This session provides attendees with approaches to their VPC, including creating and protecting subnets, routing, performing VPC peering, and leveraging the latest features in Amazon VPC. Additionally, we'll discuss Amazon Route 53 for delivering traffic.
A brief introduction to Amazon Virtual Private Cloud (VPC).
Amazon VPC is a very important service that provides a logically isolated area of the AWS cloud where you can launch AWS resources in a virtual network that you define.
Powerful encryption capabilities are available in the core services of the AWS cloud. AWS continues to release enhancements to encryption-specific services and expand encryption capabilities in new services to make security easy for everyone. Learn how to take advantage of these services and features to protect and secure your data in the cloud.
Speaker: Dr. John Hildebrandt - Principle Solutions Architect, AWS
Elastic Load Balancing allows the incoming traffic to be distributed automatically across multiple healthy EC2 instances.
ELB serves as a single point of contact to the client.
ELB helps to being transparent and increases the application availability by allowing addition or removal of multiple EC2 instances across one or more availability zones, without disrupting the overall flow of information.
A brief introduction to Amazon Virtual Private Cloud (VPC).
Amazon VPC is a very important service that provides a logically isolated area of the AWS cloud where you can launch AWS resources in a virtual network that you define.
Powerful encryption capabilities are available in the core services of the AWS cloud. AWS continues to release enhancements to encryption-specific services and expand encryption capabilities in new services to make security easy for everyone. Learn how to take advantage of these services and features to protect and secure your data in the cloud.
Speaker: Dr. John Hildebrandt - Principle Solutions Architect, AWS
Elastic Load Balancing allows the incoming traffic to be distributed automatically across multiple healthy EC2 instances.
ELB serves as a single point of contact to the client.
ELB helps to being transparent and increases the application availability by allowing addition or removal of multiple EC2 instances across one or more availability zones, without disrupting the overall flow of information.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
더 많은 기업들이 디지털 전환을 앞당기며 뉴노멀 비즈니스를 위한 마이크로 서비스 전략을 세우고 더 빠른 앱 개발을 위해 노력을 기울이고 있습니다. 본 강연에서는 AWS re:Invent를 통해 발표된 Amazon EKS 및 AWS Proton의 신규 업데이트와 새롭게 출시된 Karpenter 프로젝트 등에 대해서 살펴봅니다. Graviton2 지원 및 Event Filtering, 그리고 AWS StepFunction Workflow Studio와 같은 서버리스 분야의 업데이트들과 함께 클라우드 운영 개선에 많은 도움을 줄 수 있는 관리 도구들에 대한 업데이트들도 소개합니다.
진화하는 CloudFront 의 이해와 글로벌 서비스 활용 - 안수일 시니어 솔루션즈 아키텍트, GS NEOTEK :: AWS Summit...Amazon Web Services Korea
스폰서 발표 세션 | 진화하는 CloudFront 의 이해와 글로벌 서비스 활용
안수일 시니어 솔루션즈 아키텍트, GS NEOTEK
멀티미디어의 활용도가 점점 높아지면서 데이터, 이미지, 동영상 등을 짧은 지연시간과 빠른 전송속도로 전세계의 고객에게 전송하기 위해 CDN(Contents Delivery Network)서비스를 사용합니다. AWS의 CDN서비스인 CloudFront 의 이해와 계속해서 진화하는 CloudFront의 기능들을 어떻게 잘 활용 할 것인지에 대해 알아봅니다.
발표영상 다시보기: https://youtu.be/BZhbRQFwkMQ
AWS의 기본 서비스 중 가상 네트워크에서 AWS 리소스를 구동할 수 있는 클라우드 상의 논리적으로 격리된 공간인 VPC와 애플리케이션 트래픽을 로드 발란싱 할 수 있는 ELB, OnPremise와 연결할 수 있는 Direct Connect 및 VPN에 대해 이해할 수 있습니다.
