The document discusses best practices for building modern applications in the cloud. It recommends:
1) Structuring applications as collections of microservices to improve agility and enable independent deployments.
2) Using serverless technologies like AWS Lambda and Fargate as much as possible to automate infrastructure management and only pay for resources used.
3) Treating infrastructure as code to model applications and infrastructure with templates for repeatable, predictable deployments and continuous integration/delivery of changes.
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
Data exfiltration is a key concern for financial institutions, which often store personally identifiable information, payment card information, and proprietary methods or algorithms. Balancing security and agility in identity and access management (IAM) policies is critical. To achieve this balance, Millennium Management developed a security framework that integrates into CI/CD pipelines. This framework utilizes semantic reasoning, proprietary security evaluations, and AWS Zelkova to achieve provably secure IAM policies pre-deployment in a distributed, multi-account environment. Learn how Millennium combined Zelkova with services such as AWS Step Functions, AWS Lambda, and AWS CodePipeline—for rapid development while mitigating data exfiltration risk.
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...Amazon Web Services
Throughout your journey to the AWS Cloud, you will encounter and rely on a number of AWS identity services. In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. Learn about each service, the capabilities it provides, and how the services fit and work together to provide you with a robust foundation and enable you to advance your journey with confidence and speed. Finally, we take a deeper look at a number of identity-based use cases, where the power and programmability of the cloud is radically simplifying implementation and strengthening security.
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
Data exfiltration is a key concern for financial institutions, which often store personally identifiable information, payment card information, and proprietary methods or algorithms. Balancing security and agility in identity and access management (IAM) policies is critical. To achieve this balance, Millennium Management developed a security framework that integrates into CI/CD pipelines. This framework utilizes semantic reasoning, proprietary security evaluations, and AWS Zelkova to achieve provably secure IAM policies pre-deployment in a distributed, multi-account environment. Learn how Millennium combined Zelkova with services such as AWS Step Functions, AWS Lambda, and AWS CodePipeline—for rapid development while mitigating data exfiltration risk.
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...Amazon Web Services
Throughout your journey to the AWS Cloud, you will encounter and rely on a number of AWS identity services. In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. Learn about each service, the capabilities it provides, and how the services fit and work together to provide you with a robust foundation and enable you to advance your journey with confidence and speed. Finally, we take a deeper look at a number of identity-based use cases, where the power and programmability of the cloud is radically simplifying implementation and strengthening security.
Amazon Web Services (AWS) provides on-demand computing solutions and services in the cloud with pay-as-you-go pricing. This session unlocks a foundational understanding of the cloud. What is cloud computing and its advantages? Learn more about types of cloud computing and the differences between On Premises services versus Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Dive into how AWS capacity matches your organizational demand, charges only for what you use, offers lower costs due to economies of scale, and provides service from a vendor versed in running large-scale networks. Learn about AWS services and infrastructure – including AWS regions and Availability Zones – and trace the evolution of AWS since its early beginnings. Uncover how constant innovation at AWS empowers customers to transform their own organizations.
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
In this session, learn how AWS helps customers effectively manage and govern their infrastructure and resources, simplifying compliance and improving efficiency when completing operational tasks. Come hear Anik Mazumder, principal infrastructure architect at Intuit, speak about his company’s experience. We also share some of the latest innovation from AWS Config in this space, and we cover recent releases in AWS management and governance services.
Database Freedom is an AWS initiative that accelerates enterprise migrations from commercial database engines to AWS native database services or managed open-source systems. We review the basics of the Amazon purpose-built database strategy and cover our Workload Qualification Framework, which helps you determine a good database migration candidate and predict the level of effort. In the hands-on lab, you use AWS Schema Conversion Tool and AWS Database Migration Service to migrate your databases to Amazon Aurora PostgreSQL. Bring a laptop with Firefox or Chrome and a working AWS account. We provide an AWS CloudFormation template to configure the lab environment.
