This document provides an overview and agenda for an AWS training course. It introduces AWS services like S3, EBS, EC2 and provides learning objectives for modules on AWS storage, compute and networking, managed services, and deployment and management. Contact information is also provided for questions about the course content or AWS in general.
SEC101 A Guided Tour of AWS Identity and Access Management - AWS re: Invent…Amazon Web Services
Learn what AWS Identity and Access Management (IAM) technologies are available for you to manage users and their access to your AWS environment. We present a high level discussion of the benefits and functionality IAM provides to control secure access to your AWS environment. We discuss how you can manage users and their permissions when using IAM, how roles makes it simpler for you delegate access, and how to use Multi-Factor Authentication (MFA) to require additional proof of identity.
CIS13: AWS Identity and Access ManagementCloudIDSummit
Jim Scharf, Director, AWS Identity and Access Management, Amazon
Amazon Web Services customers include students, startups, mobile developers, enterprises and government agencies. Learn how AWS Identity and Access Management provides access control for trillions of cloud resources.
Identify and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Ireferred AWS official study guide for AWS solution architecture that is just summary so if you wanna take the certificate, so please study by an official guide
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
SEC101 A Guided Tour of AWS Identity and Access Management - AWS re: Invent…Amazon Web Services
Learn what AWS Identity and Access Management (IAM) technologies are available for you to manage users and their access to your AWS environment. We present a high level discussion of the benefits and functionality IAM provides to control secure access to your AWS environment. We discuss how you can manage users and their permissions when using IAM, how roles makes it simpler for you delegate access, and how to use Multi-Factor Authentication (MFA) to require additional proof of identity.
CIS13: AWS Identity and Access ManagementCloudIDSummit
Jim Scharf, Director, AWS Identity and Access Management, Amazon
Amazon Web Services customers include students, startups, mobile developers, enterprises and government agencies. Learn how AWS Identity and Access Management provides access control for trillions of cloud resources.
Identify and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Ireferred AWS official study guide for AWS solution architecture that is just summary so if you wanna take the certificate, so please study by an official guide
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
Our experts will guide you in setting up and understanding these Security Week pre-requisites:
- AWS Management Console: facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, or even setting up new IAM Users.
- AWS Command Line Interface (CLI): an open source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration, you can start using all of the functionality provided by the AWS Management Console from your favorite terminal program.
- Boto3: the AWS SDK for Python. Boto3 makes it easy to integrate your Python application, library, or script with AWS services including Amazon S3, Amazon EC2, Amazon DynamoDB, and more.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
This workshop is an introduction to security-related services on AWS. We will discuss security services on AWS and also walk through how to import third-party security solutions from the AWS marketplace. This Workshop will include a demo and some customer case studies.
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
Learn how AWS IAM enables you to control who can do what in your AWS environment. We discuss how IAM provides flexible access control that helps you maintain security while adapting to your evolving business needs. Wel review how to integrate AWS IAM with your existing identity directories via identity federation. We outline some of the unique challenges that make providing IAM for the cloud a little different. And throughout the presentation, we highlight recent features that make it even easier to manage the security of your workloads on the cloud.
AWS Certified Solutions Architect Professional Course S6-S9Neal Davis
This deck contains the slides from our AWS Certified Solutions Architect Professional video course. It covers:
Section 6 Hybrid Connectivity
Section 7 Compute, Auto Scaling, and Load Balancing
Section 8 AWS Storage Services
Section 9 DNS, Caching, and Performance Optimization
Full course can be found here: https://digitalcloud.training/courses/aws-certified-solutions-architect-professional-video-course/
AWS Certified Solutions Architect Professional Course S1-S5Neal Davis
This deck contains the slides from section 1 to section 5 in our AWS Certified Solutions Architect video course. It covers:
Section 1 Intro (no slides)
Section 2 AWS Accounts and Organizations
Section 3 Identity Management and Permissions
Section 4- AWS Directory Services and Federation
Section 5 - Advanced Amazon VPC
Full course can be found here: https://digitalcloud.training/courses/aws-certified-solutions-architect-professional-video-course/
After IAM you want to have Detective Controls in place to have visibility your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
by Ron Cully, Product Management Manager,
AWS Active Directory (AD) is essential for Windows workloads in the cloud. AWS offers customers multiple ways to integrate AD with cloud workloads like EC2, RDS, and AWS Enterprise Applications: AWS Directory Service for Microsoft Active Directory (Enterprise Edition) as a managed service and Active Directory running on AWS EC2 Windows instances. Which option is right for you? This session will discuss the key deployment considerations for each option to help you identify which best meets your project goals, and the effort involved. The session will cover options for integrating with your on-premises directory, port and security considerations, application considerations, and best practices. Level 200
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework provides a framework for maturation via a structured program that incorporates best practices and processes for define, build and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice and follow with an afternoon agenda that will dive deep in each of the individual core topics.
Datensicherheit mit AWS - AWS Security Web DayAWS Germany
Vortrag "Datensicherheit mit AWS" von Bertram Dorn beim AWS Security Web Day 2016. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1NFtR5P
Dieser Vortrag bietet Ihnen eine Übersicht über mögliche Leistungsmerkmale und Optionen von Amazon Web Services, mit denen Ihre Daten gesichert werden können. Die AWS Dienste folgen spezifischen Bauplänen auf Basis von Regionen und Verfügbarkeitszonen. Das Verstehen dieser Baupläne ermöglicht es Ihnen, die richtige Wahl zu treffen, um erfolgreich Anwendungen auf AWS laufen zu lassen. Auch existieren verschiedenste Optionen welche von AWS zur Sicherung der Anwendungen empfohlen werden. Der Vortrag wird einen Überblick über diese Optionen geben und einige bewährte Verfahren im Bereich Verschlüsselung und AWS-Konto-Verwaltung beschreiben.
