This document discusses AWS and cloud adoption journeys. It describes typical stages of adoption including project, foundation, migration, and reinvention stages. It recommends initial steps for a cloud journey such as creating a minimum viable product, cloud center of excellence, and discovery workshop. The document provides examples of customer cloud journeys over multiple years and discusses concepts like landing zones, account structure, network setup, identity and access management, and service catalog.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This webinar will introduce the lifecycle of an IoT thing and the mechanisms used by AWS IoT to manage things. These mechanisms can be used to securely build and provision things, manage deployment, manage thing health, and integrate with other AWS services. And when the life of the thing has come to an end, we will show you how to retire the thing, keeping your solution secure.
Learning Objectives:
• Common IoT Thing Management Issues
• AWS IoT Security and Access Control Mechanisms
Who Should Attend:
• Technical Decision Makers, Developers, Makers
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
(Presented by Identity Automation) Identity Automation has worked with the North Carolina Department of Public Instruction since April 2013 to provide a cloud-based identity management service for all employees, students, parents and guests of the State’s K12 organizations. In this session, Identity Automation will discuss how the service was used to synchronize identities with target systems, provide federation services as well as end-user self-service and to delegate administration functionality.
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
Hosting workloads on AWS provides organizations with agility, speed, efficiency, and reduced costs. Check Point vSEC further enhances this experience by delivering advanced, multi-layered threat prevention security for your AWS workloads, protecting assets and enabling secure connectivity from enterprise networks to your AWS resources. Register for our upcoming webinar to learn how Check Point vSEC on AWS provided customers with an advanced threat prevention solution to enable secure application delivery. Learn how to migrate your applications and workloads to AWS with vSEC’s comprehensive security solution tailored to help protect your cloud environment.
Join us to learn:
• How Check Point vSEC enabled customers to confidently migrate from an on-premises infrastructure to AWS
• How to prevent network attacks and data breaches when hosting workloads in a cloud-based environment
• How Courtagen Life Sciences secured their cloud environment to maintain compliance, reduce IT expenses and leverage the full capabilities of the AWS Cloud
Who should attend:
IT Admins, Security Admins, Cloud Admins, Business Decision Makers, Compliance & governance officers, Line of Business leaders, DevOps engineers & architects
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This webinar will introduce the lifecycle of an IoT thing and the mechanisms used by AWS IoT to manage things. These mechanisms can be used to securely build and provision things, manage deployment, manage thing health, and integrate with other AWS services. And when the life of the thing has come to an end, we will show you how to retire the thing, keeping your solution secure.
Learning Objectives:
• Common IoT Thing Management Issues
• AWS IoT Security and Access Control Mechanisms
Who Should Attend:
• Technical Decision Makers, Developers, Makers
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
(Presented by Identity Automation) Identity Automation has worked with the North Carolina Department of Public Instruction since April 2013 to provide a cloud-based identity management service for all employees, students, parents and guests of the State’s K12 organizations. In this session, Identity Automation will discuss how the service was used to synchronize identities with target systems, provide federation services as well as end-user self-service and to delegate administration functionality.
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
Hosting workloads on AWS provides organizations with agility, speed, efficiency, and reduced costs. Check Point vSEC further enhances this experience by delivering advanced, multi-layered threat prevention security for your AWS workloads, protecting assets and enabling secure connectivity from enterprise networks to your AWS resources. Register for our upcoming webinar to learn how Check Point vSEC on AWS provided customers with an advanced threat prevention solution to enable secure application delivery. Learn how to migrate your applications and workloads to AWS with vSEC’s comprehensive security solution tailored to help protect your cloud environment.
