SlideShare une entreprise Scribd logo

Being Well Architected in the Cloud

Adrian Hornsby
Adrian Hornsby

My slides from the re:Invent Recap Conferences. The AWS Well-Architected Framework enables customers to understand best practices around security, reliability, performance, and cost optimisation when building systems on AWS. This approach helps customers make informed decisions and weigh the pros and cons of application design patterns for the cloud. In this session, you'll learn how to follow AWS guidelines and best practices. By developing a strategy based on Amazon Web Services's Well-Architected Framework, you will be able to significantly increase the frequency of code deployments and reduce deployment times. As a result, you will be able to deliver more scalable, dynamic and resilient applications.

Technologie
1  sur  47
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Adrian Hornsby, Technical Evangelist, AWS Being Well-Architected in the cloud @adhorn adhorn@amazon.com
AWS well-architected framework Security Reliability Performance efficiency Cost optimization Set of questions you can use to evaluate how well an architecture is aligned to AWS best practices Operational excellence
… but why?
Customer Challenges Faster response to change in market Delivery time Change Management Reduce human errors Faster recovery High availability AutomationScaling to demand
AWS Design Principles Stop guessing capacity needs Test systems at scale Data-driven architectures Automate to enable experimentation Allow for evolution Security by design
15 Regions 40 Availability Zones 68 Edge Locations AWS Regions and AZs
16 Regions 42 Availability Zones 68 Edge Locations AWS Regions and AZs 2
Building Blocks EC2 instance Server Subnet Availability Zone A Availability Zone B Region Amazon S3 Amazon CloudWatch Availability Zone C
Security pillar Security at all layers Enable traceability Implement a principle of least privilege Focus on securing system Automate security best practices Protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies
Shared Responsibility AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, and Firewall Configuration Customer applications & content Customers
Credentials • Enforce MFA for everyone from day 1. • Use AWS IAM Users and Roles from day 1. • Enforce strong passwords. • Protect and rotate credentials. • No access keys in code.
EC2 Role 1: Create EC2 role Create role in IAM service with limited policy 2: Launch EC2 instance Launch instance with role 3: App retrieves credentials Using AWS SDK application retrieves temporary credentials 4: App accesses AWS resource(s) Using AWS SDK application uses credentials to access resource(s) Instance
Network and Boundary • Security groups are built-in stateful firewalls • Divide layers of the stack into subnets • Use a bastion host for access • Implement host based controls
Layers with Security Groups Availability Zone A User WEB Server RDS DB Instance Web Subnet A DB Subnet A WEB Security Group DB Security Group
Bastion Host & Security Groups Availability Zone A Developer WEB Server RDS DB Instance Public Subnet A Private Subnet A WEB Security Group DB Security Group Bastion Host Bastion Security Group Port 22 IP restriction > start_bastion > ssh -A > stop_bastion
Monitoring and Auditing • Capture & audit AWS CloudTrail, Amazon VPC and Amazon CloudWatch logs. • Collect all logs centrally. • Setup alerts. Amazon Virtual Private Cloud AWS Identity & Access Manager AWS Key Management Service AWS CloudTrail AWS Config
Monitoring and Auditing • Amazon VPC Flow Logs – Developers Best Friend
Audit logs for all operations Store/Archive Troubleshoot Monitor & Alarm
Verify everything, always, with AWS Config
Reliability pillar Test recovery procedures Automatically recover from failure Scale horizontally to increase availability Stop guessing capacity Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues
Utilization vs Provisioned capacity 76% 24% November
High Availability • No Single Point of Failure • Multiple Availability Zones • Load Balancing • Auto Scaling and Healing
Multi-AZ Architecture Web Instance RDS DB Instance Active (Multi-AZ) Availability Zone Availability Zone Web Instance RDS DB Instance Standby (Multi-AZ) Elastic Load Balancing Amazon Route 53 User
Multi-AZ, Load Balanced, Auto Scaled Availability Zone A Amazon Route 53User Availability Zone B Elastic Load Balancing WEB Server WEB Server WEB Server WEB Server WEB Server WEB Server RDS DB Instance Standby RDS DB Instance Active Auto Scaling Group Web Subnet A Web Subnet B DB Subnet A DB Subnet B Amazon S3 Amazon CloudWatch
