SlideShare une entreprise Scribd logo

Amazon Web Services User Group Sydney - February 2018

PolarSeven Pty Ltd
PolarSeven Pty Ltd

Hosted by PolarSeven Cloud Consulting - http://polarseven.com Our monthly AWS User Group Sydney presentation night. http://www.meetup.com/AWS-Sydney/ Introductions and What's New In AWS - by PolarSeven Bonus Session - AWS Mitch Beaumant - Amazon Fargate in 15 minutes Session 1: Security Policy Lifecycle Management "Automated security actions based on observed security events and protecting AWS deployments are some of the key challenges facing network and security teams. With the general availability of Palo Alto Networks PAN-OS 8.0 software, VM-Series virtualized next-generation firewall, network and security teams now have a simple, automated security management platform for managing and enforcing security policies within AWS deployments. This session will provide an advanced technical overview of the enhancements done over the last 12 months. The topics covered will include, • Technical overview of Panorama driven security workflows for AWS • Presentation of our github AWS templates with a focus on CFT and Terraform" Paloaltonetworks https://www.paloaltonetworks.com/ See video presentation here https://youtu.be/LLdto5LOcd8 Session 2: Automating the Service Desk using Amazon Lex and Amazon Connect Once considered a rare and difficult capability to achieve, the democratisation of artificial intelligence has made it possible for developers to easily access and leverage machine learning capabilities to automate and solve problems across multiple industries. This presentation aims to demonstrate how easy it is to take advantage of an AWS Machine Learning capability (Amazon Lex) with no deep learning experience and solve common everyday IT problems. Telstra https://www.telstra.com.au/ Watch the video presentation here https://youtu.be/8BP1OZk2wUs