Join us to learn:
• How Check Point vSEC enabled customers to confidently migrate from an on-premises infrastructure to AWS
• How to prevent network attacks and data breaches when hosting workloads in a cloud-based environment
• How Courtagen Life Sciences secured their cloud environment to maintain compliance, reduce IT expenses and leverage the full capabilities of the AWS Cloud
Who should attend:
IT Admins, Security Admins, Cloud Admins, Business Decision Makers, Compliance & governance officers, Line of Business leaders, DevOps engineers & architects
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
Legacy monitoring and troubleshooting tools can limit visibility and control over your infrastructure and applications. Organizations must find monitoring and troubleshooting tools that can scale with the volume, variety and velocity of data generated by today’s complex applications in order to keep pace with business demands. Our upcoming webinar will discuss how Sumo Logic helped Scripps Networks harness cloud-native machine data analytics to improve application quality and reliability on AWS. Sumo Logic allows IT operations teams to visualize and monitor workloads in real-time, identify issues and expedite root-cause analysis across the AWS environment.
Join us to learn:
• How to migrate from traditional on-premises data centers to AWS with confidence
• How to improve the monitoring and troubleshooting of modern applications
• How Scripps Networks, a leading content developer, used Sumo Logic to optimize their transition to AWS
Who should attend: Developers, DevOps Director/Manager, IT Operations Director/Manager, Director of Cloud/Infrastructure, VP of Engineering
AWS Summit 2014 Melbourne - Breakout 5
Cloud computing gives you a number of advantages, such as being able to scale your application on demand. As a new business looking to use the cloud, you inevitably ask yourself, "Where do I start?" Join us in this session to understand best practices for scaling your resources from zero to millions of users. We will show you how to best combine different AWS services, make smarter decisions for architecting your application, and best practices for scaling your infrastructure in the cloud.
Presenter: Craig Dickson, Solutions Architect, Amazon Web Services
Running Mission Critical Workload for Financial Services Institutions on AWSAmazon Web Services
In this session we will walk through practical examples of how Financial Services Institutions (FSI) operate both common workloads and mission critical applications on AWS. Through real customer examples, we will show you how to leverage the AWS cloud platform to make your application more resilient, reliable and cost effective while increasing your visibility. You will also learn how FSI’s deploy, architect and secure their workloads on AWS and how to leverage platform features to extend and integrate your existing infrastructure with AWS.
Innovating IAM Protection for AWS with Dome9 - Session Sponsored by Dome9Amazon Web Services
Innovating IAM Protection for AWS. Protecting your IAM users and roles is a priority for security professionals and DevOps teams alike. The challenge becomes more complex when adding multiple AWS accounts, many users, and a growing list of local and cross account roles. By utilizing an innovative IAM protection solution, you can successfully defend your AWS cloud from new threats.
In this 30 min session you will learn:
How to identify and map out potential IAM risk factors and attack vectors.
How to prevent potentially dangerous activities over your AWS accounts directly from your mobile device.
How to defend your AWS investment from compromised credentials and malicious insiders that can impact your business.
Speaker: Patrick Pushor, Chief Technical Evangelist at Dome9
From Monolith to Microservices - Containerized Microservices on AWS - April 2...Amazon Web Services
Learning Objectives:
• Understand key microservices concepts and common patterns
• Learn how to deploy microservices on Amazon ECS
What are monoliths, what are microservices, how do containers fit into the picture, and how do I do this all in production?
In this session, we will explore the reasoning and concepts behind microservices and how you can transform monolithic apps into microservices. We will discuss how containers simplify building microservices-based applications, and we will walk through a number of patterns used by our customers to run their microservices platforms. We will also dive deep into some of the challenges of running microservices, such as load balancing, service discovery, and secrets management, and we’ll see how Amazon EC2 Container Service (ECS) can help address them. We’ll also demo how you can easily deploy complex microservices applications using Amazon ECS.
AWS provides enterprises numerous ways to migrate to the cloud, based on your business needs. Because AWS was built with the most data-sensitive, regulated industries in mind, enterprises have access to the most robust networking and security controls to safeguard a protected and seamless migration. In this session, AWS security professionals provide an overview of what security essentials you need to consider when migrating to the cloud. We will also provide a compliance update on what you need to consider in relation to regulatory issues.
