AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.

1,801 views

Published on

Description: This session will feature best practices in the real world for deploying AWS cloud services. You will hear about cloud use cases, governance, security, cloud architecture, optimizing costs, and leveraging appropriate support offerings. The session will provide insight into experience from hundreds of government customers’ AWS adoption and highlight lessons learned along the way.

Published in: Technology, Business
0 Comments
15 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,801
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
184
Comments
0
Likes
15
Embeds 0
No embeds

No notes for slide
  • Development and Test
    Enterprise Applications
    Big Data and High Performance Computing (HPC)
    Storage, Backup, and Archival
    Disaster Recovery
    Web, Mobile, and Social Apps
    Virtual Desktops
    Data Center Migrations
  • Development and Test
    Enterprise Applications
    Big Data and High Performance Computing (HPC)
    Storage, Backup, and Archival
    Disaster Recovery
    Web, Mobile, and Social Apps
    Virtual Desktops
    Data Center Migrations
  • Make a forward reference to the discussion of RIs and how they benefit the entire organization
  • Provide a forward reference to Mark’s Security Track
  • There’s a shared responsibility to accomplish security and compliance objectives in AWS cloud. There are some elements that AWS takes responsibility for, and others that the customer must address. The outcome of the collaborative approach is positive results seen by customers around the world.
  • AWS has completed the Cloud Security Alliance (CSA) Consensus Assessments Initiative Questionnaire.
  • Mention AWS Cost Explorer
  • o   Add and Professional Services to Title and get 1-2 slides from Josh
    o   Grab the latest slides from Joe Spiezio
    o   Add Trusted Advisor
    o   Mention free offer of Business Support for 30 days  
    o   Mention Well-Architected Program for larger customers
  • AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.

    1. 1. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 tbixler@amazon.com AWS Best Practices Tim Bixler
    2. 2. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Choose your use case well 1
    3. 3. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Dev & Test Spin environments up and down on demand Decouple development and test environments from operations constraints Explore elasticity in a sandboxed environment Backup & DR Take part of your data or business applications step- by-step into non-production DR use Understand cloud dynamics and test during controlled failovers Greenfield Project Embody best practice of cloud computing in unconstrained greenfield projects Self contained web projects, document archiving etc Low hanging fruit can be easiest to pick Pain point Move specific service aspects causing undue cost or management burden Workflows, search indexing, media streaming, document archiving, constrained databases Choose appropriate use cases
    4. 4. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Enterprise Apps Launch enterprise software solutions from Microsoft, Oracle, SAP and others on demand Customize environments to meet your specific security and operational requirements Deploy repeatable and consistent deployments in minutes Big Data & HPC Solve challenge of increasing volume, variety, and velocity of digital information Deploy large scale compute clusters in minutes Accelerate innovation, enable deep analytics, and scale without limits Virtual Desktops Workspaces fully managed desktop accessed from choice of device – laptop computer (Mac OS or Windows), iPad, Kindle Fire, or Android tablet. No-upfront investment, secure data storage, corp. directory integration and PCoIP technology from Teradici Low hanging fruit can be easiest to pick Web, Mobile & Social Apps Deliver on scalable web and application servers, storage, databases, content delivery, cache, search, and other application services that make it easier to build and run apps that deliver a great customer experience. Choose appropriate use cases Common Government and Education workloads
    5. 5. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 PoC Production Automation Understand services Test performance Architect for scale Build cross functional team capabilities Implement monitoring Change control and management Security management Scalability Automate corrective measures Auto-scaling Zero downtime deployments System backup and recovery Examples Plan evolution & set goals
    6. 6. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 PoC Production Automation Understand services Test performance Architect for scale Build cross functional team capabilities Implement monitoring Change control and management Security management Scalability Automate corrective measures Auto-scaling Zero downtime deployments System backup and recovery Examples Plan evolution & set goals Amazon Beanstalk AWS Test Drive AWS Free Usage Tier Amazon Beanstalk Amazon OpsWorks Amazon Cloud Formation Amazon Cloud Watch Amazon IAM APIs CLI Amazon Auto Scaling
