SlideShare a Scribd company logo

Governance at Scale

Amazon Web Services
Amazon Web Services

The document discusses governance at scale when using AWS. It recommends implementing an AWS account hierarchy using AWS Organizations. It also recommends automating compliance checks and account provisioning. Additionally, it suggests tracking costs by application and environment using AWS Budgets and taking automated actions to avoid overspending budgets. The document provides examples of mapping permissions, users, and centralized access management across multiple AWS accounts for governance at scale.

1 of 15
Download to read offline
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. October 2018 Governance @ Scale Douglas Vanderpool Principal, Global Advisory AWS Professional Services
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance @ Amazon • Six Perspectives • Maintain Speed and Agility • Governance is not a project • Integral to the Cloud Team BusinessCapabilityFocused Business Value Realization People Roles and Readiness Governance Prioritization and Control TechnicalCapabilityFocused Platform Applications and Infrastructure Security Risk and Compliance Operations Hybrid and Dynamic
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance @ Scale • Account Management • Cost Management • Compliance Automation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Common Governance Challenges Organizational Support Business Unit Autonomy Multi-Account Strategy Integration Delegation & Non-Technical Interfaces
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Account Management • Do • Implement a hierarchy • Use AWS Organizations • Use a consolidated Admin AWS account • Automate AWS account provisioning • Implement “single sign-on” through federation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Account Management
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Management • Do • Implement a hierarchy • Use AWS Budgets or equivalent • Start tracking spend by application and environment • Start tracking spend against budgets • Use alerts to inform stakeholders of potential budget overruns (and potentially take actions to stop it) • Automate actions to avoid budget overruns
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Management $$$$ $$$$ $$$$ $$$$$$$$ $$$$ $$$$ $$$$ $$$$$ $$$$$ $$$$$$ $$$$ $$$$$ $$$ $ $$$$$ $$ $$$ $$$ $$$$ $$$ $$ $$$ $$ $$$ $$ $$$
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Management • Do • Implement a hierarchy • Use Service Catalog and Landing Zones as a starting point • Automate compliance at account/environment creation • Continuously monitor for compliance • Work towards automating actions when deviations are found
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Automation 101 1 1 1 6 = PCI = HIPAA = IAM = Encryption = Permissions= PII 1 1 1 1 1 1 1 1 1 2 21 2 1 2 1 1 2 1 2 2 1 2 1 3 3 1 2 1 3 1 3 1 1
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Permissions Mapping & Centralized Access Management of the mapping of: User->AD Groups->SSO Groups->AWS Roles->AWS Accounts Single point of access
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Full View
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Where do we go from here? Start an AWS Professional Services Engagement • Align – A complementary presentation/discussion to ensure the solution is a fit • Launch – An engagement to create a proof of concept within the customers environment with working processes and to scope a Scale offering • Scale – Implementation of a fully functioning enterprise Governance@Scale solution Buy a tool that will give you a significant head start • Cloudtamer.io – Our vendor partner cloudtamer has a team you can work directly with to implement a solution • Joint – AWS Professional Services also works with our vendor partner cloudtamer to implement a solution Build your own solution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reference Material White Paper: https://d1.awsstatic.com/whitepapers/Security/AWS_Governance_at_Scale.pdf Governance@Scale Videos: Video we showed during the session (6 min): https://tinyurl.com/ycxosrln Governance@Scale with cloudtamer.io & AWS Service Catalog video (6 min): https://www.youtube.com/watch?v=ZbuihXq4c60 Governance@scale explained at 2018 Public Sector Summit (40 min video): https://www.youtube.com/watch?v=F_tctEZ5plg Implementing Governance@Scale at the 2018 Public Sector summit (50 min video): https://www.youtube.com/watch?v=Z8BLRBayl2M
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!