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
As government agencies expand the use of cloud services, security continues to be a top priority for program managers, policymakers, and cloud service providers (CSPs). Governments and agencies worldwide are moving workloads with varying levels of sensitivity to the cloud. This session will feature agency-level security risk management practices and address common myths about security in the cloud. Participants will gain insight into how governments are leveraging cloud computing to improve their security posture and more quickly benefit from economies of scale.
Mark Ryland, Chief Solutions Architect, Amazon Web Services, WWPS
Does meeting stringent compliance requirements keep you up at night? Do you worry about having the right audit trails in place as proof?
In this session, you will learn why building security in from the beginning saves you time (and painful retrofits) later, how to gather and retain audit evidence for instances that are only up for minutes or hours, and how to meet many compliance requirements and ensured that Amazon EC2 instances are immediately protected as they come online.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
Amazon Web Services offers a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. Amazon Web Services provides security-specific tools and features across network security, configuration management, access control and data security. In addition, Amazon Web Services provides monitoring and logging tools to provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that Amazon Web Services offers, and the latest security innovations coming from Amazon Web Services.
Andrew Watts-Curnow, Cloud Architect - Professional Services, ASEAN
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
Availability of cloud computing is helping Financial Services organizations realize accelerated go-to-market speeds, global scalability, and cost efficiencies. This new world forces considerations for security programs – what is different in the cloud and what do I do differently? AWS Security Architects will share protocols that need to be considered in the cloud, on premises, or in a hybrid model. They will also share best practices, lessons learned, efficiencies, and design patterns and architectures unique to cloud.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
Cloud Migration for Financial Services - Toronto - October 2016Amazon Web Services
Presented by Cloud Technology Partners. Robert Christiansen presents us best practices for cloud adoption, taking us on the journey from a single application on the cloud, through hybrid cloud, culminating with a Cloud First Approach.
Aufbau von agilen und effizienten IT Organisationen mit DevOpsAWS Germany
IT-Landschaften und -Applikationen werden zunehmend komplexer. Als Folge dessen haben Entwicklungsteams ihre Software-Entwicklungsprozesse mit der Zeit entsprechend weiterentwickelt. Autonome und selbstbestimmte Teams treten vermehrt in den Vordergrund und folgen einem agilen Ansatz und Prinzipien, die dem "Lean Software Development" entstammen. Dieser Wandel hat sich bis hin zu den Operationsteams vollzogen und so die Grenzen zwischen Entwicklung und Betrieb verschwimmen lassen.
Unter dem Begriff "DevOps" versteht man heute eine Menge an Werkzeugen, Prozessen, Best Practices, und auch Unternehmensleitlinien, die IT-Organisationen agiler und effizienter machen. Zwar sind die Werkzeuge und die Methodik unter DevOps Fachleuten gut verstanden, jedoch ergeben sich aufgrund des traditionellen IT-Betriebs (Mode 1 IT) oft nicht die versprochenen Vorteile, wie erhöhte Agilität und Flexibilität.
AWS bietet Ihnen eine flexible Plattform, auf deren Basis Unternehmen wie Netflix, Airbnb, Zalando und viele andere, DevOps Praktiken und Prozesse mit großem Erfolg umsetzen konnten.
Dieses Webinar nimmt die verschiedenen Elemente von DevOps genauer unter die Lupe und erklärt wie sie der Grundstein für diese Erfolgsgeschichten wurden.
This session will provide an update on considerations for FIs around security and controls, with specific focus on the recently published Comprehensive Guidance on Cybersecurity Controls Issued by Securities and Futures Commission (SFC). The session will then conclude with an introduction to compliance concepts in the Cloud Using Security by Design principles.
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and will cover solutions for account structure, user configuration, provisioning, networking and operation automation. This solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and Amazon Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations. Additionally, Philips will explain their cloud journey and how they have applied their guiding principles when building their landing zone.
Legacy monitoring and troubleshooting tools can limit visibility and control over your infrastructure and applications. Organizations must find monitoring and troubleshooting tools that can scale with the volume, variety and velocity of data generated by today’s complex applications in order to keep pace with business demands. Our upcoming webinar will discuss how Sumo Logic helped Scripps Networks harness cloud-native machine data analytics to improve application quality and reliability on AWS. Sumo Logic allows IT operations teams to visualize and monitor workloads in real-time, identify issues and expedite root-cause analysis across the AWS environment.