Bootstrapping a Solution Design in the Cloud - Session Sponsored by AjilonAmazon Web Services
AWS Summit 2014 Perth - Breakout 2
The cloud is an incredibly flexible resource with the potential to change the dynamics of project delivery - even for projects that will not run in production in the cloud.
Learn how to manage project technical risk and control project dependencies by proving an architecture in the cloud.
We will describe how we leveraged Amazon Web Services to solve a range of complicated deployment puzzles to get the approval of the client's infrastructure and security team without waiting for them or depending on them.
Drawing on our experience using the cloud to architect a Microsoft Dynamics CRM solution with a fine grained security model federated across seventeen local divisions and integrated with the SAS platform this talk will help you understand the use of cloud services to emulate deployments that are complicated because of network topologies, security requirements, and platform dependencies.
Presenter: Ross Kendle, National Competency Lead - Architecture & Bruce Mcdonald, Cloud Evangelist, Ajilon Australia
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKsAmazon Web Services
Businesses around the world are running the infrastructure that supports their websites and mobile applications in the cloud to lower costs, improve time-to-market, and enable rapid scalability. Join this webinar to learn how the AWS Mobile Services and Javascript SDKs make it easy to leverage the power of AWS to provide consistent user state across devices and platforms, authenticate users via public and private login providers, and to grant controlled access to AWS services and features right from your mobile or web application. Using a simple media application we will demonstrate how you can upload, store, repurpose and deliver content with Amazon S3, Amazon CloudFront and Amazon Elastic Transcoder, make efficient use of Amazon DynamoDB, take advantage of Amazon SQS to decouple your application workflow and to send push notifications to mobile devices via Amazon SNS.
Reasons to attend:
- Learn how you can deliver websites and applications that share state across platforms and devices, using Amazon Elastic Beanstalk and Amazon Cognito.
- Learn how to leverage the content repurposing, storage and delivery capabilities of Amazon Elastic Transcoder, Amazon S3 and Amazon CloudFront.
- Learn how to use the AWS Mobile and Javascript SDKs to create applications that manage media.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
Our experts will guide you in setting up and understanding these Security Week pre-requisites:
- AWS Management Console: facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, or even setting up new IAM Users.
- AWS Command Line Interface (CLI): an open source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration, you can start using all of the functionality provided by the AWS Management Console from your favorite terminal program.
- Boto3: the AWS SDK for Python. Boto3 makes it easy to integrate your Python application, library, or script with AWS services including Amazon S3, Amazon EC2, Amazon DynamoDB, and more.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
This workshop is an introduction to security-related services on AWS. We will discuss security services on AWS and also walk through how to import third-party security solutions from the AWS marketplace. This Workshop will include a demo and some customer case studies.
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
Learn how AWS IAM enables you to control who can do what in your AWS environment. We discuss how IAM provides flexible access control that helps you maintain security while adapting to your evolving business needs. Wel review how to integrate AWS IAM with your existing identity directories via identity federation. We outline some of the unique challenges that make providing IAM for the cloud a little different. And throughout the presentation, we highlight recent features that make it even easier to manage the security of your workloads on the cloud.
AWS Certified Solutions Architect Professional Course S6-S9Neal Davis
This deck contains the slides from our AWS Certified Solutions Architect Professional video course. It covers:
Section 6 Hybrid Connectivity
Section 7 Compute, Auto Scaling, and Load Balancing
Section 8 AWS Storage Services
Section 9 DNS, Caching, and Performance Optimization
Full course can be found here: https://digitalcloud.training/courses/aws-certified-solutions-architect-professional-video-course/
AWS Certified Solutions Architect Professional Course S1-S5Neal Davis
This deck contains the slides from section 1 to section 5 in our AWS Certified Solutions Architect video course. It covers:
Section 1 Intro (no slides)
Section 2 AWS Accounts and Organizations
Section 3 Identity Management and Permissions
Section 4- AWS Directory Services and Federation
Section 5 - Advanced Amazon VPC
Full course can be found here: https://digitalcloud.training/courses/aws-certified-solutions-architect-professional-video-course/
After IAM you want to have Detective Controls in place to have visibility your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
by Ron Cully, Product Management Manager,
AWS Active Directory (AD) is essential for Windows workloads in the cloud. AWS offers customers multiple ways to integrate AD with cloud workloads like EC2, RDS, and AWS Enterprise Applications: AWS Directory Service for Microsoft Active Directory (Enterprise Edition) as a managed service and Active Directory running on AWS EC2 Windows instances. Which option is right for you? This session will discuss the key deployment considerations for each option to help you identify which best meets your project goals, and the effort involved. The session will cover options for integrating with your on-premises directory, port and security considerations, application considerations, and best practices. Level 200
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework provides a framework for maturation via a structured program that incorporates best practices and processes for define, build and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice and follow with an afternoon agenda that will dive deep in each of the individual core topics.