We take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or to launch an Amazon EC2 instance of a specific type.
It establishes connection/communication between different vpc’s. Either you can do in the same region or different region. AWS support peering among AWS accounts.
LinkedIn https://www.linkedin.com/today/author/mohan-reddy-79a57014b
Youtube https://www.youtube.com/user/VepsunTechnologies
Vepsun http://www.vepsun.in/
Containers have revolutionized the way we build, package, deploy, and run applications. While containers initially only supported code and tooling for Linux applications, Docker now offers API and toolchain support for running Windows Servers in containers.
This webinar was held in March 2018 to an Australian and New Zealander audience.
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자!
신은수 솔루션즈 아키텍트, AWS
IAM 서비스는 AWS 에서 계정을 생성하고 서비스를 사용하고 위해서는 반드시 사용하여야 하는 서비스 중에 하나입니다. 본 세션에서는 IAM에서 기본적으로 제공하는 기능의 구조와 동작 원리, 각 IAM 정책(Policy) 별 상호 관계 등에 대해 이해함으로써 보다 단순화되고 관리가 편한 IAM 정책을 작성하고 실무에 적용할 수 있는 방법 등에 대해 살펴보고자 합니다.
Native 보안 기능에 대한 고객 Needs가 높아지고 있는 상황에서 ‘효율적인 운영/관제 서비스’가 부족하여 Native 보안 기능 도입을 망설이고 있습니다.
SK쉴더스는 이러한 고객 Pain Point를 해소하기 위하여 AWS Perimeter Security Function을 활용한 운영/관제 방안 실사례를 제시하여 말하고자 합니다.
Training for AWS Solutions Architect at http://zekelabs.com/courses/amazon-web-services-training-bangalore/.This slide describes about IPv4 vs IPv6, types of records, simple routing policy, weighted routing policy, latency routing policy, failover routing policy and geolocation routing policy
___________________________________________________
zekeLabs is a Technology training platform. We provide instructor led corporate training and classroom training on Industry relevant Cutting Edge Technologies like Big Data, Machine Learning, Natural Language Processing, Artificial Intelligence, Data Science, Amazon Web Services, DevOps, Cloud Computing and Frameworks like Django,Spring, Ruby on Rails, Angular 2 and many more to Professionals.
Reach out to us at www.zekelabs.com or call us at +91 8095465880 or drop a mail at info@zekelabs.com
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
AWS 리소스를 사용하기 위한 모든 요청은 Identity and Access Management, 즉 IAM을 통해 이루어집니다. 따라서 IAM은 가장 기본적이면서도 핵심적인 도구이며, 고객 여러분들의 소중한 워크로드를 지키기 위한 시작입니다. 이번 세션에서는 AWS상에서의 인증과 인가, 그리고 감사가 어떻게 이루어지는지 보고, 다양한 사례들을 살펴보겠습니다.
Amazon Route 53 is a highly available, scalable, and easy to use cloud Domain Name System (DNS) web service. With an SLA of 100% availability, Route 53 is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications. By using Route 53 as your DNS provider, you can ensure your application’s up-time, run architecture that delivers better performance, and provide your end users with a better experience through lower latency and faster load times, all at the fraction of the cost of other DNS providers. Learning Objective: In this webinar, you will learn the following: - General overview of DNS, and how Route 53 is built to provide reliable and secure DNS - Using the Route 53 console to manage your DNS, easily and seamlessly - Utilizing health checks and failover to ensure high availability - Configuring advanced routing policies, including running your application in multiple regions with LBR and Geo for better performance for your end users. - Saving costs by using Route 53 - Registering or transferring your domains into Route 53 to manage all of your domain resources from one place - How to start using Route 53, including migrating your DNS without experiencing any downtime.
