SlideShare a Scribd company logo

AWS Well Architected Framework

Download as PPTX, PDF
zekeLabs Technologies
zekeLabs Technologies

Training for AWS Solutions Architect at http://zekelabs.com/courses/amazon-web-services-training-bangalore/.This slide describes about design principles, best practices and AWS key services for the five pillars of well architected framework such as operational excellence, security, reliability, performance efficiency and cost optimization ___________________________________________________ zekeLabs is a Technology training platform. We provide instructor led corporate training and classroom training on Industry relevant Cutting Edge Technologies like Big Data, Machine Learning, Natural Language Processing, Artificial Intelligence, Data Science, Amazon Web Services, DevOps, Cloud Computing, Docker, kubernetes, microservices and Frameworks like Django,Spring, Ruby on Rails, Angular 2 and many more to Professionals. Reach out to us at www.zekelabs.com or call us at +91 8095465880 or drop a mail at info@zekelabs.com

Technology
1 of 33
zekeLabs Learning made Simpler ! www.zekeLabs.com
Five Pillars of Well Architected Framework ● Operational Excellence - The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. ● Security - The ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. ● Reliability - The ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. ● Performance Efficiency - The ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve ● Cost Optimization - The ability to avoid or eliminate unneeded cost or suboptimal resources
General Design Principles ● Stop guessing your capacity needs ● Test systems at production scale ● Automate to make architectural experimentation easier ● Allow for evolutionary architectures ● Drive architectures using data ● Improve through game days
Operational Excellence ● The operational excellence pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. ● The operational excellence pillar provides an overview of design principles, best practices, and questions.
Operational Excellence Design Principles ● Perform operations as code ● Annotate documentation ● Make frequent, small, reversible changes ● Refine operations procedures frequently ● Anticipate failure ● Learn from all operational failures
Operational Excellence Best Practices ● There are three best practice areas for operational excellence in the cloud ○ Prepare ○ Operate ○ Evolve
Best Practices Prepare ● Effective preparation is required to drive operational excellence ● Operational readiness is validated through checklists to ensure a workload meets defined standards and that required procedures are adequately captured in runbooks and playbooks. ● Using AWS CloudFormation enables you to have consistent, templated, sandbox development, test, and production environments with increasing levels of operations control. ● AWS enables visibility into your workloads at all layers through various log collection and monitoring features (application programming interfaces (APIs), and network flow logs can be collected using Amazon CloudWatch, AWS CloudTrail, and VPC Flow Logs)
Best Practices Operate ● Successful operation of a workload is measured by the achievement of business and customer outcomes. ● Define expected outcomes, determine how success will be measured, and identify the workload and operations metrics that will be used in those calculations to determine if operations are successful. ● Use collected metrics to determine if you are satisfying customer and business needs, and identify areas for improvement ● Use established runbooks for well-understood events, and use playbooks to aid in the resolution of other events. ● Prioritize responses to events based on their business and customer impact. ● Communicate the operational status of workloads through dashboards and notifications that are tailored to the target audience so that they may take appropriate action ● Determine the root cause of unplanned events and unexpected impacts from planned events.
Best Practices Evolve ● Evolution of operations is required to sustain operational excellence ● Dedicate work cycles to making continuous incremental improvements. ● Include feedback loops within your procedures to rapidly identify areas for improvement ● With AWS Developer Tools you can implement continuous delivery build, test, and deployment activities that work with a variety of source code, build, testing, and deployment tools from AWS and third parties ● The results of deployment activities can be used to identify opportunities for improvement for both deployment and development. ● Successful evolution of operations is founded in: frequent small improvements; providing safe environments and time to experiment, develop, and test improvements; and environments in which learning from failures is encouraged.
Key AWS Services for Operational Excellence ● The AWS service that is essential to operational excellence is AWS CloudFormation, which you can use to create templates based on best practices. This enables you to provision resources in an orderly and consistent fashion from your development through production environments ● Prepare: AWS Config and AWS Config rules can be used to create standards for workloads and to determine if environments are compliant with those standards before being put into production. ● Operate: Amazon CloudWatch allows you to monitor the operational health of a workload. ● Evolve: Amazon Elasticsearch Service (Amazon ES) allows you to analyze your log data to gain actionable insights quickly and securely
Security Design Principles ● Implement a strong identity foundation ● Enable traceability ● Apply security at all layers ● Automate security best practices ● Protect data in transit and at rest ● Prepare for security events
Security Definition ● There are five best practice areas for security in the cloud: ○ Identity and Access Management ○ Detective Controls ○ Infrastructure Protection ○ Data Protection ○ Incident Response ● For security you will want to control who can do what. ● In addition, you want to be able to identify security incidents, protect your systems and services, and maintain the confidentiality and integrity of data through data protection. ● The AWS Shared Responsibility Model enables organizations that adopt the cloud to achieve their security and compliance goals
