This document provides an overview of AWS tagging best practices and techniques for cost optimization through tagging. It discusses proactive and reactive approaches to tag governance and enforcement. Proactive techniques include using tag policies, IAM policies, and service control policies to enforce tagging rules. Reactive techniques involve using the tag editor and AWS Config rules to identify untagged resources and enable tagging remediation. The document also provides examples of tag taxonomies and using cost allocation tags with Cost Explorer for cost reporting and analysis.
This document provides guidance on building an effective tag strategy for AWS resources. It discusses key aspects of tagging like resource tags for organization vs cost allocation tags. It recommends following a process-driven approach including defining requirements, identifying key reports, mapping tags, piloting the strategy, and automating tagging. Automation, monitoring, and using tags for triggers are also covered as important aspects of tag strategy and maintenance.
This is the Lesson 3 of the "Azure Governance - Free training" serie.
This document presents Azure Tags in-depth and lists all key items you should now when designing your Azure Tags model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create and apply Azure Tags to your Azure environment.
In this presentation, we will tackle the 'Operational Excellence Pillar' of the AWS Well-Architected Framework. This pillar focuses on running and monitoring systems that deliver business value, and continually improving processes and procedures.
Amazon Web Services (AWS) has spent years working with thousands of companies across all industries to create the most comprehensive collection of best practices and guidance known as the Well-Architected Framework. This resource is available for organizations undergoing a cloud transformation who want to ensure their success on AWS.
Topics Include:
- How operational excellence is a consequence of culture.
- The six design principles for operational excellence in the cloud.
- The focus areas of cloud operational excellence.
- What operational excellence looks like in practice.
This document summarizes a presentation on cloud migration best practices. It discusses common drivers for cloud migration like cost reduction. It outlines a three phase approach to migration - readiness assessment, readiness and planning, and migration and operations. It provides guidance on assessing migration readiness in areas like people, security, and visibility. It also discusses tools that can help with migration and best practices around methodology, governance, and staffing commitment.
AWS Cloud Center Excellence Quick Start Prescriptive GuidanceTom Laszewski
This presentation is a practical playbook for defining, establishing, and implementing a Cloud Enablement Engine (CEE). It collates and summarizes the lessons learned and anti-patterns gathered from the CEE journeys successfully navigated at Amazon and other large enterprise companies. A lot has been written about the need to establish a CEE, the benefits of moving to a productization mindset, and the business value of tribes, guilds, and two-pizza teams. However, larger organizations are still struggling with a CEE 30-60-90 day plan, and the essential components of the CEE during its first six months in existence.
The prescriptive guidance in this presentation provides pragmatic and tactical advice for establishing a Cloud Enablement Engine (CEE) – also referred to as a Cloud Center of Excellence (CCoE) or Cloud Enablement Team. This presentation serves as a step-by-step guide for the initial setup activities, and the top ten best practices that have been extrapolated from working across a large number of customers. What not to do is as important as what to do. Therefore, the top ten anti-patterns are discussed.
A key focus of the CEE is transforming the IT organization from an on-premise operating model to a Cloud Operating Model (COM). The transformation to COM and the charter of a CEE are highly correlated and interconnected. During the nascent stage of the CEE, the focus of the CEE will be on the infrastructure components of a COM. This includes the operations, security & control, platform architecture & governance, and infrastructure provisioning & configuration management functions. AWS understands that enterprise (on-premises) operating models are based on ITIL. Therefore, the cloud transformation from an on-premises operating model to a COM will include mapping ITIL to a cloud, agile, and DevOps based capabilities and processes. Fortunately, ITIL 4.0 embraces DevOps, cloud, and agile.
The document summarizes an Azure Saturday event on Azure governance. It discusses why governance is important, defines Azure governance, and covers key Azure governance tools and methods including tags, templates, and policies. The presentation provides examples and explanations of each tool and discusses how they help organize, standardize, and control access to Azure resources.
This document helps you designing your Azure Naming Convention model.
It includes :
> Naming standards rules and restrictions
> Azure Naming Convention Best Practices
> All informations you should you know to successfully create your Azure naming convention model.
DRAFT: Extend Industry Well-Architected Frameworks to focus on Data and business outcomes. Addition of Data to the cloud framework will resolve fragmented approaches that customers are struggling with respect to data placement within various cloud providers.
This document provides guidance on building an effective tag strategy for AWS resources. It discusses key aspects of tagging like resource tags for organization vs cost allocation tags. It recommends following a process-driven approach including defining requirements, identifying key reports, mapping tags, piloting the strategy, and automating tagging. Automation, monitoring, and using tags for triggers are also covered as important aspects of tag strategy and maintenance.
This is the Lesson 3 of the "Azure Governance - Free training" serie.
This document presents Azure Tags in-depth and lists all key items you should now when designing your Azure Tags model.
Finally, the document describes all methods/tools (GUI & CLI) you can use to create and apply Azure Tags to your Azure environment.
In this presentation, we will tackle the 'Operational Excellence Pillar' of the AWS Well-Architected Framework. This pillar focuses on running and monitoring systems that deliver business value, and continually improving processes and procedures.
Amazon Web Services (AWS) has spent years working with thousands of companies across all industries to create the most comprehensive collection of best practices and guidance known as the Well-Architected Framework. This resource is available for organizations undergoing a cloud transformation who want to ensure their success on AWS.
Topics Include:
- How operational excellence is a consequence of culture.
- The six design principles for operational excellence in the cloud.
- The focus areas of cloud operational excellence.
- What operational excellence looks like in practice.
This document summarizes a presentation on cloud migration best practices. It discusses common drivers for cloud migration like cost reduction. It outlines a three phase approach to migration - readiness assessment, readiness and planning, and migration and operations. It provides guidance on assessing migration readiness in areas like people, security, and visibility. It also discusses tools that can help with migration and best practices around methodology, governance, and staffing commitment.