In this presentation, created for a webinar recorded on 4/26/2012, we demo'd Amazon Route 53's new Latency Based Routing (LBR) feature. LBR is one of Amazon Route 53’s most requested features and helps improve your application’s performance for a global audience. LBR works by routing your customers to the AWS endpoint (e.g. EC2 instances, Elastic IPs or ELBs) that provides the fastest experience based on actual performance measurements of the different AWS regions where your application is running.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
더 많은 기업들이 디지털 전환을 앞당기며 뉴노멀 비즈니스를 위한 마이크로 서비스 전략을 세우고 더 빠른 앱 개발을 위해 노력을 기울이고 있습니다. 본 강연에서는 AWS re:Invent를 통해 발표된 Amazon EKS 및 AWS Proton의 신규 업데이트와 새롭게 출시된 Karpenter 프로젝트 등에 대해서 살펴봅니다. Graviton2 지원 및 Event Filtering, 그리고 AWS StepFunction Workflow Studio와 같은 서버리스 분야의 업데이트들과 함께 클라우드 운영 개선에 많은 도움을 줄 수 있는 관리 도구들에 대한 업데이트들도 소개합니다.
진화하는 CloudFront 의 이해와 글로벌 서비스 활용 - 안수일 시니어 솔루션즈 아키텍트, GS NEOTEK :: AWS Summit...Amazon Web Services Korea
스폰서 발표 세션 | 진화하는 CloudFront 의 이해와 글로벌 서비스 활용
안수일 시니어 솔루션즈 아키텍트, GS NEOTEK
멀티미디어의 활용도가 점점 높아지면서 데이터, 이미지, 동영상 등을 짧은 지연시간과 빠른 전송속도로 전세계의 고객에게 전송하기 위해 CDN(Contents Delivery Network)서비스를 사용합니다. AWS의 CDN서비스인 CloudFront 의 이해와 계속해서 진화하는 CloudFront의 기능들을 어떻게 잘 활용 할 것인지에 대해 알아봅니다.
발표영상 다시보기: https://youtu.be/BZhbRQFwkMQ
AWS의 기본 서비스 중 가상 네트워크에서 AWS 리소스를 구동할 수 있는 클라우드 상의 논리적으로 격리된 공간인 VPC와 애플리케이션 트래픽을 로드 발란싱 할 수 있는 ELB, OnPremise와 연결할 수 있는 Direct Connect 및 VPN에 대해 이해할 수 있습니다.
We take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or to launch an Amazon EC2 instance of a specific type.
It establishes connection/communication between different vpc’s. Either you can do in the same region or different region. AWS support peering among AWS accounts.
LinkedIn https://www.linkedin.com/today/author/mohan-reddy-79a57014b
Youtube https://www.youtube.com/user/VepsunTechnologies
Vepsun http://www.vepsun.in/
Containers have revolutionized the way we build, package, deploy, and run applications. While containers initially only supported code and tooling for Linux applications, Docker now offers API and toolchain support for running Windows Servers in containers.
This webinar was held in March 2018 to an Australian and New Zealander audience.
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자!
신은수 솔루션즈 아키텍트, AWS
IAM 서비스는 AWS 에서 계정을 생성하고 서비스를 사용하고 위해서는 반드시 사용하여야 하는 서비스 중에 하나입니다. 본 세션에서는 IAM에서 기본적으로 제공하는 기능의 구조와 동작 원리, 각 IAM 정책(Policy) 별 상호 관계 등에 대해 이해함으로써 보다 단순화되고 관리가 편한 IAM 정책을 작성하고 실무에 적용할 수 있는 방법 등에 대해 살펴보고자 합니다.
Native 보안 기능에 대한 고객 Needs가 높아지고 있는 상황에서 ‘효율적인 운영/관제 서비스’가 부족하여 Native 보안 기능 도입을 망설이고 있습니다.
SK쉴더스는 이러한 고객 Pain Point를 해소하기 위하여 AWS Perimeter Security Function을 활용한 운영/관제 방안 실사례를 제시하여 말하고자 합니다.