Backup and DR • Define Objectives • Backup Strategy • Periodic Recovery Testing • Automated Recovery • Periodic Reviews
Automated backups using AWS Lambda AWS Lambda Amazon Redshift ClusterRules: every 15min Amazon Cloudwatch Snapshot
Performance efficiency pillar Democratize advanced technologies Go global in minutes Use server-less architectures Experiment more often Efficiently use of computing resources to meet requirements, and maintaining that efficiency as demand changes and technologies evolve
Right Sizing • Reference Architecture • Quick Start Reference Deployments • Benchmarking • Load Testing • Cost / Budget • Monitoring and Notification
Proximity and Caching • Content Delivery Network (CDN) • Database Caching • Reduce Latency • Pro-active Monitoring and Notification Amazon CloudFront Amazon ElastiCache RDS DB instance read replica
Scaling all the layers Availability Zone Amazon Route 53 User Amazon S3 Amazon Cloudfront Availability Zone Elastic Load Balancing RDS DB Instance Read Replica Web Instance Web Instance Web Instance ElastiCache RDS DB Instance Read Replica Web Instance Web Instance Web Instance ElastiCacheRDS DB Instance Standby (Multi-AZ) RDS DB Instance Master (Multi-AZ) Auto Scaling Group Auto Scaling Group
More decoupling RDS DB Instance Active (Multi-AZ) Availability Zone Elastic Load Balancer RDS DB Instance Read Replica RDS DB Instance Read Replica Web Instance Web Instance Web Instance Web Instance Amazon Route 53 User Amazon S3 Amazon Cloudfront Amazon DynamoDB Amazon SQS ElastiCache Worker Instance Worker Instance Amazon CloudWatch Internal App Instance Internal App Instance Amazon SES
Continuous scaling No servers to manage Never pay for idle – no cold servers AWS Lambda Functions are the unit of deployment and scaling.
Key scenarios Data Triggers Customize behavior on data updates in S3, SNS and DDB Control systems Customize responses and response workflows to state changes within AWS Serverless backends Execute server side backend logic in a cross platform fashion Big data Realtime processing of streaming data updates using Kinesis
Cost optimization pillar Analyze and attribute expenditure Managed services to reduce TCO Adopt a consumption model Benefits from economies of scale Stop spending money on data center operations Assess your ability to avoid or eliminate unneeded costs or suboptimal resources, and use those savings on differentiated benefits for your business
Pricing Model • On Demand • Reserved • Spot • Dedicated
Capacity Matching • Demand based • Queue based • Schedule based • Appropriately provisioned • Pro-active monitoring and action
Auto Start/Shutdown of Instances AWS Lambda Amazon Cloudwatch Rules: every day at 21h30 Rules: every day at 6h15 Sleep trigger Wakeup trigger AWS Resources (EC2 instances)
Managed Services • Let AWS do the heavy lifting. • Databases, caches and big data solutions. • Application Level Services. Amazon RDS Amazon DynamoDB Amazon Redshift Amazon ElastiCache AWS Elastic Beanstalk Amazon Elasticsearch Service
Manage Expenditure • Tag Resources • Track Project Lifecycle • Profile Applications vs Cost • Monitor Usage & Spend
Auto Tagging resources as they start Amazon Cloudwatch AWS LambdaEvents: RunInstances EC2 Instances Tag: Owner = userName PrincipalId = aws:userid
Operational excellence pillar Perform operations with code Align operations processes to business objectives Make regular, small, incremental changes Test for responses to unexpected events Learn from operational events and failures Keep operations procedures current Operational practices and procedures used to manage production workloads
Infrastructure-as-code workflow code version control code review integrate “It’s all software” • Create templates of your infrastructure. • Version control/replicate/update templates like code. • Integrates with development, CI/CD, management tools AWS CloudFormation
Some tips … from my own experience • Architecture as code – code everything. • Automate everything: “Invest time to save time” • Don’t reinvent the wheel; managed services are your best friends. • Embrace security early on. • Test your DR strategy regularly. • Serverless architectures free you from managing infrastructure. • Did I mention automation?
And don’t forget …
Trusted Advisor
Resources https://aws.amazon.com/well-architected/
Thank you! @adhorn adhorn@amazon.com