AWS Cloud Center Excellence Quick Start Prescriptive GuidanceTom Laszewski
This presentation is a practical playbook for defining, establishing, and implementing a Cloud Enablement Engine (CEE). It collates and summarizes the lessons learned and anti-patterns gathered from the CEE journeys successfully navigated at Amazon and other large enterprise companies. A lot has been written about the need to establish a CEE, the benefits of moving to a productization mindset, and the business value of tribes, guilds, and two-pizza teams. However, larger organizations are still struggling with a CEE 30-60-90 day plan, and the essential components of the CEE during its first six months in existence.
The prescriptive guidance in this presentation provides pragmatic and tactical advice for establishing a Cloud Enablement Engine (CEE) – also referred to as a Cloud Center of Excellence (CCoE) or Cloud Enablement Team. This presentation serves as a step-by-step guide for the initial setup activities, and the top ten best practices that have been extrapolated from working across a large number of customers. What not to do is as important as what to do. Therefore, the top ten anti-patterns are discussed.
A key focus of the CEE is transforming the IT organization from an on-premise operating model to a Cloud Operating Model (COM). The transformation to COM and the charter of a CEE are highly correlated and interconnected. During the nascent stage of the CEE, the focus of the CEE will be on the infrastructure components of a COM. This includes the operations, security & control, platform architecture & governance, and infrastructure provisioning & configuration management functions. AWS understands that enterprise (on-premises) operating models are based on ITIL. Therefore, the cloud transformation from an on-premises operating model to a COM will include mapping ITIL to a cloud, agile, and DevOps based capabilities and processes. Fortunately, ITIL 4.0 embraces DevOps, cloud, and agile.
The document summarizes an Azure Saturday event on Azure governance. It discusses why governance is important, defines Azure governance, and covers key Azure governance tools and methods including tags, templates, and policies. The presentation provides examples and explanations of each tool and discusses how they help organize, standardize, and control access to Azure resources.
This document helps you designing your Azure Naming Convention model.
It includes :
> Naming standards rules and restrictions
> Azure Naming Convention Best Practices
> All informations you should you know to successfully create your Azure naming convention model.
DRAFT: Extend Industry Well-Architected Frameworks to focus on Data and business outcomes. Addition of Data to the cloud framework will resolve fragmented approaches that customers are struggling with respect to data placement within various cloud providers.
Learn how to get insight and understanding into where your AWS costs are going by using automated tag management of your AWS resources.
See the accompanying webinar at https://www.youtube.com/watch?v=m762X3eGyKQ
This document provides an overview of the Microsoft Cloud Adoption Framework for Azure. It begins by explaining why cloud adoption is important, noting that 91% of organizations see digital transformation as critical to their business and that shifting to the cloud can provide significant cost savings and revenue benefits. It then introduces the Cloud Adoption Framework, which is an iterative process to help organizations define their cloud strategy, plan their adoption, prepare for change, adopt technologies by migrating or innovating, and govern and manage their cloud environment. Common blockers to cloud adoption are discussed along with the various tools, templates, and assessments available to help organizations overcome those blockers at each stage of the framework.
Cloud Adoption Framework Phase one-moving to the cloudAnthony Clendenen
This is the first phase in the cloud adoption framework. It includes getting started and a cloud readiness section to determine the overall readiness for cloud adoption.
This document provides guidance on troubleshooting issues with EC2 instances and Elastic Load Balancers (ELB) on AWS. It begins by recommending monitoring the AWS service health dashboard and CloudWatch metrics. Potential causes and resolutions are outlined for common problems with EC2 instance launching, health, networking, and EBS volumes. For ELBs, error messages, response metrics, health checks, and other potential problems are covered. The document concludes by listing information needed for support cases and additional resources.
Applying DevOps to Databricks can be a daunting task. In this talk this will be broken down into bite size chunks. Common DevOps subject areas will be covered, including CI/CD (Continuous Integration/Continuous Deployment), IAC (Infrastructure as Code) and Build Agents.
We will explore how to apply DevOps to Databricks (in Azure), primarily using Azure DevOps tooling. As a lot of Spark/Databricks users are Python users, will will focus on the Databricks Rest API (using Python) to perform our tasks.
In this session, AWS will present an overview of the AWS Landing Zone – an automated solution for setting up a robust and flexible AWS environment. Customers can expect to learn how AWS works with customers to accelerate their journey to AWS confidently and securely and how the AWS Landing Zone can be customized to meet each organization’s specific needs.
Presenter: Sadegh Nadimi, Senior Consultant, Global Migrations, AWS
The document provides guidelines for successfully migrating applications to the cloud. It discusses assessing applications to determine suitability for migration, building a business case, developing a technical approach, adopting an integration model, addressing security and privacy requirements, and managing the migration project. The key steps involve planning the migration thoroughly through readiness assessments, justifying the business value, designing technical solutions, ensuring integrations continue to function, protecting sensitive data, and executing the migration through testing and cutover.
딥러닝 서비스에 쓰이는 GPU 인스턴스 비용 효율을 위한 스팟(Spot) 활용기 - 손은주, 매스프레소 :: AWS DevDay 2018Amazon Web Services Korea
딥러닝 서비스에 쓰이는 GPU 인스턴스 비용 효율을 위한 스팟(Spot) 활용기 (손은주, 매스프레소) :: AWS DevDay 2018
매스프레소는 딥러닝 기반 OCR 검색 엔진을 자체 개발하여, 수학 문제 이미지 속 텍스트와 수식을 인식하여 풀이를 제공해주는 ‘콴다’앱를 운영 중입니다. 스타트업이 딥러닝 기반 서비스를 만들기 위해 AWS가 제공하는 GPU 인스턴스를 활용하는 방법과 에이전트 기반 지표 수집, 그리고 비용 절감을 위해 스팟 인스턴스를 활용하여 안정된 서비스 운영 방법 등을 공유합니다.
Attendees will learn how to leverage the identity and authorisation, network security and secrets management features of the wider AWS platform for their containers, including Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Container Service for Kubernetes (Amazon EKS). We also discuss best practices for the security of your container images such as scanning them for known vulnerabilities.