Datensicherheit mit AWS - AWS Security Web DayAWS Germany
Vortrag "Datensicherheit mit AWS" von Bertram Dorn beim AWS Security Web Day 2016. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1NFtR5P
Dieser Vortrag bietet Ihnen eine Übersicht über mögliche Leistungsmerkmale und Optionen von Amazon Web Services, mit denen Ihre Daten gesichert werden können. Die AWS Dienste folgen spezifischen Bauplänen auf Basis von Regionen und Verfügbarkeitszonen. Das Verstehen dieser Baupläne ermöglicht es Ihnen, die richtige Wahl zu treffen, um erfolgreich Anwendungen auf AWS laufen zu lassen. Auch existieren verschiedenste Optionen welche von AWS zur Sicherung der Anwendungen empfohlen werden. Der Vortrag wird einen Überblick über diese Optionen geben und einige bewährte Verfahren im Bereich Verschlüsselung und AWS-Konto-Verwaltung beschreiben.
Bootstrapping a Solution Design in the Cloud - Session Sponsored by AjilonAmazon Web Services
AWS Summit 2014 Perth - Breakout 2
The cloud is an incredibly flexible resource with the potential to change the dynamics of project delivery - even for projects that will not run in production in the cloud.
Learn how to manage project technical risk and control project dependencies by proving an architecture in the cloud.
We will describe how we leveraged Amazon Web Services to solve a range of complicated deployment puzzles to get the approval of the client's infrastructure and security team without waiting for them or depending on them.
Drawing on our experience using the cloud to architect a Microsoft Dynamics CRM solution with a fine grained security model federated across seventeen local divisions and integrated with the SAS platform this talk will help you understand the use of cloud services to emulate deployments that are complicated because of network topologies, security requirements, and platform dependencies.
Presenter: Ross Kendle, National Competency Lead - Architecture & Bruce Mcdonald, Cloud Evangelist, Ajilon Australia
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKsAmazon Web Services
Businesses around the world are running the infrastructure that supports their websites and mobile applications in the cloud to lower costs, improve time-to-market, and enable rapid scalability. Join this webinar to learn how the AWS Mobile Services and Javascript SDKs make it easy to leverage the power of AWS to provide consistent user state across devices and platforms, authenticate users via public and private login providers, and to grant controlled access to AWS services and features right from your mobile or web application. Using a simple media application we will demonstrate how you can upload, store, repurpose and deliver content with Amazon S3, Amazon CloudFront and Amazon Elastic Transcoder, make efficient use of Amazon DynamoDB, take advantage of Amazon SQS to decouple your application workflow and to send push notifications to mobile devices via Amazon SNS.
Reasons to attend:
- Learn how you can deliver websites and applications that share state across platforms and devices, using Amazon Elastic Beanstalk and Amazon Cognito.
- Learn how to leverage the content repurposing, storage and delivery capabilities of Amazon Elastic Transcoder, Amazon S3 and Amazon CloudFront.
- Learn how to use the AWS Mobile and Javascript SDKs to create applications that manage media.
(SPOT302) Under the Covers of AWS: Core Distributed Systems Primitives That P...Amazon Web Services
AWS and Amazon.com operate some of the world's largest distributed systems infrastructure and applications. In our past 18 years of operating this infrastructure, we have come to realize that building such large distributed systems to meet the durability, reliability, scalability, and performance needs of AWS requires us to build our services using a few common distributed systems primitives. Examples of these primitives include a reliable method to build consensus in a distributed system, reliable and scalable key-value store, infrastructure for a transactional logging system, scalable database query layers using both NoSQL and SQL APIs, and a system for scalable and elastic compute infrastructure.
In this session, we discuss some of the solutions that we employ in building these primitives and our lessons in operating these systems. We also cover the history of some of these primitives; DHTs, transactional logging, materialized views and various other deep distributed systems concepts; how their design evolved over time; and how we continue to scale them to AWS.
(APP204) NEW LAUNCH: Introduction to AWS Service Catalog | AWS re:Invent 2014Amazon Web Services
Running an IT department in a large organization is not easy. To provide your internal users with access to the latest and greatest technology so that they can be as efficient and as productive as possible needs to be balanced with the need to set and maintain corporate standards, collect and disseminate best practices, and provide some oversight to avoid runaway spending and technology sprawl. Introducing AWS Service Catalog, a service that allows end users in your organization to easily find and launch products using a personalized portal. You can manage catalogs of standardized offerings and control which users have access to which products, enabling compliance with business policies. Your organization can benefit from increased agility and reduced costs. Attend this session to be one of the first to learn about this new service.
APN Partner Webinar - Having Effective and Critical TCO ConversationsAmazon Web Services
Customers always want to understand how AWS cost models compare to other alternatives. Using the new AWS TCO Calculator, we will outline how AWS breaks down cost drivers when it educates customers who are evaluating cloud vs. looking at other models of computing: on-prem, virtualized, and co-lo. Discussion will also center on best practices to capture the true costs of these alternative computing approaches, and how to have meaningful customer conversations with respect to TCO.
• Learn: What is TCO and why it matters
• Understand: TCO evaluation Methodology used by AWS
• Hear: Best practices around TCO, demonstration of online TCO calculator
You can find the recording of this webinar here: http://youtu.be/BaPEf_f0N5U
(BAC307) The Cold Data Playbook: Building the Ultimate Archive Solution in Am...Amazon Web Services
"In this session we will present some of the key features of Glacier including security, durability and price. You will learn best practices for managing your cold data, including ingest, retrieval and security controls. We will also discuss how to optimize the storage, upload and retrieval costs and help you identify the most applicable workloads and recommend optimizations based on a few sample use cases.
"
SV Forum Platform Architecture SIG - Netflix Open Source PlatformAdrian Cockcroft
Architecture overview of Netflix Cloud Architecture with a focus on the Open Source components that Netflix has put and is planning to release on http://netflix.github.com
AWS Public Sector Symposium 2014 Canberra | Big Data in the Cloud: Accelerati...Amazon Web Services
The cloud not only helps organizations do things better, cheaper, and faster; it also drives breakthroughs that transform mission delivery. This session will feature a panel of international government and university leaders who are using the cloud to take on big data challenges, and innovating in the “white space” between data silos to deliver impact.