Training for AWS Solutions Architect at http://zekelabs.com/courses/amazon-web-services-training-bangalore/.This slide describes about IPv4 vs IPv6, types of records, simple routing policy, weighted routing policy, latency routing policy, failover routing policy and geolocation routing policy
___________________________________________________
zekeLabs is a Technology training platform. We provide instructor led corporate training and classroom training on Industry relevant Cutting Edge Technologies like Big Data, Machine Learning, Natural Language Processing, Artificial Intelligence, Data Science, Amazon Web Services, DevOps, Cloud Computing and Frameworks like Django,Spring, Ruby on Rails, Angular 2 and many more to Professionals.
Reach out to us at www.zekelabs.com or call us at +91 8095465880 or drop a mail at info@zekelabs.com
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
AWS 리소스를 사용하기 위한 모든 요청은 Identity and Access Management, 즉 IAM을 통해 이루어집니다. 따라서 IAM은 가장 기본적이면서도 핵심적인 도구이며, 고객 여러분들의 소중한 워크로드를 지키기 위한 시작입니다. 이번 세션에서는 AWS상에서의 인증과 인가, 그리고 감사가 어떻게 이루어지는지 보고, 다양한 사례들을 살펴보겠습니다.
Amazon Route 53 is a highly available, scalable, and easy to use cloud Domain Name System (DNS) web service. With an SLA of 100% availability, Route 53 is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications. By using Route 53 as your DNS provider, you can ensure your application’s up-time, run architecture that delivers better performance, and provide your end users with a better experience through lower latency and faster load times, all at the fraction of the cost of other DNS providers. Learning Objective: In this webinar, you will learn the following: - General overview of DNS, and how Route 53 is built to provide reliable and secure DNS - Using the Route 53 console to manage your DNS, easily and seamlessly - Utilizing health checks and failover to ensure high availability - Configuring advanced routing policies, including running your application in multiple regions with LBR and Geo for better performance for your end users. - Saving costs by using Route 53 - Registering or transferring your domains into Route 53 to manage all of your domain resources from one place - How to start using Route 53, including migrating your DNS without experiencing any downtime.
In this presentation, created for a webinar recorded on 4/26/2012, we demo'd Amazon Route 53's new Latency Based Routing (LBR) feature. LBR is one of Amazon Route 53’s most requested features and helps improve your application’s performance for a global audience. LBR works by routing your customers to the AWS endpoint (e.g. EC2 instances, Elastic IPs or ELBs) that provides the fastest experience based on actual performance measurements of the different AWS regions where your application is running.
AWS re:Invent 2016: DNS Demystified: Getting Started with Amazon Route 53, fe...Amazon Web Services
Whether you’re running a simple website, a mobile app, or a suite of business applications, DNS is a fundamental part of any architecture in the cloud. In this mid-level architecture session, we’ll cover everything you need to get started with Amazon Route 53, AWS’s highly-available DNS service. You’ll learn how to use public DNS, including routing techniques such as weighted round-robin, latency-based routing, and geo DNS; how to configure DNS failover using health checks; how and when to use private DNS within your Virtual Private Cloud (VPC); and how Amazon Route 53 interacts with Amazon EC2’s DNS for instance naming and DNS resolution across your network.
We will conclude the session with a real-world migration example. Warner Bros. Entertainment recently completed a full DNS migration to Route 53. Vahram Sukyas, Vice President, Application Infrastructure & Operations at Warner Bros. Entertainment, will share details on his team's architecture, migration strategy, and lessons learned which are useful for enterprises and startups alike.
