SlideShare a Scribd company logo

An Azure Primer for the AWS Solution Architect - DevOps West 2020

Derek Ashmore
Derek Ashmore

My Presentation about An Azure Primer for the AWS Solution Architect at DevOps West Las Vegas 2019 - June 10, 2020

1 of 34
Download to read offline
An Azure Primer for the AWS Solution Architect Given by Derek C. Ashmore DevOps West 2020 June 10, 2020 ©2020 Derek C. Ashmore, All Rights Reserved 1
Who am I? • Professional Geek since 1987 • Java/J2EE/Java EE since 1999 • AWS since 2010 • Azure since 2017 • Specialties • Application Transformation • Infrastructure Automation • Yes – I still code! ©2020 Derek C. Ashmore, All Rights Reserved 2
Discussion Resources • This slide deck – https://www.slideshare.net/derekashmore/presentations • Sample code on my Github – https://github.com/Derek-Ashmore/ • Slide deck has hyper-links! – Don’t bother writing down URLs ©2020 Derek C. Ashmore, All Rights Reserved 3
Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 4
Audience LevelSet • You are an AWS Professional – Solution Architect, DevOps – AWS Cli and/or SDK literate • You need to come up to speed on Azure • Azure is a paradigm shift – Term to term mapping will only get you so far • I follow the money! – I’m technology agnostic – I’ve seen more Azure adoption than AWS lately ©2020 Derek C. Ashmore, All Rights Reserved 5
Basic Terms for Services ©2020 Derek C. Ashmore, All Rights Reserved 6 AWS Terms Azure Terms VPC Virtual Network (Vnet) EC2 Instance Virtual Machine (VM) CloudWatch Log Analytics Account Subscription Lambda Function API Gateway API Management S3 Storage Account Key Vault Secrets Manager RDS Azure Database CloudFormation Azure Resource Manager (ARM)
Resource Groups – Azure Resource Groups are a grouping of Azure assets of any type • Frequently used to categorize assets per application – Deleting a Resource Group will delete all assets belonging to it. – Resource Groups often mapped to an Active Directory group and tied to console privileges – Resource groups commonly used for core concerns • Applications tend to have a specific resource group • Networking, Security, and other infrastructure concerns tend to have resource groups ©2020 Derek C. Ashmore, All Rights Reserved 7
Resource Groups ©2020 Derek C. Ashmore, All Rights Reserved 8 • Separating Resources • Management Support • Common Services • Logging • Alerting • CI/CD Agents • Applications • Additional Applications are expected • Additional Common Services can be added
Management Groups and Subscriptions ©2020 Derek C. Ashmore, All Rights Reserved 9 AWS Terms Azure Terms Organization Management Group Account Subscription
Management Groups and Subscriptions ©2020 Derek C. Ashmore, All Rights Reserved 10
Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 11
Networking Terms ©2020 Derek C. Ashmore, All Rights Reserved 12 AWS Terms Azure Terms VPC Virtual Network (Vnet) Instance Virtual Machine Security Group Network Security Group (NSG) Elastic Network Interface (ENI) Network Interface (Nic) Route53 Azure DNS Direct Connect Express Route Identical Terms Subnet Route Table Flow logs Region Peering Subnet Availability Zone
Networking Overview – Azure Virtual Network (Vnets) == AWS VPC • They can be peered • No transitive peering • Have DNS and DHCP configuration options • Have world-wide regional options – Azure Vnet Peering includes routing • Fewer explicit route tables – Azure Vnets contain subnets • The distinction between public and private subnets not as relevant in Azure – There’s nothing to put in them as public load balancers don’t work the same way. – The Azure Application Gateway / WAF requires a dedicated subnet • Availability Zones are not attached to subnets. – Region Service AZ Cross Reference – Very new concept to Azure ©2020 Derek C. Ashmore, All Rights Reserved 13
Network Security Groups – NSGs are Roughly like AWS Instance Security Groups • Like AWS, NSG rules have a priority and are stateful – One NSG per VM NIC or subnet • No multiple assignments like AWS – NSG rules cannot reference other NSGs! • In AWS, Security group rules can allow inbound/outbound traffic to specific security group members. • This makes AWS Security groups generic – Azure Application Security Groups (ASG) are intended to fill that gap • ASGs are a label for a set of IP Addresses that can be used in NSG rules • ASGs appear to be seldom used in practice ©2020 Derek C. Ashmore, All Rights Reserved 14
