operating Systems 3rd Party Software Operating Systems including: Common application stack components including: Amazon Linux Apache and IIS web servers Ubuntu Amazon SDKs Red Hat Enterprise Linux Sendmail SUSE Linux Postfix FTP Microsoft Windows 2003 & 2008 R2 Disk Management tools (LVM, RAID) VPN Solutions (OpenVPN, RRAS) Databases (MySQL, SQL Server)
Summary
Choose your use case well Organize your environments Think security Architect to cloud strengths Services not software Be elastic & cost optimized Use frameworks where appropriate Get supported
aws.amazon.com

Recommandé

110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
New Lease
 
Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012
Microsoft TechNet - Belgium and Luxembourg
 
Agile in Action - Act 2: Development
Agile in Action - Act 2: DevelopmentAgile in Action - Act 2: Development
Agile in Action - Act 2: Development
Spiffy
 
mcAMDOIS - CAPI
mcAMDOIS - CAPImcAMDOIS - CAPI
mcAMDOIS - CAPI
mcAMDOIS
 
Checking the health of your active directory enviornment
Checking the health of your active directory enviornmentChecking the health of your active directory enviornment
Checking the health of your active directory enviornment
Spiffy
 
VMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZVMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZ
ASBIS SK
 
OOW 09 EBS Application Change Management Pack
OOW 09 EBS Application Change Management PackOOW 09 EBS Application Change Management Pack
OOW 09 EBS Application Change Management Pack
jucaab
 
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
AnnSteyaert_vmware
 

Recommandé

110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
110531 newlease heads in the clouds feet on the ground v2.0 (partner ready) ...
New Lease
 
Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012
Microsoft TechNet - Belgium and Luxembourg
 
Agile in Action - Act 2: Development
Agile in Action - Act 2: DevelopmentAgile in Action - Act 2: Development
Agile in Action - Act 2: Development
Spiffy
 
mcAMDOIS - CAPI
mcAMDOIS - CAPImcAMDOIS - CAPI
mcAMDOIS - CAPI
mcAMDOIS
 
Checking the health of your active directory enviornment
Checking the health of your active directory enviornmentChecking the health of your active directory enviornment
Checking the health of your active directory enviornment
Spiffy
 
VMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZVMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZ
ASBIS SK
 
OOW 09 EBS Application Change Management Pack
OOW 09 EBS Application Change Management PackOOW 09 EBS Application Change Management Pack
OOW 09 EBS Application Change Management Pack
jucaab
 
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
VMware - Snapshot sessions - Get a better insight in your infrastructure vCo...
AnnSteyaert_vmware
 
Application HA in Virtual Environments
Application HA in Virtual EnvironmentsApplication HA in Virtual Environments
Application HA in Virtual Environments
Arrow ECS UK
 
Enterprise management – solution suite overview ms
Enterprise management – solution suite overview msEnterprise management – solution suite overview ms
Enterprise management – solution suite overview ms
Arrow ECS UK
 
Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011
Symantec
 
Applications at Scale
Applications at ScaleApplications at Scale
Applications at Scale
ServiceMesh
 
The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9
wnowakkk
 
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al ZollarIBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
Kathy (Kat) Mandelstein
 
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Anton Arhipov
 
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Carolyn Crowe
 
Private cloud day session 4 automating and delivering services in your privat...
Private cloud day session 4 automating and delivering services in your privat...Private cloud day session 4 automating and delivering services in your privat...
Private cloud day session 4 automating and delivering services in your privat...
Microsoft TechNet - Belgium and Luxembourg
 
Accelerate Automate and Assure Cloud Environments
Accelerate Automate and Assure Cloud EnvironmentsAccelerate Automate and Assure Cloud Environments
Accelerate Automate and Assure Cloud Environments
Carl Terrantroy
 
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
Dubravko Marak
 
Guy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App ServersGuy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App Servers
deimos
 
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
wwwally
 
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrixMon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
eurocloud
 
Repeater customer business presentation 5 nov-12
Repeater customer business presentation 5 nov-12Repeater customer business presentation 5 nov-12
Repeater customer business presentation 5 nov-12
Nuno Alves
 
Virtualization Into Cloud
Virtualization Into CloudVirtualization Into Cloud
Virtualization Into Cloud
IBM India Smarter Computing
 
SugarCON partner presentation by IBM
SugarCON partner presentation by IBMSugarCON partner presentation by IBM
SugarCON partner presentation by IBM
Bevdewitt
 