Best Practices - Identity and Access Management ● Identity and access management are key parts of an information security program, ensuring that only authorized and authenticated users are able to access your resources ● You should apply granular policies, which assign permissions to a user, group, role, or resource ● IAM allows you to control user access to AWS services and resources. ● You also have the ability to require strong password practices, such as complexity level, avoiding re- use, and using multi-factor authentication (MFA). ● IAM enables secure access through instance profiles, identity federation, and temporary credentials ● It is critical to keep root user credentials protected, and to this end AWS recommends attaching MFA to the root user
Best Practices - Detective Controls ● You can use detective controls to identify a potential security incident. ● These controls are an essential part of governance frameworks and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts. ● In AWS, you can implement detective controls by processing logs, events, and monitoring that allows for auditing, automated analysis, and alarming. ● CloudTrail logs, AWS API calls, and CloudWatch provide monitoring of metrics with alarming, and AWS Config provides configuration history. ● Service-level logs are also available. You can use Amazon Simple Storage Service to log access requests. ● Amazon Glacier provides a vault lock feature to preserve mission-critical data with compliance controls designed to support auditable long-term retention.
Best Practices - Infrastructure Protection ● Infrastructure protection includes control methodologies, such as defense-in-depth and MFA ● In AWS, you can implement stateful and stateless packet inspection, either by using AWS-native technologies or by using partner products and services available through the AWS Marketplace ● You should use Amazon Virtual Private Cloud (Amazon VPC) to create a private, secured, and scalable environment in which you can define your topology—including gateways, routing tables, and public and private subnets. ● Enforcing boundary protection, monitoring points of ingress and egress, and comprehensive logging, monitoring, and alerting are all essential
Best Practices - Data Protection ● Data classification provides a way to categorize organizational data based on levels of sensitivity, and encryption protects data by rendering it unintelligible to unauthorized access. ● In AWS, the following practices facilitate protection of data ○ As an AWS customer you maintain full control over your data ○ AWS makes it easier for you to encrypt your data and manage keys, including regular key rotation ○ Detailed logging that contains important content, such as file access and changes, is available. ○ AWS has designed storage systems for exceptional resiliency ○ Versioning, which can be part of a larger data lifecycle management process, can protect against accidental overwrites, deletes, and similar harm. ○ AWS never initiates the movement of data between Regions ○ AWS provides multiple means for encrypting data at rest and in transit
Best Practices - Incident Response ● In AWS, the following practices facilitate effective incident response ○ Detailed logging is available that contains important content, such as file access and changes ○ Events can be automatically processed and trigger scripts that automate runbooks through the use of AWS APIs ○ You can pre-provision tooling and a “clean room” using AWS CloudFormation. This allows you to carry out forensics in a safe, isolated environment. ● Ensure that you have a way to quickly grant access for your InfoSec team, and automate the isolation of instances as well at the capturing of data and state for forensics.
Key AWS Services for Security ● Identity and Access Management: IAM enables you to securely control access to AWS services and resources. MFA adds an extra layer of protection on top of your user name and password. ● Detective Controls: AWS CloudTrail records AWS API calls, AWS Config provides a detailed inventory of your AWS resources and configuration, and Amazon CloudWatch is a monitoring service for AWS resources. ● Infrastructure Protection: Amazon VPC lets you provision a private, isolated section of the AWS Cloud where you can launch AWS resources in a virtual network ● Data Protection: Services such as ELB, EBS, Amazon S3, and RDS include encryption capabilities to protect your data in transit and at rest. Amazon Macie automatically discovers, classifies, and protects sensitive data, while AWS Key Management Service makes it easy for you to create and control keys used for encryption. ● Incident Response: IAM should be used to grant appropriate authorization to incident response teams. AWS CloudFormation can be used to create a trusted environment for conducting investigations
Reliability Design Principles ● Test recovery procedures ● Automatically recover from failure ● Scale horizontally to increase aggregate system availability ● Stop guessing capacity ● Manage change in automation
Reliability Definition ● There are three best practice areas for reliability in the cloud ○ Foundations ○ Change Management ○ Failure Management
Best Practices Foundations ● You must have sufficient network bandwidth to your data center. ● It is the responsibility of AWS to satisfy the requirement for sufficient networking and compute capacity, while you are free to change resource size and allocation, such as the size of storage devices, on demand
Best Practices Change Management ● Using AWS, you can monitor the behavior of a system and automate the response to KPIs ● For example, by adding additional servers as a system gains more users. ● You can control who has permission to make system changes and audit the history of these changes. ● Automatic logging of changes to your environment allows you to audit and quickly identify actions that might have impacted reliability.