NSG Example ©2020 Derek C. Ashmore, All Rights Reserved 15
Connection Troubleshooter – Enter two IP Addresses and a port • Troubleshooter will identify the NSG rule prohibiting traffic – Avoids the issue of hunting flow logs to figure out why VMs can’t communicate ©2020 Derek C. Ashmore, All Rights Reserved 16
NSG Handling Patterns – Azure NSGs do tend to be more application specific • Lack of multiple NSG assignments make them less re-usable than AWS – Tend to rely on Automation to apply common rules to NSGs • While you can’t as easily re-use NSG rules, you can automate the “copy” – Trend toward assigning NSGs to subnets rather than VM Nics • Reduces the number of assignments • Causes trend to application-specific subnets. – Azure Professionals often refer to NSGs as “Firewalls” • Firewall devices more likely not to be used in Azure ©2020 Derek C. Ashmore, All Rights Reserved 17
Compute Terms ©2020 Derek C. Ashmore, All Rights Reserved 18 AWS Terms Azure Terms Instance Virtual Machine (VM) CloudWatch Log Analytics Instance Type VM Size EBS Volume Data Disk Autoscaling VM Scale Sets User Data Custom Data Application Load Balancer Application Gateway VM Extension Availability Set Identical Terms Subnet Route Table Flow logs Region Load Balancer Snapshot Image** ** - AWS Images are different than Azure Images: Same label, but different construct
Virtual Machines – Azure Virtual Machines == AWS Instances • Numerous sizes, types, and pricing • Placed in subnets • On demand, spot, and reserved pricing options • Load balancing and autoscaling support • Robust Marketplace for images – Azure images are generalized • Not a backup as in AWS • Snapshots of underlying disks needed to restore ©2020 Derek C. Ashmore, All Rights Reserved 19
Virtual Machines (con’t) – Azure makes VM Backups and Recoveries easy • Backups are centrally scheduled and managed • Recoveries are a very simple action • AWS Backup launched as a direct response – Installing software on VMs • In AWS, userdata script is commonly used. • Azure has several options – Customdata script if the image implements Cloud-Init » Script changes will cause re-creation of the VM! – Implement a VM Extension » there are Custom Script extensions for Windows and Linux ©2020 Derek C. Ashmore, All Rights Reserved 20
Virtual Machines (con’t) – Automation for VMs often include • NIC creation • NIC Log Analytics configuration • VM Extensions for – Domain joins – Log Analytics configuration – Bootstrap custom scripts ©2020 Derek C. Ashmore, All Rights Reserved 21
Storage Terms ©2020 Derek C. Ashmore, All Rights Reserved 22 AWS Terms Azure Terms EBS Volume Data Disk S3 Bucket Blob Storage EFS File Storage S3 Object Container Glacier Archive Blob Storage SQS** Queue Storage DynamoDB** Table Storage Identical Terms Key ** - AWS considers SQS and DynamoDB separate services while Azure considers them a “storage” construct.
Security – Azure has IAM policies too • Azure IAM Policies can affect change! – Examples from the field » Install VM Extensions » Install Log Analytics • Policies are assigned to – Organizations – Subscriptions – Resource Groups • Policies are not assigned to roles or users as in AWS – Azure has Principals too • Active Directory Constructs – User and Group • Azure Service Constructs – Service Principals, Managed Identities – Azure has Roles too • Roles are assigned to principals • Many Azure-defined roles provided ©2020 Derek C. Ashmore, All Rights Reserved 23
Security (con’t) – Azure does VM security differently • No IAM roles for VMs as with AWS • VMs can be assigned one Managed Identity – Managed identities are then assigned IAM privileges – Managed identities can be assigned to multiple VMs – Trend toward policies that Audit only • Policies that install software on VMs have complications – Software is often O/S specific » Policies are replete with image name conditions to determine O/S » Policies frequently miss new images and are not properly applied – Error messages are often not easy to debug – Custom scripts (bash or PowerShell) are easier to maintain ©2020 Derek C. Ashmore, All Rights Reserved 24