Designed presentation for final internship project as a Summer Intern at Ogilvy & Mather in New York City (2012). Challenged with developing a digitally-focused advertising campaign for client Castrol EDGE.
Amazon Elastic Compute Cloud (Amazon EC2) provides a broad selection of instance types to accommodate a diverse mix of workloads. In this technical session, we provide an overview of the Amazon EC2 instance platform, key platform features, and the concept of instance generations. We dive into the current generation design choices of the different instance families, including the General Purpose, Compute Optimized, Storage Optimized, Memory Optimized, and GPU instance families. We also detail best practices and share performance tips for getting the most out of your Amazon EC2 instances.
This was done as part of a coursework for the Business Model class at Heriot-Watt University.
It was used only in educational services.
I hope you enjoy it and learn something form it, because we certainly learned a lot.
In this workshop, we will provide you with an overview of AWS Security. We will dive deep into how to establish tight network security, introduce identity and access management capabilities and how to add additional layers of security to your data. We will also discuss the latest security innovations coming from AWS and how security systems at cloud scale.
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and will cover solutions for account structure, user configuration, provisioning, networking and operation automation. This solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and Amazon Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations. Additionally, Philips will explain their cloud journey and how they have applied their guiding principles when building their landing zone.
Most technology professionals know that the AWS cloud reduces the cost of running and maintaining traditional server infrastructure, as well as providing scalability on demand. Fewer know, however, that our platform meets the requirements of even the most security-conscious organizations, from financial services institutes to government departments.
To protect our customers, and to maintain your trust and confidence, AWS has created the shared responsibility security model. With this approach, we provide a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high-level services. We also provide a range of security services and features that you can use to secure your content and to meet your specific security requirements.
AWS provides a range of security services and features that AWS customers can use to secure their content and applications and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
View a recording of the webinar based on this presentation on YouTube here: http://youtu.be/rXPyGDWKHIo
Introduction to the AWS Shared Security Responsibility Model and some of the technical features and security processes that you can take advantage of to ensure that you applications are more secure in the AWS Cloud.
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
Presenter: Stephen Quigg, Principal APAC Security Solutions Architect, Amazon Web Services
This talk showcases the "best of the best" practices for operating securely at scale on AWS, taken from real customer examples. It introduces the AWS Security Best Practices whitepaper and covers a range of security recommendations for Identity and Access Management, Logging and Monitoring, Infrastructure Security, and Data Protection. It incorporates practical examples found in the Center for Internet Security’s CIS AWS Foundation and CIS AWS Three-Tier Web Architecture benchmarks. Come learn how to "Just Turn It On!"
Speakers:
Phil Rodrigues, Security Solutions Architect, Amazon Web Services
Michael Fuller, Principal Systems Engineer, Atlassian
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
Similar to Aw some day_essentials3.2ish_072214 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
7. Introduction to AWS | Overview
Module Overview
This module describes the history and fundamental elements of Amazon
Web Services (AWS), as well as how to navigate the AWS Management
Console. It discusses the AWS Global Infrastructure, security measures
provided by AWS and basic principles of deploying on AWS.
8. Introduction to AWS | Learning Objectives
By the end of this module you will be able to:
1 Navigate the AWS Management Console.
2 Recognize AWS Global Infrastructure.
Describe the security measures AWS provides. 3
11. Introduction to AWS | Amazon History
Amazon.com
Launched
Online Bookstore Amazon
Publishing
Kindle
Launches
Amazon
Games
Jeff Bezos
Incorporated
the Company
Amazon Web
Services
Launched
1994 1995 2002 2005 2007 2012
2013
Amazon Art
13. Introduction to AWS | AWS Cloud Computing
On Demand} Uniform
Pay As You Go
Available
Compute
Security
Storage
Scaling
CDN Backup
Database
Monitoring
Workflow
Networking
Messaging
DNS
Load Balancing
23. Introduction to AWS | Physical Security
24x7 trained security guards
Locations in nondescript, undisclosed facilities
Two-factor authentication for ingress
Authorization for data center access
24. Introduction to AWS | Hardware, Software and Network
Automated change control process
Bastion servers that record all
access attempts
Firewall and other boundary devices
AWS monitoring tools
25. Introduction to AWS | Security & Compliance Resources
Secure API access points for
encrypted transmission over HTTPS
using SSL
Cryptographic keys and certificates
are required for any user or software
program to access an AWS API
Security Groups to let you control
external access to your instances
26. Introduction to AWS | SSL Endpoints
IAM
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
VPC
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
SSL Endpoints
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
Security Groups
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
27. Introduction to AWS | Security Groups
SSL Endpoints
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
Security Groups
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
IAM
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
VPC
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
29. Introduction to AWS | Identity and Access Management
(IAM)
SSL Endpoints
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
Security Groups IAM
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
VPC
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
30. Introduction to AWS | Account Control
AWS Identify and Access Management (IAM)
AWS Identity and Access Management (IAM) enables you to securely control
access to AWS services and resources for your users. Using IAM, you can
create and manage AWS users and groups and use permissions to allow and
deny their permissions to AWS resources. If you are new to IAM, read the
IAM Top 10 Best Practices.
Note: Master IAM accounts should not be used for production systems!!!