Gtl Rim Capability Final V1 1
Gtl Rim Capability Final V1 1Gtl Rim Capability Final V1 1
Gtl Rim Capability Final V1 1
sonnysonare
 
20120620 moving to windows azure
20120620 moving to windows azure20120620 moving to windows azure
20120620 moving to windows azure
Luis Martins
 
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
Amazon Web Services
 
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
Amazon Web Services
 
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
Amazon Web Services
 

Contenu connexe

Tendances

The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9
wnowakkk
 
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Anton Arhipov
 
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
Dubravko Marak
 
Guy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App ServersGuy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App Servers
deimos
 
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrixMon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
eurocloud
 

Tendances (19)

Application HA in Virtual Environments
Application HA in Virtual EnvironmentsApplication HA in Virtual Environments
Application HA in Virtual Environments
 
Enterprise management – solution suite overview ms
Enterprise management – solution suite overview msEnterprise management – solution suite overview ms
Enterprise management – solution suite overview ms
 
Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011
 
Applications at Scale
Applications at ScaleApplications at Scale
Applications at Scale
 
The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9The business benefits_of_metastorm_bp_mv9
The business benefits_of_metastorm_bp_mv9
 
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al ZollarIBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
 
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel Improve your Developer Experiece using the WAS Liberty Profile with JRebel
Improve your Developer Experiece using the WAS Liberty Profile with JRebel
 
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)
 
Private cloud day session 4 automating and delivering services in your privat...
Private cloud day session 4 automating and delivering services in your privat...Private cloud day session 4 automating and delivering services in your privat...
Private cloud day session 4 automating and delivering services in your privat...
 
Accelerate Automate and Assure Cloud Environments
Accelerate Automate and Assure Cloud EnvironmentsAccelerate Automate and Assure Cloud Environments
Accelerate Automate and Assure Cloud Environments
 
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
[Dubravko marak] Kako kreirati private cloud koristeći sistem centar 2012
 
Guy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App ServersGuy Nirpaz Next Gen App Servers
Guy Nirpaz Next Gen App Servers
 
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
 
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrixMon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
 
Repeater customer business presentation 5 nov-12
Repeater customer business presentation 5 nov-12Repeater customer business presentation 5 nov-12
Repeater customer business presentation 5 nov-12
 
Virtualization Into Cloud
Virtualization Into CloudVirtualization Into Cloud
Virtualization Into Cloud
 
SugarCON partner presentation by IBM
SugarCON partner presentation by IBMSugarCON partner presentation by IBM
SugarCON partner presentation by IBM
 
Gtl Rim Capability Final V1 1
Gtl Rim Capability Final V1 1Gtl Rim Capability Final V1 1
Gtl Rim Capability Final V1 1
 
20120620 moving to windows azure
20120620 moving to windows azure20120620 moving to windows azure
20120620 moving to windows azure
 

En vedette

BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
Amazon Web Services
 
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and moreScaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
Dropsolid
 
Manage Security & Compliance of Your AWS Account using CloudTrail
Manage Security & Compliance of Your AWS Account using CloudTrailManage Security & Compliance of Your AWS Account using CloudTrail
Manage Security & Compliance of Your AWS Account using CloudTrail
Cloudlytics
 
Common Workloads on the AWS Cloud
Common Workloads on the AWS CloudCommon Workloads on the AWS Cloud
Common Workloads on the AWS Cloud
Amazon Web Services
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
Amazon Web Services
 

En vedette (20)

BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
BDT205 Solving Big Problems with Big Data - AWS re: Invent 2012
 
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
GMG204 TinyCo’s Best Practices for Developing, Scaling, and Monetizing Games ...
 
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
BDT202 The Hadoop Ecosystem - AWS re: Invent 2012
 
Smartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS CloudSmartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS Cloud
 
AWS for Start-ups - Leveraging AWS for the Lean Development Cycle
AWS for Start-ups - Leveraging AWS for the Lean Development CycleAWS for Start-ups - Leveraging AWS for the Lean Development Cycle
AWS for Start-ups - Leveraging AWS for the Lean Development Cycle
 
MED203 Scalable Media Processing - AWS re: Invent 2012
MED203 Scalable Media Processing - AWS re: Invent 2012MED203 Scalable Media Processing - AWS re: Invent 2012
MED203 Scalable Media Processing - AWS re: Invent 2012
 