Best Practices Failure Management ● With AWS, you can take advantage of automation to react to monitoring data. ● For example, when a particular metric crosses a threshold, you can trigger an automated action to remedy the problem. ● Also, rather than trying to diagnose and fix a failed resource that is part of your production environment, you can replace it with a new one and carry out the analysis on the failed resource out of band. ● Regularly back up your data and test your backup files to ensure you can recover from both logical and physical errors. ● Actively track KPIs, such as the recovery time objective (RTO) and recovery point objective (RPO), to assess a system’s resiliency (especially under failure-testing scenarios).
Reliability Key AWS Services ● Foundations: ○ Amazon VPC lets you launch AWS resources in a virtual network. ○ AWS Trusted Advisor provides visibility into service limits. ○ AWS Shield is a DDoS protection service that safeguards web applications running on AWS ● Change Management ○ AWS CloudTrail records AWS API calls for your account and delivers log files to you for auditing ○ AWS Config continuously records configuration changes ○ Auto Scaling provides an automated demand management for a deployed workload ○ CloudWatch provides the ability to alert on metrics, including custom metrics. ● Failure Management ○ AWS CloudFormation provides templates for the creation of AWS resources and provisions them in an orderly and predictable fashion ○ Amazon S3 keeps backups, Glacier provides highly durable archives, KMS provides a reliable key management system that integrates with many AWS services.
Performance Efficiency Design Principles ● Democratize advanced technologies ● Go global in minutes ● Use serverless architectures ● Experiment more often ● Mechanical sympathy
Performance Definition ● There are four best practice areas for performance efficiency in the cloud ○ Selection ○ Review ○ Monitoring ○ Tradeoffs
Performance Best Practices Selection ● In AWS, resources are virtualized and are available in a number of different types and configurations. ● For example,Amazon DynamoDB provides a fully managed NoSQL database with single-digit millisecond latency at any scale. ● When you select the patterns and implementation for your architecture, use a data-driven approach for the most optimal solution. ● Your architecture will likely combine a number of different architectural approaches (for example, event- driven, ETL, or pipeline). ● Four main resource types that you should consider ○ Compute - instances, containers, and functions ○ Storage - block, file, or object ○ Database - RDS, NoSQL ○ Network - AWS offers product features (for example, very high network instance types, Amazon EBS optimized instances, Amazon S3 transfer acceleration, dynamic Amazon CloudFront) to optimize network traffic. AWS also offers networking features (for example, Amazon Route 53 latency routing, Amazon VPC endpoints, and AWS Direct Connect) to reduce network distance or jitter.
Monitoring and Tradeoffs ● Monitoring ○ Amazon CloudWatch provides the ability to monitor and send notification alarms ○ You can use automation to work around performance issues by triggering actions through Amazon Kinesis, Amazon Simple Queue Service (Amazon SQS), and AWS Lambda. ● Tradeoffs ○ Using AWS, you can go global in minutes and deploy resources in multiple locations across the globe to be closer to your end users ○ You can also dynamically add read-only replicas to information stores such as database systems to reduce the load on the primary database ○ AWS also offers caching solutions such as Amazon ElastiCache, which provides an in-memory data store or cache, and Amazon CloudFront, which caches copies of your static content closer to end users. ○ Amazon DynamoDB Accelerator (DAX) provides a read-through/write-through distributed caching tier in front of Amazon DynamoDB,
Performance Key AWS Services ● Selection ○ Compute - Auto Scaling ○ Storage - Amazon EBS, Amazon S3 ○ Database - Amazon RDS, Amazon DynamoDB ○ Network - Amazon Route 53, Amazon VPC endpoints and AWS Direct Connect ● Monitoring ○ Amazon CloudWatch, AWS Lambda ● Tradeoffs ○ Amazon ElastiCache, Amazon CloudFront, AWS Snowball, Amazon RDS
Cost Optimization Design Principles ● Adopt a consumption model ● Measure overall efficiency ● Stop spending money on data center operations ● Analyze and attribute expenditure ● Use managed services to reduce cost of ownership
Cost Optimization Definition ● There are four best practice areas for cost optimization in the cloud: ○ Cost-Effective Resources ○ Matching Supply and Demand ○ Expenditure Awareness ○ Optimizing Over Time
Best Practices Cost Optimization ● Cost-Effective Resources ○ On-Demand Instances allow you to pay for compute capacity by the hour, with no minimum commitments required. ○ Reserved Instances allow you to reserve capacity and offer savings of up to 75% off On-Demand pricing. ○ With Spot Instances, you can bid on unused Amazon EC2 capacity at significant discounts. ○ By using tools such as AWS Trusted Advisor to regularly review your AWS usage, you can actively monitor your utilization and adjust your deployments accordingly. ● Matching Supply and Demand ○ Auto Scaling and demand, buffer, and time-based approaches allow you to add and remove resources as needed. ● Expenditure Awareness ○ You can use cost allocation tags to AWS resources (such as EC2 instances or S3 buckets) to categorize and track your AWS costs ○ You can set up billing alerts to notify you of predicted overspending ○ AWS Simple Monthly Calculator allows you to calculate your data transfer costs ● Optimizing Over Time ○ AWS Trusted Advisor inspects your AWS environment and finds opportunities to save you money by eliminating unused or idle resources or committing to Reserved Instance capacity.
Visit : www.zekeLabs.com for more details THANK YOU Let us know how can we help your organization to Upskill the employees to stay updated in the ever-evolving IT Industry. Get in touch: www.zekeLabs.com | +91-8095465880 | info@zekeLabs.com