Join us to learn:
• How to migrate from traditional on-premises data centers to AWS with confidence
• How to improve the monitoring and troubleshooting of modern applications
• How Scripps Networks, a leading content developer, used Sumo Logic to optimize their transition to AWS
Who should attend: Developers, DevOps Director/Manager, IT Operations Director/Manager, Director of Cloud/Infrastructure, VP of Engineering
AWS Summit 2014 Melbourne - Breakout 5
Cloud computing gives you a number of advantages, such as being able to scale your application on demand. As a new business looking to use the cloud, you inevitably ask yourself, "Where do I start?" Join us in this session to understand best practices for scaling your resources from zero to millions of users. We will show you how to best combine different AWS services, make smarter decisions for architecting your application, and best practices for scaling your infrastructure in the cloud.
Presenter: Craig Dickson, Solutions Architect, Amazon Web Services
Running Mission Critical Workload for Financial Services Institutions on AWSAmazon Web Services
In this session we will walk through practical examples of how Financial Services Institutions (FSI) operate both common workloads and mission critical applications on AWS. Through real customer examples, we will show you how to leverage the AWS cloud platform to make your application more resilient, reliable and cost effective while increasing your visibility. You will also learn how FSI’s deploy, architect and secure their workloads on AWS and how to leverage platform features to extend and integrate your existing infrastructure with AWS.
Innovating IAM Protection for AWS with Dome9 - Session Sponsored by Dome9Amazon Web Services
Innovating IAM Protection for AWS. Protecting your IAM users and roles is a priority for security professionals and DevOps teams alike. The challenge becomes more complex when adding multiple AWS accounts, many users, and a growing list of local and cross account roles. By utilizing an innovative IAM protection solution, you can successfully defend your AWS cloud from new threats.
In this 30 min session you will learn:
How to identify and map out potential IAM risk factors and attack vectors.
How to prevent potentially dangerous activities over your AWS accounts directly from your mobile device.
How to defend your AWS investment from compromised credentials and malicious insiders that can impact your business.
Speaker: Patrick Pushor, Chief Technical Evangelist at Dome9
From Monolith to Microservices - Containerized Microservices on AWS - April 2...Amazon Web Services
Learning Objectives:
• Understand key microservices concepts and common patterns
• Learn how to deploy microservices on Amazon ECS
What are monoliths, what are microservices, how do containers fit into the picture, and how do I do this all in production?
In this session, we will explore the reasoning and concepts behind microservices and how you can transform monolithic apps into microservices. We will discuss how containers simplify building microservices-based applications, and we will walk through a number of patterns used by our customers to run their microservices platforms. We will also dive deep into some of the challenges of running microservices, such as load balancing, service discovery, and secrets management, and we’ll see how Amazon EC2 Container Service (ECS) can help address them. We’ll also demo how you can easily deploy complex microservices applications using Amazon ECS.
AWS provides enterprises numerous ways to migrate to the cloud, based on your business needs. Because AWS was built with the most data-sensitive, regulated industries in mind, enterprises have access to the most robust networking and security controls to safeguard a protected and seamless migration. In this session, AWS security professionals provide an overview of what security essentials you need to consider when migrating to the cloud. We will also provide a compliance update on what you need to consider in relation to regulatory issues.
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
As government agencies expand the use of cloud services, security continues to be a top priority for program managers, policymakers, and cloud service providers (CSPs). Governments and agencies worldwide are moving workloads with varying levels of sensitivity to the cloud. This session will feature agency-level security risk management practices and address common myths about security in the cloud. Participants will gain insight into how governments are leveraging cloud computing to improve their security posture and more quickly benefit from economies of scale.
Mark Ryland, Chief Solutions Architect, Amazon Web Services, WWPS
Does meeting stringent compliance requirements keep you up at night? Do you worry about having the right audit trails in place as proof?