Recommandé

8 ways to leverage AWS Lambda in your Big Data workloads
8 ways to leverage AWS Lambda in your Big Data workloads8 ways to leverage AWS Lambda in your Big Data workloads
8 ways to leverage AWS Lambda in your Big Data workloads
Adrian Hornsby
 
Getting started with Serverless on AWS
Getting started with Serverless on AWSGetting started with Serverless on AWS
Getting started with Serverless on AWS
Adrian Hornsby
 
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Amazon Web Services
 
Getting Started With Amazon Quick Sight
Getting Started With Amazon Quick SightGetting Started With Amazon Quick Sight
Getting Started With Amazon Quick Sight
Amazon Web Services
 
Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101
Amazon Web Services
 
AWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:CapAWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:Cap
Ian Massingham
 
Build a Serverless Web Application in One Day
Build a Serverless Web Application in One DayBuild a Serverless Web Application in One Day
Build a Serverless Web Application in One Day
Amazon Web Services
 
(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises
Amazon Web Services
 

Recommandé

8 ways to leverage AWS Lambda in your Big Data workloads
8 ways to leverage AWS Lambda in your Big Data workloads8 ways to leverage AWS Lambda in your Big Data workloads
8 ways to leverage AWS Lambda in your Big Data workloads
Adrian Hornsby
 
Getting started with Serverless on AWS
Getting started with Serverless on AWSGetting started with Serverless on AWS
Getting started with Serverless on AWS
Adrian Hornsby
 
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Semplificare l'analisi dei dati con architetture "Serverless": architetture e...
Amazon Web Services
 
Getting Started With Amazon Quick Sight
Getting Started With Amazon Quick SightGetting Started With Amazon Quick Sight
Getting Started With Amazon Quick Sight
Amazon Web Services
 
Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101
Amazon Web Services
 
AWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:CapAWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:Cap
Ian Massingham
 
Build a Serverless Web Application in One Day
Build a Serverless Web Application in One DayBuild a Serverless Web Application in One Day
Build a Serverless Web Application in One Day
Amazon Web Services
 
(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises
Amazon Web Services
 
Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
Amazon Web Services
 
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
AWS Riyadh User Group
 
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
Amazon Web Services Korea
 
Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm
Amazon Web Services
 
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
Amazon Web Services
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
Amazon Web Services
 
Modernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john malloryModernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john mallory
Amazon Web Services
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
Amazon Web Services
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS Resources
Amazon Web Services
 
re:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloudre:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloud
Amazon Web Services
 
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Amazon Web Services
 
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
Amazon Web Services
 
Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies
Amazon Web Services
 
Deep Dive on AWS Cloud Data Migration Services
Deep Dive on AWS Cloud Data Migration ServicesDeep Dive on AWS Cloud Data Migration Services
Deep Dive on AWS Cloud Data Migration Services
Amazon Web Services
 
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
Amazon Web Services
 
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibiliCasi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
Amazon Web Services
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017
Amazon Web Services
 
Closing Keynote - AWS Summit Stockholm
Closing Keynote - AWS Summit StockholmClosing Keynote - AWS Summit Stockholm
Closing Keynote - AWS Summit Stockholm
Amazon Web Services
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWS
Amazon Web Services
 