Recommended

ENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems ManagerENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems Manager
Amazon Web Services
 
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
Amazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
Amazon Web Services
 
Security best practices
Security best practices Security best practices
Security best practices
Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
Amazon Web Services
 
Amazon S3 Deep Dive
Amazon S3 Deep DiveAmazon S3 Deep Dive
Amazon S3 Deep Dive
Amazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
Amazon Web Services
 
Expanding your Data Center with Hybrid Cloud Infrastructure
Expanding your Data Center with Hybrid Cloud InfrastructureExpanding your Data Center with Hybrid Cloud Infrastructure
Expanding your Data Center with Hybrid Cloud Infrastructure
Amazon Web Services
 

Recommended

ENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems ManagerENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems Manager
Amazon Web Services
 
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
Amazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
Amazon Web Services
 
Security best practices
Security best practices Security best practices
Security best practices
Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
Amazon Web Services
 
Amazon S3 Deep Dive
Amazon S3 Deep DiveAmazon S3 Deep Dive
Amazon S3 Deep Dive
Amazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
Amazon Web Services
 
Expanding your Data Center with Hybrid Cloud Infrastructure
Expanding your Data Center with Hybrid Cloud InfrastructureExpanding your Data Center with Hybrid Cloud Infrastructure
Expanding your Data Center with Hybrid Cloud Infrastructure
Amazon Web Services
 
Hackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsHackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 Threats
Amazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
Amazon Web Services
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
Amazon Web Services
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Amazon Web Services
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
Amazon Web Services
 
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Amazon Web Services
 
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
Amazon Web Services
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
Amazon Web Services
 
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) ScaleSEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Amazon Web Services
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
Amazon Web Services
 
AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10
Devang Garach
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner VogelsLessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Amazon Web Services
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Amazon Web Services
 
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon GlacierSRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
Amazon Web Services
 
AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)
Rick Hwang
 
AWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and GovernanceAWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and Governance
Akesh Patil
 

More Related Content

What's hot

Hackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsHackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 Threats
Amazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
Amazon Web Services
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
Amazon Web Services
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Amazon Web Services
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
Amazon Web Services
 
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Amazon Web Services
 
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
Amazon Web Services
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
Amazon Web Services
 
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) ScaleSEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Amazon Web Services
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
Amazon Web Services
 
AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10
Devang Garach
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner VogelsLessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Amazon Web Services
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Amazon Web Services
 
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon GlacierSRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
Amazon Web Services
 

What's hot (20)

Hackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsHackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 Threats
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
 
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
 
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
 
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) ScaleSEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10AWS Concepts - Internship Presentation - week 10
AWS Concepts - Internship Presentation - week 10
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner VogelsLessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
Lessons learned before AWS - AWS Startup Tour - SV - 2010 - Dr. Werner Vogels
 
Aws interview questions
Aws interview questionsAws interview questions
Aws interview questions
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
 
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon GlacierSRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
SRV403 Deep Dive on Object Storage: Amazon S3 and Amazon Glacier
 

Similar to AWS Well Architected Framework

AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)
Rick Hwang
 
AWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and GovernanceAWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and Governance
Akesh Patil
 
AWS Well Architected Framework in Summary
AWS Well Architected Framework in SummaryAWS Well Architected Framework in Summary
AWS Well Architected Framework in Summary
Ewere Diagboya
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
Synergetics Learning and Cloud Consulting
 
Singlepoint AWS Well-Architected Review
Singlepoint AWS Well-Architected ReviewSinglepoint AWS Well-Architected Review
Singlepoint AWS Well-Architected Review
Singlepoint - a Version 1 company
 
AKOREDE AGBOMEJ1 RESUME .pdf
AKOREDE AGBOMEJ1 RESUME .pdfAKOREDE AGBOMEJ1 RESUME .pdf
AKOREDE AGBOMEJ1 RESUME .pdf
Akorede Agbomeji
 
Cloud Service Provider in India | Cloud Solution and Consulting
Cloud Service Provider in India | Cloud Solution and ConsultingCloud Service Provider in India | Cloud Solution and Consulting
Cloud Service Provider in India | Cloud Solution and Consulting
KAMLESHKUMAR471
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
Amazon Web Services
 
Well Architected Framework Presentation @ TU Delft
Well Architected Framework Presentation @ TU DelftWell Architected Framework Presentation @ TU Delft
Well Architected Framework Presentation @ TU Delft
Sander Knape
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
Amazon Web Services
 
Mark Attendance Recognition Systems .pdf
Mark Attendance Recognition Systems .pdfMark Attendance Recognition Systems .pdf
Mark Attendance Recognition Systems .pdf
shourya112007
 
managed cloud services .pdf
managed cloud services .pdfmanaged cloud services .pdf
managed cloud services .pdf
Elina619459
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
Amazon Web Services
 
Using AWS Well Architectured Framework for Software Architecture Evaluations ...
Using AWS Well Architectured Framework for Software Architecture Evaluations ...Using AWS Well Architectured Framework for Software Architecture Evaluations ...
Using AWS Well Architectured Framework for Software Architecture Evaluations ...
Alexandr Savchenko
 
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
MedRecTechnologies
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
Amazon Web Services
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
AWS Chicago
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
Amazon Web Services
 

Similar to AWS Well Architected Framework (20)

AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)AWS Well-Architected Framework (nov 2017)
AWS Well-Architected Framework (nov 2017)
 
AWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and GovernanceAWS Landing Zone - Architecting Security and Governance
AWS Landing Zone - Architecting Security and Governance
 
AWS Well Architected Framework in Summary
AWS Well Architected Framework in SummaryAWS Well Architected Framework in Summary
AWS Well Architected Framework in Summary
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
 