    7. 7. AWS app store for business/IT software • Broad selection • Instant fulfillment, support of 1-Click and CloudFormation • Integrated AWS procurement and payments • Seamless license management and ‘compliance by default’ Software for Testing, PoC and Production • IT and business titles for Enterprise production workloads • Free, limited, and enterprise versions of titles – customer can perform a low cost pilot, then migrate seamlessly to production • Customers of all sizes – F500 and SMB • No overprovisioning, use only what you need Easy Deployments via AWS Marketplace http://aws.amazon.com/partners/aws-marketplace/
    8. 8. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Architecture Center Reference Architectures  Web Application Hosting  Content and Media Serving  Batch Processing  Fault tolerance and High Availability  Large Scale Processing and Huge Data sets  Ad Serving  Disaster Recovery for Local Applications  File Synchronization  Media Sharing  Online Games  Log Analysis  Financial Services Grid Computing  E-Commerce Websites  Time Series Processing http://aws.amazon.com/architecture
    9. 9. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Govern deployments 2
    10. 10. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Create an account structure that makes sense Use accounts like environments where you need separation and control e.g. Dev Sandboxes Test Environments Business Units Products & Services Govern deployments Accounts
    11. 11. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Create an account structure that makes sense Use accounts like environments where you need separation and control e.g. Dev Sandboxes Test Environments Business Units Products & Services Control access to billing information Use Amazon IAM users to keep billing information in the master account Consolidate billing into a single account Let one account pick up the bill for multiple ‘sub accounts’ Setup billing alerts and automated bill reporting Get Amazon CloudWatch notifications when billing reaches a point and output csv reports to Amazon S3 for analysis Accounts Billing Govern deployments
    12. 12. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Enable CSV & Programmatic Access Billing Preferences Billing settings
    13. 13. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Dev 1 Dev 2 Test Master Account Consolidated Billing Data labeled by source in Amazon S3 Production Internal Systems Billing Alerts Bill reached $x Cost accounting in favorite package Billing settings
    14. 14. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Dev 1 Dev 2 Test Master Account Production Internal Systems Dev 1 reached $100 Dev 2 reached $250 Test reached $1,000 Prod reached $1,200 Internal reached $400 Billing settings
    15. 15. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Create an account structure that makes sense Use accounts like environments where you need separation and control e.g. Dev Sandboxes Test Environments Business Units Products & Services Decide upon a key management strategy Control access to Amazon EC2 instances via SSH and embedded public key: e.g. Amazon EC2 Key Pair per group of instances, Amazon EC2 Key Pair per account Consider SSH key rotation & automation Limit exposure to private key compromise by rotating keys and replacing authorized_keys listings on running instances Consider bootstrap automation to grant developer access with developer unique keypairs Accounts Billing Access Keys Govern deployments Control access to billing information Use Amazon IAM users to keep billing information in the master account Consolidate billing into a single account Let one account pick up the bill for multiple ‘sub accounts’ Setup billing alerts and automated bill reporting Get Amazon CloudWatch notifications when billing reaches a point and output csv reports to Amazon S3 for analysis
    16. 16. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Create an account structure that makes sense Use accounts like environments where you need separation and control e.g. Dev Sandboxes Test Environments Business Units Products & Services Accounts Billing Access Keys Use Amazon IAM Groups to manage console users and API access Provide developers with Amazon IAM user login and unique API access credentials Control & restrict what Amazon IAM users can do by placing them in groups with policies Assign Amazon EC2 Instances Amazon IAM Roles Let AWS manage API access credentials on running instances by assigning a system entitlement to an instance e.g. instance can only read Amazon S3 bucket Groups & Roles Govern deployments Control access to billing information Use Amazon IAM users to keep billing information in the master account Consolidate billing into a single account Let one account pick up the bill for multiple ‘sub accounts’ Setup billing alerts and automated bill reporting Get Amazon CloudWatch notifications when billing reaches a point and output csv reports to Amazon S3 for analysis Decide upon a key management strategy Control access to Amazon EC2 instances via SSH and embedded public key: e.g. Amazon EC2 Key Pair per group of instances, Amazon EC2 Key Pair per account Consider SSH key rotation & automation Limit exposure to private key compromise by rotating keys and replacing authorized_keys listings on running instances Consider bootstrap automation to grant developer access with developer unique keypairs
    17. 17. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Account Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console Identity & access management
    18. 18. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Account Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console Multi-factor authentication Groups Identity & access management