Technologie
1  sur  83
Télécharger pour lire hors ligne
February 7th 2018 #68PRESENTS
Sponsors:
Tonight: ● Introductions ● AWS Services: AWS - Mitch Beaumont “Amazon Fargate” ● Session 1: Paloalto Networks - Mauricio Sabena “Automated Security Management on AWS” ● Break – Networking, Beers & Pizza ● Session 2: Kloud - Bobbie Couhbor “Automating the Service Desk using Amazon Lex and Amazon Connect” ● Close Networking & Prize Draw - Win an Amazon Dot and also a Beats Pill + Speaker.
AWS Services: Mitch Beaumont Enterprise Solutions Architect at Amazon Web Services “AWS Fargate in 15 minutes!”
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Fargate in 15 minutes! M i t c h B e a u m o n t , S o l u t i o n s A r c h i t e c t , A W S . F e b r u a r y 7 , 2 0 1 7
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. No instances to manage Task native API Resource based pricing Simple, easy to use, powerful – and new consumption model = What is AWS Fargate?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. FARGATE: UNDER THE HOOD
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. FARGATE USE CASES
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MICROSERVICES
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. BATCH JOBS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MIGRATION TO THE CLOUD
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. HOW DO I RUN CONTAINERS ON FARGATE?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINER
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task RUNNING CONTAINERS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent ECSTaskECSTask ECSTaskECSTask EC2 Instance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING FARGATE CONTAINERS WITH ECS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING FARGATE CONTAINERS WITH ECS Use ECS APIs to launch Fargate Containers Easy migration – Run Fargate and EC2 launch type tasks in the same cluster Same Task Definition schema
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 3 Fargate Task Public IP 54.191.135.69 172.31.3.0/24 ENI Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 3 Fargate Task Public IP 54.191.135.69 172.31.3.0/24 ENI Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI • AWS VPC Networking Mode – each task gets its own interface • Full control of network access via Security Groups and Network ACLs • Public IP support
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LOAD BALANCING APPLICATION LOAD BALANCER NETWORK LOAD BALANCER
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SECURITY
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CLUSTER LEVEL ISOLATION Web Web Shopping Cart Shopping Cart Notifications NotificationsWeb Shopping Cart NotificationsWeb Shopping Cart Shopping Cart Notifications NotificationsWeb Web PROD CLUSTER BETA CLUSTER DEV CLUSTER QA CLUSTER
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CLUSTER LEVEL ISOLATION PROD Cluster Infrastructure DEV Cluster Infrastructure BETA Cluster Infrastructure QA Cluster Infrastructure Web Web Shopping Cart Shopping Cart Notifications NotificationsWeb Shopping Cart NotificationsWeb Shopping Cart Shopping Cart Notifications NotificationsWeb Web PROD CLUSTER BETA CLUSTER DEV CLUSTER QA CLUSTER
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. PERMISSION TIERS Cluster Permissions Application Permissions Task Housekeeping Permissions Cluster Fargate Task Cluster Permissions: Who can run/see tasks in the cluster? Application (Task) Permissions: Which of my AWS resources can this application access? Housekeeping Permissions: What permissions do I want to grant ECS to perform? e.g. • ECR Image Pull • CloudWatch logs pushing • ENI creation • Register/Deregister targets into ELB
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONTAINER REGISTRIES
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. REGISTRY SUPPORT 3rd Party Private Repositories (coming soon!) Public Repositories supported Amazon Elastic Container Registry (ECR)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. VISIBILITY AND MONITORING Service-level metrics available CloudWatch Logs CloudWatch Events supported
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. STORAGE Container Storage Space – 10GB Ephemeral storage backed by EBS Shared volume space for containers within the task – 4GB
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONFIGURATIONS & PRICING
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. PRICING DIMENSIONS { "memory": “1 vCPU”, "cpu": “3GB”, "networkMode": ”AWSVPC", "compatibilities": [”FARGATE", ”EC2"], "placementConstraints": [], "containerDefinitions": [ { <snip>….... Task level resources • Configurable independently (within a range) Dimensions: Task level CPU and memory Per-second billing
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. TASK CPU & MEMORY CONFIGURATIONS Flexible configuration options – 50 CPU/memory configurations CPU Memory 256 (.25 vCPU) 512MB, 1GB, 2GB 512 (.5 vCPU) 1GB, 2GB, 3GB, 4GB 1024 (1 vCPU) 2GB, 3GB, 4GB, 5GB, 6GB, 7GB, 8GB 2048 (2 vCPU) Between 4GB and 16GB in 1GB increments 4096 (4 vCPU) Between 8GB and 30GB in 1GB increments
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Instance ECS Instance ECS Instance ECS InstanceECS Instance ECS Instance EC2 FARGATE Notifications Amazon ECS CLUSTER Availability Zone #1 Availability Zone #2 Availability Zone #3 Subnet 2 172.31.2.0/24 Subnet 1 172.31.1.0/24 Subnet 3 172.31.3.0/24 Web Shopping Cart
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DEMO TIME
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS SUPPORT FOR FARGATE IN 2018
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction to AWS Fargate Fargate Deep Dive
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. THANK YOU https://aws.amazon.com/fargate
Session 1: Mauricio Sabena System Engineering Manager ANZ North for Palo Alto Networks where he leads the engineering team to drive security solutions to address customers business challenges across enterprise and government. “AUTOMATED SECURITY MANAGEMENT ON AWS”
AUTOMATED SECURITY MANAGEMENT ON AWS Mauricio Sabena – Systems Engineer Manager
AgendaPAN/AWS 2 | © 2015, Palo Alto Networks. Confidential and Proprietary. - Securing AWS and public cloud workloads - Automation - Q&A
DATA AND APPLICATIONS ARE EVERYWHERE SAASPRIVATE PHYSICAL IAAS PAAS
SECURING THE CLOUD IS HARD Fragmented Security Human Error Manual Security
WHAT’S NEEDED Frictionless Deployment & Management Advanced Application & Data Breach Prevention Consistent Protections Across Locations
The Shared Security Model
WEB Object Storage Caching Database IaaS PaaS Web Server APP App Server CRITICAL CLOUD PROTECTIONS INLINE Protect and Segment Cloud Workloads API HOST Secure OS & App Within Workloads API Continuous Security & ComplianceOn-Premises Cloud Application
3. INLINE SECURITY1. ACCOUNT MGMT • Segmentation • Malware Prevention • Secure Access • VPC Edge Security • Key rotation • Inbound Accessible Services • Unencrypted storage • Nonstandard AMI’s • Password Policy 2. DATA GOVERNANCE • Exposed Data • Keys stored in the open • Admin Access API Aperture CRITICAL CLOUD PROTECTIONS
344 KB 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port Security Groups/NACLs vs Dedicated: Control & Visibility
344 KB mjacobsen user canada destination country 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port SSL protocol Security Groups/NACLs vs Dedicated: Control & Visibility
344 KB file-sharing URL category PowerPoint file type “Confidential and Proprietary” content mjacobsen user prodmgmt group canada destination country 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port SSL protocol HTTP protocol slideshare application slideshare-uploading application function Security Groups/NACLs vs Dedicated: Control & Visibility
Automation 12
PLATFORM AUTOMATION URL Filtering CLOUD- DELIVERED SECURITY SERVICES WEB Object Storage Caching Database IaaS PaaS Web Server APP App Server API 3rd party feeds Customer data Amazon GuardDuty MineMeld Threat Prevention Malware Analysis
Dynamic Address Groups – “commitless” 14
CFT Templates
Terraform • Automatic deployment and configuration with Vagrant • Overlaps • Using bootstrapping (S3 region restrictions etc.) • NEW: Terraform provider • 1 product • No bootstrapping • No restriction
Terraform AWS # Declare the data source #data "aws_availability_zones" "available" {} /* EXTERNAL NETWORG , IG, ROUTE TABLE */ resource "aws_internet_gateway" "gw" { vpc_id = "${aws_vpc.main.id}" tags { Name = "internet gw terraform generated" } } resource "aws_network_acl" "all" { vpc_id = "${aws_vpc.main.id}" egress { protocol = "-1" rule_no = 2 action = "allow" cidr_block = "0.0.0.0/0" from_port = 0 to_port = 0 } ingress { protocol = "-1" rule_no = 1 action = "allow" cidr_block = "0.0.0.0/0" } name = "FirewallBootstrapInstanceProfile2Tier" role = "${aws_iam_role.FirewallBootstrapRole2Tier.name}" path = "/" } resource "aws_subnet" "NewPublicSubnet" { vpc_id = "${aws_vpc.main.id}" cidr_block = "${var.PublicCIDR_Block}" availability_zone = "${data.aws_availability_zones.available.names[0]}" #map_public_ip_on_launch = true tags { "Application" = "${var.StackName}" "Name" = "${join("", list(var.StackName, "NewPublicSubnet"))}" } }
resource "panos_security_policies" "security_policies" { rule { name = "SSH inbound" source_zones = ["${panos_zone.zone_untrust.name}"] source_addresses = ["any"] source_users = ["any"] hip_profiles = ["any"] destination_zones = ["${panos_zone.zone_trust.name}"] destination_addresses = ["any"] applications = ["ssh", "ping"] services = ["application-default"] categories = ["any"] action = "allow" } rule { name = "SSH 221-222 inbound" source_zones = ["${panos_zone.zone_untrust.name}"] source_addresses = ["any"] source_users = ["any"] hip_profiles = ["any"] destination_zones = ["${panos_zone.zone_trust.name}"] destination_addresses = ["any"] applications = ["ssh", "ping"] services = ["${panos_service_object.so_221.name}", "${panos_service_object.so_222.name}"] categories = ["any"] action = "allow" } provider "panos" { hostname = "${var.ipaddress}" username = "paloalto" password = “booyah" } PAN Provider
Github 20
22 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Thanks! Questions?
Break & Networking: • Refresh your drink • Grab some pizza • Make new contacts
Session 2: Bobbie Couhbor Cloud Infrastructure Consultant and Technology and Solutions Advisor “Automating the Service Desk using Amazon Lex and Amazon Connect”
Automating the Service Desk with Amazon Lex and Connect
•  Artificial Intelligence & automation will result in reduction of IT services staff by 7-10% in India, US by 2022 – Economic Times •  56,000 layoffs and counting: India’s IT bloodbath this year may just be the start – Quartz India •  India faces youth unemployment spike as automation threatens traditional jobs – ABC News Headlines
Democratisation of Artificial Intelligence The democratisation of AI is the driving force behind automation across industries, making AI capabilities available to every developer, as a service via the cloud. •  Amazon Comprehend •  Amazon Lex •  Amazon Rekognition •  Amazon Polly •  Amazon Transcribe •  Amazon Translate
High Level Architecture 1.  User calls the service desk and asks for their password to be reset 2.  Amazon Lex manages conversational dialog and collects user verification information 3.  Amazon Lex passes the collected information to AWS Lambda 4.  AWS Lambda verifies the user with Active Directory 5.  Password is reset and sent to the user
{ "currentIntent": { "slots": { "DOB": "1983-04-14", "MonthStarted": "April", "UserID": "123456" }, "confirmationStatus": "Confirmed", "name": "ResetPW", "slotDetails": { "DOB": { "originalValue": "fourteenth of april nineteen eighty three", "resolutions": [] }, "MonthStarted": { "originalValue": "April", "resolutions": [ { "value": "April" } ] }, "UserID": { "originalValue": "one two three four five six", "resolutions": [] } } }, "userId": "ijy54vlrxbg2uyjatb6ey6m8jbaqz7vn", "bot": { "alias": "$LATEST", "version": "$LATEST", "name": "UserAdministration" }, "inputTranscript": "yes", "requestAttributes": None, "invocationSource": "FulfillmentCodeHook", "outputDialogMode": "Text", "messageVersion": "1.0", "sessionAttributes": { "Completed": "confirmed" } }
Lambda function 1.  Get encrypted AD service account using KMS 2.  Perform secure LDAP bind 3.  Query AD for user attributes 4.  Compares AD and slot values 5.  If successful, resets password and SMS to user otherwise exit
Amazon Connect
Final words… •  Implementation guide: https://blog.kloud.com.au/2018/01/23/replacing-the-service-desk-with-bots- using-amazon-lex-and-amazon-connect-part-4/ •  Reach out to me! LinkedIn: www.linkedin.com/in/bobbiecouhbor Email: Bobbie.Couhbor@kloud.com.au •  Questions?
Prize Draw: Amazon Dot Beats Pill + Speaker Sponsored by Sponsored by
Thanks For Coming: Join Us Next Month – March 7th 2018 >> Register @ http://www.meetup.com/AWS-Sydney/ << In the Meantime Keep In Touch http://bit.ly/polarseven-webinars