Singlepoint AWS Well-Architected Review
Singlepoint AWS Well-Architected ReviewSinglepoint AWS Well-Architected Review
Singlepoint AWS Well-Architected Review
 
AKOREDE AGBOMEJ1 RESUME .pdf
AKOREDE AGBOMEJ1 RESUME .pdfAKOREDE AGBOMEJ1 RESUME .pdf
AKOREDE AGBOMEJ1 RESUME .pdf
 
Cloud Service Provider in India | Cloud Solution and Consulting
Cloud Service Provider in India | Cloud Solution and ConsultingCloud Service Provider in India | Cloud Solution and Consulting
Cloud Service Provider in India | Cloud Solution and Consulting
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Well Architected Framework Presentation @ TU Delft
Well Architected Framework Presentation @ TU DelftWell Architected Framework Presentation @ TU Delft
Well Architected Framework Presentation @ TU Delft
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
Mark Attendance Recognition Systems .pdf
Mark Attendance Recognition Systems .pdfMark Attendance Recognition Systems .pdf
Mark Attendance Recognition Systems .pdf
 
managed cloud services .pdf
managed cloud services .pdfmanaged cloud services .pdf
managed cloud services .pdf
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Using AWS Well Architectured Framework for Software Architecture Evaluations ...
Using AWS Well Architectured Framework for Software Architecture Evaluations ...Using AWS Well Architectured Framework for Software Architecture Evaluations ...
Using AWS Well Architectured Framework for Software Architecture Evaluations ...
 
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
Comprehensive Cloud Computing Solutions_ Optimizing Your Business with Our Ex...
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
 
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
 

More from zekeLabs Technologies

Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
zekeLabs Technologies
 
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabsDesign Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
zekeLabs Technologies
 
[Webinar] Following the Agile Footprint - zekeLabs
[Webinar] Following the Agile Footprint - zekeLabs[Webinar] Following the Agile Footprint - zekeLabs
[Webinar] Following the Agile Footprint - zekeLabs
zekeLabs Technologies
 
Machine learning at scale - Webinar By zekeLabs
Machine learning at scale - Webinar By zekeLabsMachine learning at scale - Webinar By zekeLabs
Machine learning at scale - Webinar By zekeLabs
zekeLabs Technologies
 
A curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KubernetesA curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & Kubernetes
zekeLabs Technologies
 
Docker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldDocker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container world
zekeLabs Technologies
 
Serverless and cloud computing
Serverless and cloud computingServerless and cloud computing
Serverless and cloud computing
zekeLabs Technologies
 
SQL
SQLSQL
SQL
zekeLabs Technologies
 
02 terraform core concepts
02 terraform core concepts02 terraform core concepts
02 terraform core concepts
zekeLabs Technologies
 
08 Terraform: Provisioners
08 Terraform: Provisioners08 Terraform: Provisioners
08 Terraform: Provisioners
zekeLabs Technologies
 
Outlier detection handling
Outlier detection handlingOutlier detection handling
Outlier detection handling
zekeLabs Technologies
 
Nearest neighbors
Nearest neighborsNearest neighbors
Nearest neighbors
zekeLabs Technologies
 
Naive bayes
Naive bayesNaive bayes
Naive bayes
zekeLabs Technologies
 
Master guide to become a data scientist
Master guide to become a data scientist Master guide to become a data scientist
Master guide to become a data scientist
zekeLabs Technologies
 
Linear regression
Linear regressionLinear regression
Linear regression
zekeLabs Technologies
 
Linear models of classification
Linear models of classificationLinear models of classification
Linear models of classification
zekeLabs Technologies
 
Grid search, pipeline, featureunion
Grid search, pipeline, featureunionGrid search, pipeline, featureunion
Grid search, pipeline, featureunion
zekeLabs Technologies
 
Feature selection
Feature selectionFeature selection
Feature selection
zekeLabs Technologies
 
Essential NumPy
Essential NumPyEssential NumPy
Essential NumPy
zekeLabs Technologies
 
Ensemble methods
Ensemble methods Ensemble methods
Ensemble methods
zekeLabs Technologies
 

More from zekeLabs Technologies (20)

Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
Webinar - Build Cloud-native platform using Docker, Kubernetes, Prometheus, I...
 
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabsDesign Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
Design Patterns for Pods and Containers in Kubernetes - Webinar by zekeLabs
 
[Webinar] Following the Agile Footprint - zekeLabs
[Webinar] Following the Agile Footprint - zekeLabs[Webinar] Following the Agile Footprint - zekeLabs
[Webinar] Following the Agile Footprint - zekeLabs
 
Machine learning at scale - Webinar By zekeLabs
Machine learning at scale - Webinar By zekeLabsMachine learning at scale - Webinar By zekeLabs
Machine learning at scale - Webinar By zekeLabs
 
A curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KubernetesA curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & Kubernetes
 
Docker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldDocker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container world
 
Serverless and cloud computing
Serverless and cloud computingServerless and cloud computing
Serverless and cloud computing
 
SQL
SQLSQL
SQL
 
02 terraform core concepts
02 terraform core concepts02 terraform core concepts
02 terraform core concepts
 