31. Introduction to AWS | Virtual Private Cloud (VPC)
VPC
SSL Endpoints
Secure
transmission
Establish secure
communication
sessions (HTTPS)
using SSL
Security Groups
Instance firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
IAM
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
32. Introduction to AWS | Certifications and Accreditations
AWS publishes SOC 1 Type II, SOC 2 Type II and SOC 3 reports
AWS is PCI DSS Level 1 compliant and ISO 27001 certified
AWS has achieved FedRAMP compliance, received authorization from
the U.S. Government
FISMA Moderate level
Authorities to Operate (ATOs) under the Defense Information
Assurance Certification and Accreditation Program (DIACAP)
33. Introduction to AWS | Additional Resources
Additional Resources
Here are some additional resources:
More details and up to date information on Global Infrastructure can be found
online: http://aws.amazon.com/about-aws/globalinfrastructure/
AWS Management Console: https://console.aws.amazon.com/console/home.
AWS Security Assurance and Compliance Programs:
https://aws.amazon.com/compliance/
Security Center: http://aws.amazon.com/security
IAM Best Practices:
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
34. Introduction to AWS | Module Completion and Summary
Summary
You have reached the end of this training module. In summary, you have learned:
• How to navigate the AWS Management Console
• What is the AWS Global Infrastructure
• Describe the security measures AWS provides
36. AWS Storage | Overview
Module Overview
This module describes the fundamental elements of AWS Storage with a
focus on Amazon Simple Storage Service (S3) and Amazon Elastic Block
Store (EBS).
37. AWS Storage | Learning Objectives
By the end of this training you will be able to:
1 Identify key AWS storage options.
2 Describe Amazon Elastic Block Store (EBS).
Create an Amazon S3 Bucket and manage associated objects. 3
38. AWS Storage | AWS Storage Products and Services
Amazon
Simple
Storage
Service
Amazon
Glacier
AWS Storage
Gateway
Amazon
Import/Export
Amazon
Elastic Block
Store
39. AWS Storage | Amazon Simple Storage Service (S3)
Storage for the Internet. Natively online,
HTTP access
Store and retrieve any amount of data,
any time, from anywhere on the web
Highly scalable, reliable, fast
and durable
Amazon
Simple
Storage
Service
40. AWS Storage | Amazon S3 Storage Concepts
Amazon S3 Concepts
Amazon
S3
Bucket
with
Objects
Bucket
Objec
t
Amazon S3 stores data as
objects within buckets
An object is comprised of a file
and optionally any metadata that
describes that file
You can have up to 100 buckets
in each account
You can control access to the
bucket and its objects
41. AWS Storage | Amazon S3 Concepts - Buckets
Amazon S3 Buckets
Objects are stored in Buckets.
Objects can be accessed via a URL:
http://johnsmith.s3.amazonaws.com/photos/puppy.jpg
• Organize Amazon S3 namespace at highest level
• Identify account – storage and data transfer charges
• Access Control
• Unit of aggregation for usage reporting
Amazon S3 Bucket
Bucket Object
42. AWS Storage | Amazon S3 Concepts - Objects
Amazon S3 Objects
Objects are the fundamental entities stored in Amazon S3. When using the
console, you can think of them as being files. Objects consist of data
and metadata. The data portion is opaque to Amazon S3. The metadata is
a set of name-value pairs that describe the object.
• Default metadata such as the date last modified
• Standard HTTP metadata such as Content-Type
• Custom metadata at the time the object is stored
• An object is uniquely identified within a bucket by a key (name)
Object Bucket w/Objects
43. AWS Storage | Amazon S3 Object Lifecycle
Lifecycle Management
Lifecycle management defines how Amazon S3 manages objects during their
lifetime. Some objects that you store in an Amazon S3 bucket might have a well-defined
lifecycle:
• Log files
• Archive documents
• Digital media archives
• Financial and healthcare records
• Raw genomics sequence data
• Long-term database backups
• Data that must be retained for regulatory compliance
44. AWS Storage | Amazon S3 Pricing
Pricing
• Pay only for what you use
• No minimum fee
• Prices based on location of your Amazon S3 bucket
• Estimate monthly bill using the AWS Simple Monthly Calculator
45. AWS Storage | Amazon S3 Facts
Facts
• Able to store unlimited number of Objects in a Bucket
• Objects up to 5TB; no bucket size limit
• Designed for 99.999999999% durability and 99.99% availability of objects
over a given year
• HTTP/S endpoint to store and retrieve any amount of data, at any time,
from anywhere on the web
• Highly scalable, reliable, fast, and inexpensive
• Server-side Encryption using AES 256-bit symmetric keys
• Access Logs for auditing
• Provides standards-based REST and SOAP interfaces
46. AWS Storage | Amazon Glacier
Amazon
Glacier Extremely low-cost storage
Secure, durable storage for
data archiving and backup
Optimized for data that is
infrequently accessed
47. AWS Storage | Amazon Glacier Storage Facts
Facts
Offload the administrative burdens of operating and scaling archival
storage to AWS, and make retaining data for long periods, whether
measured in years or decades, especially simple.
Optimized for data that is infrequently accessed and for which retrieval
time of several hours are suitable.
• No limit to the amount of data you can store in Amazon Glacier.
• Automatic Server-side Encryption using AES 256-bit symmetric keys.
• Average annual durability of 99.999999999% for an archive.