AWS User Group Berlin - Introduction To Amazon Mechanical Turk
AWS User Group Berlin - Introduction To Amazon Mechanical TurkAWS User Group Berlin - Introduction To Amazon Mechanical Turk
AWS User Group Berlin - Introduction To Amazon Mechanical Turk
 
Security and Privacy in the Cloud - Stephen Schmidt - AWS Summit 2012 Australia
Security and Privacy in the Cloud - Stephen Schmidt - AWS Summit 2012 AustraliaSecurity and Privacy in the Cloud - Stephen Schmidt - AWS Summit 2012 Australia
Security and Privacy in the Cloud - Stephen Schmidt - AWS Summit 2012 Australia
 
Aws for the Retail Industry, Webinar, September 2012
Aws for the Retail Industry, Webinar, September 2012Aws for the Retail Industry, Webinar, September 2012
Aws for the Retail Industry, Webinar, September 2012
 
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and moreScaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
Scaling Drupal in AWS Using AutoScaling, Cloudformation, RDS and more
 
ENT103 Making the Case for Cloud - AWS re: Invent 2012
ENT103 Making the Case for Cloud - AWS re: Invent 2012ENT103 Making the Case for Cloud - AWS re: Invent 2012
ENT103 Making the Case for Cloud - AWS re: Invent 2012
 
(STG202) AWS Import/Export Snowball: Large-Scale Data Ingest into AWS
(STG202) AWS Import/Export Snowball: Large-Scale Data Ingest into AWS(STG202) AWS Import/Export Snowball: Large-Scale Data Ingest into AWS
(STG202) AWS Import/Export Snowball: Large-Scale Data Ingest into AWS
 
Big Data Analytics with AWS and AWS Marketplace Webinar
Big Data Analytics with AWS and AWS Marketplace WebinarBig Data Analytics with AWS and AWS Marketplace Webinar
Big Data Analytics with AWS and AWS Marketplace Webinar
 
Manage Security & Compliance of Your AWS Account using CloudTrail
Manage Security & Compliance of Your AWS Account using CloudTrailManage Security & Compliance of Your AWS Account using CloudTrail
Manage Security & Compliance of Your AWS Account using CloudTrail
 
Common Workloads on the AWS Cloud
Common Workloads on the AWS CloudCommon Workloads on the AWS Cloud
Common Workloads on the AWS Cloud
 
Cloud watch
Cloud watchCloud watch
Cloud watch
 
AWS re:Invent 2016: Getting to Ground Truth with Amazon Mechanical Turk (MAC201)
AWS re:Invent 2016: Getting to Ground Truth with Amazon Mechanical Turk (MAC201)AWS re:Invent 2016: Getting to Ground Truth with Amazon Mechanical Turk (MAC201)
AWS re:Invent 2016: Getting to Ground Truth with Amazon Mechanical Turk (MAC201)
 
(STG312) Amazon Glacier Deep Dive: Cold Data Storage in AWS
(STG312) Amazon Glacier Deep Dive: Cold Data Storage in AWS(STG312) Amazon Glacier Deep Dive: Cold Data Storage in AWS
(STG312) Amazon Glacier Deep Dive: Cold Data Storage in AWS
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
 
cloud computing in e commerce
cloud computing in e commercecloud computing in e commerce
cloud computing in e commerce
 

Similaire à Journey through the Cloud - Best Practices Getting Started in the AWS Cloud

Best Practices for Getting Started with AWS
Best Practices for Getting Started with AWSBest Practices for Getting Started with AWS
Best Practices for Getting Started with AWS
Amazon Web Services
 
Development and Test on AWS - Pizette
Development and Test on AWS - PizetteDevelopment and Test on AWS - Pizette
Development and Test on AWS - Pizette
Amazon Web Services
 
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Amazon Web Services
 

Similaire à Journey through the Cloud - Best Practices Getting Started in the AWS Cloud (20)

AWS Best Practices - Ryland
AWS Best Practices - RylandAWS Best Practices - Ryland
AWS Best Practices - Ryland
 
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
 
AWS AWSome Day - Getting Started Best Practices
AWS AWSome Day - Getting Started Best PracticesAWS AWSome Day - Getting Started Best Practices
AWS AWSome Day - Getting Started Best Practices
 
Best Practices for Getting Started with AWS
Best Practices for Getting Started with AWSBest Practices for Getting Started with AWS
Best Practices for Getting Started with AWS
 