PaaS Database Options ©2020 Derek C. Ashmore, All Rights Reserved 25 Database Type Serverless AWS Database Dialects Azure Database Dialects Relational No Microsoft SQL Server Microsoft SQL Server No MySQL MySQL No PostgreSQL PostgreSQL No MariaDB MariaDB No Oracle Both Aurora** NoSQL Yes DynamoDB** Table Storage** Yes Cassandra (Cosmos DB) Yes MongoDB (Cosmos DB) Yes Gremlin (Cosmos DB) ** - Cloud-specific database types.
Application Delivery ©2020 Derek C. Ashmore, All Rights Reserved 26 • Azure CDN • Publishes static content using edge locations • Static content can reside in storage accounts (like S3 buckets) • Azure Application Gateway • Publishes dynamic content • WAF service available • Azure Active Directory • Provides security
Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 27
Automation – AWS CloudFormation Template == Azure ARM Template • ARM Templates exclusively Json • Azure Console exports ARM templates for most constructs – Common ARM template creation tactic » Create the object you want a template for using the Console » On the last step before creation, you’ll be given an opportunity to export an ARM template for what you’re trying to create » Genericize that exported ARM template and execute using PowerShell » Do Not create from scratch manually! – Terraform works well, but sometimes lags behind on new features • It’s rare, but sometimes Terraform is required to execute an ARM template for new features ©2020 Derek C. Ashmore, All Rights Reserved 28
Automation (con’t) – Use Managed Identities for your pipeline agents • Similar to granting AWS IAM instance roles to your pipeline agents • Service Principals are less secure due to its use of OAUTH and OAUTH credentials – The Azure Security Center will want all Resource Groups to have a delete lock • Terraform shops will find this inconvenient ©2020 Derek C. Ashmore, All Rights Reserved 29
Logging and Monitoring ©2020 Derek C. Ashmore, All Rights Reserved 30 • Azure Log Analytics • Receives event and metrics • Can alert on specific conditions • Event and metric generation must be specifically configured • AWS Cloudwatch • Instances configured for application-level log files • Most services just require IAM privileges for logging
High-level Observations – Azure encourages manual use of the console • Azure makes "clicky-clicky" easy – Some tasks can only be done using the console • Take from the field: Individual disk restore – New features arrive in the console first • SDKs get new features later • DevOps people will learn Powershell and ARM templates – Sometimes no other way – AWS implements “Eat your own Dog Food” • SDK and Cli are first class citizens – Percentage of features integrated with Active Directory • Beefing up A/D skills was required for me • Playing with some features requires A/D setup unlike AWS ©2020 Derek C. Ashmore, All Rights Reserved 31
Knowledge Acquisition Tactics – Adopt a mentor • Somebody experienced in the space at an SA level • Understand the paradigm shifts before you criticize – Target concepts you need first • Like AWS, Azure is too vast to learn soup-to-nuts immediately – For non-sensical errors in automation • Attempt the same action using the console • Often the errors on the console are clearer than what’s reported by the underlying API ©2020 Derek C. Ashmore, All Rights Reserved 32
Further Reading • This slide deck – https://www.slideshare.net/derekashmore/presentations • Azure for AWS Professionals – https://docs.microsoft.com/en-us/azure/architecture/aws-professional/ • AWS to Azure Services Comparison – https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services ©2020 Derek C. Ashmore, All Rights Reserved 33
Questions? • Derek Ashmore: – Blog: www.derekashmore.com – LinkedIn: www.linkedin.com/in/derekashmore • Connect Invites from attendees welcome – Twitter: https://twitter.com/Derek_Ashmore – GitHub: https://github.com/Derek-Ashmore – Book: http://dvtpress.com/ ©2020 Derek C. Ashmore, All Rights Reserved 34