This document summarizes CI/CD on AWS by Bhargav Amin. It introduces DevOps practices like continuous integration, continuous delivery, and continuous deployment. It explains how to design a CI/CD pipeline and create one on AWS using services like CodeCommit, CodeBuild, CodeDeploy, and CodePipeline. The document provides examples of integrating these services to automate building, testing, and deploying code changes. It also includes a link to a demo repository and discusses managing infrastructure with CI/CD by updating CloudFormation templates in a pipeline.
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Antonios Chatzipavlis
Azure SQL Database is a managed database service hosted in Microsoft's Azure cloud. Some key differences from SQL Server include: the service is paid by the hour based on the selected service tier; users can dynamically scale resources up or down; backups and high availability are managed by the service provider; and common administration tasks are handled by the provider rather than the user. The service offers automatic backups, point-in-time restore, and geo-restore capabilities along with built-in high availability through replication across three copies in the primary region.
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineAmazon Web Services
Many organizations have adopted or are in the process of adopting DevOps methodologies in their quest to accelerate the delivery of software capabilities, features, and functionalities to support their organizational objectives. By applying the same practices, DataOps aims to provide the same level of agility in delivering data and information to the organization. AWS Lake Formation, in coordination with other AWS Services, enables DevOps methodologies to be realized through the Data Supply Chain Pipeline.
On-premise to Microsoft Azure Cloud Migration.Emtec Inc.
This presentation sheds light on migrating on-premise apps to Microsoft Azure cloud. It also highlights the technical capabilities of Microsoft Azure cloud services.
Azure Cost Management is a native Azure service that helps you analyze costs, create and manage budgets, export data, and review and act on optimization recommendations to save money.
Moving from an on-premises environment into AWS is just the start of the journey towards cost optimisation. In this session we’ll look at a range of ways in which our customers can understand their costs and increase their return-on-investment: building the business case; selecting the right models for the right workloads; benefiting from tiered pricing aggregation; using data to drive the choice of AWS services; implementation of intelligent auto-scaling; and, where appropriate, re-platforming to make use of new architectural patterns such as Serverless.
Listen up, developers. You are not special. Your infrastructure is not a beautiful and unique snowflake. You have the same tech debt as everyone else. This is a talk about a better way to build and manage infrastructure: Terraform Modules. It goes over how to build infrastructure as code, package that code into reusable modules, design clean and flexible APIs for those modules, write automated tests for the modules, and combine multiple modules into an end-to-end techs tack in minutes.
You can find the video here: https://www.youtube.com/watch?v=LVgP63BkhKQ
Learn why VSTS and Azure should be core components of your DevOps strategy. This presentation will be an excellent resource to discover key DevOps practices, for example, CI/CD pipeline automation and environment provisioning.
An Agile Approach to Accelerate Mass Migration | AWS Public Sector Summit 2016Amazon Web Services
The complexities of a cloud transformation program that involves the migration of hundreds or thousands of servers can present a significant challenge to program management and the coordination of IT teams tasked with the success and support of migration. This session outlines a highly collaborative agile approach to accelerate migration activities through automation of the iterative capture, sharing, and documentation of decisions and information, incorporated into a common DevOps solution.
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogAmazon Web Services
In this session, data analysts, big data administrators, system administrators, developers, and IT managers learn how to create a robust computing environment for their teams. As enterprises move to the cloud, providing secure, governed turnkey solutions at scale to a broad set of users has its challenges. We show you how organizations are building solutions that enable data scientists to provision AWS resources through an ITSM system to create a robust, governed, and easy self-service capability.
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Amazon Web Services
Do you want to have a strong understanding of governance across all of your AWS accounts? Are you struggling to get centralized visibility across your entire organization? Join us in this session as we explore AWS Config, a service that enables centralized governance and resource monitoring. Learn best practices for enabling governance policies through a central account across multiple accounts in your organization, and monitor their compliance status using the multi-account, multi-region data aggregation capability. Also learn about recent launches and how customers are using AWS Config in their enterprises today.
Learn how to get insight and understanding into where your AWS costs are going by using automated tag management of your AWS resources.
See the accompanying webinar at https://www.youtube.com/watch?v=m762X3eGyKQ
This document provides an overview of the Microsoft Cloud Adoption Framework for Azure. It begins by explaining why cloud adoption is important, noting that 91% of organizations see digital transformation as critical to their business and that shifting to the cloud can provide significant cost savings and revenue benefits. It then introduces the Cloud Adoption Framework, which is an iterative process to help organizations define their cloud strategy, plan their adoption, prepare for change, adopt technologies by migrating or innovating, and govern and manage their cloud environment. Common blockers to cloud adoption are discussed along with the various tools, templates, and assessments available to help organizations overcome those blockers at each stage of the framework.
Cloud Adoption Framework Phase one-moving to the cloudAnthony Clendenen
This is the first phase in the cloud adoption framework. It includes getting started and a cloud readiness section to determine the overall readiness for cloud adoption.
This document provides guidance on troubleshooting issues with EC2 instances and Elastic Load Balancers (ELB) on AWS. It begins by recommending monitoring the AWS service health dashboard and CloudWatch metrics. Potential causes and resolutions are outlined for common problems with EC2 instance launching, health, networking, and EBS volumes. For ELBs, error messages, response metrics, health checks, and other potential problems are covered. The document concludes by listing information needed for support cases and additional resources.
Applying DevOps to Databricks can be a daunting task. In this talk this will be broken down into bite size chunks. Common DevOps subject areas will be covered, including CI/CD (Continuous Integration/Continuous Deployment), IAC (Infrastructure as Code) and Build Agents.
We will explore how to apply DevOps to Databricks (in Azure), primarily using Azure DevOps tooling. As a lot of Spark/Databricks users are Python users, will will focus on the Databricks Rest API (using Python) to perform our tasks.
In this session, AWS will present an overview of the AWS Landing Zone – an automated solution for setting up a robust and flexible AWS environment. Customers can expect to learn how AWS works with customers to accelerate their journey to AWS confidently and securely and how the AWS Landing Zone can be customized to meet each organization’s specific needs.