Twelve-factor serverless applications - MAD302 - Santa Clara AWS SummitAmazon Web Services
The twelve-factor application model represents 12 best practices for building modern, cloud-native applications. With guidance on factors like configuration, deployment, runtime, and multiple-service communication, the twelve-factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although serverless computing and AWS Lambda have changed application development, the twelve-factor best practices remain relevant and applicable in a serverless world. In this talk, we apply the twelve-factor model to serverless application development with AWS Lambda and Amazon API Gateway, and we show you how these services enable you to build scalable, well-built, low-administration applications.
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
IT organizations today need to support a mobile, flexible, global workforce and ensure that their users can be productive anywhere. Moving desktops and applications to AWS offers improved security, scale, and performance with cloud economics. In this session, we provide an overview of Amazon WorkSpaces and Amazon AppStream 2.0, and we discuss the use cases for each. Then, we dive deep into best practices for implementing Amazon WorkSpaces and AppStream 2.0, including how to integrate with your existing identity, security, networking, and storage solutions.
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfAmazon Web Services
In this session, we discuss several options for performing real-time extract, transform, and load (ETL) using Amazon Kinesis, AWS Lambda, AWS Glue, and Amazon S3. We provide an overview of the different options that have distinct advantages in building real-time ETL applications before loading a data lake or warehouse.
Migrating monolithic applications with the strangler pattern - FSV303 - New Y...Amazon Web Services
“Lifting and shifting” an enterprise-scale application will yield some of the benefits of the cloud, but elasticity and agility may still be limited. Conversely, rewriting that application to be cloud-native can be costly in terms of both time and money and could cause you to miss market opportunities. This session explores the challenges financial institutions face when migrating their existing portfolio of applications to the cloud. Then, we share practical tips to migrate applications to realize cloud-native architectural benefits incrementally using the strangler pattern.
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Amazon Web Services
The new Nitro architecture is fundamental to the Amazon EC2 virtual machine service. With Nitro, each host in the core compute platform is built with trusted computers that simulate the outside world and surround an untrusted CPU and memory computer that runs workloads. Those trusted Nitro computers appear to the customer workload computer as I/O devices that are accessible across the PCIe bus. Most of the traditional virtualization work is done via hardware emulation. The Nitro computers carefully control the workload computer access, providing a layer of protection. Learn about the security properties of this powerful architecture, which significantly increase cloud reliability and performance.
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Performance monitoring is a crucial part when running serverless applications. Serverless applications are highly distributed with business workflows and data spread across multiple managed services and APIs. As a result, in order to make sure that everything is running correctly in production you’d need full observability into the application that will help you find the root cause, and troubleshoot quickly. In this workshop, you will learn the critical observability considerations when operating a serverless application, what is distributed tracing and why it's important, and what tools can be used to gain full observability to your applications.
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud.
In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance.
Speakers:
Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS
Durga Prasad, Manager, Solutions Architect, AWS
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, GuardDuty.
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...Amazon Web Services
The rapid adoption of cloud services and application migration has brought several challenges to network admins and security professionals, and it has made real-time visibility of the network an even more crucial priority. In this session, learn how Cisco Stealthwatch Cloud helps you leverage data you inherently create with AWS and within your network to prevent compute theft and orphaned compute, secure weak or incomplete access control lists (ACL), and enforce security policies beyond the traditional firewall while maintaining regulatory compliance by extending visibility across your entire network. This presentation is brought to you by AWS partner, Cisco Systems, Inc.
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
Join us for this chalk talk, where we discuss several AWS services involved with threat detection and remediation, including Amazon GuardDuty, Amazon Macie, and AWS Config. We walk you through real-world threat scenarios and answer your questions about how to approach threat detection on AWS. For each scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, and other services, including AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAmazon Web Services
The Australian Cyber Security Centre (ACSC) awarded PROTECTED certification to AWS for 42 cloud services in the AWS Asia-Pacific (Sydney) Region. This is the highest data security certification available in Australia for cloud, and AWS has the most PROTECTED services of any public cloud service provider. This session will cover the services that were certified, a reference architecture that allows you to build applications which handle highly sensitive government data, and the benefits this provides to public sector and commercial organisations in Australia.