(SDD408) Amazon Route 53 Deep Dive: Delivering Resiliency, Minimizing Latency...Amazon Web Services
Learn how to utilize Amazon Route 53 latency-based routing, weighted round-robin, and other features in conjunction with DNS failover to direct traffic to the least latent, most available endpoints across a global infrastructure. We explore topics such as balancing traffic between endpoints in terms of load and latency, and discuss how to provide multi-record answers to improve client-side resiliency. As part of this session, Loggly will present how they utilize Route 53 for their traffic management needs.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Loft | London - Amazon Virtual Private Cloud by Andrew Kane, Solution Architect
April 18, 2016
PLNOG 17 - Tomasz Stachlewski - Infrastruktura sieciowa w chmurze AWSPROIDEA
Celem prezentacji jest przedstawienie sposobu tworzenia i zarządzania infrastrukturą sieciową w chmurze (AWS). Podczas prezentacji użytkownicy dowiedzą się z jakich komponentów składa się infrastruktura w chmurze, zapoznają się z tematyką VPC (Virtual Private Cloud), Security Group, Direct Connect, Avaibility Zone, Route53, Regions. Dodatkowo dowiedzą się jak należy projektować systemy aby były określane jako HA oraz w jaki sposób można tworzyć rozwiązania hybrydowe i połączyć chmurę z istniejącą infrastrukturą on-premise. Dodatkowo słuchacze zapoznają się ze sposobem zarządzania infrastrukturą sieciową jak kodem (tzw. IaC - Infrastructure as Code) – co pozwala w szybki sposób tworzyć i zarządzać całością infrastruktury sieciowej w chmurze.
Many enterprises on their hybrid cloud journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. As we walk through these options, we try to answer some of the most common questions that typically arise from enterprises that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
In this session, we walk through the fundamentals of connectivity with AWS. First, we cover build-out and design fundamentals for VPCs, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition to different approaches and use cases for connecting your physical data center to AWS. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision makers interested in understanding the building blocks.
AWS re:Invent 2016: NextGen Networking: New Capabilities for Amazon’s Virtual...Amazon Web Services
Amazon’s Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud and gives you complete control over your virtual networking environment. Amazon VPC continues to evolve with new capabilities and enhancements. These features give you increasingly greater isolation, control, and visibility at the all-important networking layer. In this session, we review some of the latest changes, discuss their value, and describe their use cases.
From One to Many: Evolving VPC Design (ARC401) | AWS re:Invent 2013Amazon Web Services
As more customers adopt Amazon Virtual Private Cloud architectures, the features and flexibility of the service are squaring off against increasingly complex design requirements. This session follows the evolution of a single regional VPC into a multi-VPC, multi-region design with diverse connectivity into on-premises systems and infrastructure. Along the way, we investigate creative customer solutions for scaling and securing outbound VPC traffic, managing multi-tenant VPCs, conducting VPC-to-VPC traffic, extending corporate federation and name services into VPC, running multiple hybrid environments over AWS Direct Connect, and integrating corporate multiprotocol label switching (MPLS) clouds into multi-region VPCs.
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
(ARC205) Creating Your Virtual Data Center: VPC Fundamentals and Connectivity...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Introduction to AWS VPC, Guidelines, and Best PracticesGary Silverman
I crafted this presentation for the AWS Chicago Meetup. This deck covers the rationale, building blocks, guidelines, and several best practices for Amazon Web Services Virtual Private Cloud. I classify it as a somewhere between a 101 and 201 level presentation.
If you like the presentation, I would appreciate you clicking the Like button.
From the Amazon Web Services Singapore & Malaysia Summits 2015 Track 1 Breakout, Your first Hour on AWS - Presented by Chris Hampartsoumian, Technology Evangelist ASEAN, Amazon Web Services.
(ARC403) From One to Many: Evolving VPC Design | AWS re:Invent 2014Amazon Web Services
As more customers adopt Amazon VPC architectures, the features and flexibility of the service are squaring off against increasingly complex design requirements. This session follows the evolution of a single regional VPC into a multi-VPC, multiregion design with diverse connectivity into on-premises systems and infrastructure. Along the way, we investigate creative customer solutions for scaling and securing outbound VPC traffic, managing multitenant VPCs, conducting VPC-to-VPC traffic, running multiple hybrid environments over AWS Direct Connect, and integrating corporate multiprotocol label switching (MPLS) clouds into multiregion VPCs.