In this session, you will learn why building security in from the beginning saves you time (and painful retrofits) later, how to gather and retain audit evidence for instances that are only up for minutes or hours, and how to meet many compliance requirements and ensured that Amazon EC2 instances are immediately protected as they come online.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
Amazon Web Services offers a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. Amazon Web Services provides security-specific tools and features across network security, configuration management, access control and data security. In addition, Amazon Web Services provides monitoring and logging tools to provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that Amazon Web Services offers, and the latest security innovations coming from Amazon Web Services.
Andrew Watts-Curnow, Cloud Architect - Professional Services, ASEAN
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
Availability of cloud computing is helping Financial Services organizations realize accelerated go-to-market speeds, global scalability, and cost efficiencies. This new world forces considerations for security programs – what is different in the cloud and what do I do differently? AWS Security Architects will share protocols that need to be considered in the cloud, on premises, or in a hybrid model. They will also share best practices, lessons learned, efficiencies, and design patterns and architectures unique to cloud.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
Cloud Migration for Financial Services - Toronto - October 2016Amazon Web Services
Presented by Cloud Technology Partners. Robert Christiansen presents us best practices for cloud adoption, taking us on the journey from a single application on the cloud, through hybrid cloud, culminating with a Cloud First Approach.
Aufbau von agilen und effizienten IT Organisationen mit DevOpsAWS Germany
IT-Landschaften und -Applikationen werden zunehmend komplexer. Als Folge dessen haben Entwicklungsteams ihre Software-Entwicklungsprozesse mit der Zeit entsprechend weiterentwickelt. Autonome und selbstbestimmte Teams treten vermehrt in den Vordergrund und folgen einem agilen Ansatz und Prinzipien, die dem "Lean Software Development" entstammen. Dieser Wandel hat sich bis hin zu den Operationsteams vollzogen und so die Grenzen zwischen Entwicklung und Betrieb verschwimmen lassen.
Unter dem Begriff "DevOps" versteht man heute eine Menge an Werkzeugen, Prozessen, Best Practices, und auch Unternehmensleitlinien, die IT-Organisationen agiler und effizienter machen. Zwar sind die Werkzeuge und die Methodik unter DevOps Fachleuten gut verstanden, jedoch ergeben sich aufgrund des traditionellen IT-Betriebs (Mode 1 IT) oft nicht die versprochenen Vorteile, wie erhöhte Agilität und Flexibilität.
AWS bietet Ihnen eine flexible Plattform, auf deren Basis Unternehmen wie Netflix, Airbnb, Zalando und viele andere, DevOps Praktiken und Prozesse mit großem Erfolg umsetzen konnten.
Dieses Webinar nimmt die verschiedenen Elemente von DevOps genauer unter die Lupe und erklärt wie sie der Grundstein für diese Erfolgsgeschichten wurden.
This session will provide an update on considerations for FIs around security and controls, with specific focus on the recently published Comprehensive Guidance on Cybersecurity Controls Issued by Securities and Futures Commission (SFC). The session will then conclude with an introduction to compliance concepts in the Cloud Using Security by Design principles.
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and will cover solutions for account structure, user configuration, provisioning, networking and operation automation. This solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and Amazon Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations. Additionally, Philips will explain their cloud journey and how they have applied their guiding principles when building their landing zone.
Elasticity and security are enabling enterprises to move highly regulated workloads to the AWS Cloud. However, given the sensitivity around this protected customer data, what newly released services can be implemented to remain secure and compliant? Find out in this session for Chief Security, Risk and Compliance Officers.
Speaker: Dave Walker, Security Solutions Architect, Amazon Web Services
AWS Landing Zone - Architecting Security and GovernanceAkesh Patil
This slide deck provides an overview of the AWS Landing Zone, which is a well-architected, multi-account AWS environment designed to be scalable and secure. It serves as a starting point for organizations to quickly launch and deploy workloads and applications on AWS.