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Amazon Web Services
In this workshop, learn how to detect common resource misconfigurations using AWS Security Hub; how to extend coverage by deploying additional sets of existing rules or your own custom AWS Config rules using our Rule Development Kit (written in Python); and how to automatically remediate compliance violations when they are detected. Python basic skills and a basic understanding of boto3 are required for the coding portion of this workshop.
Migrare applicazioni e dati, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, creare soluzioni di backup e disaster recovery.
Well-architected Amazon WorkSpaces: Enterprise deployment at scale - SVC304 -...Amazon Web Services
Join this session to learn best practices for successfully implementing and managing your Amazon WorkSpaces deployment at scale. Hear AWS customer success managers and solutions architects cover key topics you need to know as you deploy and scale Amazon WorkSpaces, including account structure and governance, VPC design and setup, directory services configuration, deployment and operations of Amazon WorkSpaces, image and patch management, and application deployment. We cover best practices for automating the process of migrating large numbers of licenses, how to create custom images, and ways to manage license compliance.
When it comes to building our own services, our engineering groups have strong opinions, and they express them in the technologies they pick: Are microservices always the way to go? Should we choose serverless, containers, or serverless containers? Is relational over? Is Java over? Learn about our experience in building AWS services and working with customers on their cloud-native apps.
Developing Modern Applications in the CloudCobus Bernard
Components that make up building modern applications in the cloud with specific focus on containers, functions, infrastructure-as-code and deployment pipelines.
Amazon Web Services (AWS) provides on-demand computing solutions and services in the cloud with pay-as-you-go pricing. This session unlocks a foundational understanding of the cloud. What is cloud computing and its advantages? Learn more about types of cloud computing and the differences between On Premises services versus Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Dive into how AWS capacity matches your organizational demand, charges only for what you use, offers lower costs due to economies of scale, and provides service from a vendor versed in running large-scale networks. Learn about AWS services and infrastructure – including AWS regions and Availability Zones – and trace the evolution of AWS since its early beginnings. Uncover how constant innovation at AWS empowers customers to transform their own organizations.
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
In this session, learn how AWS helps customers effectively manage and govern their infrastructure and resources, simplifying compliance and improving efficiency when completing operational tasks. Come hear Anik Mazumder, principal infrastructure architect at Intuit, speak about his company’s experience. We also share some of the latest innovation from AWS Config in this space, and we cover recent releases in AWS management and governance services.
Database Freedom is an AWS initiative that accelerates enterprise migrations from commercial database engines to AWS native database services or managed open-source systems. We review the basics of the Amazon purpose-built database strategy and cover our Workload Qualification Framework, which helps you determine a good database migration candidate and predict the level of effort. In the hands-on lab, you use AWS Schema Conversion Tool and AWS Database Migration Service to migrate your databases to Amazon Aurora PostgreSQL. Bring a laptop with Firefox or Chrome and a working AWS account. We provide an AWS CloudFormation template to configure the lab environment.
Twelve-factor serverless applications - MAD302 - Santa Clara AWS SummitAmazon Web Services
The twelve-factor application model represents 12 best practices for building modern, cloud-native applications. With guidance on factors like configuration, deployment, runtime, and multiple-service communication, the twelve-factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although serverless computing and AWS Lambda have changed application development, the twelve-factor best practices remain relevant and applicable in a serverless world. In this talk, we apply the twelve-factor model to serverless application development with AWS Lambda and Amazon API Gateway, and we show you how these services enable you to build scalable, well-built, low-administration applications.