Securing Your Virtual Data Center in the Cloud (NET202) - AWS re:Invent 2018Amazon Web Services
In this introductory session, we cover how to secure your resources in the cloud for common AWS workloads such as Amazon EC2 computing, database, and serverless. We cover security best practices recommended by AWS for each workload using simple and effective identity and networking techniques. Learn how and why these controls do what they do, and come away with the ability to interpret and apply AWS identity and network access controls.
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
The Fundamentals of Networking in AWS: VPC and Connectivity Options - BusinessAmazon Web Services
A successful AWS journey always begins with accessing, creating, and controlling your own isolated network in the cloud. In this session, we will explain the concepts of VPC, how to create it, how to connect to your VPC, and what to take into consideration when managing your environment to ensure that you start off on the right foot with AWS.
Speaker: Amy Romano, Account Manager, Amazon Web Services & Alastair Cousins, Solutions Architect, Amazon Web Services
Featured Customer - William Buck
In this session from the London AWS Summit 2015 Tech Track Replay, AWS Solutions Architect Steve Seymour dives deep into the Amazon Virtual Private Cloud service, covering features as well as best practices.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.
(NET201) Creating Your Virtual Data Center: VPC FundamentalsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...Amazon Web Services
With constantly evolving threats across the Internet, Harvard University deployed a security network platform to mitigate cyber threats, current and future, to protect institutional and research data. By using multiple geographic locations, best of breed equipment, and network automation, Harvard provides visibility, availability, and multilayer protections for their cloud network. This talk discusses the benefits, considerations, and lessons learned from using their security network platform at the edge of the cloud. Learn how Harvard designed and deployed the platform, utilizing serverless architecture to orchestrate the solution from within to protect their most sensitive data and afford students, faculty, and staff the flexibility of cloud computing.
(Diapositivas de presentación son en inglés.)
En esta sesión, veremos los fundamentos de Amazon Virtual Private Cloud (VPC). Primero, cubriremos los principios de diseño y construcción de VPC, incluyendo la elección de los rangos de IP, subredes, routing, seguridad, NAT, y más. Luego explicaremos las diferentes maneras de conectar su VPC con su infraestructura física utilizando VPN o Direct Connect. El material está destinado a arquitectos, administradores de redes y ejecutivos en tecnología interesados en conocer los elementos básicos que componen el servicio VPC.
Creando una estrategia en el Cloud y acelerar los resultadosAmazon Web Services
(Diapositivas de presentación son en inglés.)
En esta sesión abordaremos en profundidad la adopción de AWS en el ámbito empresarial: creación paso a paso de una estrategia de transformación utilizando el Cloud Adoption Framework (CAF) de AWS. Construiremos una hoja de ruta prescriptiva para una transformación cloud usando las mejores prácticas, las técnicas y las herramientas utilizadas con éxito por numerosos clientes empresariales de AWS.