The deck explains the key components and capabilities of the AWS Landing Zone, including:
The use of AWS Control Tower, a service that simplifies the setup and governance of a multi-account Landing Zone environment following AWS best practices.
1. The Landing Zone's objectives, such as establishing an account structure, developing a governance framework, implementing centralized identity and access management, and optimizing costs.
2. The technical foundations of the Landing Zone, including Organization Units (OUs), preventive and detective guardrails, and the integration of AWS security services like CloudTrail, Config, GuardDuty, Inspector, and Security Hub.
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Amazon Web Services
An organisation’s security controls are defined in part as a result of a need to comply with external industry regulatory requirements, and in part as a result of the organisation’s own risk appetite and culture. In this session we discuss our recommendations for producing a highly-secure AWS baseline environment, comprising multiple AWS accounts to enforce separation of duty, and each configured with a set of base controls for implementing access control, log capture and aggregation, and attack mitigation. We then map common sets of security controls to this architecture, and show how such an architecture can meet the requirements of various external standards.
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and explain features for account structuring, user configuration, provisioning, networking and operation automation. The Migration Landing Zone solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and AWS Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations.
Speaker: Koen Biggelaar, Senior Manager, Solutions Architecture, Amazon Web Services and Mahmoud ElZayet
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
If you are looking for complete instructions on how to build your own Cloud governance process and control then view our recorded webinar on our youtube channel. We take you step by step on what is governance for the cloud and a focus area for security governance.
As companies shift workloads into the cloud, IT organizations are required to manage an increasing number of cloud resources. AWS provides a broad set of services that help IT organizations with provisioning, tracking, auditing, configuration management, and cost management of their AWS resources. In this session, we will explore the AWS Management Tools suite of services that support the lifecycle management of AWS resources at scale and enable IT governance and compliance. The Deep Dive on AWS Management Tools session will benefit both new and experienced IT administrators, systems administrators, and developers operating infrastructure on AWS and interested in learning about the AWS resource management capabilities.
Getting Started with Windows Workloads on Amazon EC2 - TorontoAmazon Web Services
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWSAmazon Web Services
"Do you need to develop a business case for moving to cloud or communicate business value of your investment in AWS? This session introduces you to methods and tools to help you calculate total cost of ownership (TCO) and evaluate your business value gains from AWS.
In this session, you learn how to measure TCO and business value, and communicate a business case to organizations such as finance and procurement. You compare the costs of running your own IT infrastructure on-premises vs. on AWS and quantify intangible benefits. You also learn about resources available from AWS to help you engage in business value conversations with your organization’s leaders and what contact is available to you for further evaluation. "
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
This session will demonstrate how to embrace DevSecOps to improve your security and compliance agility and posture within the highly regulated HIPAA environment. We will cover compliance frameworks, data decoupling strategies to fully utilize AWS, and best practices learned from the industry most active cloud adopters.
Expanding your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
Cloud is a new common for the Hybrid IT strategies. In this session, we will explain what’s different between cloud and your datacenter as well as how to make your Hybrid Cloud strategies
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
Cloud is a new common for the Hybrid IT strategies. In this session, we will explain what’s different between cloud and your datacenter as well as how to make your Hybrid Cloud strategies.
This webinar will introduce the AWS Shared Security Model. We will examine how to use the inherent security of the AWS environment, coupled with the security tools and features AWS makes available, to create a resilient environment with the security you need.