Derive Insight from IoT data in minute with AWS
Derive Insight from IoT data in minute with AWSDerive Insight from IoT data in minute with AWS
Derive Insight from IoT data in minute with AWS
Adrian Hornsby
 
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
Amazon Web Services
 

Contenu connexe

Tendances

AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
Amazon Web Services
 
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
Amazon Web Services Korea
 
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
Amazon Web Services
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
Amazon Web Services
 
Modernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john malloryModernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john mallory
Amazon Web Services
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
Amazon Web Services
 
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Amazon Web Services
 
Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies
Amazon Web Services
 

Tendances (20)

Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
Best Practices Using Big Data on AWS | AWS Public Sector Summit 2017
 
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
AWS re:Invent 2016: Unlocking the Four Seasons of Migrations and Operations: ...
 
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
Cutting to the chase for Machine Learning Analytics Ecosystem & AWS Lake Form...
 
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
찾아가는 AWS 세미나(구로,가산,판교) - AWS 기반 빅데이터 활용 방법 (김일호 솔루션즈 아키텍트)
 
Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm
 
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
AWS re:Invent 2016: High Performance Cinematic Production in the Cloud (MAE304)
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
 
Modernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john malloryModernizing upstream workflows with aws storage - john mallory
Modernizing upstream workflows with aws storage - john mallory
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS Resources
 
re:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloudre:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloud
 
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
 
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
AWS re:Invent 2016: Driving Innovation with Big Data and IoT (GPSST304)
 
Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies Replicate and Manage Data Using Managed Databases and Serverless Technologies
Replicate and Manage Data Using Managed Databases and Serverless Technologies
 
Deep Dive on AWS Cloud Data Migration Services
Deep Dive on AWS Cloud Data Migration ServicesDeep Dive on AWS Cloud Data Migration Services
Deep Dive on AWS Cloud Data Migration Services
 
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
Monitoring, Hold the Infrastructure - Getting the Most out of AWS Lambda - AW...
 
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibiliCasi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
Casi reali di Mass Migration nel Cloud: benefici tangibili ed intangibili
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017
 
Closing Keynote - AWS Summit Stockholm
Closing Keynote - AWS Summit StockholmClosing Keynote - AWS Summit Stockholm
Closing Keynote - AWS Summit Stockholm
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWS
 

En vedette

AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
Amazon Web Services
 
Bringing Wireless Sensing to its full potential
Bringing Wireless Sensing to its full potentialBringing Wireless Sensing to its full potential
Bringing Wireless Sensing to its full potential
Adrian Hornsby
 
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
Amazon Web Services
 
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
Amazon Web Services
 

En vedette (20)

Derive Insight from IoT data in minute with AWS
Derive Insight from IoT data in minute with AWSDerive Insight from IoT data in minute with AWS
Derive Insight from IoT data in minute with AWS
 
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
AWS re:Invent 2016: Achieving Agility by Following Well-Architected Framework...
 
Travel hackathon
Travel hackathonTravel hackathon
Travel hackathon
 
A Brief Look at Serverless Architecture
A Brief Look at Serverless ArchitectureA Brief Look at Serverless Architecture
A Brief Look at Serverless Architecture
 
Space Invading: an approach to sensing
Space Invading: an approach to sensingSpace Invading: an approach to sensing
Space Invading: an approach to sensing
 
Bringing Wireless Sensing to its full potential
Bringing Wireless Sensing to its full potentialBringing Wireless Sensing to its full potential
Bringing Wireless Sensing to its full potential
 
CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015
 
AWS Developer Fundamentals
AWS Developer FundamentalsAWS Developer Fundamentals
AWS Developer Fundamentals
 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals
 
How to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutesHow to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutes
 
Tireóide
TireóideTireóide
Tireóide
 
AWS re:Invent 2016: Best practices for running enterprise workloads on AWS (E...
AWS re:Invent 2016: Best practices for running enterprise workloads on AWS (E...AWS re:Invent 2016: Best practices for running enterprise workloads on AWS (E...
AWS re:Invent 2016: Best practices for running enterprise workloads on AWS (E...
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial Services
 
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
AWS re:Invent 2016: Workshop: AWS Professional Services Effective Architectin...
 
AWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:CapAWS re:Invent 2016 Day 1 Keynote re:Cap
AWS re:Invent 2016 Day 1 Keynote re:Cap
 
AWS re:Invent 2016 Day 2 Keynote re:Cap
AWS re:Invent 2016 Day 2 Keynote re:CapAWS re:Invent 2016 Day 2 Keynote re:Cap
AWS re:Invent 2016 Day 2 Keynote re:Cap
 
Enterprise summit – architecting microservices on aws final v2
Enterprise summit – architecting microservices on aws final v2Enterprise summit – architecting microservices on aws final v2
Enterprise summit – architecting microservices on aws final v2
 
AWS re:Invent 2016: Scaling Up to Your First 10 Million Users (ARC201)
AWS re:Invent 2016: Scaling Up to Your First 10 Million Users (ARC201)AWS re:Invent 2016: Scaling Up to Your First 10 Million Users (ARC201)
AWS re:Invent 2016: Scaling Up to Your First 10 Million Users (ARC201)
 
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
 
Architecting for AWS
Architecting for AWSArchitecting for AWS
Architecting for AWS
 

Similaire à Being Well Architected in the Cloud

AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
Amazon Web Services Korea
 
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance SeminarHybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
Amazon Web Services Korea
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Amazon Web Services
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWS
Amazon Web Services
 
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
Amazon Web Services
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
Amazon Web Services
 

Similaire à Being Well Architected in the Cloud (20)

Being Well Architected in the Cloud (Updated)
Being Well Architected in the Cloud (Updated)Being Well Architected in the Cloud (Updated)
Being Well Architected in the Cloud (Updated)
 
Being Well-Architected in the Cloud
Being Well-Architected in the CloudBeing Well-Architected in the Cloud
Being Well-Architected in the Cloud
 
AWS Startup Day Bangalore: Being Well-Architected in the Cloud
AWS Startup Day Bangalore: Being Well-Architected in the CloudAWS Startup Day Bangalore: Being Well-Architected in the Cloud
AWS Startup Day Bangalore: Being Well-Architected in the Cloud
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
 
AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
AWS를 활용한 금융권 hybrid cloud 구축하기 :: Felix Candelario :: AWS ...
 
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance SeminarHybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
Hybrid cloud for financial sector :: Felix Candelario :: AWS Finance Seminar
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud Infrastructure
 
Following Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdfFollowing Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdf
 
AWS Summit Auckland - Introducing Well-Architected for Developers
AWS Summit Auckland - Introducing Well-Architected for DevelopersAWS Summit Auckland - Introducing Well-Architected for Developers
AWS Summit Auckland - Introducing Well-Architected for Developers
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWS
 
Cloud First: New Architecture for New Infrastructure
Cloud First: New Architecture for New InfrastructureCloud First: New Architecture for New Infrastructure
Cloud First: New Architecture for New Infrastructure
 
Construindo Aplicacoes Web e Mobile Escalaveis na AWS
Construindo Aplicacoes Web e Mobile Escalaveis na AWSConstruindo Aplicacoes Web e Mobile Escalaveis na AWS
Construindo Aplicacoes Web e Mobile Escalaveis na AWS
 
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
 
Building scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video WorkflowsBuilding scalable OTT workflows on AWS - Serverless Video Workflows
Building scalable OTT workflows on AWS - Serverless Video Workflows
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
 
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
Edge Services as a Critical AWS Infrastructure Component - August 2017 AWS On...
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
 

Plus de Adrian Hornsby

Moving Forward with AI - as presented at the Prosessipäivät 2018
Moving Forward with AI - as presented at the Prosessipäivät 2018Moving Forward with AI - as presented at the Prosessipäivät 2018
Moving Forward with AI - as presented at the Prosessipäivät 2018
Adrian Hornsby
 
Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.
Adrian Hornsby
 
Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.
Adrian Hornsby
 
Moving Forward with AI
Moving Forward with AIMoving Forward with AI
Moving Forward with AI
Adrian Hornsby
 

Plus de Adrian Hornsby (20)

How can your business benefit from going serverless?
How can your business benefit from going serverless?How can your business benefit from going serverless?
How can your business benefit from going serverless?
 