08 Terraform: Provisioners
08 Terraform: Provisioners08 Terraform: Provisioners
08 Terraform: Provisioners
 
Outlier detection handling
Outlier detection handlingOutlier detection handling
Outlier detection handling
 
Nearest neighbors
Nearest neighborsNearest neighbors
Nearest neighbors
 
Naive bayes
Naive bayesNaive bayes
Naive bayes
 
Master guide to become a data scientist
Master guide to become a data scientist Master guide to become a data scientist
Master guide to become a data scientist
 
Linear regression
Linear regressionLinear regression
Linear regression
 
Linear models of classification
Linear models of classificationLinear models of classification
Linear models of classification
 
Grid search, pipeline, featureunion
Grid search, pipeline, featureunionGrid search, pipeline, featureunion
Grid search, pipeline, featureunion
 
Feature selection
Feature selectionFeature selection
Feature selection
 
Essential NumPy
Essential NumPyEssential NumPy
Essential NumPy
 
Ensemble methods
Ensemble methods Ensemble methods
Ensemble methods
 

Recently uploaded

June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Fwdays
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
saastr
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
Pablo Gómez Abajo
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 

Recently uploaded (20)

June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 

AWS Well Architected Framework

  • 1. zekeLabs Learning made Simpler ! www.zekeLabs.com
  • 2. Five Pillars of Well Architected Framework ● Operational Excellence - The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. ● Security - The ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. ● Reliability - The ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. ● Performance Efficiency - The ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve ● Cost Optimization - The ability to avoid or eliminate unneeded cost or suboptimal resources
  • 3. General Design Principles ● Stop guessing your capacity needs ● Test systems at production scale ● Automate to make architectural experimentation easier ● Allow for evolutionary architectures ● Drive architectures using data ● Improve through game days
  • 4. Operational Excellence ● The operational excellence pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. ● The operational excellence pillar provides an overview of design principles, best practices, and questions.
  • 5. Operational Excellence Design Principles ● Perform operations as code ● Annotate documentation ● Make frequent, small, reversible changes ● Refine operations procedures frequently ● Anticipate failure ● Learn from all operational failures
  • 6. Operational Excellence Best Practices ● There are three best practice areas for operational excellence in the cloud ○ Prepare ○ Operate ○ Evolve
  • 7. Best Practices Prepare ● Effective preparation is required to drive operational excellence ● Operational readiness is validated through checklists to ensure a workload meets defined standards and that required procedures are adequately captured in runbooks and playbooks. ● Using AWS CloudFormation enables you to have consistent, templated, sandbox development, test, and production environments with increasing levels of operations control. ● AWS enables visibility into your workloads at all layers through various log collection and monitoring features (application programming interfaces (APIs), and network flow logs can be collected using Amazon CloudWatch, AWS CloudTrail, and VPC Flow Logs)
  • 8. Best Practices Operate ● Successful operation of a workload is measured by the achievement of business and customer outcomes. ● Define expected outcomes, determine how success will be measured, and identify the workload and operations metrics that will be used in those calculations to determine if operations are successful. ● Use collected metrics to determine if you are satisfying customer and business needs, and identify areas for improvement ● Use established runbooks for well-understood events, and use playbooks to aid in the resolution of other events. ● Prioritize responses to events based on their business and customer impact. ● Communicate the operational status of workloads through dashboards and notifications that are tailored to the target audience so that they may take appropriate action ● Determine the root cause of unplanned events and unexpected impacts from planned events.
  • 9. Best Practices Evolve ● Evolution of operations is required to sustain operational excellence ● Dedicate work cycles to making continuous incremental improvements. ● Include feedback loops within your procedures to rapidly identify areas for improvement ● With AWS Developer Tools you can implement continuous delivery build, test, and deployment activities that work with a variety of source code, build, testing, and deployment tools from AWS and third parties ● The results of deployment activities can be used to identify opportunities for improvement for both deployment and development. ● Successful evolution of operations is founded in: frequent small improvements; providing safe environments and time to experiment, develop, and test improvements; and environments in which learning from failures is encouraged.
  • 10. Key AWS Services for Operational Excellence ● The AWS service that is essential to operational excellence is AWS CloudFormation, which you can use to create templates based on best practices. This enables you to provision resources in an orderly and consistent fashion from your development through production environments ● Prepare: AWS Config and AWS Config rules can be used to create standards for workloads and to determine if environments are compliant with those standards before being put into production. ● Operate: Amazon CloudWatch allows you to monitor the operational health of a workload. ● Evolve: Amazon Elasticsearch Service (Amazon ES) allows you to analyze your log data to gain actionable insights quickly and securely
  • 11. Security Design Principles ● Implement a strong identity foundation ● Enable traceability ● Apply security at all layers ● Automate security best practices ● Protect data in transit and at rest ● Prepare for security events