    19. 19. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS system entitlements RolesAccount Administrators Developers Applications Bob Kevin Tomcat Jim Brad Mark Susan Reporting Console Multi-factor authentication Groups Identity & access management
    20. 20. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 IAM policies { "Statement": [ { "Allow", "Action": [ "elasticbeanstalk:*", "ec2:*", "elasticloadbalancing:*", "autoscaling:*", "cloudwatch:*", "s3:*", "sns:*" ], "Resource": "*" } ] } Policy driven Declarative definition of rights for groups Policies control access to AWS APIs
    21. 21. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 3 Ensure security
    22. 22. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities Network configuration Security groups OS firewalls Operating systems Applications Proper service configuration AuthN & acct management Authorization policies + = Customer/Partner • Re-focus your security professionals on a subset of the problem • Take advantage of high levels of uniformity and automation Security is a Shared Responsibility
    23. 23. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 • Apply Your Information Management Program - that integrates Information Assurance • Standardize Machine Images – create gold copy images for production deployment/to launch new instances • Build and test in a sandbox environment – work out the bugs, figure out how to break it, architect to be resilient • Do the same stuff you do in-house – quarterly patch management, IDS/IPS, logging, tripwire, etc. • Conduct a Risk Assessment - to determine level of security controls you require • Role Based Access Controls – restrict access to system components based upon need to know • Use Encryption – for data in transit, for data at rest, filesystem • Key Management – rotate keys used to access your resources (AWS does not hold these…you do) • Setup Monitoring/Alerting – collect metrics and enable alerting for when events occur • Vulnerability Scans – allowed via a permission process (else we will kill/block the source of scans) • Prepare for Failure – create backups, store data in more than one location, test backups, have a contingency system ready Examples of Customer Responsibilities
    24. 24. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Engage with security assessors early in adoption cycle Leverage shared security model • Don’t fear assessment – AWS meets high standards (FedRAMP, DoD CSM, PCI, ISO27001, SOC1…) • As with any infrastructure provider, security assessments take time • Derive value from architecture reviews early in deployment cycle
    25. 25. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS Leverage shared security model http://aws.amazon.com/security/ Risk and compliance paper AWS security processes paper CSA consensus assessments initiative questionnaire
    26. 26. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Engage with security assessors early in adoption cycle Use comprehensive materials and certifications provided by AWS Build upon features of AWS and implement a ‘security by design’ environment Leverage shared security model
    27. 27. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Build upon AWS features Amazon IAM Control users and allow AWS to manage credentials in running instances for service access (allocation, rotation) APIs vs. Instance Provide developer API credentials and control access to SSH keys Temporary Credentials Provide developer API credentials and control access to SSH keys Instance firewalls Firewall control on instances via Security Groups CLIs and APIs Instantly audit your entire AWS infrastructure from scriptable APIs – generate an on-demand IT inventory enabled by programmatic nature of AWS Subnet control Create low level networking constraints for resource access, such as public and private subnets, internet gateways and NATs Bastion hosts Only allow access for management of production resources from a bastion host. Turn off when not needed Tiered Access Security Groups Amazon VPC
    28. 28. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Build upon AWS features Store your cryptographic keys Use your most sensitive and regulated data on Amazon EC2 without giving applications direct access to your data's encryption keys. Migrate cryptographic applications Use AWS CloudHSM in conjunction with your compatible on-premise HSMs to replicate keys among on- premise HSMs and CloudHSMs. Amazon CloudHSM Private connections to Amazon VPC Secured access to resources in AWS over software or hardware VPN and dedicated network links Amazon Direct Connect & VPN
    29. 29. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths 4
    30. 30. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths e.g. Application performance improvement by migration of static content to Amazon S3/CloudFront Review application architectures early – assess fit for cloud Can cloud benefits be leveraged with minimum effort outlay? e.g. variable capacity requirements, ‘standard’ technology stacks, reference architectures* *http://aws.amazon.com/architecture ? ? ? ? e.g. Faster development cycles for dev/test, reduced cap-ex for application environments Will cloud yield cost savings & agility improvements? e.g. fully scripted deployments, Amazon IAM & EC2 instance roles, rolling deployments Can automation lead to a more agile & secure service?