Recommended

VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
Amazon Web Services
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
 
Citrix with Microsoft EMS
Citrix with Microsoft EMSCitrix with Microsoft EMS
Citrix with Microsoft EMS
Marius Sandbu
 
Vmware on aws
Vmware on awsVmware on aws
Vmware on aws
Idan Tohami
 
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
Amazon Web Services
 
Netscaler and system center
Netscaler and system centerNetscaler and system center
Netscaler and system center
Marius Sandbu
 
Iaas paas saas
Iaas paas saasIaas paas saas
Iaas paas saas
survivalinstincts
 
ENT307 VMware and AWS Together - VMware Cloud on AWS
ENT307 VMware and AWS Together - VMware Cloud on AWSENT307 VMware and AWS Together - VMware Cloud on AWS
ENT307 VMware and AWS Together - VMware Cloud on AWS
Amazon Web Services
 

Recommended

VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
VMware Cloud on AWS: Networking and Storage Best Practices - AWS Online Tech ...
Amazon Web Services
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
 
Citrix with Microsoft EMS
Citrix with Microsoft EMSCitrix with Microsoft EMS
Citrix with Microsoft EMS
Marius Sandbu
 
Vmware on aws
Vmware on awsVmware on aws
Vmware on aws
Idan Tohami
 
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
VMware Cloud on AWS Technical Deep Dive - ENT303 - re:Invent 2017
Amazon Web Services
 
Netscaler and system center
Netscaler and system centerNetscaler and system center
Netscaler and system center
Marius Sandbu
 
Iaas paas saas
Iaas paas saasIaas paas saas
Iaas paas saas
survivalinstincts
 
ENT307 VMware and AWS Together - VMware Cloud on AWS
ENT307 VMware and AWS Together - VMware Cloud on AWSENT307 VMware and AWS Together - VMware Cloud on AWS
ENT307 VMware and AWS Together - VMware Cloud on AWS
Amazon Web Services
 
Integrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWSIntegrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWS
Amazon Web Services
 
VMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPTVMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPT
Amazon Web Services
 
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
Amazon Web Services
 
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Amazon Web Services
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
Amazon Web Services
 
Migrate to WVD and Beyond
Migrate to WVD and BeyondMigrate to WVD and Beyond
Migrate to WVD and Beyond
Marius Sandbu
 
Azure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaAzure with citrix by bipeen sinha
Azure with citrix by bipeen sinha
Bipeen Sinha
 
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Amazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
Amazon Web Services
 
深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service 深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service
Amazon Web Services
 
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated HostsAWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
Amazon Web Services
 
AWS-compared-to-OpenStack
AWS-compared-to-OpenStackAWS-compared-to-OpenStack
AWS-compared-to-OpenStack
Jonathan Gershater
 
Cisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stackCisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stack
Aymen Mami
 
State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User Computing
Marius Sandbu
 
VMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWSVMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWS
Kristana Kane
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
Amazon Web Services
 
VMware Cloud on AWS for Newbies
VMware Cloud on AWS for NewbiesVMware Cloud on AWS for Newbies
VMware Cloud on AWS for Newbies
Faction
 
ChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China OverviewChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud
 
VMWare on AWS
VMWare on AWSVMWare on AWS
VMWare on AWS
Amazon Web Services
 
Introduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWSIntroduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWS
Amazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsWIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
Amazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
Amazon Web Services
 

More Related Content

What's hot

Integrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWSIntegrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWS
Amazon Web Services
 
VMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPTVMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPT
Amazon Web Services
 
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
Amazon Web Services
 
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Amazon Web Services
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
Amazon Web Services
 
Migrate to WVD and Beyond
Migrate to WVD and BeyondMigrate to WVD and Beyond
Migrate to WVD and Beyond
Marius Sandbu
 
Azure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaAzure with citrix by bipeen sinha
Azure with citrix by bipeen sinha
Bipeen Sinha
 
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Amazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
Amazon Web Services
 
深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service 深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service
Amazon Web Services
 
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated HostsAWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
Amazon Web Services
 
AWS-compared-to-OpenStack
AWS-compared-to-OpenStackAWS-compared-to-OpenStack
AWS-compared-to-OpenStack
Jonathan Gershater
 
Cisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stackCisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stack
Aymen Mami
 
State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User Computing
Marius Sandbu
 
VMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWSVMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWS
Kristana Kane
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
Amazon Web Services
 
VMware Cloud on AWS for Newbies
VMware Cloud on AWS for NewbiesVMware Cloud on AWS for Newbies
VMware Cloud on AWS for Newbies
Faction
 
ChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China OverviewChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud
 
VMWare on AWS
VMWare on AWSVMWare on AWS
VMWare on AWS
Amazon Web Services
 
Introduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWSIntroduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWS
Amazon Web Services
 

What's hot (20)

Integrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWSIntegrating with VMware Cloud on AWS
Integrating with VMware Cloud on AWS
 
VMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPTVMware on AWS A Technical Deep Dive PPT
VMware on AWS A Technical Deep Dive PPT
 
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
 
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
Transform Your Business with VMware Cloud on AWS, an Integrated Hybrid Approa...
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
 
Migrate to WVD and Beyond
Migrate to WVD and BeyondMigrate to WVD and Beyond
Migrate to WVD and Beyond
 
Azure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaAzure with citrix by bipeen sinha
Azure with citrix by bipeen sinha
 
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
Architecting Microsoft Applications with VMware on AWS - WIN305 - re:Invent 2017
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
 