Recommandé

K8s on AWS - Introducing Amazon EKS
K8s on AWS - Introducing Amazon EKSK8s on AWS - Introducing Amazon EKS
K8s on AWS - Introducing Amazon EKSAmazon Web Services
 
Introduction to Amazon EKS - KubeCon 2018
Introduction to Amazon EKS - KubeCon 2018Introduction to Amazon EKS - KubeCon 2018
Introduction to Amazon EKS - KubeCon 2018Arun Gupta
 
K8s on AWS: Introducing Amazon EKS
K8s on AWS: Introducing Amazon EKSK8s on AWS: Introducing Amazon EKS
K8s on AWS: Introducing Amazon EKSAmazon Web Services
 
Containers - Amazon EKS
Containers - Amazon EKSContainers - Amazon EKS
Containers - Amazon EKSAmazon Web Services
 
Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKSMatthew Barlocker
 
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSKubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSAmazon Web Services
 
Mastering Kubernetes on AWS - Tel Aviv Summit
Mastering Kubernetes on AWS - Tel Aviv SummitMastering Kubernetes on AWS - Tel Aviv Summit
Mastering Kubernetes on AWS - Tel Aviv SummitArun Gupta
 
使用 Amazon EKS 打造高效的服務架構設計
使用 Amazon EKS 打造高效的服務架構設計使用 Amazon EKS 打造高效的服務架構設計
使用 Amazon EKS 打造高效的服務架構設計Amazon Web Services
 

Recommandé

K8s on AWS - Introducing Amazon EKS
K8s on AWS - Introducing Amazon EKSK8s on AWS - Introducing Amazon EKS
K8s on AWS - Introducing Amazon EKSAmazon Web Services
 
Introduction to Amazon EKS - KubeCon 2018
Introduction to Amazon EKS - KubeCon 2018Introduction to Amazon EKS - KubeCon 2018
Introduction to Amazon EKS - KubeCon 2018Arun Gupta
 
K8s on AWS: Introducing Amazon EKS
K8s on AWS: Introducing Amazon EKSK8s on AWS: Introducing Amazon EKS
K8s on AWS: Introducing Amazon EKSAmazon Web Services
 
Containers - Amazon EKS
Containers - Amazon EKSContainers - Amazon EKS
Containers - Amazon EKSAmazon Web Services
 
Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKSMatthew Barlocker
 
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSKubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSAmazon Web Services
 
Mastering Kubernetes on AWS - Tel Aviv Summit
Mastering Kubernetes on AWS - Tel Aviv SummitMastering Kubernetes on AWS - Tel Aviv Summit
Mastering Kubernetes on AWS - Tel Aviv SummitArun Gupta
 