AWS RoadShow Edinburgh Part 3 - Getting Started with AWS
AWS RoadShow Edinburgh Part 3 - Getting Started with AWSAWS RoadShow Edinburgh Part 3 - Getting Started with AWS
AWS RoadShow Edinburgh Part 3 - Getting Started with AWS
 
AWS RoadShow Manchester Part 3 - Getting Started with AWS
AWS RoadShow Manchester Part 3 - Getting Started with AWSAWS RoadShow Manchester Part 3 - Getting Started with AWS
AWS RoadShow Manchester Part 3 - Getting Started with AWS
 
AWS RoadShow Dublin - Part 3 Getting Started with AWS
AWS RoadShow Dublin - Part 3 Getting Started with AWSAWS RoadShow Dublin - Part 3 Getting Started with AWS
AWS RoadShow Dublin - Part 3 Getting Started with AWS
 
AWS RoadShow Cambridge Part 4 - Getting Started with AWS
AWS RoadShow Cambridge Part 4 - Getting Started with AWSAWS RoadShow Cambridge Part 4 - Getting Started with AWS
AWS RoadShow Cambridge Part 4 - Getting Started with AWS
 
AWS RoadShow Bristol - Part 2 Getting Started with AWS
AWS RoadShow Bristol - Part 2 Getting Started with AWSAWS RoadShow Bristol - Part 2 Getting Started with AWS
AWS RoadShow Bristol - Part 2 Getting Started with AWS
 
Best Practices for getting Started on AWS
Best Practices for getting Started on AWSBest Practices for getting Started on AWS
Best Practices for getting Started on AWS
 
AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best Practices
 
AWS Partner Presentation - CSS Corp
AWS Partner Presentation - CSS CorpAWS Partner Presentation - CSS Corp
AWS Partner Presentation - CSS Corp
 
Cloud Adoption
Cloud AdoptionCloud Adoption
Cloud Adoption
 
Getting Started Best Practices
Getting Started Best PracticesGetting Started Best Practices
Getting Started Best Practices
 
Getting Started with AWS
Getting Started with AWSGetting Started with AWS
Getting Started with AWS
 
Microsoft Azure For Solutions Architects
Microsoft Azure For Solutions ArchitectsMicrosoft Azure For Solutions Architects
Microsoft Azure For Solutions Architects
 
Development and Test on AWS - Pizette
Development and Test on AWS - PizetteDevelopment and Test on AWS - Pizette
Development and Test on AWS - Pizette
 
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
 
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Dernier

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Dernier (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Journey through the Cloud - Best Practices Getting Started in the AWS Cloud