  • 12. Security Definition ● There are five best practice areas for security in the cloud: ○ Identity and Access Management ○ Detective Controls ○ Infrastructure Protection ○ Data Protection ○ Incident Response ● For security you will want to control who can do what. ● In addition, you want to be able to identify security incidents, protect your systems and services, and maintain the confidentiality and integrity of data through data protection. ● The AWS Shared Responsibility Model enables organizations that adopt the cloud to achieve their security and compliance goals
  • 13. Best Practices - Identity and Access Management ● Identity and access management are key parts of an information security program, ensuring that only authorized and authenticated users are able to access your resources ● You should apply granular policies, which assign permissions to a user, group, role, or resource ● IAM allows you to control user access to AWS services and resources. ● You also have the ability to require strong password practices, such as complexity level, avoiding re- use, and using multi-factor authentication (MFA). ● IAM enables secure access through instance profiles, identity federation, and temporary credentials ● It is critical to keep root user credentials protected, and to this end AWS recommends attaching MFA to the root user
  • 14. Best Practices - Detective Controls ● You can use detective controls to identify a potential security incident. ● These controls are an essential part of governance frameworks and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts. ● In AWS, you can implement detective controls by processing logs, events, and monitoring that allows for auditing, automated analysis, and alarming. ● CloudTrail logs, AWS API calls, and CloudWatch provide monitoring of metrics with alarming, and AWS Config provides configuration history. ● Service-level logs are also available. You can use Amazon Simple Storage Service to log access requests. ● Amazon Glacier provides a vault lock feature to preserve mission-critical data with compliance controls designed to support auditable long-term retention.
  • 15. Best Practices - Infrastructure Protection ● Infrastructure protection includes control methodologies, such as defense-in-depth and MFA ● In AWS, you can implement stateful and stateless packet inspection, either by using AWS-native technologies or by using partner products and services available through the AWS Marketplace ● You should use Amazon Virtual Private Cloud (Amazon VPC) to create a private, secured, and scalable environment in which you can define your topology—including gateways, routing tables, and public and private subnets. ● Enforcing boundary protection, monitoring points of ingress and egress, and comprehensive logging, monitoring, and alerting are all essential
  • 16. Best Practices - Data Protection ● Data classification provides a way to categorize organizational data based on levels of sensitivity, and encryption protects data by rendering it unintelligible to unauthorized access. ● In AWS, the following practices facilitate protection of data ○ As an AWS customer you maintain full control over your data ○ AWS makes it easier for you to encrypt your data and manage keys, including regular key rotation ○ Detailed logging that contains important content, such as file access and changes, is available. ○ AWS has designed storage systems for exceptional resiliency ○ Versioning, which can be part of a larger data lifecycle management process, can protect against accidental overwrites, deletes, and similar harm. ○ AWS never initiates the movement of data between Regions ○ AWS provides multiple means for encrypting data at rest and in transit
  • 17. Best Practices - Incident Response ● In AWS, the following practices facilitate effective incident response ○ Detailed logging is available that contains important content, such as file access and changes ○ Events can be automatically processed and trigger scripts that automate runbooks through the use of AWS APIs ○ You can pre-provision tooling and a “clean room” using AWS CloudFormation. This allows you to carry out forensics in a safe, isolated environment. ● Ensure that you have a way to quickly grant access for your InfoSec team, and automate the isolation of instances as well at the capturing of data and state for forensics.
  • 18. Key AWS Services for Security ● Identity and Access Management: IAM enables you to securely control access to AWS services and resources. MFA adds an extra layer of protection on top of your user name and password. ● Detective Controls: AWS CloudTrail records AWS API calls, AWS Config provides a detailed inventory of your AWS resources and configuration, and Amazon CloudWatch is a monitoring service for AWS resources. ● Infrastructure Protection: Amazon VPC lets you provision a private, isolated section of the AWS Cloud where you can launch AWS resources in a virtual network ● Data Protection: Services such as ELB, EBS, Amazon S3, and RDS include encryption capabilities to protect your data in transit and at rest. Amazon Macie automatically discovers, classifies, and protects sensitive data, while AWS Key Management Service makes it easy for you to create and control keys used for encryption. ● Incident Response: IAM should be used to grant appropriate authorization to incident response teams. AWS CloudFormation can be used to create a trusted environment for conducting investigations
  • 19. Reliability Design Principles ● Test recovery procedures ● Automatically recover from failure ● Scale horizontally to increase aggregate system availability ● Stop guessing capacity ● Manage change in automation
  • 20. Reliability Definition ● There are three best practice areas for reliability in the cloud ○ Foundations ○ Change Management ○ Failure Management
  • 21. Best Practices Foundations ● You must have sufficient network bandwidth to your data center. ● It is the responsibility of AWS to satisfy the requirement for sufficient networking and compute capacity, while you are free to change resource size and allocation, such as the size of storage devices, on demand
  • 22. Best Practices Change Management ● Using AWS, you can monitor the behavior of a system and automate the response to KPIs ● For example, by adding additional servers as a system gains more users. ● You can control who has permission to make system changes and audit the history of these changes. ● Automatic logging of changes to your environment allows you to audit and quickly identify actions that might have impacted reliability.