Presenter: Sadegh Nadimi, Senior Consultant, Global Migrations, AWS
The document provides guidelines for successfully migrating applications to the cloud. It discusses assessing applications to determine suitability for migration, building a business case, developing a technical approach, adopting an integration model, addressing security and privacy requirements, and managing the migration project. The key steps involve planning the migration thoroughly through readiness assessments, justifying the business value, designing technical solutions, ensuring integrations continue to function, protecting sensitive data, and executing the migration through testing and cutover.
딥러닝 서비스에 쓰이는 GPU 인스턴스 비용 효율을 위한 스팟(Spot) 활용기 - 손은주, 매스프레소 :: AWS DevDay 2018Amazon Web Services Korea
딥러닝 서비스에 쓰이는 GPU 인스턴스 비용 효율을 위한 스팟(Spot) 활용기 (손은주, 매스프레소) :: AWS DevDay 2018
매스프레소는 딥러닝 기반 OCR 검색 엔진을 자체 개발하여, 수학 문제 이미지 속 텍스트와 수식을 인식하여 풀이를 제공해주는 ‘콴다’앱를 운영 중입니다. 스타트업이 딥러닝 기반 서비스를 만들기 위해 AWS가 제공하는 GPU 인스턴스를 활용하는 방법과 에이전트 기반 지표 수집, 그리고 비용 절감을 위해 스팟 인스턴스를 활용하여 안정된 서비스 운영 방법 등을 공유합니다.
Attendees will learn how to leverage the identity and authorisation, network security and secrets management features of the wider AWS platform for their containers, including Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Container Service for Kubernetes (Amazon EKS). We also discuss best practices for the security of your container images such as scanning them for known vulnerabilities.
This document summarizes CI/CD on AWS by Bhargav Amin. It introduces DevOps practices like continuous integration, continuous delivery, and continuous deployment. It explains how to design a CI/CD pipeline and create one on AWS using services like CodeCommit, CodeBuild, CodeDeploy, and CodePipeline. The document provides examples of integrating these services to automate building, testing, and deploying code changes. It also includes a link to a demo repository and discusses managing infrastructure with CI/CD by updating CloudFormation templates in a pipeline.
Azure SQL Database for the SQL Server DBA - Azure Bootcamp Athens 2018 Antonios Chatzipavlis
Azure SQL Database is a managed database service hosted in Microsoft's Azure cloud. Some key differences from SQL Server include: the service is paid by the hour based on the selected service tier; users can dynamically scale resources up or down; backups and high availability are managed by the service provider; and common administration tasks are handled by the provider rather than the user. The service offers automatic backups, point-in-time restore, and geo-restore capabilities along with built-in high availability through replication across three copies in the primary region.
The Zen of DataOps – AWS Lake Formation and the Data Supply Chain PipelineAmazon Web Services
Many organizations have adopted or are in the process of adopting DevOps methodologies in their quest to accelerate the delivery of software capabilities, features, and functionalities to support their organizational objectives. By applying the same practices, DataOps aims to provide the same level of agility in delivering data and information to the organization. AWS Lake Formation, in coordination with other AWS Services, enables DevOps methodologies to be realized through the Data Supply Chain Pipeline.
On-premise to Microsoft Azure Cloud Migration.Emtec Inc.
This presentation sheds light on migrating on-premise apps to Microsoft Azure cloud. It also highlights the technical capabilities of Microsoft Azure cloud services.
Azure Cost Management is a native Azure service that helps you analyze costs, create and manage budgets, export data, and review and act on optimization recommendations to save money.
Moving from an on-premises environment into AWS is just the start of the journey towards cost optimisation. In this session we’ll look at a range of ways in which our customers can understand their costs and increase their return-on-investment: building the business case; selecting the right models for the right workloads; benefiting from tiered pricing aggregation; using data to drive the choice of AWS services; implementation of intelligent auto-scaling; and, where appropriate, re-platforming to make use of new architectural patterns such as Serverless.
Listen up, developers. You are not special. Your infrastructure is not a beautiful and unique snowflake. You have the same tech debt as everyone else. This is a talk about a better way to build and manage infrastructure: Terraform Modules. It goes over how to build infrastructure as code, package that code into reusable modules, design clean and flexible APIs for those modules, write automated tests for the modules, and combine multiple modules into an end-to-end techs tack in minutes.
You can find the video here: https://www.youtube.com/watch?v=LVgP63BkhKQ
Learn why VSTS and Azure should be core components of your DevOps strategy. This presentation will be an excellent resource to discover key DevOps practices, for example, CI/CD pipeline automation and environment provisioning.
An Agile Approach to Accelerate Mass Migration | AWS Public Sector Summit 2016Amazon Web Services
The complexities of a cloud transformation program that involves the migration of hundreds or thousands of servers can present a significant challenge to program management and the coordination of IT teams tasked with the success and support of migration. This session outlines a highly collaborative agile approach to accelerate migration activities through automation of the iterative capture, sharing, and documentation of decisions and information, incorporated into a common DevOps solution.
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogAmazon Web Services
In this session, data analysts, big data administrators, system administrators, developers, and IT managers learn how to create a robust computing environment for their teams. As enterprises move to the cloud, providing secure, governed turnkey solutions at scale to a broad set of users has its challenges. We show you how organizations are building solutions that enable data scientists to provision AWS resources through an ITSM system to create a robust, governed, and easy self-service capability.
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Amazon Web Services
Do you want to have a strong understanding of governance across all of your AWS accounts? Are you struggling to get centralized visibility across your entire organization? Join us in this session as we explore AWS Config, a service that enables centralized governance and resource monitoring. Learn best practices for enabling governance policies through a central account across multiple accounts in your organization, and monitor their compliance status using the multi-account, multi-region data aggregation capability. Also learn about recent launches and how customers are using AWS Config in their enterprises today.