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
IT organizations today need to support a mobile, flexible, global workforce and ensure that their users can be productive anywhere. Moving desktops and applications to AWS offers improved security, scale, and performance with cloud economics. In this session, we provide an overview of Amazon WorkSpaces and Amazon AppStream 2.0, and we discuss the use cases for each. Then, we dive deep into best practices for implementing Amazon WorkSpaces and AppStream 2.0, including how to integrate with your existing identity, security, networking, and storage solutions.
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfAmazon Web Services
In this session, we discuss several options for performing real-time extract, transform, and load (ETL) using Amazon Kinesis, AWS Lambda, AWS Glue, and Amazon S3. We provide an overview of the different options that have distinct advantages in building real-time ETL applications before loading a data lake or warehouse.
Migrating monolithic applications with the strangler pattern - FSV303 - New Y...Amazon Web Services
“Lifting and shifting” an enterprise-scale application will yield some of the benefits of the cloud, but elasticity and agility may still be limited. Conversely, rewriting that application to be cloud-native can be costly in terms of both time and money and could cause you to miss market opportunities. This session explores the challenges financial institutions face when migrating their existing portfolio of applications to the cloud. Then, we share practical tips to migrate applications to realize cloud-native architectural benefits incrementally using the strangler pattern.
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Amazon Web Services
The new Nitro architecture is fundamental to the Amazon EC2 virtual machine service. With Nitro, each host in the core compute platform is built with trusted computers that simulate the outside world and surround an untrusted CPU and memory computer that runs workloads. Those trusted Nitro computers appear to the customer workload computer as I/O devices that are accessible across the PCIe bus. Most of the traditional virtualization work is done via hardware emulation. The Nitro computers carefully control the workload computer access, providing a layer of protection. Learn about the security properties of this powerful architecture, which significantly increase cloud reliability and performance.
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Performance monitoring is a crucial part when running serverless applications. Serverless applications are highly distributed with business workflows and data spread across multiple managed services and APIs. As a result, in order to make sure that everything is running correctly in production you’d need full observability into the application that will help you find the root cause, and troubleshoot quickly. In this workshop, you will learn the critical observability considerations when operating a serverless application, what is distributed tracing and why it's important, and what tools can be used to gain full observability to your applications.
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud.
In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance.
Speakers:
Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS
Durga Prasad, Manager, Solutions Architect, AWS
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, GuardDuty.
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...Amazon Web Services
The rapid adoption of cloud services and application migration has brought several challenges to network admins and security professionals, and it has made real-time visibility of the network an even more crucial priority. In this session, learn how Cisco Stealthwatch Cloud helps you leverage data you inherently create with AWS and within your network to prevent compute theft and orphaned compute, secure weak or incomplete access control lists (ACL), and enforce security policies beyond the traditional firewall while maintaining regulatory compliance by extending visibility across your entire network. This presentation is brought to you by AWS partner, Cisco Systems, Inc.
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
Join us for this chalk talk, where we discuss several AWS services involved with threat detection and remediation, including Amazon GuardDuty, Amazon Macie, and AWS Config. We walk you through real-world threat scenarios and answer your questions about how to approach threat detection on AWS. For each scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, and other services, including AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAmazon Web Services
The Australian Cyber Security Centre (ACSC) awarded PROTECTED certification to AWS for 42 cloud services in the AWS Asia-Pacific (Sydney) Region. This is the highest data security certification available in Australia for cloud, and AWS has the most PROTECTED services of any public cloud service provider. This session will cover the services that were certified, a reference architecture that allows you to build applications which handle highly sensitive government data, and the benefits this provides to public sector and commercial organisations in Australia.
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Amazon Web Services
In this workshop, learn how to detect common resource misconfigurations using AWS Security Hub; how to extend coverage by deploying additional sets of existing rules or your own custom AWS Config rules using our Rule Development Kit (written in Python); and how to automatically remediate compliance violations when they are detected. Python basic skills and a basic understanding of boto3 are required for the coding portion of this workshop.