Recommended

Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Amazon Web Services
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...Amazon Web Services
 
Landing Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsLanding Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsAmazon Web Services
 
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...Amazon Web Services
 
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_Singapore
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_SingaporeAWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_Singapore
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_SingaporeAmazon Web Services
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB
 
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Amazon Web Services
 

Recommended

Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Amazon Web Services
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...Amazon Web Services
 
Landing Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsLanding Zones - Creating a Foundation for Your AWS Migrations
Landing Zones - Creating a Foundation for Your AWS MigrationsAmazon Web Services
 
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...
Governance@scale - Governance of Multi-Account, Large-Scale AWS Environments ...Amazon Web Services
 
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_Singapore
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_SingaporeAWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_Singapore
AWS Accounts@Scale Using AWS Landing Zone_AWSPSSummit_SingaporeAmazon Web Services
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB
 
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Amazon Web Services
 
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Amazon Web Services
 
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...Amazon Web Services
 
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...Amazon Web Services
 
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Amazon Web Services
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...Amazon Web Services
 
Implementing Governance@Scale
Implementing Governance@ScaleImplementing Governance@Scale
Implementing Governance@ScaleAmazon Web Services
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at ScaleAmazon Web Services
 
Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019Amazon Web Services
 
Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...Amazon Web Services
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Introducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksIntroducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksAmazon Web Services
 
Accelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech TalksAccelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech TalksAmazon Web Services
 
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Amazon Web Services
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfAmazon Web Services
 
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...Amazon Web Services
 
Aws
AwsAws
AwsMegha Sahu
 
AWS Well-Architected Review
AWS Well-Architected ReviewAWS Well-Architected Review
AWS Well-Architected ReviewAndrej Maya
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Identity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftIdentity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
 
Security Best Practices_John Hildebrandt
Security Best Practices_John HildebrandtSecurity Best Practices_John Hildebrandt
Security Best Practices_John HildebrandtHelen Rogers
 
AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAmazon Web Services
 
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...Rolf Koski
 

More Related Content

What's hot

Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Amazon Web Services
 
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...Amazon Web Services
 
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...Amazon Web Services
 
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Amazon Web Services
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...Amazon Web Services
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at ScaleAmazon Web Services
 
Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019Amazon Web Services
 
Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...Amazon Web Services
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Introducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksIntroducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksAmazon Web Services
 
Accelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech TalksAccelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech TalksAmazon Web Services
 
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Amazon Web Services
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfAmazon Web Services
 
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...Amazon Web Services
 
AWS Well-Architected Review
AWS Well-Architected ReviewAWS Well-Architected Review
AWS Well-Architected ReviewAndrej Maya
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Identity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftIdentity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
 
Security Best Practices_John Hildebrandt
Security Best Practices_John HildebrandtSecurity Best Practices_John Hildebrandt
Security Best Practices_John HildebrandtHelen Rogers
 

What's hot (20)

Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
 
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
[REPEAT 1] Executing a Large-Scale Migration to AWS (ENT205-R1) - AWS re:Inve...
 
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
Build End-to-End IT Lifecycle Management on AWS with ServiceNow (ENT330) - AW...
 
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
 
Implementing Governance@Scale
Implementing Governance@ScaleImplementing Governance@Scale
Implementing Governance@Scale
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at Scale
 
Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019Immersion Day - Well Architected Workshop - June 2019
Immersion Day - Well Architected Workshop - June 2019
 
Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...Managing and governing multi-account AWS environments using AWS Organizations...
Managing and governing multi-account AWS environments using AWS Organizations...
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
 
Introducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksIntroducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech Talks
 
Accelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech TalksAccelerate Productivity by Computing at the Edge - AWS Online Tech Talks
Accelerate Productivity by Computing at the Edge - AWS Online Tech Talks
 
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
Enabling Governance, Compliance, Operational, and Risk Auditing with AWS Mana...
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdf
 
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
Developing and Implementing APIs at Scale, the Servless Way - Ed Lima - AWS T...
 