- The document is about a session on cost management and optimization on AWS. It discusses challenges customers face around high AWS bills, and AWS's approach to address these challenges through tools like Trusted Advisor and Cost Explorer.
- It outlines five pillars of cost optimization: right-sizing resources, using the right pricing models like Reserved Instances and Savings Plans, increasing elasticity, optimizing storage, and implementing mechanisms to monitor and improve costs.
- It also discusses how customers can follow a journey of optimizing costs at different stages - from investigation and design to operational optimization once workloads are in production. Ongoing monitoring and applying the optimization pillars at each stage is recommended.
Simplify Operations, Compliance and Governance using AWS Systems ManagerAmazon Web Services
This session will discuss how government organizations can employ AWS Systems Manager to gain insights into their environments and simplify operational tasks such as patching the OS or loading applications, for both on-premises instances as well as those within AWS. We will also look into how SSM can simplify governance and compliance from Central IT perspective by demonstrating how Systems Manager can automate credential rotation on servers in order to maintain compliance for various regulatory or compliance workloads.
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Amazon Web Services
As customers migrate to the cloud, IT needs to maintain structured compliance and governance while providing developers with the flexibility to manage cloud resources at scale. In this session, learn how AWS management tools provide a set of services to track changes to resources, audit actions, manage change, and gain insights. We also show how you can use built-in safety controls to automatically perform actions and remediation across multiple regions and accounts. This session is beneficial to IT and system administrators who are interested in using native AWS tools to operate secure and compliant infrastructure on AWS.
Too Many Tools - How AWS Systems Manager Bridges Operational ModelsAmazon Web Services
Come and see first-hand how AWS Systems Manager can help you manage your servers at scale with the agility and security you need in today's dynamic cloud-enabled world.Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easy to operate and manage your infrastructure securely at scale.
Speaker: Andra Christie, Solutions Architect, AWS
IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...Amazon Web Services
In this session, learn how Vanguard has matured their IAM controls and automation to support a micro-account strategy, providing further agility to developers while reducing blast radius and improving governance. You learn how Vanguard uses STS Federation at the OU level, builds common roles across all micro accounts, implements AWS Organizations SCPs, and uses different network control zones for admin vs. non-admin functions. Vanguard also shares how they are using AWS Lambda to block escalation of privilege.
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
The document discusses an automated solution for deploying an AWS Landing Zone. It describes the AWS Landing Zone as providing an easy way to set up a new multi-account AWS environment based on AWS best practices. The solution automates the initial setup of accounts and baseline security and governance controls. It also includes an AWS Account Vending Machine that allows additional accounts to be automatically provisioned with security baselines. The workshop will include demos of deploying a Landing Zone, creating new accounts via the AWS Vending Machine, and extending the Landing Zone with add-on features.
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Amazon Web Services
AWS Systems Manager is a service that helps customers manage their AWS resources and on-premises systems. It allows users to group resources, visualize operational insights, integrate with other AWS services, and securely manage resources. Systems Manager works across hybrid/multi-cloud environments and supports many configuration and compliance tools. It provides capabilities like resource grouping, operational dashboards, patch management, automation, and remote management to help customers operate safely and securely at scale.
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...Amazon Web Services
This document discusses using AWS management tools to enable governance, compliance, operational, and risk auditing. It provides an overview of key AWS services for defining and provisioning resources, continuously discovering resources and changes, monitoring resources for compliance, and managing, reporting on, and responding to changes. These services include AWS CloudFormation, AWS Service Catalog, Amazon EC2 Systems Manager Parameter Store, AWS CloudTrail, AWS Config, Amazon EC2 Systems Manager State Manager and Inventory, EC2 Systems Manager Maintenance Window, Patch Manager, and Run Command. The document demonstrates how to use these services to deploy resources, monitor for unauthorized changes, and manage compliance of AWS environments.
In order to ensure security best practices in your AWS accounts, you must establish a security baseline and then enforce it across all of these accounts. In this session, you will learn how to use AWS CloudFormation and AWS Organizations to execute security best practices (AWS CloudTrail, AWS Config, Flow Logs, S3 Access logs, etc...) in scenarios where you are managing many AWS accounts across an organization. You will see how to leverage Service Catalog across multiple accounts. Learn how to store all of these logs in a centralized logging system such as Amazon ElasticSearch Service, set up alerts, and drift detection on anomalous or high-risk activity.
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigAmazon Web Services
Do you want to understand governance across all of your AWS accounts? Are you struggling to get visibility into the compliance of your AWS resources? Join us in this session as we explore the new multi-account, multi-region data aggregation capability in AWS Config, which enables centralized governance and monitoring of compliance status across your AWS infrastructure. You learn how to use this exciting new capability to centrally monitor your compliance status across accounts, across regions, within your AWS Organization.
The document discusses AWS security best practices, including implementing a strong identity foundation with IAM, enabling traceability with logging and monitoring tools, applying security at all layers with a defense-in-depth approach, automating security best practices through templates and CI/CD pipelines, protecting data through encryption, and preparing for security events with incident response planning.
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsCloudHesive
The document discusses best practices for managing and optimizing AWS costs. It covers key pillars of cost optimization including rightsizing resources, choosing the right pricing models, increasing elasticity, measuring and monitoring costs, and optimizing storage. It also discusses pillars of cloud financial management such as cost allocation, visibility, and forecasting. The presenters demonstrate AWS tools for cost optimization including Cost Explorer, CUDOS, Trusted Advisor and tagging.
The document provides guidance on optimizing costs when scaling applications on AWS. It discusses establishing a cloud financial management framework with pillars around cost optimization, measurement and accountability, and planning and forecasting. Specific recommendations are given around setting up AWS accounts and tagging strategies for visibility, using AWS Cost Explorer for reporting, and leveraging partners for cost management. Tips are also provided like deleting unused resources, right-sizing instances, and using reserved instances and spot instances to reduce costs as usage scales on AWS.