Migrare applicazioni e dati, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, creare soluzioni di backup e disaster recovery.
Well-architected Amazon WorkSpaces: Enterprise deployment at scale - SVC304 -...Amazon Web Services
Join this session to learn best practices for successfully implementing and managing your Amazon WorkSpaces deployment at scale. Hear AWS customer success managers and solutions architects cover key topics you need to know as you deploy and scale Amazon WorkSpaces, including account structure and governance, VPC design and setup, directory services configuration, deployment and operations of Amazon WorkSpaces, image and patch management, and application deployment. We cover best practices for automating the process of migrating large numbers of licenses, how to create custom images, and ways to manage license compliance.
When it comes to building our own services, our engineering groups have strong opinions, and they express them in the technologies they pick: Are microservices always the way to go? Should we choose serverless, containers, or serverless containers? Is relational over? Is Java over? Learn about our experience in building AWS services and working with customers on their cloud-native apps.
Developing Modern Applications in the CloudCobus Bernard
Components that make up building modern applications in the cloud with specific focus on containers, functions, infrastructure-as-code and deployment pipelines.
Unlocking Software Innovation with AWS - Adrian White - AWS TechShift ANZ 2018Amazon Web Services
Many of the fastest growing software businesses in Australia are going global by delivering software and services on the cloud, and choosing AWS to help them do this. These business are getting to market faster, improving the way they build and deliver their software, and focusing on the core features that matter to their customers. Come to this session to hear Adrian White, Head of Solutions Architecture - ISV, talk about the top software and technology trends on AWS to help you stay ahead of the curve. Also hear from Iain Rouse, Group Director Cloud at successful Australian ISV TechnologyOne, on how they've gone global with their software services, and how they've used AWS to do this. Finally, learn about the programs and products available to help you migrate, modernise and scale the delivery of your software services on AWS.
At Amazon it is always Day 1, which means staying focused on the customer with the ability to respond to ever changing opportunities and challenges with speed and agility. Thomas Blood, EMEA Enterprise Strategist for Amazon Web Services shares how Amazon and it’s cloud customers stay agile and grow their businesses by re-architecting not just their technology, but also their mission and culture.
An insight into how digital marketing organisations use Amazon Web Services and the benefits that our services bring to their business.
Phil Fitzsimons, Media Solutions Architect, AWS
When it comes to building our own services, our engineering groups have strong opinions, and they express them in the technologies they pick: Are microservices always the way to go? Should we choose serverless, containers, or serverless containers? Is relational over? Is Java over? Learn about our experience in building AWS services and working with customers on their cloud-native apps.
A Multi-Company Perspective: Enterprise Cloud and PaaSThoughtworks
Tech communities are always abuzz with the potential of Platform as a Service (PaaS). The promised ability to slash delivery times, allowing teams to iterate and release new features faster, has a growing number of organisations looking to implement PaaS in 2016.
In this presentation, industry leaders provide insights from the trenches by letting us enter the world of Cloud applications automation and PaaS. We also get a glimpse into why and how PaaS is widely adopted, as well as appreciate its constructs and challenges.
Further more, you can learn how build your delivery platform around AWS services, CloudFoundry or OpenShift and reflect on how best to create internal cloud and PaaS capabilities to change the way your organisation delivers software.
Modern Applications Development on AWSBoaz Ziniman
Modern Application Development, using Microservices and Serverless, allow you to build and run simpler and more efficient applications, while improving your agility and saving a lot of money.
The ability to deploy your applications without the need for provisioning or managing servers opens new opportunities to build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more, without the investment in hardware or professional manpower to run this hardware.
In this session, we will learn how to get started with Microservices and Serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers.
Applications built on a microservices-based architecture and packaged as containers bring several benefits to your organization. In this session, AWS highlights potential hurdles, how to plan your migration to microservices, and how to use containers and serverless architecture to manage this journey.