48. AWS Storage | Amazon Elastic Block Store (EBS)
Amazon
Elastic Block
Store
Persistent block level
storage volumes for
use with Amazon EC2
instances
Attach to running instance and
expose as a block device
Snapshots stored
durably in Amazon S3
50. AWS Storage | Amazon EBS Facts
Facts about Amazon EBS
• Use for persistent storage
• Can use to create RAID configuration for a server
• Off-instance block storage that persists independently
• Volumes behave like unformatted block devices for Linux or Windows instances
51. AWS Storage | Amazon EBS Use Case
Use Cases
OS Boot device / root file system; secondary volumes/filesystems
Typical basis for database storage
Raw block devices for RAID, some databases
52. AWS Storage | Amazon EBS Pricing
Pay for what you Provision
• Pricing based on Region
• AWS GovCloud (US) Pricing page
• Review Pricing Calculator online
* Check Amazon EBS Pricing page for current pricing for all regions.
53. AWS Storage | Amazon EBS Best Practices
Amazon EBS Volumes are in a Single Availability Zone
EBS Volume 1
Availability Zone A
EBS Volume 2
Availability Zone B
Volume data is replicated across multiple servers in an Availability Zone.
54. AWS Storage | Amazon EBS and Amazon S3
Amazon EBS Amazon S3
Paradigm File system Object store
Performance Very fast Fast
Redundancy Across multiple servers in an
Availability Zone
Across multiple facilities and on
multiple devices within each facility
Security Visible only to your
Amazon EC2
Public Key / Private Key
Access from
the Internet?
No (1) Yes (2)
Typical use
case
Its a disk drive Write once, read many
(1) Accessible from Internet if mounted to server and set up as FTP, etc.
(2) Only with proper credentials, unless ACLs are world-readable
55. AWS Storage | AWS Storage Gateway
AWS Storage
Gateway
Mirror your on-premises data
to Amazon EC2 instances
Connect an on-premises
software appliance with
cloud-based storage
Securely upload data to the AWS
cloud for cost effective backup and
rapid disaster recovery
58. AWS Storage | Amazon Import/Export
Amazon
Import/Export
Accelerates moving large
amounts of data into and out of
Amazon S3 or Amazon EBS
Transfers your data directly onto
and off of storage devices
Uses Amazon high-speed
internal network
59. AWS Storage | AWS Import/Export Support
Import/Export Support
• Accelerates moving large amounts of data into and out of Amazon S3 or Amazon EBS
• Transfers your data directly onto and off of storage devices
• Uses AWS high-speed internal network
60. AWS Storage | Additional Resources
Additional Resources
Here are some additional resources:
Yelp Amazon Case Study: http://aws.amazon.com/solutions/case-studies/yelp/
Getting Started with Amazon S3 Video:
http://www.youtube.com/watch?v=1qrjFb0ZTm8&feature=youtu.be
Online Pricing Calculator: http://calculator.s3.amazonaws.com/calc5.html
Glacier: http://aws.amazon.com/glacier/
Introduction to Amazon EBS Video: https://us-east-1-aws-training.
s3.amazonaws.com/intro/elb.html
61. AWS Storage | Module Completion
Summary
You have reached the end of this training module. In summary, you have learned:
• The key AWS storage options
• What is an Amazon Elastic Block Store
• How to create an Amazon S3 bucket and manage associated objects
63. Compute Services & Networking | Overview
Module Overview
This module describes the fundamental elements of AWS Compute and
Networking, with a focus on Amazon Elastic Compute Cloud (EC2). This
module will build off what you learned in Module 2 by verifying how to use
Amazon Elastic Block Storage.
64. Compute Services & Networking | Learning Objectives
By the end of this training you will be able to:
1 Identify the different AWS compute and networking options.
2 Describe what is Amazon Virtual Private Cloud (VPC).
Create an Amazon Elastic Compute Cloud (EC2) Instance. 3
4 Verify how to use Amazon Elastic Block Storage.
66. Compute Services & Networking | Amazon Elastic
Compute Cloud (EC2)
Resizable compute capacity
Complete control of your
computing resources
Reduces the time required to obtain and
boot new server instances to minutes
Amazon Elastic
Compute Cloud
(EC2)
67. Compute Services & Networking | Amazon EC2 Facts
Facts about Amazon EC2
Resizable compute capacity with many instance types
Reduces the time required to obtain and boot new server instances to minutes
or seconds
Scale capacity as your computing requirements change
Pay only for capacity that you actually use
Choose Linux or Windows
Deploy across Regions and Availability Zones for reliability
68. Compute Services & Networking | Using Amazon EC2
How to Use Amazon EC2
Select a pre-configured, Amazon Machine Image (AMI) to get up and running
immediately. Or create an AMI containing your applications, libraries, data, and
associated configuration settings.
Configure security and network access on your Amazon EC2 instance.
Choose which instance type(s) you want, then start, terminate, and monitor as
many instances of your AMI as needed, using the web service APIs or the
variety of management tools provided.
Determine whether you want to run in multiple locations, utilize static IP
endpoints, or attach persistent block storage to your instances.
Pay only for the resources that you actually consume, like instance-hours
or data transfer.
69. Compute Services & Networking | Amazon Machine
Images (AMI)
AMIs
Building blocks of Amazon EC2 Instances
An AMI is a template of a computer's root volume
Can be public or private
Create “gold Images” of your Amazon EC2 infrastructure
AMI
70. Compute Services & Networking | Infrastructure and
Applications
Infrastructure and Applications
Oracle
SAP
Microsoft
AWS Marketplace
72. Compute Services & Networking | Choosing the
Right Instance
Your choice of Amazon EC2 instances matters…
A larger compute instance will sometimes save you not only time but money
too. Paying more per hour for a shorter amount of time can be less expensive.