  • 1. Best practices for getting started with AWS Ryan Shuttleworth – Technical Evangelist @ryanAWS
  • 2. Journey through the cloud Common use cases & stepping stones into the AWS cloud Learning from customer journeys Best practices to bootstrap your projects
  • 3. Best practices Simple things to plan for when starting with AWS Some technical and human considerations Helping you put your best foot forward from the off
  • 4. Agenda 8 things you should know Where you should start Things to do up front
  • 5. 1 Choose your use case well
  • 6. Choose use case that suits you Low hanging fruit can be easiest way to ‘cut teeth’
  • 7. Choose use case that suits you Dev & Test Spin environments up and down on demand Decouple development and test environments from operations constraints Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
  • 8. Choose use case that suits you Dev & Test Backup & DR Spin environments up and down Take part of your data or on demand business applications step- by- step into non-production DR use Decouple development and test environments from operations Understand cloud dynamics and constraints test during controlled failovers Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
  • 9. Choose use case that suits you Dev & Test Backup & DR Greenfield Project Spin environments up and down Take part of your data or Embody best practice of cloud on demand business applications step- by- computing in unconstrained step into non-production DR use greenfield projects Decouple development and test environments from operations Understand cloud dynamics and Self contained web projects, constraints test during controlled failovers document archiving etc Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
  • 10. Choose use case that suits you Dev & Test Backup & DR Greenfield Project Pain point Spin environments up and down Take part of your data or Embody best practice of cloud Move specific service aspects on demand business applications step- by- computing in unconstrained causing undue cost or step into non-production DR use greenfield projects management burden Decouple development and test environments from operations Understand cloud dynamics and Self contained web projects, Workflows, search indexing, constraints test during controlled failovers document archiving etc media streaming, document archiving, constrained databases Explore elasticity in a sandboxed environment Low hanging fruit can be easiest way to ‘cut teeth’
  • 11. Plan evolution & set goals PoC Production Automation Understand services Implement monitoring Automate corrective measures Examples Test performance Change control and management Auto-scaling Architect for scale Security management Zero downtime deployments Build cross functional team capabilities Scalability System backup and recovery
  • 12. Plan evolution & set goals PoC Production Automation Understand services Implement monitoring Automate corrective measures Examples Test performance Change control and management Auto-scaling Architect for scale Security management Zero downtime deployments Build cross functional team capabilities Scalability System backup and recovery Beanstalk APIs Beanstalk Cloud Formation CLI Cloud Watch Auto scaling IAM
  • 14. Organize your house Accounts Create an account structure that makes sense Use accounts like environments where you need separation and control e.g Dev Sandboxes Test Environments Business Units Products & Services
  • 15. Organize your house Accounts Billing Create an account structure Control access to billing that makes sense information Use accounts like environments Use IAM users to keep billing where you need separation and information in the master account control Consolidate billing into a e.g single account Dev Sandboxes Let one account pick up the bill for Test Environments multiple ‘sub accounts’ Business Units Products & Services Setup billing alerts and automated bill reporting Get CloudWatch notifications when billing reaches a point and output csv reports to S3 for analysis
  • 16. Enable CSV & Billing settings Programmatic Access Billing Preferences
  • 18. Master Account aws.invoices@mycompany.com consolidated billing information Division B admin@divisionB.com IAM User2 Dev2 Admin2
  • 19. Master Account aws.invoices@mycompany.com consolidated billing information Tags: (key- value) Division B e.g Own=Div Proj=R admin@divisionB.com IAM User2 Dev2 Admin2 Tags: Tags: Tags: Own=Div Own=Div Own=Div Proj=P Proj=Q Proj=R
  • 20. Master Account aws.invoices@mycompany.com consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
  • 21. Master Account aws.invoices@mycompany.com consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
  • 22. Programmatic billing access Master Account aws.invoices@mycompany.com S3 CSV consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
  • 23. Programmatic billing access Master Account aws.invoices@mycompany.com S3 CSV consolidated billing information Operating Co. A Division B Business Unit C admin@opcoa.com admin@divisionB.com admin@busUnitC.com User1 User2 User3 IAM IAM IAM Dev1 Dev2 Dev3 Admin1 Admin2 Admin3 Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Tags: Own=OpCo Own=OpCo Own=OpCo Own=Div Own=Div Own=Div Own=BusC Own=BusC Own=BusC Proj=A Proj=B Proj=C Proj=P Proj=Q Proj=R Proj=X Proj=Y Proj=Z
  • 24. Organize your house Accounts Billing Create an account structure Control access to billing that makes sense information Use accounts like environments Use IAM users to keep billing where you need separation and information in the master account control Consolidate billing into a e.g single account Dev Sandboxes Let one account pick up the bill for Test Environments multiple ‘sub accounts’ Business Units Products & Services Setup billing alerts and automated bill reporting Get CloudWatch notifications when billing reaches a point and output csv reports to S3 for analysis