    31. 31. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths Design systems that can suffer instance loss Dispose of compute when it is not required Disposable compute ✓ ✓ ✓ ✓
    32. 32. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths Disposable compute Flexible capacity Design for systems that potentially scale from zero instances to hundreds Use Auto-scaling (events, schedules etc) to drive capacity availability ✓ ✓ ✓ ✓ ✓ ✓
    33. 33. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths Utilize 99.999999999% durability of objects in S3 Scale databases with RDS and use DynamoDB for high throughput NoSQL Disposable compute Flexible capacity Cost effective & reliable storage ✓ ✓ ✓ ✓ ✓ ✓
    34. 34. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Architect to use cloud strengths Disposable compute Flexible capacity Cost effective storage Automation and control Automate everything from scaling to instance recovery from failure ✓ ✓✓
    35. 35. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 1 Create instance of your OS choice 2 Configure environment 3 Install software 4 Create Amazon Machine Image (AMI) from instance 5 Launch fully configured instances from AMI Bootstrapping – custom AMIs AMI Custom machine image Instance Auto-scaling Manual deployments Programmatic deployments
    36. 36. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 ami-id ami-launch-index ami-manifest-path block-device-mapping hostname instance-action instance-id Instance-type kernel-id local-hostname local-ipv4 mac network placement profile public-hostname public-ipv4 public-keys reservation-id http://169.254.169.254/latest/meta-data Metadata service contains wealth of information about an instance Bootstrapping – metadata service AMI Custom or standard machine image Instance Metadata Service Receive custom data to drive bootstrapping
    37. 37. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 + user data Scripts in user-data field of metadata will be executed on launch e.g. http://169.254.169.254/latest/meta-data Metadata service contains wealth of information about an instance #!/bin/sh yum -y install httpd chkconfig httpd on /etc/init.d/httpd start <powershell> … </powershell> Or: AMI Custom or standard machine image Instance Metadata Service Receive custom data to drive bootstrapping Bootstrapping – metadata service
    38. 38. + user data Scripts in user-data field of metadata will be executed on launch http://169.254.169.254/latest/meta-data Metadata service contains wealth of information about an instance AMI Custom or standard machine image Instance Metadata Service Receive custom data to drive bootstrapping Bootstrapping – metadata service Install software e.g. web server, app server, proxy Pull data and application packages from Amazon S3 Publish metadata for instance to other systems e.g. monitoring systems Setup security profile of instance based upon intended use e.g. pull latest config
    39. 39. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 1. Use Multiple Availability Zones
    40. 40. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 2. Use Amazon RDS with Replicas and Standby
    41. 41. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 3. Use Amazon Auto Scaling groups
    42. 42. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 4. Use Amazon Elastic Load Balancing
    43. 43. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 5. Use Amazon Route53 to host DNS zones
    44. 44. Three Services: Better Together Amazon CloudWatch Amazon Elastic Load Balancer Amazon Auto Scaling
    45. 45. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Use at regional level Combined with Amazon Auto Scaling Amazon ELB will balance requests and resource capacity across Availability Zones Within Amazon VPC Use to loadbalance between application tiers within an Availability Zone Instance migrations Easily move instances from dev environments to test environments by moving between Amazon ELBs Leverage SLA Improve application reliability with Amazon Route 53’s SLA on requests served Weighted routing Perform A/B analysis, and staged application roll-outs by moving a portion of traffic to new infrastructure Health checks DNS health checks and health-based failover Latency Based Routing Route end users to lowest-latency endpoints Scale databases without admin overhead Choose instance size for databases and scale up over time Add high availability from management console Create Multi-AZ deployments and Read-Replicas. AWS takes care of the failover and recreation of a new standby in event of master DB loss Amazon Elastic Load Balancing Amazon Route 53 Amazon RDS Dynamically scale resources & control costs Only provision the resources that are required with scale up and cool down policies that match demand Easy setup for developers and administrators via the AWS Management Console. Amazon Auto Scaling Architect to use cloud strengths
    46. 46. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Be elastic and cost optimized 5
    47. 47. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 PRICING & COST OPTIMIZATION (Amazon EC2)