Learning Objectives:
• Understand the security measures AWS puts in place to secure the environment where your data lives
• Understand the tools AWS offers to help you create a resilient environment with the security you need
• Consider actions when moving a sensitive workload to AWS • Security benefits you can expect by deploying in the AWS Cloud
Who Should Attend:
- Prospects and customers with a security background
- Who are interested in using AWS to manage security-sensitive workloads
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
2. A typical “Cloud Journey” shows workloads moving at
different speed
Stages of Adoption
Ø Project stage
Ø Foundation stage
Ø Migration stage
Ø Reinvention
Tipping points
Ø Cloud-First ‘intent’
Ø All-in ‘intent’
2
3. Your recommended 1st 90 days
Create Cloud
‘Minimum Viable
product’
Create ‘Cloud
Centre of
Excellence’
Get Proof-of-Concepts and
Early adopters onto platform
ASAP
Iterative
development
Use continuous feedback
and cycles of learning to
develop MVP
Tiger team of IT and
business SMEs to plan,
develop and build cloud
capability
Critical to delivering
value ASAP
Hold Cloud
Discovery
Workshop
Executive Sponsor, Key
Business Stakeholders, IT
Leadership Build out your initial cloud
capability
Create Cloud
Operations
Model, Business
Case & Roadmap• Use the AWS CAF to
guide your planning
• Understand Business
Drivers, expected
outcomes and current
environment
• Overview of AWS
services & identification
of POC workloads
• Identify AWS services
and partners to
accelerate adoption
• Roadmap to establishing
AWS cloud foundation
• Creates and drives
a compelling vision
and business case
for the adoption
and use of cloud
capabilities
• Minimal set of
AWS capabilities
required to deliver
clear business
value
• Creation of the
Cloud Operating
Model, Business
Case and
Transformation
Roadmap
4. An example Customer cloud journey…
The First Year
1.0 MVP Month 0-3 1.1 Iteration-1 Month 4-6 1.2 Iteration-2 Month 7-9
Platform
Build
SDLC
CCoE
Application Migration
(Business risk appetite)
Demonstrate
high value apps
on AWS
Network, IAM &
Security
Financial
Reporting
Basic EC2, RDS, EBS Templates
Standard Pipelines & Developer
Tools
Standard Cloud SOE
AMI Baking Process
Standard
Release, Change, Event
Management
Self-
Service
Service
Catalog
Move simple,
low-risk apps
Non-critical apps
move using
CI/CD
Critical apps
move using
CI/CD
Legacy apps
move using lift &
shift
SDLC Security,
Resilience &
Compliance
Production ITIL workflow
automation
Incident, Problem,
Management
Production
Assurance
Testing
Value
Time
Usage spike as
Self-Service
becomes available
5. The Adoption Journey Continued
Year 1 Year 2 Year 3 Year 4
• Early Discovery
• Learning
• POCs
• TCO/ROI Analysis
• Security & Risk Preparation
• Cloud Strategy
• Foundational Architecture
• New Application
Patterns (MSA, CI/CD)
• Dev/Test
• Production
Application Migration
• Operational Integration
• Billing Optimization
Value
• Portfolio Mass
Migration
• DC Shutdown
• Horizontal Solutions
(VDI, Back-
up/Archive, Broad
storage)
• Advanced
Operational Patterns
(CI/CD)
• Optimization
• Infrastructure fully automated
• App/Dev owns full solution stack with
tools and service catalogs
Time
Year 5
6. What is a Landing Zone and do I need one?
H
- A configured secure enterprise multi-account AWS
environment based on best practices
- A starting point for your application migration journey
- An environment that allows for iteration & extension over time
7. Our Journey Today
Domains Direct
Connect
Start Accounts
End User
Interaction
AutomationService
Catalog
Central
Services
Migrate
Iterate
Operate &
Optimize
Logging Config Access Identities Federation
Network Security
Identity &
Access
Cloud
Users
What’s
Next ?
image
8. Infrastructure
Request
Current State
Typical Enterprise Situation
Governance
&
Service
Management
Central IT
Lines of
Business
Provisioning
Characteristics
• Lead times ~days to weeks
• Service catalogue of components
• Often process-heavy service
management
9. Agility versus Control
How to choose?
We want agility,
so we can
innovate in our
business
I need control,
so I can protect
our business
Business & Business IT Central IT?
10. Monitor
&
Respond
Landing Zone
Templates
Policy &
Best Practices
Landscape
Management
Current State
Opportunity to achieve agility and control
Automation
Lines of
Business
Central IT Opportunities
• Lead times in minutes
• Service catalogue of
landscapes
• Automated service
management
13. Account Structure
• Don’t overdo on Day One
• Use separate accounts for:
Security and
Compliance Isolation
(production non-prod,
logging)
Cost Allocation Resource Management
and Ownership
18. Our Landing Zone needs to be safe and secure
Insight is the first step
• Who is accessing our Amazon accounts and what
are they doing?