  • 25. Organize your house Accounts Billing Access Keys Create an account structure Control access to billing Decide upon a key that makes sense information management strategy Use accounts like environments Use IAM users to keep billing Control access to EC2 instances via where you need separation and information in the master account SSH and embedded public key: control e.g. EC2 Key Pair per group of Consolidate billing into a instances, EC2 Key Pair per account e.g single account Dev Sandboxes Consider SSH key rotation & Let one account pick up the bill for Test Environments multiple ‘sub accounts’ automation Business Units Limit exposure to private key Products & Services Setup billing alerts and compromise by rotating keys and replacing authorized_keys automated bill reporting listings on running instances Get CloudWatch notifications when Consider bootstrap automation to billing reaches a point and output grant developer access with csv reports to S3 for analysis developer unique keypairs
  • 26. Organize your house Accounts Billing Access Keys Groups & Roles Create an account structure Control access to billing Decide upon a key Use IAM Groups to manage that makes sense information management strategy console users and API access Use accounts like environments Use IAM users to keep billing Control access to EC2 instances via Provide developers with IAM user where you need separation and information in the master account SSH and embedded public key: login and unique API access control e.g. EC2 Key Pair per group of credentials Consolidate billing into a instances, EC2 Key Pair per account Control & restrict what IAM users e.g single account can do by placing them in groups Dev Sandboxes Consider SSH key rotation & with policies Let one account pick up the bill for Test Environments multiple ‘sub accounts’ automation Business Units Limit exposure to private key Assign EC2 Instances IAM Products & Services compromise by rotating keys and roles Setup billing alerts and replacing authorized_keys Let AWS manage API access automated bill reporting listings on running instances credentials on running instances by Get CloudWatch notifications when Consider bootstrap automation to assigning a system entitlement to an billing reaches a point and output grant developer access with instance csv reports to S3 for analysis developer unique keypairs e.g instance can only read S3 bucket
  • 27. Identity & access management Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin
  • 28. Identity & access management Groups Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin Multi-factor authentication
  • 29. Identity & access management Groups Account Roles Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin Multi-factor authentication AWS system entitlements
  • 30. IAM policies { "Statement": [ { "Effect": "Allow", "Action": [ "elasticbeanstalk:*", Policy driven "ec2:*", "elasticloadbalancing:*", Declarative definition of rights for groups "autoscaling:*", "cloudwatch:*", Policies control access to AWS APIs "s3:*", "sns:*" ], "Resource": "*" } ] }
  • 32. Shared responsibility Customer Data Platform, Applications, Identity & Access Management You Operating System, Network & Firewall Configuration Client-side Data Encryption & Data Server-side Encryption Network Traffic Protection Integrity Authentication (File System and/or Data) (Encryption/Integrity/Identity) Foundation Services Amazon Compute Storage Database Networking Availability Zones AWS Global Edge Locations Infrastructure Regions
  • 33. Leverage shared security model Understand your customer & form security stance
  • 34. Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience
  • 35. Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience IAM Internal Administration audience Architecture
  • 36. Leverage shared security model Understand your customer & form security stance Penetration test requests Your certifications Your processes External audience IAM AWS Certifications Internal Regulated Administration AWS White audience audience Papers Architecture AWS QSA Process
  • 37. Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Don’t fear assessment – AWS meets high standards (PCI, ISO27001, SOC2…) As with any infrastructure provider, security assessments take time Derive value from architecture reviews early in deployment cycle
  • 38. Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS http://aws.amazon.com/security/ Risk and compliance paper AWS security processes paper CSA consensus assessments initiative questionnaire
  • 39. Leverage shared security model Understand your customer & form security stance Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS Build upon features of AWS and implement a ‘security by design’ environment
  • 40. Build upon AWS features Tiered Access Security Groups VPC Direct Connect & VPN IAM Instance firewalls Subnet control Private connections to VPC Control users and allow AWS to Firewall control on instances via Create low level networking Secured access to resources in AWS manage credentials in running Security Groups constraints for resource access, such over software or hardware VPN and instances for service access as public and private subnets, dedicated network links (allocation, rotation) CLIs and APIs internet gateways and NATs Instantly audit your entire AWS APIs vs Instance infrastructure from scriptable APIs – Bastion hosts Provide developer API credentials generate an on-demand IT inventory Only allow access for management and control access to SSH keys enabled by programmatic nature of of production resources from a AWS bastion host. Turn off when not Temporary Credentials needed Provide developer API credentials and control access to SSH keys