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Amazon Web Services
Learning Objectives:
- Learn how to set-up a CI/CD pipeline with AWS Fargate or Amazon ECS
- Understand how CodePipeline can help your team release high quality code, faster
- See a working sample of a CI/CD pipeline with AWS Fargate and AWS CodePipeline
DevopsDays Geneva 2020 - Compliance & Governance as Codejeromevdl
This document discusses implementing governance as code on AWS. It covers setting up a secure multi-account landing zone using AWS Control Tower and AWS Organizations. It also discusses establishing guardrails through service control policies and AWS Config rules to prevent non-compliant configurations and detect changes. Automated remediation of issues is enabled through AWS Systems Manager Automation. Implementing governance at scale helps centralize identity and access management while continuously monitoring and enforcing compliance.
Enterprise Governance and Security Build Your AWS Landing Zone (SEC315) - AWS...Amazon Web Services
In this workshop, we present best practices for establishing an AWS Landing Zone. You will see a demonstration of the automated AWS Landing Zone solution and how it builds a multi-account architecture that is enterprise-ready for application deployment and compliant with common operations, security, and procurement processes, as well as experience how to modify the code for custom deployments. You will leave the workshop with an understanding of the mechanism to update the Landing Zone using a CI/CD pipeline, how to create new AWS accounts using the built-in account vending machine, and how the AWS Landing Zone solution components integrate to provide a secure, scalable starting environment for your cloud journey. We encourage you to attend the full AWS Landing Zone track. Search for #awslandingzone in the session catalog.
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...Amazon Web Services
Come learn how Elastic Beanstalk can help you go from code to running application in a matter of minutes, without the need to provision or manage any of the underlying Amazon Web Services (AWS) resources. Hear how Qualcomm is able to migrate application to AWS faster than before through Forge, an internally built application platform that leverages Elastic Beanstalk to simplify the development and deployment of applications to AWS with security and organizational best practices out of the box.
Enabling Governance, Compliance, and Operational and Risk Auditing with AWS M...Amazon Web Services
In this session, learn how you can enable governance, compliance, and operational and risk auditing of your AWS account through a combination of continuous monitoring, auditing, and evaluation of your AWS resources. With AWS management tools, you can see a history of AWS API calls for your account, review changes in configurations and relationships among AWS resources, and dive into detailed resource configuration histories. You can determine your overall compliance with the configurations specified in your internal guidelines, and you can give developers and systems administrators a secure and compliant means to create and manage AWS resources.
OJP data from firms like Vicinity Jobs have emerged as a complement to traditional sources of labour demand data, such as the Job Vacancy and Wages Survey (JVWS). Ibrahim Abuallail, PhD Candidate, University of Ottawa, presented research relating to bias in OJPs and a proposed approach to effectively adjust OJP data to complement existing official data (such as from the JVWS) and improve the measurement of labour demand.
Abhay Bhutada, the Managing Director of Poonawalla Fincorp Limited, is an accomplished leader with over 15 years of experience in commercial and retail lending. A Qualified Chartered Accountant, he has been pivotal in leveraging technology to enhance financial services. Starting his career at Bank of India, he later founded TAB Capital Limited and co-founded Poonawalla Finance Private Limited, emphasizing digital lending. Under his leadership, Poonawalla Fincorp achieved a 'AAA' credit rating, integrating acquisitions and emphasizing corporate governance. Actively involved in industry forums and CSR initiatives, Abhay has been recognized with awards like "Young Entrepreneur of India 2017" and "40 under 40 Most Influential Leader for 2020-21." Personally, he values mindfulness, enjoys gardening, yoga, and sees every day as an opportunity for growth and improvement.
Independent Study - College of Wooster Research (2023-2024) FDI, Culture, Glo...AntoniaOwensDetwiler
"Does Foreign Direct Investment Negatively Affect Preservation of Culture in the Global South? Case Studies in Thailand and Cambodia."
Do elements of globalization, such as Foreign Direct Investment (FDI), negatively affect the ability of countries in the Global South to preserve their culture? This research aims to answer this question by employing a cross-sectional comparative case study analysis utilizing methods of difference. Thailand and Cambodia are compared as they are in the same region and have a similar culture. The metric of difference between Thailand and Cambodia is their ability to preserve their culture. This ability is operationalized by their respective attitudes towards FDI; Thailand imposes stringent regulations and limitations on FDI while Cambodia does not hesitate to accept most FDI and imposes fewer limitations. The evidence from this study suggests that FDI from globally influential countries with high gross domestic products (GDPs) (e.g. China, U.S.) challenges the ability of countries with lower GDPs (e.g. Cambodia) to protect their culture. Furthermore, the ability, or lack thereof, of the receiving countries to protect their culture is amplified by the existence and implementation of restrictive FDI policies imposed by their governments.
My study abroad in Bali, Indonesia, inspired this research topic as I noticed how globalization is changing the culture of its people. I learned their language and way of life which helped me understand the beauty and importance of cultural preservation. I believe we could all benefit from learning new perspectives as they could help us ideate solutions to contemporary issues and empathize with others.
Understanding how timely GST payments influence a lender's decision to approve loans, this topic explores the correlation between GST compliance and creditworthiness. It highlights how consistent GST payments can enhance a business's financial credibility, potentially leading to higher chances of loan approval.
Economic Risk Factor Update: June 2024 [SlideShare]Commonwealth
May’s reports showed signs of continued economic growth, said Sam Millette, director, fixed income, in his latest Economic Risk Factor Update.
For more market updates, subscribe to The Independent Market Observer at https://blog.commonwealth.com/independent-market-observer.
1. Elemental Economics - Introduction to mining.pdfNeal Brewster
After this first you should: Understand the nature of mining; have an awareness of the industry’s boundaries, corporate structure and size; appreciation the complex motivations and objectives of the industries’ various participants; know how mineral reserves are defined and estimated, and how they evolve over time.
[4:55 p.m.] Bryan Oates
OJPs are becoming a critical resource for policy-makers and researchers who study the labour market. LMIC continues to work with Vicinity Jobs’ data on OJPs, which can be explored in our Canadian Job Trends Dashboard. Valuable insights have been gained through our analysis of OJP data, including LMIC research lead
Suzanne Spiteri’s recent report on improving the quality and accessibility of job postings to reduce employment barriers for neurodivergent people.