深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service 深入淺出 Amazon Database Migration Service
深入淺出 Amazon Database Migration Service
 
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated HostsAWS December 2015 Webinar Series - EC2 Dedicated Hosts
AWS December 2015 Webinar Series - EC2 Dedicated Hosts
 
AWS-compared-to-OpenStack
AWS-compared-to-OpenStackAWS-compared-to-OpenStack
AWS-compared-to-OpenStack
 
Cisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stackCisco integrated system for microsoft azure stack
Cisco integrated system for microsoft azure stack
 
State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User Computing
 
VMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWSVMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWS
 
VMware Cloud on AWS
VMware Cloud on AWSVMware Cloud on AWS
VMware Cloud on AWS
 
VMware Cloud on AWS for Newbies
VMware Cloud on AWS for NewbiesVMware Cloud on AWS for Newbies
VMware Cloud on AWS for Newbies
 
ChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China OverviewChinaNetCloud - Public Clouds in China Overview
ChinaNetCloud - Public Clouds in China Overview
 
VMWare on AWS
VMWare on AWSVMWare on AWS
VMWare on AWS
 
Introduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWSIntroduction to VMware Cloud on AWS
Introduction to VMware Cloud on AWS
 

Similar to An Azure Primer for the AWS Solution Architect - DevOps West 2020

WIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsWIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
Amazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
Amazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
Amazon Web Services
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-Practices
Amazon Web Services
 
Citrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudCitrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public Cloud
Marius Sandbu
 
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
Derek Ashmore
 
Running SQL Server on AWS | John McCormack | DataGrillen 2019
Running SQL Server on AWS | John McCormack | DataGrillen 2019Running SQL Server on AWS | John McCormack | DataGrillen 2019
Running SQL Server on AWS | John McCormack | DataGrillen 2019
John McCormack
 
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
Derek Ashmore
 
AWS for VMware Admins
AWS for VMware AdminsAWS for VMware Admins
AWS for VMware Admins
Amazon Web Services
 
AWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na NuvemAWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na Nuvem
Amazon Web Services LATAM
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS Services
Amazon Web Services
 
V cloud director 5.1 what's new overview technical presentation
V cloud director 5.1 what's new overview technical presentationV cloud director 5.1 what's new overview technical presentation
V cloud director 5.1 what's new overview technical presentation
solarisyourep
 
Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure
Marius Sandbu
 
AWS re:Invent 2016: Host a massively scalable website around the world for a ...
AWS re:Invent 2016: Host a massively scalable website around the world for a ...AWS re:Invent 2016: Host a massively scalable website around the world for a ...
AWS re:Invent 2016: Host a massively scalable website around the world for a ...
Amazon Web Services
 
Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services
Amazon Web Services
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp
 
Enterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesEnterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best Practices
David Veksler
 
Developing saas application in azure
Developing saas application in azureDeveloping saas application in azure
Developing saas application in azure
Vinod Wilson
 
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWSGPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
Amazon Web Services
 
Perth Azure Usergroup Build 2018 updates
Perth Azure Usergroup Build 2018 updatesPerth Azure Usergroup Build 2018 updates
Perth Azure Usergroup Build 2018 updates
Nirmal Thewarathanthri
 

Similar to An Azure Primer for the AWS Solution Architect - DevOps West 2020 (20)

WIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS RegionsWIN302-Deep Dive on Active Directory From One to Many AWS Regions
WIN302-Deep Dive on Active Directory From One to Many AWS Regions
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-Practices
 
Citrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudCitrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public Cloud
 
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
AWS Lambda: Best Practices and Common Mistakes - Chicago Cloud Conference 2020
 
Running SQL Server on AWS | John McCormack | DataGrillen 2019
Running SQL Server on AWS | John McCormack | DataGrillen 2019Running SQL Server on AWS | John McCormack | DataGrillen 2019
Running SQL Server on AWS | John McCormack | DataGrillen 2019
 
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
AWS Lambda Deployments: Best Practices and Common Mistakes O'Reilly Software...
 
AWS for VMware Admins
AWS for VMware AdminsAWS for VMware Admins
AWS for VMware Admins
 
AWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na NuvemAWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na Nuvem
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS Services
 
V cloud director 5.1 what's new overview technical presentation
V cloud director 5.1 what's new overview technical presentationV cloud director 5.1 what's new overview technical presentation
V cloud director 5.1 what's new overview technical presentation
 
Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure
 
AWS re:Invent 2016: Host a massively scalable website around the world for a ...
AWS re:Invent 2016: Host a massively scalable website around the world for a ...AWS re:Invent 2016: Host a massively scalable website around the world for a ...
AWS re:Invent 2016: Host a massively scalable website around the world for a ...
 
Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
 
Enterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesEnterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best Practices
 
Developing saas application in azure
Developing saas application in azureDeveloping saas application in azure
Developing saas application in azure
 
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWSGPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
 
Perth Azure Usergroup Build 2018 updates
Perth Azure Usergroup Build 2018 updatesPerth Azure Usergroup Build 2018 updates
Perth Azure Usergroup Build 2018 updates
 

Recently uploaded

Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

An Azure Primer for the AWS Solution Architect - DevOps West 2020

  • 1. An Azure Primer for the AWS Solution Architect Given by Derek C. Ashmore DevOps West 2020 June 10, 2020 ©2020 Derek C. Ashmore, All Rights Reserved 1
  • 2. Who am I? • Professional Geek since 1987 • Java/J2EE/Java EE since 1999 • AWS since 2010 • Azure since 2017 • Specialties • Application Transformation • Infrastructure Automation • Yes – I still code! ©2020 Derek C. Ashmore, All Rights Reserved 2
  • 3. Discussion Resources • This slide deck – https://www.slideshare.net/derekashmore/presentations • Sample code on my Github – https://github.com/Derek-Ashmore/ • Slide deck has hyper-links! – Don’t bother writing down URLs ©2020 Derek C. Ashmore, All Rights Reserved 3
  • 4. Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 4
  • 5. Audience LevelSet • You are an AWS Professional – Solution Architect, DevOps – AWS Cli and/or SDK literate • You need to come up to speed on Azure • Azure is a paradigm shift – Term to term mapping will only get you so far • I follow the money! – I’m technology agnostic – I’ve seen more Azure adoption than AWS lately ©2020 Derek C. Ashmore, All Rights Reserved 5
  • 6. Basic Terms for Services ©2020 Derek C. Ashmore, All Rights Reserved 6 AWS Terms Azure Terms VPC Virtual Network (Vnet) EC2 Instance Virtual Machine (VM) CloudWatch Log Analytics Account Subscription Lambda Function API Gateway API Management S3 Storage Account Key Vault Secrets Manager RDS Azure Database CloudFormation Azure Resource Manager (ARM)
  • 7. Resource Groups – Azure Resource Groups are a grouping of Azure assets of any type • Frequently used to categorize assets per application – Deleting a Resource Group will delete all assets belonging to it. – Resource Groups often mapped to an Active Directory group and tied to console privileges – Resource groups commonly used for core concerns • Applications tend to have a specific resource group • Networking, Security, and other infrastructure concerns tend to have resource groups ©2020 Derek C. Ashmore, All Rights Reserved 7
  • 8. Resource Groups ©2020 Derek C. Ashmore, All Rights Reserved 8 • Separating Resources • Management Support • Common Services • Logging • Alerting • CI/CD Agents • Applications • Additional Applications are expected • Additional Common Services can be added
  • 9. Management Groups and Subscriptions ©2020 Derek C. Ashmore, All Rights Reserved 9 AWS Terms Azure Terms Organization Management Group Account Subscription
  • 10. Management Groups and Subscriptions ©2020 Derek C. Ashmore, All Rights Reserved 10
  • 11. Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 11
  • 12. Networking Terms ©2020 Derek C. Ashmore, All Rights Reserved 12 AWS Terms Azure Terms VPC Virtual Network (Vnet) Instance Virtual Machine Security Group Network Security Group (NSG) Elastic Network Interface (ENI) Network Interface (Nic) Route53 Azure DNS Direct Connect Express Route Identical Terms Subnet Route Table Flow logs Region Peering Subnet Availability Zone
  • 13. Networking Overview – Azure Virtual Network (Vnets) == AWS VPC • They can be peered • No transitive peering • Have DNS and DHCP configuration options • Have world-wide regional options – Azure Vnet Peering includes routing • Fewer explicit route tables – Azure Vnets contain subnets • The distinction between public and private subnets not as relevant in Azure – There’s nothing to put in them as public load balancers don’t work the same way. – The Azure Application Gateway / WAF requires a dedicated subnet • Availability Zones are not attached to subnets. – Region Service AZ Cross Reference – Very new concept to Azure ©2020 Derek C. Ashmore, All Rights Reserved 13