使用 Amazon EKS 打造高效的服務架構設計
使用 Amazon EKS 打造高效的服務架構設計使用 Amazon EKS 打造高效的服務架構設計
使用 Amazon EKS 打造高效的服務架構設計Amazon Web Services
 
Introducing Amazon EKS
Introducing Amazon EKSIntroducing Amazon EKS
Introducing Amazon EKSAmazon Web Services
 
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech TalksContainers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech TalksAmazon Web Services
 
Running Kubernetes on AWS.pdf
Running Kubernetes on AWS.pdfRunning Kubernetes on AWS.pdf
Running Kubernetes on AWS.pdfAmazon Web Services
 
Introduction to Amazon EKS
Introduction to Amazon EKSIntroduction to Amazon EKS
Introduction to Amazon EKSAmazon Web Services
 
CON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lolCON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lolAmazon Web Services
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSAmazon Web Services
 
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Amazon Web Services
 
Amazon EKS: Getting Started
Amazon EKS: Getting StartedAmazon EKS: Getting Started
Amazon EKS: Getting StartedTanya Seno
 
CON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSCON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSAmazon Web Services
 
Aws container services overview
Aws container services overviewAws container services overview
Aws container services overviewPatricio Vazquez
 
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017Amazon Web Services
 
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Amazon Web Services
 
Kubernetes on AWS
Kubernetes on AWSKubernetes on AWS
Kubernetes on AWSAmazon Web Services
 
Amazon EKS Deep Dive
Amazon EKS Deep DiveAmazon EKS Deep Dive
Amazon EKS Deep DiveAndrzej Komarnicki
 
Introducing AWS Fargate
Introducing AWS FargateIntroducing AWS Fargate
Introducing AWS FargateAmazon Web Services
 
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS SummitRun Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS SummitAmazon Web Services
 
Serverless DevOps to the Rescue
Serverless DevOps to the RescueServerless DevOps to the Rescue
Serverless DevOps to the RescueAmazon Web Services
 
Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Vladimir Simek
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019AWS Summits
 
Build a Serverless Web Application in One Day
Build a Serverless Web Application in One DayBuild a Serverless Web Application in One Day
Build a Serverless Web Application in One DayAmazon Web Services
 
Introducing Amazon Fargate
Introducing Amazon FargateIntroducing Amazon Fargate
Introducing Amazon FargateAmazon Web Services
 
Running Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day IsraelRunning Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day IsraelAmazon Web Services
 

Contenu connexe

Tendances

Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech TalksContainers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech TalksAmazon Web Services
 
CON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lolCON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lolAmazon Web Services
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSAmazon Web Services
 
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Amazon Web Services
 
Amazon EKS: Getting Started
Amazon EKS: Getting StartedAmazon EKS: Getting Started
Amazon EKS: Getting StartedTanya Seno
 
CON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSCON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSAmazon Web Services
 
Aws container services overview
Aws container services overviewAws container services overview
Aws container services overviewPatricio Vazquez
 
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017Amazon Web Services
 
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Amazon Web Services
 
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS SummitRun Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS SummitAmazon Web Services
 
Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Vladimir Simek
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019AWS Summits
 
Build a Serverless Web Application in One Day
Build a Serverless Web Application in One DayBuild a Serverless Web Application in One Day
Build a Serverless Web Application in One DayAmazon Web Services
 

Tendances (20)

Introducing Amazon EKS
Introducing Amazon EKSIntroducing Amazon EKS
Introducing Amazon EKS
 
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech TalksContainers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
Containers on AWS: What You Missed at re:Invent 2017 - AWS Online Tech Talks
 
Running Kubernetes on AWS.pdf
Running Kubernetes on AWS.pdfRunning Kubernetes on AWS.pdf
Running Kubernetes on AWS.pdf
 
Introduction to Amazon EKS
Introduction to Amazon EKSIntroduction to Amazon EKS
Introduction to Amazon EKS
 
CON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lolCON317_Advanced container management at catsndogs.lol
CON317_Advanced container management at catsndogs.lol
 
Getting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWSGetting Started with Kubernetes on AWS
Getting Started with Kubernetes on AWS
 
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
Interstella 8888: CICD for Containers on AWS - CON319 - re:Invent 2017
 
Amazon EKS: Getting Started
Amazon EKS: Getting StartedAmazon EKS: Getting Started
Amazon EKS: Getting Started
 
CON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWSCON319_Interstella GTC CICD for Containers on AWS
CON319_Interstella GTC CICD for Containers on AWS
 
Aws container services overview
Aws container services overviewAws container services overview
Aws container services overview
 
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
Accelerate Digital Experience with Serverless Computing - DEM86 - re:Invent 2017
 
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...
 
Kubernetes on AWS
Kubernetes on AWSKubernetes on AWS
Kubernetes on AWS
 
Amazon EKS Deep Dive
Amazon EKS Deep DiveAmazon EKS Deep Dive
Amazon EKS Deep Dive
 
Introducing AWS Fargate
Introducing AWS FargateIntroducing AWS Fargate
Introducing AWS Fargate
 
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS SummitRun Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit
 
Serverless DevOps to the Rescue
Serverless DevOps to the RescueServerless DevOps to the Rescue
Serverless DevOps to the Rescue
 
Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)
 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
 
Build a Serverless Web Application in One Day
Build a Serverless Web Application in One DayBuild a Serverless Web Application in One Day
Build a Serverless Web Application in One Day
 

Similaire à Amazon Web Services User Group Sydney - February 2018

Running Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day IsraelRunning Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day IsraelAmazon Web Services
 