Decoding job postings: Improving accessibility for neurodivergent job seekers
Improving the quality and accessibility of job postings is one way to reduce employment barriers for neurodivergent people.
^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Duba...mayaclinic18
Whatsapp (+971581248768) Buy Abortion Pills In Dubai/ Qatar/Kuwait/Doha/Abu Dhabi/Alain/RAK City/Satwa/Al Ain/Abortion Pills For Sale In Qatar, Doha. Abu az Zuluf. Abu Thaylah. Ad Dawhah al Jadidah. Al Arish, Al Bida ash Sharqiyah, Al Ghanim, Al Ghuwariyah, Qatari, Abu Dhabi, Dubai.. WHATSAPP +971)581248768 Abortion Pills / Cytotec Tablets Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujeira, Ras Al Khaima, Umm Al Quwain., UAE, buy cytotec in Dubai– Where I can buy abortion pills in Dubai,+971582071918where I can buy abortion pills in Abudhabi +971)581248768 , where I can buy abortion pills in Sharjah,+97158207191 8where I can buy abortion pills in Ajman, +971)581248768 where I can buy abortion pills in Umm al Quwain +971)581248768 , where I can buy abortion pills in Fujairah +971)581248768 , where I can buy abortion pills in Ras al Khaimah +971)581248768 , where I can buy abortion pills in Alain+971)581248768 , where I can buy abortion pills in UAE +971)581248768 we are providing cytotec 200mg abortion pill in dubai, uae.Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman Fujairah Ras Al Khaimah%^^%$Zone1:+971)581248768’][* Legit & Safe #Abortion #Pills #For #Sale In #Dubai Abu Dhabi Sharjah Deira Ajman
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
Do aws-generated tags count against this limit? No
https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html
generated tags consistency is managed by AWS
generated tags doesn't count for 50 tags limit
Space – will not work SCP – does not allow spaces
Not retroactive Tag to identify the project running the application (i.e ProjectID)
A project is a defined scope of work to achieve a business objective.
Tag to identify the application (i.e. unique ApplicationID)
several applications might be part of the same project
Tag SubComponent / Layer / Role (i.e LayerID)
an application is composed of several layers - for which some might be shared with other applications, i.e. web layer, db layer)
Tag to identify the business unit (i.e. unique businessUnitID)
Tag to identify the CostCenter unit (i.e. unique CostCenterID)
Tag to identify the environment where the application is running (EnvironmentId, →prod, test, dev, etc)
Tag to identify the Schedule - usage of unique identifiers is required, allows to report on scheduled vs non-scheduled workloads.
Tag to identify Rightsizing effort -Allows to track cost/hours of resources targeted for RS (Evolution of opportunity cost)
RightSizing ID : Q1 2018-6hexcode
SourceInstanceType: m3.xlarge
DestinationInstanceType m5.xlarge
Tag to replicate the ARN of the resource - i.e. Allows to track the most expensive resources inside a specific ApplicationID
Billing Auto Tags
need to be enabled via billing consoles,
If you use automation, for example cloudformations, enable automation tags to billing tags
i.e. aws:stack-id activated as a billing tag
Brainstorm
Proactive good for new environment
Proactive can break if automation is already in place
Proactive can work only if the api support atomic operations (via scp or iam)
Reactive is easier
TIMING: 2 min – lecture/Discussion
To enforce tagging and to block resources you can implement Service Control Policies to prevent deployment if it’s missing tags, and Tag Policies to control values for tags.
You can create and apply Tag Policies and apply them to any desired AWS accounts or OUs within your Organization, or to the the entire Organization. The policies at each level are aggregated into an effective policy for an account.
Each tag policy contains a set of tag rules. Each rule maps a tag key to the allowable values for the key. The tag policies are checked when you perform operations that affect the tags on an existing resource. After you set up your tag policies, you can easily discover tagged resources that do not conform.
Service Catalog enforcement - https://docs.aws.amazon.com/servicecatalog/latest/adminguide/tagoption-policies.html
CFN/Terraform enforcement - https://dev.to/toeknee123/using-terraform-and-aws-cloudformation-to-enforce-your-aws-tags-4ih2
You can create and apply Tag Policies and apply them to any desired AWS accounts or OUs within your AWS Organization or to the entire org. The policies at each level are aggregated into an effective policy for an account.
Each tag policy contains a set of tag rules. Each rule maps a tag key to the allowable values for the key. The tag policies are checked when you perform operations that affect the tags on an existing resource. After you set up your tag policies, you can easily discover tagged resources that do not conform, which can help you maintain consistent tags across your organization's resources.
Tag policies are JSON files that define the following:
• A set of tag keys
• Their permissible values
• Any constraints you want to place on the use of tags for the accounts in your organization
+Check in
Lets move on to how to enforce your tagging in a more reactive manner
You can assign tags to your AWS Config resources for cost allocation and access control. Tagging is available for AWS Config resources that describe AWS Config rules and multi-account, multi-region Aggregators with AWS Config. You can add, remove or list tags for your AWS Config resources using the available APIs.
You can also use tag editor to Discover untagged/wrongly tagged assets and To bulk filter, add, and edit tags
Tag Editor
o You can add tags to resources when you create the resource. You can use the aws service console or API to add, change, or remove those tags one resource at a time. To add tags to—or edit or delete tags of—multiple resources at once, use Tag Editor.
With Tag Editor, you search for the resources that you want to tag, and then manage tags for the resources in your search results
o You can also use the Resource Group Tagging API to tag via API as opposed to tagging in the Tag Editor Console
After you have found the resources that you want to tag, you can add, remove, and edit the tags for some or all of your search results. Tag Editor shows you any tags that have been added to resources, whether those tags were added in Tag Editor or by using the resource's service console or API.