  • 14. Network Security Groups – NSGs are Roughly like AWS Instance Security Groups • Like AWS, NSG rules have a priority and are stateful – One NSG per VM NIC or subnet • No multiple assignments like AWS – NSG rules cannot reference other NSGs! • In AWS, Security group rules can allow inbound/outbound traffic to specific security group members. • This makes AWS Security groups generic – Azure Application Security Groups (ASG) are intended to fill that gap • ASGs are a label for a set of IP Addresses that can be used in NSG rules • ASGs appear to be seldom used in practice ©2020 Derek C. Ashmore, All Rights Reserved 14
  • 15. NSG Example ©2020 Derek C. Ashmore, All Rights Reserved 15
  • 16. Connection Troubleshooter – Enter two IP Addresses and a port • Troubleshooter will identify the NSG rule prohibiting traffic – Avoids the issue of hunting flow logs to figure out why VMs can’t communicate ©2020 Derek C. Ashmore, All Rights Reserved 16
  • 17. NSG Handling Patterns – Azure NSGs do tend to be more application specific • Lack of multiple NSG assignments make them less re-usable than AWS – Tend to rely on Automation to apply common rules to NSGs • While you can’t as easily re-use NSG rules, you can automate the “copy” – Trend toward assigning NSGs to subnets rather than VM Nics • Reduces the number of assignments • Causes trend to application-specific subnets. – Azure Professionals often refer to NSGs as “Firewalls” • Firewall devices more likely not to be used in Azure ©2020 Derek C. Ashmore, All Rights Reserved 17
  • 18. Compute Terms ©2020 Derek C. Ashmore, All Rights Reserved 18 AWS Terms Azure Terms Instance Virtual Machine (VM) CloudWatch Log Analytics Instance Type VM Size EBS Volume Data Disk Autoscaling VM Scale Sets User Data Custom Data Application Load Balancer Application Gateway VM Extension Availability Set Identical Terms Subnet Route Table Flow logs Region Load Balancer Snapshot Image** ** - AWS Images are different than Azure Images: Same label, but different construct
  • 19. Virtual Machines – Azure Virtual Machines == AWS Instances • Numerous sizes, types, and pricing • Placed in subnets • On demand, spot, and reserved pricing options • Load balancing and autoscaling support • Robust Marketplace for images – Azure images are generalized • Not a backup as in AWS • Snapshots of underlying disks needed to restore ©2020 Derek C. Ashmore, All Rights Reserved 19
  • 20. Virtual Machines (con’t) – Azure makes VM Backups and Recoveries easy • Backups are centrally scheduled and managed • Recoveries are a very simple action • AWS Backup launched as a direct response – Installing software on VMs • In AWS, userdata script is commonly used. • Azure has several options – Customdata script if the image implements Cloud-Init » Script changes will cause re-creation of the VM! – Implement a VM Extension » there are Custom Script extensions for Windows and Linux ©2020 Derek C. Ashmore, All Rights Reserved 20
  • 21. Virtual Machines (con’t) – Automation for VMs often include • NIC creation • NIC Log Analytics configuration • VM Extensions for – Domain joins – Log Analytics configuration – Bootstrap custom scripts ©2020 Derek C. Ashmore, All Rights Reserved 21
  • 22. Storage Terms ©2020 Derek C. Ashmore, All Rights Reserved 22 AWS Terms Azure Terms EBS Volume Data Disk S3 Bucket Blob Storage EFS File Storage S3 Object Container Glacier Archive Blob Storage SQS** Queue Storage DynamoDB** Table Storage Identical Terms Key ** - AWS considers SQS and DynamoDB separate services while Azure considers them a “storage” construct.
  • 23. Security – Azure has IAM policies too • Azure IAM Policies can affect change! – Examples from the field » Install VM Extensions » Install Log Analytics • Policies are assigned to – Organizations – Subscriptions – Resource Groups • Policies are not assigned to roles or users as in AWS – Azure has Principals too • Active Directory Constructs – User and Group • Azure Service Constructs – Service Principals, Managed Identities – Azure has Roles too • Roles are assigned to principals • Many Azure-defined roles provided ©2020 Derek C. Ashmore, All Rights Reserved 23
  • 24. Security (con’t) – Azure does VM security differently • No IAM roles for VMs as with AWS • VMs can be assigned one Managed Identity – Managed identities are then assigned IAM privileges – Managed identities can be assigned to multiple VMs – Trend toward policies that Audit only • Policies that install software on VMs have complications – Software is often O/S specific » Policies are replete with image name conditions to determine O/S » Policies frequently miss new images and are not properly applied – Error messages are often not easy to debug – Custom scripts (bash or PowerShell) are easier to maintain ©2020 Derek C. Ashmore, All Rights Reserved 24