Introduction to AWS Fargate & Amazon Elastic Container Service for Kubernetes
Introduction to AWS Fargate & Amazon Elastic Container Service for KubernetesIntroduction to AWS Fargate & Amazon Elastic Container Service for Kubernetes
Introduction to AWS Fargate & Amazon Elastic Container Service for KubernetesAmazon Web Services
 
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017Amazon Web Services
 
Getting Started with Containers on AWS
Getting Started with Containers on AWSGetting Started with Containers on AWS
Getting Started with Containers on AWSAmazon Web Services
 
CON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersCON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersAmazon Web Services
 
Driving Innovation with Containers - CON203 - re:Invent 2017
Driving Innovation with Containers - CON203 - re:Invent 2017Driving Innovation with Containers - CON203 - re:Invent 2017
Driving Innovation with Containers - CON203 - re:Invent 2017Amazon Web Services
 
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017Amazon Web Services
 
AWS User Group 5/12 meetup - ECS
AWS User Group 5/12 meetup - ECSAWS User Group 5/12 meetup - ECS
AWS User Group 5/12 meetup - ECSShimon Tolts
 
CON309_Containerized Machine Learning on AWS
CON309_Containerized Machine Learning on AWSCON309_Containerized Machine Learning on AWS
CON309_Containerized Machine Learning on AWSAmazon Web Services
 
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017Amazon Web Services
 
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...Amazon Web Services Japan
 
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...Amazon Web Services
 
DVC303-Technological Accelerants for Organizational Transformation
DVC303-Technological Accelerants for Organizational TransformationDVC303-Technological Accelerants for Organizational Transformation
DVC303-Technological Accelerants for Organizational TransformationAmazon Web Services
 
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...Amazon Web Services
 
Orchestrating containers on AWS | AWS Floor28
Orchestrating containers on AWS | AWS Floor28Orchestrating containers on AWS | AWS Floor28
Orchestrating containers on AWS | AWS Floor28Amazon Web Services
 

Similaire à Amazon Web Services User Group Sydney - February 2018 (20)

Introducing Amazon Fargate
Introducing Amazon FargateIntroducing Amazon Fargate
Introducing Amazon Fargate
 
Running Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day IsraelRunning Container on AWS - Builders Day Israel
Running Container on AWS - Builders Day Israel
 
Introduction to AWS Fargate & Amazon Elastic Container Service for Kubernetes
Introduction to AWS Fargate & Amazon Elastic Container Service for KubernetesIntroduction to AWS Fargate & Amazon Elastic Container Service for Kubernetes
Introduction to AWS Fargate & Amazon Elastic Container Service for Kubernetes
 
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017
NEW LAUNCH! Introducing AWS Fargate - CON214 - re:Invent 2017
 
Getting Started with Containers on AWS
Getting Started with Containers on AWSGetting Started with Containers on AWS
Getting Started with Containers on AWS
 
AWS 容器服務入門實務
AWS 容器服務入門實務AWS 容器服務入門實務
AWS 容器服務入門實務
 
CON203_Driving Innovation with Containers
CON203_Driving Innovation with ContainersCON203_Driving Innovation with Containers
CON203_Driving Innovation with Containers
 
Driving Innovation with Containers - CON203 - re:Invent 2017
Driving Innovation with Containers - CON203 - re:Invent 2017Driving Innovation with Containers - CON203 - re:Invent 2017
Driving Innovation with Containers - CON203 - re:Invent 2017
 
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017
Moving to Amazon ECS – the Not-So-Obvious Benefits - CON356 - re:Invent 2017
 
AWS User Group 5/12 meetup - ECS
AWS User Group 5/12 meetup - ECSAWS User Group 5/12 meetup - ECS
AWS User Group 5/12 meetup - ECS
 
Building with Containers on AWS
Building with Containers on AWSBuilding with Containers on AWS
Building with Containers on AWS
 
CON309_Containerized Machine Learning on AWS
CON309_Containerized Machine Learning on AWSCON309_Containerized Machine Learning on AWS
CON309_Containerized Machine Learning on AWS
 
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017
Interstella 8888: Advanced Microservice Operations - CON407 - re:Invent 2017
 
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
 
Containers - State of the Union
Containers - State of the UnionContainers - State of the Union
Containers - State of the Union
 
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...
Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...
 
DVC303-Technological Accelerants for Organizational Transformation
DVC303-Technological Accelerants for Organizational TransformationDVC303-Technological Accelerants for Organizational Transformation
DVC303-Technological Accelerants for Organizational Transformation
 
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...
Getting Started with Containers in the Cloud: AWS Developer Workshop at Web S...
 
Orchestrating containers on AWS | AWS Floor28
Orchestrating containers on AWS | AWS Floor28Orchestrating containers on AWS | AWS Floor28
Orchestrating containers on AWS | AWS Floor28
 
Using Containers on AWS
Using Containers on AWSUsing Containers on AWS
Using Containers on AWS
 

Plus de PolarSeven Pty Ltd

AWS Forcecast: DeepAR Predictor Time-series
AWS Forcecast: DeepAR Predictor Time-series AWS Forcecast: DeepAR Predictor Time-series
AWS Forcecast: DeepAR Predictor Time-series PolarSeven Pty Ltd
 
Aws user group #04 landing zones
Aws user group #04 landing zonesAws user group #04 landing zones
Aws user group #04 landing zonesPolarSeven Pty Ltd
 
Aws user group #03 - All things Iot
Aws user group #03 - All things IotAws user group #03 - All things Iot
Aws user group #03 - All things IotPolarSeven Pty Ltd
 
Aws user group #01 lets talk serverless
Aws user group #01 lets talk serverlessAws user group #01 lets talk serverless
Aws user group #01 lets talk serverlessPolarSeven Pty Ltd
 