Can Automotive be as agile as Unicorns?
Can Automotive be as agile as Unicorns?Can Automotive be as agile as Unicorns?
Can Automotive be as agile as Unicorns?
 
Moving Forward with AI - as presented at the Prosessipäivät 2018
Moving Forward with AI - as presented at the Prosessipäivät 2018Moving Forward with AI - as presented at the Prosessipäivät 2018
Moving Forward with AI - as presented at the Prosessipäivät 2018
 
Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.
 
Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.Chaos Engineering: Why Breaking Things Should Be Practised.
Chaos Engineering: Why Breaking Things Should Be Practised.
 
Model Serving for Deep Learning
Model Serving for Deep LearningModel Serving for Deep Learning
Model Serving for Deep Learning
 
AI in Finance: Moving forward!
AI in Finance: Moving forward!AI in Finance: Moving forward!
AI in Finance: Moving forward!
 
Building a Multi-Region, Active-Active Serverless Backends.
Building a Multi-Region, Active-Active Serverless Backends.Building a Multi-Region, Active-Active Serverless Backends.
Building a Multi-Region, Active-Active Serverless Backends.
 
Moving Forward with AI
Moving Forward with AIMoving Forward with AI
Moving Forward with AI
 
AI: State of the Union
AI: State of the UnionAI: State of the Union
AI: State of the Union
 
Serverless Architectural Patterns
Serverless Architectural PatternsServerless Architectural Patterns
Serverless Architectural Patterns
 
re:Invent re:Cap - An overview of Artificial Intelligence and Machine Learnin...
re:Invent re:Cap - An overview of Artificial Intelligence and Machine Learnin...re:Invent re:Cap - An overview of Artificial Intelligence and Machine Learnin...
re:Invent re:Cap - An overview of Artificial Intelligence and Machine Learnin...
 
re:Invent re:Cap - Big Data & IoT at Any Scale
re:Invent re:Cap - Big Data & IoT at Any Scalere:Invent re:Cap - Big Data & IoT at Any Scale
re:Invent re:Cap - Big Data & IoT at Any Scale
 
Innovations and the Cloud
Innovations and the CloudInnovations and the Cloud
Innovations and the Cloud
 
Serverless in Action on AWS
Serverless in Action on AWSServerless in Action on AWS
Serverless in Action on AWS
 
Innovations and The Cloud
Innovations and The CloudInnovations and The Cloud
Innovations and The Cloud
 
Devoxx: Building AI-powered applications on AWS
Devoxx: Building AI-powered applications on AWSDevoxx: Building AI-powered applications on AWS
Devoxx: Building AI-powered applications on AWS
 
10 Lessons from 10 Years of AWS
10 Lessons from 10 Years of AWS10 Lessons from 10 Years of AWS
10 Lessons from 10 Years of AWS
 
Developing Sophisticated Serverless Applications with AI
Developing Sophisticated Serverless Applications with AIDeveloping Sophisticated Serverless Applications with AI
Developing Sophisticated Serverless Applications with AI
 
Journey Towards Scaling Your API to 10 Million Users
Journey Towards Scaling Your API to 10 Million UsersJourney Towards Scaling Your API to 10 Million Users
Journey Towards Scaling Your API to 10 Million Users
 

Dernier

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Dernier (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Being Well Architected in the Cloud