  • 41. 4 Architect to use cloud strengths
  • 42. Architect to use cloud strengths Review application architectures early – assess fit for cloud ? e.g. variable capacity requirements, ‘standard’ technology stacks, reference architectures* Can cloud benefits be leveraged with minimum effort outlay? ? e.g. Application performance improvement by migration of static content to S3/CloudFront Will cloud yield cost savings & agility improvements? ? e.g. Faster development cycles for dev/test, reduced cap-ex for application environments Can automation lead to a more agile & secure service? ? e.g. fully scripted deployments, IAM & EC2 instance roles, rolling deployments *http://aws.amazon.com/architecture
  • 43. Architect to use cloud strengths Disposable compute ✓✓ Design systems that can suffer instance loss Dispose of compute when it is not ✓ ✓ required
  • 44. Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Design for systems that potentially scale from zero instances to hundreds Use Auto-scaling (events, schedules etc) to ✓ ✓ ✓ drive capacity availability
  • 45. Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Utilize 99.999999999% durability of objects in S3 Scale databases with RDS and use Cost effective & reliable storage ✓ ✓ ✓ DynamoDB for high throughput NoSQL
  • 46. Architect to use cloud strengths Disposable compute Flexible capacity ✓ ✓ ✓ Automate everything from scaling to instance recovery from failure Cost effective storage Automation and control
  • 47. Bootstrapping – custom AMIs Instanc e AMI Custom machine 1 Create instance for your OS choice image 2 Configure environment Auto-scaling Manual deployments 3 Install software Programmatic deployments 4 Create AMI from instance 5 Launch fully configured instances from AMI
  • 48. Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image ami-id local-hostname Receive custom Metadata data to drive ami-launch-index local-ipv4 Service bootstrapping ami-manifest-path mac block-device-mapping network hostname placement instance-action profile instance-id public-hostname Instance-type public-ipv4 kernel-id public-keys reservation-id
  • 49. Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image + user data Receive custom data to drive Metadata Service bootstrapping Scripts in user-data field of metadata will be executed on launch e.g. #!/bin/sh yum -y install httpd chkconfig httpd on /etc/init.d/httpd start Or: <powershell> … </powershell>
  • 50. Bootstrapping – metadata service Instanc e Metadata service contains wealth of information about an instance AMI http://169.254.169.254/latest/meta-data Custom or standard machine image + user data Receive custom data to drive Metadata Service bootstrapping Scripts in user-data field of metadata will be executed on launch Install software e.g. web server, app server, proxy Pull data and application packages from S3 Publish metadata for instance to other systems e.g. monitoring systems Setup security profile of instance based upon intended use e.g. pull latest config
  • 51. 1. Use multiple availability zones
  • 52. 2. Use RDS with replicas and slaves
  • 54. 4. Use Elastic Load Balancing
  • 55. 5. Use Route53 to host DNS zones
  • 56. Architect to use cloud strengths Elastic Load Balancing Route 53 RDS Auto-scaling Use at regional level Leverage SLA Scale databases without Dynamically scale resources & Combined with autoscaling will Improve application reliability with admin overhead control costs balance requests and resource Route 53’s SLA on requests served Choose instance size for databases Only provision the resources that capacity across availability zones and scale up over time are required with scale up and cool Weighted routing down policies that match demand Within VPC Perform A/B analysis, and staged Add high availability from Use to loadbalance between application roll-outs by moving a management console application tiers within an portion of traffic to new Create master-slave configurations availability zone infrastructure and read-replicas. AWS takes care of the failover and recreation of a new Instance migrations Control TTLs and updates slave in event of master DB loss Easily move instances from dev Take absolute control of DNS environments to test environments updates for more decisive system by moving between ELBs updates
  • 58. Services not software 30% 70% Self Managed Software & Your Managing All of the Infrastructure Business “Undifferentiated Heavy Lifting” AWS More Time to Focus on Configuring Your Cloud-Based Your Business Cloud Assets Infrastructure & Services 70% 30%
  • 59. Services not software Relational Database Service Use RDS for databases Database-as-a-Service No need to install or manage database instances Scalable and fault tolerant configurations DynamoDB Use DynamoDB for Provisioned throughput NoSQL database high performance key- Fast, predictable performance value DB Fully distributed, fault tolerant architecture
  • 60. Services not software Processing results Amazon SQS Reliable message Reliable, highly scalable, queue service Amazon SQS queuing without for storing messages as they travel between instances additional software Processing task/processing trigger 1 2 Push inter-process Simple Workflow Task A workflows into the Reliably coordinate processing steps Task B 3 across applications cloud with SWF (Auto-scaling) Integrate AWS and non-AWS resources Manage distributed state in complex systems Task C
  • 61. Services not software Document Cloud Search Server Don’t install search Elastic search engine based upon software, use Amazon A9 search engine CloudSearch Fully managed service with sophisticated feature set Search Scales automatically Server Results Elastic MapReduce Elastic Hadoop cluster Process large volumes Integrates with S3 & DynamoDB of data cost effectively Leverage Hive & Pig analytics scripts with EMR Integrates with instance types such as spot