Amazon Web Services User Group Sydney - March 2018
Amazon Web Services User Group Sydney - March 2018Amazon Web Services User Group Sydney - March 2018
Amazon Web Services User Group Sydney - March 2018PolarSeven Pty Ltd
 
Deep Dive on Cloud Policies and Automation
Deep Dive on Cloud Policies and AutomationDeep Dive on Cloud Policies and Automation
Deep Dive on Cloud Policies and AutomationPolarSeven Pty Ltd
 
Securing Traffic Leaving A VPC
Securing Traffic Leaving A VPCSecuring Traffic Leaving A VPC
Securing Traffic Leaving A VPCPolarSeven Pty Ltd
 
Telstra Programmable Networks & Scaling a Serverless Team with Automation
Telstra Programmable Networks & Scaling a Serverless Team with Automation Telstra Programmable Networks & Scaling a Serverless Team with Automation
Telstra Programmable Networks & Scaling a Serverless Team with AutomationPolarSeven Pty Ltd
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60PolarSeven Pty Ltd
 
Visibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesVisibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesPolarSeven Pty Ltd
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomatePolarSeven Pty Ltd
 
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...PolarSeven Pty Ltd
 
AWS User Group Sydney - Atlassian 5-10-16
AWS User Group Sydney - Atlassian 5-10-16AWS User Group Sydney - Atlassian 5-10-16
AWS User Group Sydney - Atlassian 5-10-16PolarSeven Pty Ltd
 

Plus de PolarSeven Pty Ltd (20)

AWS Forcecast: DeepAR Predictor Time-series
AWS Forcecast: DeepAR Predictor Time-series AWS Forcecast: DeepAR Predictor Time-series
AWS Forcecast: DeepAR Predictor Time-series
 
Aws user group #04 landing zones
Aws user group #04 landing zonesAws user group #04 landing zones
Aws user group #04 landing zones
 
Aws user group #03 - All things Iot
Aws user group #03 - All things IotAws user group #03 - All things Iot
Aws user group #03 - All things Iot
 
Aws user group #01 lets talk serverless
Aws user group #01 lets talk serverlessAws user group #01 lets talk serverless
Aws user group #01 lets talk serverless
 
AWS Reinvent Recap 2018
AWS Reinvent Recap 2018 AWS Reinvent Recap 2018
AWS Reinvent Recap 2018
 
AWS User Group October
AWS User Group OctoberAWS User Group October
AWS User Group October
 
AWS User Group August
AWS User Group AugustAWS User Group August
AWS User Group August
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
 
AWS User Group September
AWS User Group September AWS User Group September
AWS User Group September
 
Amazon Web Services User Group Sydney - March 2018
Amazon Web Services User Group Sydney - March 2018Amazon Web Services User Group Sydney - March 2018
Amazon Web Services User Group Sydney - March 2018
 
Deep Dive on Cloud Policies and Automation
Deep Dive on Cloud Policies and AutomationDeep Dive on Cloud Policies and Automation
Deep Dive on Cloud Policies and Automation
 
Securing Traffic Leaving A VPC
Securing Traffic Leaving A VPCSecuring Traffic Leaving A VPC
Securing Traffic Leaving A VPC
 
Telstra Programmable Networks & Scaling a Serverless Team with Automation
Telstra Programmable Networks & Scaling a Serverless Team with Automation Telstra Programmable Networks & Scaling a Serverless Team with Automation
Telstra Programmable Networks & Scaling a Serverless Team with Automation
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 
Visibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud ServicesVisibility, Optimization & Governance for Cloud Services
Visibility, Optimization & Governance for Cloud Services
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef Automate
 
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...
 
AWS User Group December 2016
AWS User Group December 2016AWS User Group December 2016
AWS User Group December 2016
 
AWS User Group Sydney - Atlassian 5-10-16
AWS User Group Sydney - Atlassian 5-10-16AWS User Group Sydney - Atlassian 5-10-16
AWS User Group Sydney - Atlassian 5-10-16
 

Dernier

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Dernier (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Amazon Web Services User Group Sydney - February 2018