Similar to Advanced Approaches to Amazon VPC and Amazon Route 53 | AWS Public Sector Summit 2016 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
10. Amazon VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
Availability Zone B
Availability Zone C
11. Amazon VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
12. Amazon VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
13. Amazon VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
14. Route tables in a VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
15. Security groups in a VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
security group
16. Internet gateway with a VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
security group
19. AWS Direct Connect
AWS Direct Connect location
Private fiber connection
One or multiple
50–500 Mbps,
1 Gbps or 10 Gbps connections
20. VPN and Direct Connect
• Secure connection to you network
• Pair of IPSec tunnels over the internet
• Dedicated line
• Lower latency and lower per GB data transfer rates
• Failover between each
21. Amazon VPC
Availability Zone A Availability Zone B
10.200.0.0/16
Availability Zone A
Availability Zone C
10.200.2.0/27
10.200.1.0/28
Availability Zone B
10.200.1.16/28
Availability Zone C
10.200.1.32/28
10.200.2.32/27 10.200.2.64/27
10.200.2.4 10.200.2.36 10.200.2.68
10.200.1.4
10.200.1.20
10.200.1.36
30. Route 53 overview
• Route 53 is a highly available and scalable cloud
Domain Name System (DNS) web service
• Distributed globally
• Integrates with other AWS services
• Can be used for on-premises and hybrid setups
• Simple to use
31. Route 53 features
• Latency based routing
• Geo DNS
• Weighted round robin
• DNS failover
• Health checks
• Private DNS for VPC
• Domain name registration & transfer
32. Route 53 SLA
100% Available
SLA details: https://aws.amazon.com/route53/sla/
33. Route 53 pricing
• Hosted zones
$0.50 per hosted zone/month for the first 25 hosted zones
$0.10 per hosted zone/month for additional hosted zones
• Standard queries
$0.400 per million queries—first 1 billion queries/month
$0.200 per million queries—over 1 billion queries/month
• Latency based routing queries
$0.600 per million queries—first 1 billion queries/month
$0.300 per million queries—over 1 billion queries/month
• Geo DNS queries
$0.700 per million queries—first 1 billion queries/month
$0.350 per million queries—over 1 billion queries/month
It’s always a good idea to remind everyone of this
Define region/AZ/edge
5 in the next year
You may currently have a data center
You might be running a customer prior to 2013 and running ec2 classic
Overview of what a VPC is
(Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define.
First pick a CIDR block from /28 to /16
Avoid overlapping networks you might connect to
Can’t resize a VPC or a subnet – may not want to make one big subnet
Azs and subnets are 1:1
Pick number of AZs to support design
Pick multiple for HA/resiliency,
Pick multiple for access to larger pool for spot
The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance. For example, in a subnet with CIDR block 10.0.0.0/24, the following five IP addresses are reserved:
10.0.0.0: Network address.
10.0.0.1: Reserved by AWS for the VPC router.
10.0.0.2: Reserved by AWS for mapping to the Amazon-provided DNS.
10.0.0.3: Reserved by AWS for future use.
10.0.0.255: Network broadcast address. We do not support broadcast in a VPC, therefore we reserve this address.
Several services supported to work within a VPC. Not just EC2
Route tables for traffic flow
Stateful firewall around instances
Internet Gateway to get out to the internet if needed
* Do not have to do this!
Connect multiple VPC within a region
Cross account access
Invitation process
Connect back to on prem networks
Two endpoints per VPC
One to one VPC and VPN tunnel
Connect back to on prem networks
Start off with a VPN
Building out VPCs
You can go through the console and build it
Programmatic access to build it
Node.js snippet
Cfn overview
JSON formatted and templated
Security, DR, COOP become first class citizens
Use that same template to deploy globally
CLI example to launch that environment to all commercial regions
xargs to keep going on error if CLI errors out with 255
$0.40 for 1 million queries
3 million queries is cheaper than the coffee I picked up this morning.
Over 300 TLDs available
https://aws.amazon.com/about-aws/whats-new/2016/05/amazon-route-53-announces-domain-name-registration-enhancements-expanded-tld-catalog-and-detailed-billing-history/
Highlight partitioning of name, domains, and TLDs for resiliency
Here is one of the sites we created earlier with Cfn
Nothing fancy - Here’s what we see when we go to the web site
Grab the list of all the websites I made earlier
Configure a health check for one site
Configure a health check for one site
Do you want to be notified?
Maybe you don’t want to do by hand in the console
Health status bar
powered down the web server, starts to fail after thresholds met
Powered back up, and healthy
Let’s make a health check for each of the sites we made earlier
Remembering IPs is no fun, let’s make an A record
Latency based
Failover
Weighted
Link to Elastic Load Balancer and other AWS services
One in US and one in Europe
Example of getting to least latent web server from wherever I am in the world