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Adrian Hornsby, Technical Evangelist, AWS Being Well-Architected in the cloud @adhorn adhorn@amazon.com
  • 2. AWS well-architected framework Security Reliability Performance efficiency Cost optimization Set of questions you can use to evaluate how well an architecture is aligned to AWS best practices Operational excellence
  • 4. Customer Challenges Faster response to change in market Delivery time Change Management Reduce human errors Faster recovery High availability AutomationScaling to demand
  • 5. AWS Design Principles Stop guessing capacity needs Test systems at scale Data-driven architectures Automate to enable experimentation Allow for evolution Security by design
  • 6. 15 Regions 40 Availability Zones 68 Edge Locations AWS Regions and AZs
  • 7. 16 Regions 42 Availability Zones 68 Edge Locations AWS Regions and AZs 2
  • 8. Building Blocks EC2 instance Server Subnet Availability Zone A Availability Zone B Region Amazon S3 Amazon CloudWatch Availability Zone C
  • 9. Security pillar Security at all layers Enable traceability Implement a principle of least privilege Focus on securing system Automate security best practices Protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies
  • 10. Shared Responsibility AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, and Firewall Configuration Customer applications & content Customers
  • 11. Credentials • Enforce MFA for everyone from day 1. • Use AWS IAM Users and Roles from day 1. • Enforce strong passwords. • Protect and rotate credentials. • No access keys in code.
  • 12. EC2 Role 1: Create EC2 role Create role in IAM service with limited policy 2: Launch EC2 instance Launch instance with role 3: App retrieves credentials Using AWS SDK application retrieves temporary credentials 4: App accesses AWS resource(s) Using AWS SDK application uses credentials to access resource(s) Instance
  • 13. Network and Boundary • Security groups are built-in stateful firewalls • Divide layers of the stack into subnets • Use a bastion host for access • Implement host based controls
  • 14. Layers with Security Groups Availability Zone A User WEB Server RDS DB Instance Web Subnet A DB Subnet A WEB Security Group DB Security Group
  • 15. Bastion Host & Security Groups Availability Zone A Developer WEB Server RDS DB Instance Public Subnet A Private Subnet A WEB Security Group DB Security Group Bastion Host Bastion Security Group Port 22 IP restriction > start_bastion > ssh -A > stop_bastion
  • 16. Monitoring and Auditing • Capture & audit AWS CloudTrail, Amazon VPC and Amazon CloudWatch logs. • Collect all logs centrally. • Setup alerts. Amazon Virtual Private Cloud AWS Identity & Access Manager AWS Key Management Service AWS CloudTrail AWS Config
  • 17. Monitoring and Auditing • Amazon VPC Flow Logs – Developers Best Friend
  • 18. Audit logs for all operations Store/Archive Troubleshoot Monitor & Alarm
  • 19. Verify everything, always, with AWS Config
  • 20. Reliability pillar Test recovery procedures Automatically recover from failure Scale horizontally to increase availability Stop guessing capacity Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues
  • 22. High Availability • No Single Point of Failure • Multiple Availability Zones • Load Balancing • Auto Scaling and Healing
  • 23. Multi-AZ Architecture Web Instance RDS DB Instance Active (Multi-AZ) Availability Zone Availability Zone Web Instance RDS DB Instance Standby (Multi-AZ) Elastic Load Balancing Amazon Route 53 User
  • 24. Multi-AZ, Load Balanced, Auto Scaled Availability Zone A Amazon Route 53User Availability Zone B Elastic Load Balancing WEB Server WEB Server WEB Server WEB Server WEB Server WEB Server RDS DB Instance Standby RDS DB Instance Active Auto Scaling Group Web Subnet A Web Subnet B DB Subnet A DB Subnet B Amazon S3 Amazon CloudWatch
  • 25. Backup and DR • Define Objectives • Backup Strategy • Periodic Recovery Testing • Automated Recovery • Periodic Reviews
  • 26. Automated backups using AWS Lambda AWS Lambda Amazon Redshift ClusterRules: every 15min Amazon Cloudwatch Snapshot