  • 25. PaaS Database Options ©2020 Derek C. Ashmore, All Rights Reserved 25 Database Type Serverless AWS Database Dialects Azure Database Dialects Relational No Microsoft SQL Server Microsoft SQL Server No MySQL MySQL No PostgreSQL PostgreSQL No MariaDB MariaDB No Oracle Both Aurora** NoSQL Yes DynamoDB** Table Storage** Yes Cassandra (Cosmos DB) Yes MongoDB (Cosmos DB) Yes Gremlin (Cosmos DB) ** - Cloud-specific database types.
  • 26. Application Delivery ©2020 Derek C. Ashmore, All Rights Reserved 26 • Azure CDN • Publishes static content using edge locations • Static content can reside in storage accounts (like S3 buckets) • Azure Application Gateway • Publishes dynamic content • WAF service available • Azure Active Directory • Provides security
  • 27. Agenda General Overview Basics (Networking / Compute / Security / Application Delivery) Support (Automation / Logging / Monitoring) Summary / Q&A ©2020 Derek C. Ashmore, All Rights Reserved 27
  • 28. Automation – AWS CloudFormation Template == Azure ARM Template • ARM Templates exclusively Json • Azure Console exports ARM templates for most constructs – Common ARM template creation tactic » Create the object you want a template for using the Console » On the last step before creation, you’ll be given an opportunity to export an ARM template for what you’re trying to create » Genericize that exported ARM template and execute using PowerShell » Do Not create from scratch manually! – Terraform works well, but sometimes lags behind on new features • It’s rare, but sometimes Terraform is required to execute an ARM template for new features ©2020 Derek C. Ashmore, All Rights Reserved 28
  • 29. Automation (con’t) – Use Managed Identities for your pipeline agents • Similar to granting AWS IAM instance roles to your pipeline agents • Service Principals are less secure due to its use of OAUTH and OAUTH credentials – The Azure Security Center will want all Resource Groups to have a delete lock • Terraform shops will find this inconvenient ©2020 Derek C. Ashmore, All Rights Reserved 29
  • 30. Logging and Monitoring ©2020 Derek C. Ashmore, All Rights Reserved 30 • Azure Log Analytics • Receives event and metrics • Can alert on specific conditions • Event and metric generation must be specifically configured • AWS Cloudwatch • Instances configured for application-level log files • Most services just require IAM privileges for logging
  • 31. High-level Observations – Azure encourages manual use of the console • Azure makes "clicky-clicky" easy – Some tasks can only be done using the console • Take from the field: Individual disk restore – New features arrive in the console first • SDKs get new features later • DevOps people will learn Powershell and ARM templates – Sometimes no other way – AWS implements “Eat your own Dog Food” • SDK and Cli are first class citizens – Percentage of features integrated with Active Directory • Beefing up A/D skills was required for me • Playing with some features requires A/D setup unlike AWS ©2020 Derek C. Ashmore, All Rights Reserved 31
  • 32. Knowledge Acquisition Tactics – Adopt a mentor • Somebody experienced in the space at an SA level • Understand the paradigm shifts before you criticize – Target concepts you need first • Like AWS, Azure is too vast to learn soup-to-nuts immediately – For non-sensical errors in automation • Attempt the same action using the console • Often the errors on the console are clearer than what’s reported by the underlying API ©2020 Derek C. Ashmore, All Rights Reserved 32
  • 33. Further Reading • This slide deck – https://www.slideshare.net/derekashmore/presentations • Azure for AWS Professionals – https://docs.microsoft.com/en-us/azure/architecture/aws-professional/ • AWS to Azure Services Comparison – https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services ©2020 Derek C. Ashmore, All Rights Reserved 33
  • 34. Questions? • Derek Ashmore: – Blog: www.derekashmore.com – LinkedIn: www.linkedin.com/in/derekashmore • Connect Invites from attendees welcome – Twitter: https://twitter.com/Derek_Ashmore – GitHub: https://github.com/Derek-Ashmore – Book: http://dvtpress.com/ ©2020 Derek C. Ashmore, All Rights Reserved 34