  • 62. 6 Be elastic and cost optimized
  • 63. Be elastic and cost optimized Elastic Load Balancing Auto-scaling policies Scalability Cost Optimization Availability Instance types and sizes
  • 64. Auto-scaling policies Manually By Schedule Send an API call or use CLI to Scale up/down based on date launch/terminate instances – and time Only need to specify capacity change (+/-) By Policy Auto-Rebalance Scale in response to changing Instances are automatically conditions, based on user launched/terminated to configured real-time ensure the application is monitoring and alerts balanced across multiple Azs
  • 65. Auto-scaling policies Manually By Schedule Preemptive manual scaling Send an API call or use CLI to Regular scaling up and down Scale up/down based on date of capacity launch/terminate instances – ofand time instances Only need marketing event add 10 e.g. before a to specify capacity e.g. scale from 0 to 2 to process SQS more instances messages every night or double change (+/-) capacity on a Friday night By Policy Auto-Rebalance Scale in response to changing Instances are automatically Dynamic scale based upon conditions, based on user Maintain capacity across launched/terminated to configuredmetrics custom real-time availability zones ensure the application is e.g. SQS queue depth, Average CPU e.g. Instance availability maintained in monitoring and alerts load, ELB latency balanced across multiple Azs event of AZ becoming unavailable
  • 66. Instance types On-demand instances Reserved instances Spot instances Unix/Linux instances start at 1- or 3-year terms Bid on unused EC2 capacity $0.02/hour Pay low up-front fee, receive significant hourly Spot Price based on supply/demand, Pay as you go for compute power discount determined automatically Low cost and flexibility Low Cost / Predictability Cost / Large Scale, dynamic workload handling Pay only for what you use, no up-front Helps ensure compute capacity is available commitments or long-term contracts when needed Use Cases: Use Cases: Use Cases: Applications with flexible start and end times Applications with short term, spiky, or unpredictable workloads; Applications with steady state or predictable Applications only feasible at very low compute usage prices Application development or testing Applications that require reserved capacity, including disaster recovery
  • 68. Everything is programmable Access everything Achieve the highest levels via CLI, API or Compute of automation Console Security Scaling sophistication with ease CDN Backup DNS Database Storage Load Balancing Workflow Monitoring Networking Messaging
  • 69. Elastic Beanstalk OpsWorks CloudFormation Quickly deploy and manage apps in AWS…
  • 70. Elastic Beanstalk OpsWorks CloudFormation CloudFormation components & terminology CloudFormation Template Stack JSON formatted file Framework Configured AWS services Parameter definition Stack creation Comprehensive service support Resource creation Stack updates Service event aware Configuration actions Error detection and rollback Customisable
  • 71. Elastic Beanstalk OpsWorks CloudFormation Powerful management framework with Chef support Stack Layers Apps Management Managed Collection of Your application Management environment resources assets services Definition of environment Blueprint for a Resources to deploy Scaling, cloning, user such as production or test collection of resources and run in layers access, self healing (instances, EBS, EIPs etc)
  • 73. Offering Basic 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Support for HealthChecks Enterprise
  • 74. Offering Basic 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Support for HealthChecks Enterprise
  • 75. Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Email Named Contacts 1 Enterprise Fastest Response Time 12 Hours Architecture Support Building Blocks Best Practice ✓ Diagnostics Tools ✓
  • 76. Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Documentation ✓ Business Access to support Phone, Chat, Email Enterprise Named Contacts 5 Fastest Response Time 1 Hour Architecture Support Use Case Guidance Best Practice ✓ Diagnostics Tools ✓ Direct Routing ✓ 3rd Party Software ✓ Trusted Advisor ✓
  • 77. Basic Offering 24x7x365 ✓ Developer Forum Access ✓ Business Documentation ✓ Access to support Phone, Chat, Email Enterprise Named Contacts Unlimited Fastest Response Time 15 Minutes Architecture Support Application Architecture Best Practice ✓ Diagnostics Tools ✓ Direct Routing ✓ 3rd Party Software ✓ Trusted Advisor ✓ Direct TAM Access ✓ White Glove Case Handling ✓ Management Business Review ✓
  • 79. Business and Enterprise Support has been enhanced to include best practice audits via AWS Trusted Advisor Security Fault Tolerance Cost Optimization Open ports in Security Groups EBS snapshot age Unused Elastic Ips World access (/0 CIDR) ELB Optimization Underutilized EC2 instances IAM use Availability Zones
  • 80. 3rd party software
  • 81. 3rd Party Software Support Enhancements Operating Systems 3rd Party Software Operating Systems including: Common application stack components including: Amazon Linux Apache and IIS web servers Ubuntu Amazon SDKs Red Hat Enterprise Linux Sendmail SUSE Linux Postfix FTP Microsoft Windows 2003 & 2008 R2 Disk Management tools (LVM, RAID) VPN Solutions (OpenVPN, RRAS) Databases (MySQL, SQL Server)
  • 83. Choose your use case well Organize your environments Think security Architect to cloud strengths Services not software Be elastic & cost optimized Use frameworks where appropriate Get supported