Instances come in multiple sizes, allowing you to optimally scale resources to
the requirements of your workload. As you choose an instance type, consider
the following:
– Core count
– Memory size
– Storage size & type
– Network performance
80. Compute Services & Networking | Amazon EC2
Security Groups
Public Amazon EC2 Virtual Private Cloud
Inbound Only Inbound and Outbound
TCP, UDP, ICMP only Any Internet Protocol
Assigned at launch Can be assigned or removed at
anytime, including when running
Modify anytime Modify anytime
81. Compute Services & Networking | Amazon Elastic
MapReduce (EMR)
Easily and cost-effectively
process
vast amounts of data
Utilizes a hosted
Hadoop framework
Highly scalable
Amazon Elastic
MapReduce
(EMR)
82. Compute Services & Networking | Amazon EMR
Example
The Amazon EMR
job flow runs on a
cluster of Amazon
EC2 Instances
Amazon EMR
Job Flow
Amazon Simple
Storage Service (S3)
Amazon
CloudWatch
Amazon EC2 Instance
Input Data
Output Results
Metrics
83. Compute Services & Networking | Amazon Auto
Scaling
Auto Scaling
Scale your Amazon EC2
capacity automatically
Well-suited for applications
that experience variability
Available at no
additional charge
in usage
84. Compute Services & Networking | Amazon Auto
Scaling Cont.
1
Elastic Capacity
2
Ease of Use
3
Cost Savings
5
Actions
4
Geographic
88. Compute Services & Networking | Amazon Virtual
Private Cloud (VPC)
Amazon
Virtual Private
Cloud
Provision a private, isolated section of the
AWS Cloud where you can launch AWS
resources in a virtual network that you define
Define a virtual network topology that closely
resembles a traditional network that you
might operate in your own datacenter
You have complete control over your virtual networking
environment: selection of IP address range, creation of
subnets, configuration of route tables, and network gateways
90. Compute Services & Networking | AWS Direct
Connect
AWS Direct
Connect
All AWS services, including
Amazon EC2 and Amazon
S3 can be used with AWS
Direct Connect
Virtual interfaces can be
reconfigured at any time
Use the same connection to access public
resources such as objects stored in Amazon S3
91. Compute Services & Networking | Networking
AWS Direct Connect
AWS Direct Connect establishes a
dedicated network connection from your
premises to AWS.
Establish private connectivity between
AWS and your datacenter, office, or
colocation environment.
Create multiple virtual interfaces to use
the same connection to access public
resources such as Amazon S3 and
private resources such as Amazon EC2
instances running within a VPC.
92. Compute Services & Networking | Amazon Route 53
Amazon
Route 53
Route end users to
Internet applications
Provides secure and reliable
routing to your application instances
Answers DNS queries
with low latency by
using a global network
of DNS servers
93. Compute Services & Networking | Networking with
Amazon Route 53
Amazon Route 53
Answers DNS queries with low latency by using a global network of DNS servers.
Queries for your domain are automatically routed to the nearest DNS server,
and thus answered with the best possible performance.
You pay only for managing domains through the service and the number of queries
that the service answers.
94. Compute Services & Networking | Elastic Load
Balancing (ELB)
Elastic Load
Balancing
Dynamically grows and
shrinks required resources
based on traffic
Supports health checks
to ensure detect and
remove failing instances
Supports the routing and load balancing of
HTTP, HTTPS, and TCP traffic to Amazon
EC2 instances
96. Compute Services & Networking | Additional Resources
Additional Resources
Here are some additional resources:
Amazon EC2 Instance Types: http://aws.amazon.com/ec2/instance-types/
Service Documentation: http://aws.amazon.com/documentation
White Papers: http://aws.amazon.com/whitepapers
AWS Free Usage Tier: http://aws.amazon.com/free/
AWS Support: http://aws.amazon.com/premiumsupport/
APN Partners supporting AWS Direct Connect:
http://aws.amazon.com/directconnect/partners/
AWS Security Process:
http://d36cz9buwru1tt.cloudfront.net/pdf/AWS_Security_Whitepaper.pdf
97. Compute Services & Networking | Module Completion
Summary
You have reached the end of this training module. In summary, you have learned:
Amazon Virtual Private Cloud lets you provision a logically isolated section with
complete control over your virtual networking environment, including IP address range,
creation of subnets, and configuration of route tables and network gateways
VPN and Direct Connect allows you to leverage the AWS cloud as an extension of
your corporate datacenter
Elastic Load Balancing service provides load balancing across multiple instances in a
region
Amazon Route 53 is a highly available scalable Domain Name System (DNS) web
service
99. Managed Services & Database | Overview
Module Overview
This module describes the fundamental elements of AWS Managed Services
and Databases. This module will focus on key aspects of Amazon Relational
Database Service (RDS) and how to execute Amazon RDS.
100. Managed Services & Database | Learning Objectives
By the end of this training you will be able to:
1 Describe Amazon DynamoDB.
2 Verify the key aspects of Amazon Relational Database Service (RDS).
Execute Amazon Relational Database Service. 3
101. Managed Services & Database | Product and Services
Amazon
ElastiCache
Amazon
Relational
Database
Service
Amazon
DynamoDB
Amazon Redshift
102. Managed Services & Database | Amazon Relational
Database Service
Cost-efficient and resizable capacity
Manages time-consuming
database administration tasks
Access to the full capabilities of familiar MySQL,
PostgreSQL, Oracle and SQL Server databases
Amazon
Relational
Database
Service
103. Managed Services & Database | Amazon RDS
Amazon Relational Database Services (RDS)
Easy to set up, operate, and scale a relational database in the cloud
Cost-efficient and resizable capacity while managing time-consuming database
administration tasks
Access to the full capabilities of a familiar SQL database
Automatically patches the database software and backs up your database
Ability to scale the compute resources or storage capacity associated with
your relational database instance via a single API call
104. Managed Services & Database | Amazon RDS & VPC
Amazon RDS & VPC
You can select your own IP address range.