• How will we know if anyone breaks our security
policy?
• What does the traffic on our infrastructure look like
and are all of our resources isolated?
• How can we easily analyze our logs?
19. AWS CloudTrail records who is accessing APIs
Store/archive
Central logging
account
Troubleshoot
Monitor & alarm
AWS
accounts
make API
call
On a growing
set of AWS
services around
the world..
CloudTrail is
continuously
recording
API calls
Amazon
EBS
20. AWS Config informs you of policy violations
Compliance
Guideline
Non-compliance
Action
All storage
volumes should
be encrypted
Automatically
encrypt storage
volumes
Instances must
not have
unrestricted
Internet access
on Port 22
Remove Port 22
access from any
Internet host
Instances must
be tagged with
environment type
Notify developer
(email, page,
SNS)
Pre-configured rules:
https://github.com/awslabs/aws-config-rules
21. Log everything centrally for analysis
The AWS centralized logging
solution makes it easy for
security teams to consolidate
AWS logs and analyze them to
detect incidents
Amazon
EC2
flow
logs
VPC subnet
AWS
CloudTrail
Amazon S3
Amazon
CloudWatch
AWS
Lambda
Amazon
Elasticsearch
Service
You can do this by simply using:
• Amazon ElasticSearch Service
• CloudTrail logs
• VPC flow logs
• EC2 server logs
Log Transform Search
https://aws.amazon.com/answers/
logging/centralized-logging
22. Launch
instance
EC2
AMI catalogue Running instance
Your instance
Hardening and configuration
Audit and logging
Vulnerability management
Malware and IPS
Whitelisting and integrity
User administration
Operating system
Configure
instance
Configure your environment as you like
You get to apply your existing security policy
Two options to create or import your own ‘gold’ images
1. Import existing VMs to AWS
2. Procure partner AMI from AWS Marketplace
3. Create and save your own custom images
On 3: choose how to build your standard host security
environment
Choose how to start your compute
Private images or import your current ones
CIS AMI: https://aws.amazon.com/marketplace/seller-profile?id=6b3b0dc2-c6f4-487b-8f29-9edba5f39eed
24. You get to control who can do what in your AWS environment when and
from where
Fine-grained control of your AWS cloud with multi-factor authentication
Integrate with your existing corporate directory and provide SSO to
your customers. Support for SAML 2.0 (like your existing Active Directory)
and OpenID compatible Identity Providers (IdPs).
You can use AWS managed policies, policies for typical job functions
or customer-generated policies using the policy generator and test
with the policy simulator
AWS account
owner
Identity and Access Management
Control access and segregate duties everywhere
25. Corporate Data Center
Browser interface
Identity
Store
Identity and Access Management
Federation with on-prem directory
AD Group
Identity and
authentication
Mapping to specific
IAM role with
access policy
Access to AWS
http://docs.aws.amazon.com/directoryservice/latest/admin-guide/manage_apps_services.html
27. Customers want to:
• Define the resources and
landscapes where software and
applications are deployed
• ‘Approve once and deploy many’
• Enable self-service, deploy with
confidence
• Automate deployments
Agility and Control
What do customers tell us about asset management deployment?
28. Agility and Control
AWS Service Catalog
AWS Service Catalog allows organizations to create and manage
catalogs of IT services. It enables users to quickly deploy approved IT
services they need in a self-service manner.
Administrator Users
Control
Standardization
Governance
Agility
Self-service
Time to market
29. Product =
Template
CloudFormation Running stack
JSON formatted file
Parameter definition
Resource creation
Configuration actions
Configured AWS services
Comprehensive service support
Service event-aware
Customizable
Framework
Stack creation
Stack updates
Error detection and rollback
Administrator Interaction
CloudFormation to create products