  • 27. Performance efficiency pillar Democratize advanced technologies Go global in minutes Use server-less architectures Experiment more often Efficiently use of computing resources to meet requirements, and maintaining that efficiency as demand changes and technologies evolve
  • 28. Right Sizing • Reference Architecture • Quick Start Reference Deployments • Benchmarking • Load Testing • Cost / Budget • Monitoring and Notification
  • 29. Proximity and Caching • Content Delivery Network (CDN) • Database Caching • Reduce Latency • Pro-active Monitoring and Notification Amazon CloudFront Amazon ElastiCache RDS DB instance read replica
  • 30. Scaling all the layers Availability Zone Amazon Route 53 User Amazon S3 Amazon Cloudfront Availability Zone Elastic Load Balancing RDS DB Instance Read Replica Web Instance Web Instance Web Instance ElastiCache RDS DB Instance Read Replica Web Instance Web Instance Web Instance ElastiCacheRDS DB Instance Standby (Multi-AZ) RDS DB Instance Master (Multi-AZ) Auto Scaling Group Auto Scaling Group
  • 31. More decoupling RDS DB Instance Active (Multi-AZ) Availability Zone Elastic Load Balancer RDS DB Instance Read Replica RDS DB Instance Read Replica Web Instance Web Instance Web Instance Web Instance Amazon Route 53 User Amazon S3 Amazon Cloudfront Amazon DynamoDB Amazon SQS ElastiCache Worker Instance Worker Instance Amazon CloudWatch Internal App Instance Internal App Instance Amazon SES
  • 32. Continuous scaling No servers to manage Never pay for idle – no cold servers AWS Lambda Functions are the unit of deployment and scaling.
  • 33. Key scenarios Data Triggers Customize behavior on data updates in S3, SNS and DDB Control systems Customize responses and response workflows to state changes within AWS Serverless backends Execute server side backend logic in a cross platform fashion Big data Realtime processing of streaming data updates using Kinesis
  • 34. Cost optimization pillar Analyze and attribute expenditure Managed services to reduce TCO Adopt a consumption model Benefits from economies of scale Stop spending money on data center operations Assess your ability to avoid or eliminate unneeded costs or suboptimal resources, and use those savings on differentiated benefits for your business
  • 35. Pricing Model • On Demand • Reserved • Spot • Dedicated
  • 36. Capacity Matching • Demand based • Queue based • Schedule based • Appropriately provisioned • Pro-active monitoring and action
  • 37. Auto Start/Shutdown of Instances AWS Lambda Amazon Cloudwatch Rules: every day at 21h30 Rules: every day at 6h15 Sleep trigger Wakeup trigger AWS Resources (EC2 instances)
  • 38. Managed Services • Let AWS do the heavy lifting. • Databases, caches and big data solutions. • Application Level Services. Amazon RDS Amazon DynamoDB Amazon Redshift Amazon ElastiCache AWS Elastic Beanstalk Amazon Elasticsearch Service
  • 39. Manage Expenditure • Tag Resources • Track Project Lifecycle • Profile Applications vs Cost • Monitor Usage & Spend
  • 40. Auto Tagging resources as they start Amazon Cloudwatch AWS LambdaEvents: RunInstances EC2 Instances Tag: Owner = userName PrincipalId = aws:userid
  • 41. Operational excellence pillar Perform operations with code Align operations processes to business objectives Make regular, small, incremental changes Test for responses to unexpected events Learn from operational events and failures Keep operations procedures current Operational practices and procedures used to manage production workloads
  • 42. Infrastructure-as-code workflow code version control code review integrate “It’s all software” • Create templates of your infrastructure. • Version control/replicate/update templates like code. • Integrates with development, CI/CD, management tools AWS CloudFormation
  • 43. Some tips … from my own experience • Architecture as code – code everything. • Automate everything: “Invest time to save time” • Don’t reinvent the wheel; managed services are your best friends. • Embrace security early on. • Test your DR strategy regularly. • Serverless architectures free you from managing infrastructure. • Did I mention automation?