  • 3. Tonight: ● Introductions ● AWS Services: AWS - Mitch Beaumont “Amazon Fargate” ● Session 1: Paloalto Networks - Mauricio Sabena “Automated Security Management on AWS” ● Break – Networking, Beers & Pizza ● Session 2: Kloud - Bobbie Couhbor “Automating the Service Desk using Amazon Lex and Amazon Connect” ● Close Networking & Prize Draw - Win an Amazon Dot and also a Beats Pill + Speaker.
  • 4. AWS Services: Mitch Beaumont Enterprise Solutions Architect at Amazon Web Services “AWS Fargate in 15 minutes!”
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Fargate in 15 minutes! M i t c h B e a u m o n t , S o l u t i o n s A r c h i t e c t , A W S . F e b r u a r y 7 , 2 0 1 7
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. No instances to manage Task native API Resource based pricing Simple, easy to use, powerful – and new consumption model = What is AWS Fargate?
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. FARGATE: UNDER THE HOOD
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. FARGATE USE CASES
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MICROSERVICES
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. BATCH JOBS
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MIGRATION TO THE CLOUD
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. HOW DO I RUN CONTAINERS ON FARGATE?
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINER
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task EC2 Instance TaskTask Task Task RUNNING CONTAINERS
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine RUNNING CONTAINERS AT SCALE WITH ECS Availability Zone #1 Availability Zone #2 Availability Zone #3
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent ECSTaskECSTask ECSTaskECSTask EC2 Instance
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance ECS AMI Docker agent ECS agent EC2 Instance
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scheduling and Orchestration Cluster Manager Placement Engine
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING FARGATE CONTAINERS WITH ECS
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. RUNNING FARGATE CONTAINERS WITH ECS Use ECS APIs to launch Fargate Containers Easy migration – Run Fargate and EC2 launch type tasks in the same cluster Same Task Definition schema
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI
  • 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI
  • 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 3 Fargate Task Public IP 54.191.135.69 172.31.3.0/24 ENI Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI
  • 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. NETWORKING WITH FARGATE IN ECS Internet Gateway 172.31.0.0/16 Subnet 3 Fargate Task Public IP 54.191.135.69 172.31.3.0/24 ENI Subnet 1 Fargate Task Public IP 54.191.135.66 172.31.1.0/24 ENI Subnet 2 Fargate Task 172.31.2.0/24 ENI • AWS VPC Networking Mode – each task gets its own interface • Full control of network access via Security Groups and Network ACLs • Public IP support
  • 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LOAD BALANCING APPLICATION LOAD BALANCER NETWORK LOAD BALANCER
  • 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SECURITY
  • 32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CLUSTER LEVEL ISOLATION Web Web Shopping Cart Shopping Cart Notifications NotificationsWeb Shopping Cart NotificationsWeb Shopping Cart Shopping Cart Notifications NotificationsWeb Web PROD CLUSTER BETA CLUSTER DEV CLUSTER QA CLUSTER
  • 33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CLUSTER LEVEL ISOLATION PROD Cluster Infrastructure DEV Cluster Infrastructure BETA Cluster Infrastructure QA Cluster Infrastructure Web Web Shopping Cart Shopping Cart Notifications NotificationsWeb Shopping Cart NotificationsWeb Shopping Cart Shopping Cart Notifications NotificationsWeb Web PROD CLUSTER BETA CLUSTER DEV CLUSTER QA CLUSTER
  • 34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. PERMISSION TIERS Cluster Permissions Application Permissions Task Housekeeping Permissions Cluster Fargate Task Cluster Permissions: Who can run/see tasks in the cluster? Application (Task) Permissions: Which of my AWS resources can this application access? Housekeeping Permissions: What permissions do I want to grant ECS to perform? e.g. • ECR Image Pull • CloudWatch logs pushing • ENI creation • Register/Deregister targets into ELB
  • 35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONTAINER REGISTRIES
  • 36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. REGISTRY SUPPORT 3rd Party Private Repositories (coming soon!) Public Repositories supported Amazon Elastic Container Registry (ECR)
  • 37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. VISIBILITY AND MONITORING Service-level metrics available CloudWatch Logs CloudWatch Events supported
  • 38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. STORAGE Container Storage Space – 10GB Ephemeral storage backed by EBS Shared volume space for containers within the task – 4GB
  • 39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONFIGURATIONS & PRICING
  • 40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. PRICING DIMENSIONS { "memory": “1 vCPU”, "cpu": “3GB”, "networkMode": ”AWSVPC", "compatibilities": [”FARGATE", ”EC2"], "placementConstraints": [], "containerDefinitions": [ { <snip>….... Task level resources • Configurable independently (within a range) Dimensions: Task level CPU and memory Per-second billing
  • 41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. TASK CPU & MEMORY CONFIGURATIONS Flexible configuration options – 50 CPU/memory configurations CPU Memory 256 (.25 vCPU) 512MB, 1GB, 2GB 512 (.5 vCPU) 1GB, 2GB, 3GB, 4GB 1024 (1 vCPU) 2GB, 3GB, 4GB, 5GB, 6GB, 7GB, 8GB 2048 (2 vCPU) Between 4GB and 16GB in 1GB increments 4096 (4 vCPU) Between 8GB and 30GB in 1GB increments
  • 42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ECS Instance ECS Instance ECS Instance ECS InstanceECS Instance ECS Instance EC2 FARGATE Notifications Amazon ECS CLUSTER Availability Zone #1 Availability Zone #2 Availability Zone #3 Subnet 2 172.31.2.0/24 Subnet 1 172.31.1.0/24 Subnet 3 172.31.3.0/24 Web Shopping Cart
  • 43. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DEMO TIME
  • 44. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS SUPPORT FOR FARGATE IN 2018
  • 45. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction to AWS Fargate Fargate Deep Dive
  • 46. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. THANK YOU https://aws.amazon.com/fargate