Aws
AwsAws
Aws
 
AWS Well-Architected Review
AWS Well-Architected ReviewAWS Well-Architected Review
AWS Well-Architected Review
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
 
Identity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftIdentity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
Identity Round Robin Workshop - Serverless Round: Security Week at the SF Loft
 
Security Best Practices_John Hildebrandt
Security Best Practices_John HildebrandtSecurity Best Practices_John Hildebrandt
Security Best Practices_John Hildebrandt
 

Similar to Governance at Scale

AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAmazon Web Services
 
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...Rolf Koski
 
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Amazon Web Services
 
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...Amazon Web Services
 
DevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSDevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSTom Laszewski
 
My CIO Says that We're Going All-In and Migrating to AWS, Now What?
My CIO Says that We're Going All-In and Migrating to AWS, Now What?My CIO Says that We're Going All-In and Migrating to AWS, Now What?
My CIO Says that We're Going All-In and Migrating to AWS, Now What?Amazon Web Services
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Amazon Web Services
 
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...Amazon Web Services
 
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?Amazon Web Services
 
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...Amazon Web Services
 
Governance at Scale (SEC349-R1) - AWS re:Invent 2018
Governance at Scale (SEC349-R1) - AWS re:Invent 2018Governance at Scale (SEC349-R1) - AWS re:Invent 2018
Governance at Scale (SEC349-R1) - AWS re:Invent 2018Amazon Web Services
 
Operating at Scale- Preparing for the Journey [Portuguese]
Operating at Scale- Preparing for the Journey [Portuguese]Operating at Scale- Preparing for the Journey [Portuguese]
Operating at Scale- Preparing for the Journey [Portuguese]Amazon Web Services
 
Digital Transformation: Empowering People to Adapt to the Cloud
Digital Transformation: Empowering People to Adapt to the CloudDigital Transformation: Empowering People to Adapt to the Cloud
Digital Transformation: Empowering People to Adapt to the CloudAmazon Web Services
 
How Do I Prepare my Team? Building on Existing Strengths
How Do I Prepare my Team? Building on Existing StrengthsHow Do I Prepare my Team? Building on Existing Strengths
How Do I Prepare my Team? Building on Existing StrengthsAmazon Web Services
 
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018Amazon Web Services
 
Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Amazon Web Services
 
Enterprise Cloud Adoption
Enterprise Cloud Adoption Enterprise Cloud Adoption
Enterprise Cloud Adoption Tom Laszewski
 
Living the AWS Well Architected Framework
Living the AWS Well Architected FrameworkLiving the AWS Well Architected Framework
Living the AWS Well Architected FrameworkAdam Dillman
 

Similar to Governance at Scale (20)

AWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_SingaporeAWS Governance at Scale_AWSPSSummit_Singapore
AWS Governance at Scale_AWSPSSummit_Singapore
 
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
AWS Community Day Nordics 2018: Rolf Koski - Building Successful Enterprise C...
 
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops
 
Cloud Migration: A How-To Guide
Cloud Migration: A How-To GuideCloud Migration: A How-To Guide
Cloud Migration: A How-To Guide
 
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...
Enterprise DevOps: Begin with Production-Ready Migration (ENT217-R1) - AWS re...
 
DevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWSDevOps, CI/CD, cost management, and security on AWS
DevOps, CI/CD, cost management, and security on AWS
 
My CIO Says that We're Going All-In and Migrating to AWS, Now What?
My CIO Says that We're Going All-In and Migrating to AWS, Now What?My CIO Says that We're Going All-In and Migrating to AWS, Now What?
My CIO Says that We're Going All-In and Migrating to AWS, Now What?
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
 
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...
Orion Health CISO & Ops Unite for a Secure DevOps Practice (SEC308-S) - AWS r...
 
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
 
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...
Wellington Management: The Journey to All-In, One Data Center at a Time (FSV2...
 
Governance at Scale (SEC349-R1) - AWS re:Invent 2018
Governance at Scale (SEC349-R1) - AWS re:Invent 2018Governance at Scale (SEC349-R1) - AWS re:Invent 2018
Governance at Scale (SEC349-R1) - AWS re:Invent 2018
 
Operating at Scale- Preparing for the Journey [Portuguese]
Operating at Scale- Preparing for the Journey [Portuguese]Operating at Scale- Preparing for the Journey [Portuguese]
Operating at Scale- Preparing for the Journey [Portuguese]
 
Digital Transformation: Empowering People to Adapt to the Cloud
Digital Transformation: Empowering People to Adapt to the CloudDigital Transformation: Empowering People to Adapt to the Cloud
Digital Transformation: Empowering People to Adapt to the Cloud
 
How Do I Prepare my Team? Building on Existing Strengths
How Do I Prepare my Team? Building on Existing StrengthsHow Do I Prepare my Team? Building on Existing Strengths
How Do I Prepare my Team? Building on Existing Strengths
 
AWS Well-Architected Workshop
AWS Well-Architected WorkshopAWS Well-Architected Workshop
AWS Well-Architected Workshop
 
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018
Mastering the Secret Sauce to SaaS - Adrian De Luca - AWS TechShift ANZ 2018
 
Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...
 