This session provides an introduction to the AWS platform and services. It explains how you can get started on your cloud journey and what resources you can use build sophisticated applications with increased flexibility, scalability and reliability. The session also covers the benefits customers are enjoying by moving to AWS cloud; increased agility, faster decision making and the ability to fail fast and innovate.
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
2. The new normal: companies are increasingly global
and products are completely digital
47%
of CEOs said they are
being challenged by
the board of directors
to make progress in
digital business
Source: Gartner
79%
of CIOs believe that
digital business is
making their IT
organizations better
prepared to change
67%
of all business leaders
believe that they must
pick up the pace of
digitalization to
remain competitive
3. To maintain competitive advantage,
digital businesses must innovate as rapidly as possible
FeedbackIdeas
Experiment
Innovation
Flywheel
4. Invention requires two things: the
ability to try a lot of experiments,
and not having to live with
the collateral damage of
failed experiments.“
Andy Jassy
CEO, Amazon Web Services
11. Capabilities of a modern application
Secure Resilient Elastic
Modular Automated Interoperable
12. Assess and
prioritize,
app by app
Pick path to
modernization
Lift & shift:
data center → EC2
Re-platform:
VMs → containers
Refactor:
monolith → microservices
Re-invent:
host fleets → serverless
Modern application development: a journey with
many paths
14. migrated ~850 applications running in ~5000 containers to Fargate to
reduce the undifferentiated heavy lifting that came with managing
Kubernetes
Re-platform
AWS Fargate
15. created a serverless stock trade validation system
in 3 months that improved processing times
by 67% while reducing costs by 50%
Re-invent
AWS Lambda
18. Enable security and compliance across the entire app lifecycle
Securing the lifecycle addresses blind spots without
slowing down innovation
Authenticate Authorize Audit & Govern Validate
Prevent unauthorized
access with strong
access control
Implement role-based
access control using
flexible policies
Evaluate app behavior &
ensure compliance
requirements are met
Verify each step to
ensure solutions work
only as intended
20. Structure apps as collections of microservices
When the impact of change is small,
release velocity can increase
Monolithic application
Does everything
Shared release pipeline
Rigid scaling
High impact of change
Hard to adopt new technologies
Microservices
Does one thing
Independent deployments
Independent scaling
Small impact of change
Choice of technology
21. Structure apps as collections of microservices
When the impact of change is small,
release velocity can increase
Microservices
Do one thing – Well
22. Structure apps as collections of microservices
Properties of microservices
Microservices
• Independent
• Individually Deployed & Scaled
• Polyglot
• Modular - Easily Replaced
• Decentralized
23. Structure apps as collections of microservices
Design Concepts
• Use managed services
• Focus on writing your business logic
(not on maintaining infrastructure)
• Loosely coupled & event driven
• Simplify delivery and discovery
AWS Lambda
AWS Fargate
24. Structure apps as collections of microservices
APIs and decoupled communications enable
automation and improves reliability
FUNCTION
API
API
MICROSERVICE
FUNCTION
EVENT
API
MICROSERVICE
EVENT
API
MICROSERVICE
APPLICATION
28. Common data categories and use cases
Relational
Referential
integrity, ACID
transactions,
schema-
on-write
Lift and shift, ERP,
CRM, finance
Key-value
High
throughput, low-
latency reads
and writes,
endless scale
Real-time bidding,
shopping cart,
social, product
catalog, customer
preferences
Document
Store
documents and
quickly access
querying on
any attribute
Content
management,
personalization,
mobile
In-memory
Query by key
with
microsecond
latency
Leaderboards,
real-time analytics,
caching
Graph
Quickly and
easily create
and navigate
relationships
between
data
Fraud detection,
social networking,
recommendation
engine
Time-series
Collect, store,
and process
data sequenced
by time
IoT applications,
event tracking
Ledger
Complete,
immutable, and
verifiable history
of all changes to
application data
Systems
of record, supply
chain, health care,
registrations,
financial
31. Build with serverless technologies as much as possible
Automation and abstraction frees you
No infrastructure to
provision or manage
Automatically scales
by unit of consumption
Pay for value
billing model
Highly available
and durable
32. Build with serverless technologies as much as possible
Choice of compute is core to the transformation
Serverless Containers
Long-running
Abstracts the OS
Fully-managed orchestration
Fully-managed cluster scaling
AWS Fargate
Serverless Functions
Event-driven