  • 47. Session 1: Mauricio Sabena System Engineering Manager ANZ North for Palo Alto Networks where he leads the engineering team to drive security solutions to address customers business challenges across enterprise and government. “AUTOMATED SECURITY MANAGEMENT ON AWS”
  • 49. AgendaPAN/AWS 2 | © 2015, Palo Alto Networks. Confidential and Proprietary. - Securing AWS and public cloud workloads - Automation - Q&A
  • 50. DATA AND APPLICATIONS ARE EVERYWHERE SAASPRIVATE PHYSICAL IAAS PAAS
  • 51. SECURING THE CLOUD IS HARD Fragmented Security Human Error Manual Security
  • 52. WHAT’S NEEDED Frictionless Deployment & Management Advanced Application & Data Breach Prevention Consistent Protections Across Locations
  • 54. WEB Object Storage Caching Database IaaS PaaS Web Server APP App Server CRITICAL CLOUD PROTECTIONS INLINE Protect and Segment Cloud Workloads API HOST Secure OS & App Within Workloads API Continuous Security & ComplianceOn-Premises Cloud Application
  • 55. 3. INLINE SECURITY1. ACCOUNT MGMT • Segmentation • Malware Prevention • Secure Access • VPC Edge Security • Key rotation • Inbound Accessible Services • Unencrypted storage • Nonstandard AMI’s • Password Policy 2. DATA GOVERNANCE • Exposed Data • Keys stored in the open • Admin Access API Aperture CRITICAL CLOUD PROTECTIONS
  • 56. 344 KB 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port Security Groups/NACLs vs Dedicated: Control & Visibility
  • 57. 344 KB mjacobsen user canada destination country 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port SSL protocol Security Groups/NACLs vs Dedicated: Control & Visibility
  • 58. 344 KB file-sharing URL category PowerPoint file type “Confidential and Proprietary” content mjacobsen user prodmgmt group canada destination country 172.16.1.10 source IP 64.81.2.23 destination IP TCP/443 destination port SSL protocol HTTP protocol slideshare application slideshare-uploading application function Security Groups/NACLs vs Dedicated: Control & Visibility
  • 60. PLATFORM AUTOMATION URL Filtering CLOUD- DELIVERED SECURITY SERVICES WEB Object Storage Caching Database IaaS PaaS Web Server APP App Server API 3rd party feeds Customer data Amazon GuardDuty MineMeld Threat Prevention Malware Analysis
  • 61. Dynamic Address Groups – “commitless” 14
  • 63.
  • 64. Terraform • Automatic deployment and configuration with Vagrant • Overlaps • Using bootstrapping (S3 region restrictions etc.) • NEW: Terraform provider • 1 product • No bootstrapping • No restriction
  • 65. Terraform AWS # Declare the data source #data "aws_availability_zones" "available" {} /* EXTERNAL NETWORG , IG, ROUTE TABLE */ resource "aws_internet_gateway" "gw" { vpc_id = "${aws_vpc.main.id}" tags { Name = "internet gw terraform generated" } } resource "aws_network_acl" "all" { vpc_id = "${aws_vpc.main.id}" egress { protocol = "-1" rule_no = 2 action = "allow" cidr_block = "0.0.0.0/0" from_port = 0 to_port = 0 } ingress { protocol = "-1" rule_no = 1 action = "allow" cidr_block = "0.0.0.0/0" } name = "FirewallBootstrapInstanceProfile2Tier" role = "${aws_iam_role.FirewallBootstrapRole2Tier.name}" path = "/" } resource "aws_subnet" "NewPublicSubnet" { vpc_id = "${aws_vpc.main.id}" cidr_block = "${var.PublicCIDR_Block}" availability_zone = "${data.aws_availability_zones.available.names[0]}" #map_public_ip_on_launch = true tags { "Application" = "${var.StackName}" "Name" = "${join("", list(var.StackName, "NewPublicSubnet"))}" } }
  • 66. resource "panos_security_policies" "security_policies" { rule { name = "SSH inbound" source_zones = ["${panos_zone.zone_untrust.name}"] source_addresses = ["any"] source_users = ["any"] hip_profiles = ["any"] destination_zones = ["${panos_zone.zone_trust.name}"] destination_addresses = ["any"] applications = ["ssh", "ping"] services = ["application-default"] categories = ["any"] action = "allow" } rule { name = "SSH 221-222 inbound" source_zones = ["${panos_zone.zone_untrust.name}"] source_addresses = ["any"] source_users = ["any"] hip_profiles = ["any"] destination_zones = ["${panos_zone.zone_trust.name}"] destination_addresses = ["any"] applications = ["ssh", "ping"] services = ["${panos_service_object.so_221.name}", "${panos_service_object.so_222.name}"] categories = ["any"] action = "allow" } provider "panos" { hostname = "${var.ipaddress}" username = "paloalto" password = “booyah" } PAN Provider
  • 68.
  • 69. 22 | © 2015, Palo Alto Networks. Confidential and Proprietary.
  • 71. Break & Networking: • Refresh your drink • Grab some pizza • Make new contacts
  • 72. Session 2: Bobbie Couhbor Cloud Infrastructure Consultant and Technology and Solutions Advisor “Automating the Service Desk using Amazon Lex and Amazon Connect”
  • 73. Automating the Service Desk with Amazon Lex and Connect
  • 74. •  Artificial Intelligence & automation will result in reduction of IT services staff by 7-10% in India, US by 2022 – Economic Times •  56,000 layoffs and counting: India’s IT bloodbath this year may just be the start – Quartz India •  India faces youth unemployment spike as automation threatens traditional jobs – ABC News Headlines
  • 75. Democratisation of Artificial Intelligence The democratisation of AI is the driving force behind automation across industries, making AI capabilities available to every developer, as a service via the cloud. •  Amazon Comprehend •  Amazon Lex •  Amazon Rekognition •  Amazon Polly •  Amazon Transcribe •  Amazon Translate
  • 76. High Level Architecture 1.  User calls the service desk and asks for their password to be reset 2.  Amazon Lex manages conversational dialog and collects user verification information 3.  Amazon Lex passes the collected information to AWS Lambda 4.  AWS Lambda verifies the user with Active Directory 5.  Password is reset and sent to the user
  • 77.
  • 79. Lambda function 1.  Get encrypted AD service account using KMS 2.  Perform secure LDAP bind 3.  Query AD for user attributes 4.  Compares AD and slot values 5.  If successful, resets password and SMS to user otherwise exit
  • 81. Final words… •  Implementation guide: https://blog.kloud.com.au/2018/01/23/replacing-the-service-desk-with-bots- using-amazon-lex-and-amazon-connect-part-4/ •  Reach out to me! LinkedIn: www.linkedin.com/in/bobbiecouhbor Email: Bobbie.Couhbor@kloud.com.au •  Questions?
  • 82. Prize Draw: Amazon Dot Beats Pill + Speaker Sponsored by Sponsored by
  • 83. Thanks For Coming: Join Us Next Month – March 7th 2018 >> Register @ http://www.meetup.com/AWS-Sydney/ << In the Meantime Keep In Touch http://bit.ly/polarseven-webinars