Enterprise Cloud Adoption
Enterprise Cloud Adoption Enterprise Cloud Adoption
Enterprise Cloud Adoption
 
Living the AWS Well Architected Framework
Living the AWS Well Architected FrameworkLiving the AWS Well Architected Framework
Living the AWS Well Architected Framework
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Governance at Scale

  • 1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. October 2018 Governance @ Scale Douglas Vanderpool Principal, Global Advisory AWS Professional Services
  • 2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance @ Amazon • Six Perspectives • Maintain Speed and Agility • Governance is not a project • Integral to the Cloud Team BusinessCapabilityFocused Business Value Realization People Roles and Readiness Governance Prioritization and Control TechnicalCapabilityFocused Platform Applications and Infrastructure Security Risk and Compliance Operations Hybrid and Dynamic
  • 3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance @ Scale • Account Management • Cost Management • Compliance Automation
  • 4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Common Governance Challenges Organizational Support Business Unit Autonomy Multi-Account Strategy Integration Delegation & Non-Technical Interfaces
  • 5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Account Management • Do • Implement a hierarchy • Use AWS Organizations • Use a consolidated Admin AWS account • Automate AWS account provisioning • Implement “single sign-on” through federation
  • 6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Account Management
  • 7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Management • Do • Implement a hierarchy • Use AWS Budgets or equivalent • Start tracking spend by application and environment • Start tracking spend against budgets • Use alerts to inform stakeholders of potential budget overruns (and potentially take actions to stop it) • Automate actions to avoid budget overruns
  • 8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cost Management $$$$ $$$$ $$$$ $$$$$$$$ $$$$ $$$$ $$$$ $$$$$ $$$$$ $$$$$$ $$$$ $$$$$ $$$ $ $$$$$ $$ $$$ $$$ $$$$ $$$ $$ $$$ $$ $$$ $$ $$$
  • 9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Management • Do • Implement a hierarchy • Use Service Catalog and Landing Zones as a starting point • Automate compliance at account/environment creation • Continuously monitor for compliance • Work towards automating actions when deviations are found
  • 10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Automation 101 1 1 1 6 = PCI = HIPAA = IAM = Encryption = Permissions= PII 1 1 1 1 1 1 1 1 1 2 21 2 1 2 1 1 2 1 2 2 1 2 1 3 3 1 2 1 3 1 3 1 1
  • 11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Permissions Mapping & Centralized Access Management of the mapping of: User->AD Groups->SSO Groups->AWS Roles->AWS Accounts Single point of access
  • 12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Full View
  • 13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Where do we go from here? Start an AWS Professional Services Engagement • Align – A complementary presentation/discussion to ensure the solution is a fit • Launch – An engagement to create a proof of concept within the customers environment with working processes and to scope a Scale offering • Scale – Implementation of a fully functioning enterprise Governance@Scale solution Buy a tool that will give you a significant head start • Cloudtamer.io – Our vendor partner cloudtamer has a team you can work directly with to implement a solution • Joint – AWS Professional Services also works with our vendor partner cloudtamer to implement a solution Build your own solution
  • 14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reference Material White Paper: https://d1.awsstatic.com/whitepapers/Security/AWS_Governance_at_Scale.pdf Governance@Scale Videos: Video we showed during the session (6 min): https://tinyurl.com/ycxosrln Governance@Scale with cloudtamer.io & AWS Service Catalog video (6 min): https://www.youtube.com/watch?v=ZbuihXq4c60 Governance@scale explained at 2018 Public Sector Summit (40 min video): https://www.youtube.com/watch?v=F_tctEZ5plg Implementing Governance@Scale at the 2018 Public Sector summit (50 min video): https://www.youtube.com/watch?v=Z8BLRBayl2M
  • 15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!