    48. 48. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Reserved Make a low, one-time payment and receive a significant discount on the hourly charge For committed utilization Free Tier Get Started on AWS with free usage & no commitment For POCs and getting started On-Demand Pay for compute capacity by the hour with no long-term commitments For spiky workloads, or to define needs Spot Bid for unused capacity, charged at a Spot Price which fluctuates based on supply and demand For time-insensitive or transient workloads Dedicated Launch instances within Amazon VPC that run on hardware dedicated to a single customer For highly sensitive or compliance related workloads Many pricing models to support different workloads
    49. 49. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Manually Send an API call or use CLI to launch/terminate instances – Only need to specify capacity change (+/-) By Schedule Scale up/down based on date and time By Policy Scale in response to changing conditions, based on user configured real-time monitoring and alerts Auto-Rebalance Instances are automatically launched/terminated to ensure the application is balanced across multiple AZs Amazon Auto Scaling policies
    50. 50. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 0 2 4 6 8 10 12 14 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 On Demand Light Utilization RI Medium Utilization RI Heavy utilization RI Hours InstancesOptimizing Costs With RIs
    51. 51. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Start Choose instance that meets your basic requirements best Match memory & virtual cores Instance types
    52. 52. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Start Choose instance that meets your basic requirements best Match memory & virtual cores Tune Change instance size up or down based upon monitoring Use trusted advisor to assess Instance types
    53. 53. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Start Choose instance that meets your basic requirements best Match memory & virtual cores Tune Change instance size up or down based upon monitoring Use trusted advisor to assess Scale Run instances across multiple availability zones Smaller sizes equals greater granularity Purchase RIs after the application has been tuned and utilization patterns are established Instance types
    54. 54. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Cost Explorer Monthly Spend by Service AWS Monthly Spend AWS Cost Explorer
    55. 55. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS SUPPORT
    56. 56. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Support is a Global Organization
    57. 57. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 • Basic Support - Free Contact Customer Service for account and billing questions and receive technical support for resources that don’t pass system health checks. • Developer-level Support – Starting at $49/month Get started on AWS – ask technical questions and get a response to your web case within 12 hours during local business hours. • Business-level Support – Starting at $100/month 24/7/365 real-time assistance by phone and chat, a 1 hour response to web cases, and help with 3rd party software. Access Trusted Advisor to increase performance, fault tolerance, security, and potentially save money. • Enterprise-level Support – Starting at $15,000/month 15 minute response to web cases, an assigned technical account manager (TAM) who is an expert in your use case, and white- glove case handling that notifies your TAM and the service engineering team of a critical issue. AWS Support Plans
    58. 58. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 • Since the beginning of the year, customers have viewed over 700K Trusted Advisor recommendations, and have reduced their AWS spend by over $140M • 31 Checks in four categories (Cost Optimizing, Security, Fault Tolerance, and Performance) • Recommendations are accessible via the Support API AWS Trusted Advisor
    59. 59. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 BOTTOM LINE
    60. 60. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Your Mission 70% On-Premise Infrastructure 30% Managing All of the “Undifferentiated Heavy Lifting” Cloud computing bottom line
    61. 61. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Cloud-Based Infrastructure Your Mission More Time to Focus on Your Mission Configuring Your Cloud Assets 70% 30%70% On-Premise Infrastructure 30% Managing All of the “Undifferentiated Heavy Lifting” Cloud computing bottom line
    62. 62. Useful Resources & Links • AWS Products & Services: https://aws.amazon.com/products/ • Documentation: http://aws.amazon.com/documentation • Economics Center: https://aws.amazon.com/economics/ • Calculator: http://calculator.s3.amazonaws.com/calc5.html • TCO Calculator: http://aws.amazon.com/tco-calculator/ • Architecture Center: http://aws.amazon.com/architecture/ • Security Center: http://aws.amazon.com/security • Compliance Center: http://aws.amazon.com/compliance • Whitepapers: http://aws.amazon.com/whitepapers • Resources: http://aws.amazon.com/resources • Case Studies: http://aws.amazon.com/solutions/case-studies • Solution Providers: http://aws.amazon.com/solutions/global-solution-providers/ • AWS Blog: http://aws.typepad.com/
    63. 63. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 tbixler@amazon.com AWS Best Practices Tim Bixler Thank You

    ×