Tag Editor permissions can be configured to allow users/roles to create/delete/update tags for resources with minimum permission set.
The presenter deliver quick demo to show how to:
find resources with a specific tag
find resources without a specific tag
Tag Editor scope is in the account (no multi account), use Tag Policies to manage tags across multiple accounts
https://aws.amazon.com/blogs/aws/new-use-tag-policies-to-manage-tags-across-multiple-aws-accounts/
References:
KC Video with Tag Editor demo: https://www.youtube.com/watch?v=MX9DaAQS15I minutes 31:07 – 36:00
See appendix for an example of policy configuration to enable tagging management for EC2 resources only
https://docs.aws.amazon.com/ARG/latest/userguide/tag-editor.html
As you saw you can add edit or delete multiple resources tags at once. Well show you an example of how to add. You can use Tag Editor to add tags to selected resources that are in the results of your Find resources to tag query in the console.
This screenshot shows the results of your Find resources to tag query. select the check boxes next to the resources you want to add tags to. Enter a text string in Filter resources to filter for part of a resource's name, ID, tag keys, or tag values. In the Tags column, note that resources in the results already have tags applied to them. In the following example, the first selected EC2 instance already has two tags.
Choose Manage tags of the selected resources.
Once we have chosen the Manage tags of the selected resources we will be presented the Manage tags page,
You CAN view the tags on the resources that you selected. Although your original query returned more resources, note that you are adding tags only to the resources that you selected as shown here you will then have an option to Add tag.
Enter a tag key and an optional tag value. In this walkthrough, we add the tag key Team and the tag value Development.
A resource can have a maximum of 50 user-applied tags. You might not be able to add new tags to a resource if you are approaching 50 user-applied tags. Typically, read-only system tags do not apply to the 50-tag limit. Tag keys must also be unique within your selected resources. You cannot add a new tag with a key that matches an existing tag key in your selected resources.
When you are finished adding tags, choose Review and apply changes.
If you accept the changes, choose Apply changes to all selected.
Depending on the number of resources you selected, applying new tags can take a few minutes. Do not leave the page or open a different page in the same browser tab. If changes were successful, a green success banner is displayed at the top of the page.
You can see here tagging is also very useful when it comes to visualizing and monitoring
In this example we were able to filter our cost explorer report by the specific application (APP2) and the environment spun up (test/dev)
Without tagging enabled we wouldn’t be able to create a report this granular
TIMING: 5 min – Discussion
Say: Having the tag taxonomy deployed across all the AWS workloads this example will show how to calculate the EC2 compute savings incurred after the implementation of the below scheduling policy in a generic two tier application named Application2 with Prod and Test environments :
In the image Application2 has the tag taxonomy implemented and we will focus on the two following tags to monitor and calculate savings in this example:
ApplicationID
EnvironmentID
TIMING: 2 min – Discussion
Say: Before the schedule is enabled we will see a flat report in cost explorer when filtering by ApplicationID and grouping by EnvironmentID.
TIMING: 2 min – Discussion
Say: After the schedule is implemented in the Test environment we can see the Test workloads being shut down over weekends
TIMING: 2 min – Discussion
Say: In the below graph we can observe the evolution of Application2 before and after schedule.
Could the issue be that there is no standard
Tagging
2022 March Update – Content/new format updates
Venkatesh Ramanathan – venkyram@amazon.com
2021 Content update
Luca Marozzini – marozzin@amazon.com
Enrico Bonaccorsi – bonaccor@amazon.com
Francesc Sala – franrius@amazon.com
How to use billing tags to track Cost Optimization efforts and result. An example for EC2 rightsizing recommendations.
The target is being able to track and assess results achieved with operational cost optimization tuning like EC2 rightsizing cost optimization from EC2 recommendations.
Clarify differences between AWS Anomaly Detection (48 hours, but with not details on resources or how to optimize) and Rightsizing recommendation (14 days with recommendations)
Note. The presenter briefly explains what is the scope of each tag, clarify why the granularity of the RightSizingID is not mandatory.
Note. Consider if worth to add slides related to how to refine the recommendation with screenshot from CW console for longer period of observation and additional metrics.
In this first example we are conservative opting for “Within the same instance family”, this is intended to stimulate the discussion about previous generations vs new generations.
Clarify regarding Cost Anomaly detection that could be able to spot cost saving opportunity for rightsizing before 14 days minimum period required by Rightsizing recommendations.
2021-04-15 last review
Note. Consider if worth to add slides related to how to define proper permission for tag editor to enable Tag editor full access + EC2 tag create/delete access only. This enable user/roles to minimum permission required to edit/create/delete tags only for EC2 resources.
The less you know about the work-load the longer the baseline could be.
1 full day, midnight to midnight hours would be the minimum term (CE)
Leave the instance running for the time required to gather the baseline metrics. Depending by the shape of the history trends this could vary since around few hours up to a week or more.
You want to capture events that happened in the past.
Discuss about recommendations available per single instance. Advise to refine the recommendation based on additional insight the technical team may have.
Clarify regarding availability of 4 different degrees of recommendation provided by the Rightsizing feature.
Note. to add slides for CloudWatch metrics review.
You can easily visualize the history of cost and usage for the EC2 instance using the following filters and group by combination in Amazon Cost Explorer.
Apply filters for:
Service = EC2-Instances
Usage Type Group = EC2: Running Hours
Tag:CostOptimizationID in our example 2021-Q1-EC2-001
Group by:
Instance Type
TIMING: 4 min – Discussion
Say: In the below graph we can observe the evolution of Application2 before and after schedule.
Using the RightsizeId billing tags strategy is now possible track the effectiveness of our cost optimization being able to correlate the cost and usage of the instance with the instance type adopted time by time.
It's advised to not remove the current cost allocation tagging as could be used as baseline in the event further cost optimizations will be required for the same resource.
When you find out the optimal instance size to scale you might want update values of either SourceInstanceType and DestinationInstanceType to be equal.
You might use the condition having both this cost optimisation tags with the same value to exclude those instances from further cost optimisation exercises.