  • 23. Best Practices Failure Management ● With AWS, you can take advantage of automation to react to monitoring data. ● For example, when a particular metric crosses a threshold, you can trigger an automated action to remedy the problem. ● Also, rather than trying to diagnose and fix a failed resource that is part of your production environment, you can replace it with a new one and carry out the analysis on the failed resource out of band. ● Regularly back up your data and test your backup files to ensure you can recover from both logical and physical errors. ● Actively track KPIs, such as the recovery time objective (RTO) and recovery point objective (RPO), to assess a system’s resiliency (especially under failure-testing scenarios).
  • 24. Reliability Key AWS Services ● Foundations: ○ Amazon VPC lets you launch AWS resources in a virtual network. ○ AWS Trusted Advisor provides visibility into service limits. ○ AWS Shield is a DDoS protection service that safeguards web applications running on AWS ● Change Management ○ AWS CloudTrail records AWS API calls for your account and delivers log files to you for auditing ○ AWS Config continuously records configuration changes ○ Auto Scaling provides an automated demand management for a deployed workload ○ CloudWatch provides the ability to alert on metrics, including custom metrics. ● Failure Management ○ AWS CloudFormation provides templates for the creation of AWS resources and provisions them in an orderly and predictable fashion ○ Amazon S3 keeps backups, Glacier provides highly durable archives, KMS provides a reliable key management system that integrates with many AWS services.
  • 25. Performance Efficiency Design Principles ● Democratize advanced technologies ● Go global in minutes ● Use serverless architectures ● Experiment more often ● Mechanical sympathy
  • 26. Performance Definition ● There are four best practice areas for performance efficiency in the cloud ○ Selection ○ Review ○ Monitoring ○ Tradeoffs
  • 27. Performance Best Practices Selection ● In AWS, resources are virtualized and are available in a number of different types and configurations. ● For example,Amazon DynamoDB provides a fully managed NoSQL database with single-digit millisecond latency at any scale. ● When you select the patterns and implementation for your architecture, use a data-driven approach for the most optimal solution. ● Your architecture will likely combine a number of different architectural approaches (for example, event- driven, ETL, or pipeline). ● Four main resource types that you should consider ○ Compute - instances, containers, and functions ○ Storage - block, file, or object ○ Database - RDS, NoSQL ○ Network - AWS offers product features (for example, very high network instance types, Amazon EBS optimized instances, Amazon S3 transfer acceleration, dynamic Amazon CloudFront) to optimize network traffic. AWS also offers networking features (for example, Amazon Route 53 latency routing, Amazon VPC endpoints, and AWS Direct Connect) to reduce network distance or jitter.
  • 28. Monitoring and Tradeoffs ● Monitoring ○ Amazon CloudWatch provides the ability to monitor and send notification alarms ○ You can use automation to work around performance issues by triggering actions through Amazon Kinesis, Amazon Simple Queue Service (Amazon SQS), and AWS Lambda. ● Tradeoffs ○ Using AWS, you can go global in minutes and deploy resources in multiple locations across the globe to be closer to your end users ○ You can also dynamically add read-only replicas to information stores such as database systems to reduce the load on the primary database ○ AWS also offers caching solutions such as Amazon ElastiCache, which provides an in-memory data store or cache, and Amazon CloudFront, which caches copies of your static content closer to end users. ○ Amazon DynamoDB Accelerator (DAX) provides a read-through/write-through distributed caching tier in front of Amazon DynamoDB,
  • 29. Performance Key AWS Services ● Selection ○ Compute - Auto Scaling ○ Storage - Amazon EBS, Amazon S3 ○ Database - Amazon RDS, Amazon DynamoDB ○ Network - Amazon Route 53, Amazon VPC endpoints and AWS Direct Connect ● Monitoring ○ Amazon CloudWatch, AWS Lambda ● Tradeoffs ○ Amazon ElastiCache, Amazon CloudFront, AWS Snowball, Amazon RDS
  • 30. Cost Optimization Design Principles ● Adopt a consumption model ● Measure overall efficiency ● Stop spending money on data center operations ● Analyze and attribute expenditure ● Use managed services to reduce cost of ownership
  • 31. Cost Optimization Definition ● There are four best practice areas for cost optimization in the cloud: ○ Cost-Effective Resources ○ Matching Supply and Demand ○ Expenditure Awareness ○ Optimizing Over Time
  • 32. Best Practices Cost Optimization ● Cost-Effective Resources ○ On-Demand Instances allow you to pay for compute capacity by the hour, with no minimum commitments required. ○ Reserved Instances allow you to reserve capacity and offer savings of up to 75% off On-Demand pricing. ○ With Spot Instances, you can bid on unused Amazon EC2 capacity at significant discounts. ○ By using tools such as AWS Trusted Advisor to regularly review your AWS usage, you can actively monitor your utilization and adjust your deployments accordingly. ● Matching Supply and Demand ○ Auto Scaling and demand, buffer, and time-based approaches allow you to add and remove resources as needed. ● Expenditure Awareness ○ You can use cost allocation tags to AWS resources (such as EC2 instances or S3 buckets) to categorize and track your AWS costs ○ You can set up billing alerts to notify you of predicted overspending ○ AWS Simple Monthly Calculator allows you to calculate your data transfer costs ● Optimizing Over Time ○ AWS Trusted Advisor inspects your AWS environment and finds opportunities to save you money by eliminating unused or idle resources or committing to Reserved Instance capacity.
  • 33. Visit : www.zekeLabs.com for more details THANK YOU Let us know how can we help your organization to Upskill the employees to stay updated in the ever-evolving IT Industry. Get in touch: www.zekeLabs.com | +91-8095465880 | info@zekeLabs.com