Many language runtimes
Data source integrations
No server management
AWS Lambda
33. Build with serverless technologies as much as possible
AWS container services landscape
Management
Deployment, Scheduling,
Scaling & Management of
containerized applications
Hosting
Where the containers run
Amazon Elastic
Container Service
Amazon Elastic
Container Service
for Kubernetes
Amazon EC2
AWS Fargate
Image Registry
Container Image Repository
Amazon Elastic
Container Registry
34. Build with serverless technologies as much as possible
Choice of compute is core to the transformation
Serverless Containers
Long-running
Abstracts the OS
Fully-managed orchestration
Fully-managed cluster scaling
AWS Fargate
Serverless Functions
Event-driven
Many language runtimes
Data source integrations
No server management
AWS Lambda
35. Build with serverless technologies as much as possible
Comparison of operational responsibility
AWS Lambda
Serverless functions
AWS Fargate
Serverless containers
ECS/EKS
Container-management as a service
EC2
Infrastructure-as-a-Service
More opinionated
Less opinionated
AWS manages Customer manages
• Data source integrations
• Physical hardware, software, networking,
and facilities
• Provisioning
• Application code
• Container orchestration, provisioning
• Cluster scaling
• Physical hardware, host OS/kernel,
networking, and facilities
• Application code
• Data source integrations
• Security config and updates, network config,
management tasks
• Container orchestration control plane
• Physical hardware software,
networking, and facilities
• Application code
• Data source integrations
• Work clusters
• Security config and updates, network config,
firewall, management tasks
• Physical hardware software,
networking, and facilities
• Application code
• Data source integrations
• Scaling
• Security config and updates, network config,
management tasks
• Provisioning, managing scaling and
patching of servers
36. Build with serverless technologies as much as possible
Serverless architectures provide the greatest agility
with the least effort
Focus on creating
business value
Remove heavy lifting with
serverless everything
CUSTOMER
AWS
Messaging & Orchestration
Compute
Physical Infrastructure
API
Business logic
Storage & Databases
37. Build with serverless technologies as much as possible
Amazon API Gateway
Fully managed service that makes it easy for
developers to publish, maintain, monitor,
and secure APIs at any scale
• Native AWS Service Integration
• Stage and version management
• API Authentication
• WebSockets support
38. Build with serverless technologies as much as possible
Coordinating multiple services with workflows
increases agility, productivity and flexibility
Track status of data
and execution
Remove
redundant code
40. Use code to model applications and infrastructure
Treating everything as software increases the speed
and agility of infrastructure deployments
Design
Write application
code
Create infrastructure
templates
Create stacks Iterate
41. Use code to model applications and infrastructure
Infrastructure as code
Declarative
I tell you
what I need
I tell you
what to do
Imperative
42. Use code to model applications and infrastructure
Infrastructure as code goals
1. Make infrastructure changes repeatable and predictable
2. Release infrastructure changes using the same tools as code changes
3. Replicate production environment in a staging environment to enable
continuous testing
43. Use code to model applications and infrastructure
Model function environments with AWS
Serverless Application Model (SAM)
• Open source framework for building serverless
applications on AWS
• Shorthand syntax to express functions, APIs,
databases, and event source mappings
• Transforms and expands SAM syntax into AWS
CloudFormation syntax on deployment
• Supports all AWS CloudFormation resource types
https://aws.amazon.com/serverless/sam/
44. Use code to model applications and infrastructure
SAM template
AWSTemplateFormatVersion: '2010-09-09’
Transform: AWS::Serverless-2016-10-31
Resources:
GetFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.get
Runtime: nodejs8.10
CodeUri: src/
Policies:
- DynamoDBReadPolicy:
TableName: !Ref MyTable
Events:
GetResource:
Type: Api
Properties:
Path: /resource/{resourceId}
Method: get
MyTable:
Type: AWS::Serverless::SimpleTable
Just 20 lines to create:
• Lambda function
• IAM role
• API Gateway
• DynamoDB table
45. Use code to model applications and infrastructure
Use SAM CLI to package and deploy SAM templates
pip install --user aws-sam-cli
sam logs
sam validate
sam local
sam init
sam build (--use-container)
sam package
sam deploy
sam publish
New
46. Use code to model applications and infrastructure
Nested apps to simplify solving recurring problems
Standard
Component
TweetSource:
Type: AWS::Serverless::Application
Properties:
Location:
ApplicationId: arn:aws:serverlessrepo:...