Create subnets, and configure routing and access control lists.
The basic functionality of Amazon RDS is the same whether it is running in a
VPC or not: Amazon RDS manages backups, software patching, automatic
failure detection, and recovery.
There is no additional cost to run your DB instance in a VPC.
105. Managed Services & Database | Amazon DynamoDB
Store any amount of
data – no limits
Fast, predictable performance
Easily provision and change the request
capacity needed for each table
using SSDs
Amazon
DynamoDB
106. Course Overview | Training Agenda
If You Need Consider Using
A relational database service
with minimal administration
Amazon RDS, a fully managed service that
offers a choice of MySQL, Oracle or SQL Server
database engines, scale compute & storage,
Multi-AZ availability and more.
A fast, highly scalable NoSQL
database service
Amazon DynamoDB, a fully managed service
that offers extremely fast performance, seamless
scalability and reliability, low cost and more.
A relational database you can
manage on your own
Your choice of relational AMIs on Amazon EC2
and Amazon EBS that provide scale compute &
storage, complete control over instances, and more.
110. Managed Services & Database | Amazon Redshift
Amazon Redshift
Petabyte-scale service that manages all
the work need to set up, operate, and scale
a data warehouse cluster
Dramatically reduces IO
Continuously monitors the health of the
cluster and replaces any component
111. Managed Services & Database | Amazon Redshift
Facts
Amazon Redshift
Amazon Redshift manages all the work needed to set up, operate, and scale a
data warehouse cluster, from provisioning capacity to monitoring and backing
up the cluster, to applying patches and upgrades. Scaling a cluster to improve
performance or increase capacity is simple and incurs no downtime. The service
continuously monitors the health of the cluster and automatically replaces any
component, if needed.
Redshift
Redshift
Redshift
112. Managed Services & Database | Additional Resources
Additional Resources
Here are some additional resources:
Service Documentation: http://aws.amazon.com/documentation
Pricing Calculator: http://aws.amazon.com/calculator/
Economics: http://aws.amazon.com/economics/
Pricing details for all services: http://aws.amazon.com/pricing/
Solutions Case Studies: http://aws.amazon.com/solutions/case-studies
Marketing Overview Materials: http://aws.amazon.com
Videos & Webinars: http://www.youtube.com/AmazonWebServices
AWS Blog: http://aws.typepad.com/
113. Managed Services & Database | Module Completion
Summary
You have reached the end of this training module. In summary, you have learned:
• Describe Amazon DynamoDB
• Verify key aspects of Amazon Relational Database Service (RDS)
• How to execute Amazon RDS
115. Deployment & Management | Overview
Module Overview
This module describes the fundamental elements of AWS Deployment &
Management products and services.
116. Deployment & Management | Learning Objectives
By the end of this training you will be able to:
1 Identify AWS CloudFormation.
2 Describe Amazon CloudWatch metrics and alarms.
Describe Amazon Identity and Access Management (IAM). 3
117. Deployment & Management | Product and Services
AWS Identity and
Access
Management
Amazon
CloudWatch
Amazon
Elastic
Beanstalk
Amazon
CloudFormation
118. Deployment & Management | AWS Identity and Access
Management (IAM)
AWS Identity and
Access
Management
(IAM)
Create and manage AWS users and groups
and use permissions to allow and deny their
permissions to AWS resources
Enables identity federation between
your corporate directory and AWS
services
Use existing corporate identities to grant
secure access to AWS resources, such as
Amazon S3 buckets, without creating new
AWS identities for those users
120. Deployment & Management | Amazon CloudWatch
Amazon
CloudWatch
Visibility into resource
utilization, operational
performance, and overall
demand patterns
Accessible via AWS Management
Console, APIs, SDK, or CLI
Custom application-specific
metrics of your own
121. Deployment & Management | AWS CloudWatch Facts
AWS CloudWatch
• Visibility into resource utilization, operational performance, and overall
demand patterns
• Metrics including CPU utilization, disk reads and writes, and network traffic
• Custom application-specific metrics of your own
• Accessible via AWS Management Console, APIs, SDK, or CLI
122. Deployment & Management | Amazon Elastic Beanstalk
Amazon
Elastic
Beanstalk
Simply upload your
application
Automatically handles the
deployment details of capacity
provisioning, load balancing, auto
scaling, and application health
monitoring
Retain full control over the
AWS resources powering
your application
123. Deployment & Management | AWS Elastic Beanstalk
Facts
AWS Elastic Beanstalk
• Quickly deploy and manage applications in the AWS cloud without worrying
about the infrastructure that runs those applications.
• Reduce management complexity without restricting choice or control.
124. Deployment & Management | Amazon
CloudFormation
Create templates of stack
of resources
Deploy stack from template
with runtime parameters
Amazon
CloudFormation
Use templates as a starting
point or create your own
127. Deployment & Management | Additional Resources
Additional Resources
Here are some additional resources:
AWS CloudFormation Sample Templates:
https://aws.amazon.com/cloudformation/aws-cloudformation-templates/
AWS User Groups: http://aws.amazon.com/usergroups/
Introduction to AWS IAM Training Video: https://us-east-1-aws-training.
s3.amazonaws.com/intro/iam.html
128. Deployment & Management | Module Completion
Summary
You have reached the end of this training module. In summary, you have learned:
• The key fundamental elements of AWS Deployment & Management
products and services.