SemanticVersion: 2.0.0
Parameters:
TweetProcessorFunctionName: !Ref MyFunction
SearchText: '#serverless -filter:nativeretweets’
Custom
Business
Logic
48. Rapidly release high-quality features with CI/CD
Teams that practice CI/CD
ship more code faster, and with more confidence
Source: Puppet 2017 State of DevOps Report
5x
Lower change
failure rate
440x
Faster from
commit to deploy
46x
More frequent
deployments
44%
More time spent on
new features & code
49. Rapidly release high-quality features with CI/CD
Monolith development lifecycle
monitorreleasetestbuild
developers
delivery pipelines
services
52. Rapidly release high-quality features with CI/CD
AWS CodeDeploy
• Automates code deployments to any instance
and Lambda
• Handles the complexity of updating your
applications
• Avoid downtime during application deployment
• Roll back automatically if failure detected
• Deploy to Amazon EC2, Lambda, or on-premises
servers
53. Rapidly release high-quality features with CI/CD
CodeDeploy-Lambda deployments
• Shifts traffic using Lambda function weighted aliases
• Choose canary (“shift 10% of traffic for 10 minutes, then shift rest”) or
linear (“shift 10% more traffic every 10 minutes”)
• Validation “hooks” enable testing at each stage of the deployment
• Fast rollback in seconds if case of hook failure or CloudWatch alarms
• Monitor deployment status and history via console, API, Amazon
Simple Notification Service (Amazon SNS) notifications, and
CloudWatch Events
55. Rapidly release high-quality features with CI/CD
CodeDeploy – Lambda canary deployment
API
Gateway
Lambda
function
weighted
alias “live”
v1 Lambda
function
code
100%
56. Rapidly release high-quality features with CI/CD
CodeDeploy – Lambda canary deployment
API
Gateway
Lambda
function
weighted
alias “live”
v1 code100%
Run PreTraffic hook against v2 code before it receives traffic
v2 code0%
60. Use monitoring to optimize end user experience
The faster you identify issues, the faster they can be
resolved
Metrics, logs
and traces
Monitoring,
debugging and
alerts
Resource and
application
visibility
Real-time
insights
MONITORING
OBSERVABILITY
63. Benefits of using AWS X-Ray with Lambda
• X-Ray agent is natively built into Lambda.
• Identify initialization and cold starts in Lambda
• Pinpoint issues in downstream services called from your AWS
Lambda function.
• Happens with low latency in real-time. Can see traces in
seconds.
67. Keeps track of all your application
components, their locations, attributes, and
health status.
• Define convenient names for all cloud
resources
• Discover resources with specific attributes
• Ensure only healthy resources are
discovered
• Use highly available DNS and Regional API.
New: AWS Cloud Map