SlideShare a Scribd company logo

ENT315_Landing Zones

Amazon Web Services
Amazon Web Services

When migrating lots of applications to the AWS Cloud, it’s important to architect cloud environments that are efficient, secure, and compliant. Landing zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. In this session, we will review the benefits and best practices for developing landing zones as well as how to incorporate them into your migration process.

1 of 31
Download to read offline
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Landing Zones Creati ng a F ound ation for Your AWS Mi grati ons E n t e r p r i s e T r a c k E N T 3 1 5 N o v e m b e r 2 7 , 2 0 1 7 J o e H e a l y – A W S P r i n c i p a l C o n s u l t a n t C a r l M a s s a – M i n i s t r y o f J u s t i c e U K
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Session Agenda 1 Definition of the Problem 2 Landing Zone Concept 3 Components of a Landing Zone 4 Customer Story – Ministry of Justice UK
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is a Landing Zone? H • AWS best practices • AWS account structure • Patterns based • Standards defined • Adaptable foundation • Governance guardrails • Automation driven • Versioned infrastructure
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Account Structure Outcomes • Billing visibility • Environment isolation • Small blast radius • Centralized services • Centralized logs
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Identity Management
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – VPC Design Multi-AZ Public vs. Private Ingress/ Egress points
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Networking
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Continuous Compliance Event Driven Deployment Pipeline Holistic Inspection
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Build Buy VS. Landing Zone – Implementation Paths
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Customer Story
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zones: Flexible Foundations
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. UK GOVT. BUDGET WILL BE CUT BY 15% BY 2020 Ministry of Justice (MoJ) digital services are essential to protecting and advancing the principles of justice in the UK MoJ Digital uses open standards and open-source technologies to maximize cross- organization re-use Digital transformation pace has left no time for re-inventing how we ”keep the lights on”
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ALL OFFICIAL SERVICES IN CLOUD BY 2020 Almost 100 cloud- native digital services born in the cloud Transformation to achieve synergy Over 1,000 existing monolith workloads with history of transformations undercover, “big bang” release schedule, and “gated” culture, which is no longer fit for purpose Platform Security OperationsGovernance Spend Culture A Landing Zone is not just a platform Scaling up best practices
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LANDING ZONES ARE ENABLING US TO ACHIEVE OUR STRATEGIC GOALS Platform Security OperationsGovernance Spend Culture A Landing Zone is more than a place to deploy application code Multiple AWS accounts and VPCs with network connectivity back to legacy data centers Evolving, versioned, configuration available as re- usable patterns Cost visibility, predictability, and reporting for every digital service Usual conversation scope Information assurance baseline defined, continuously monitored and enforced through automation Self-service culture, migration skills acquired are easily deployed to next project Resiliency for minimized on- call duties, and integrated operations across the organization
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONTINUOUS ASSURANCE Framework to evaluate the security of cloud services, and to ensure the approach used is secure enough to handle the data Non-negotiable baseline enabling a consistent, quick start for new agencies Re-usable templates are provided to teams for common architectures, using the most common services Security OperationsCulture Landing Zones are an essential part of improving our security posture MoJ risks register and platforms data classification NCSC cloud security principles CIS Frame- work
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Central Team Service Manager Infrastructure Architect WebOps & Reliability Engineers BUILT BY BUILDERS, FOR BUILDERS Internal skills develop as migrations are completed and repeated Different perspectives and disciplines working together as a blended team OperationsCulture Landing Zones empower product teams to take ownership + Shared between multiple agency teams Transformation / Migration Lead Transformation / Migration Lead Product Owner Delivery Manager Developers Security Operations Information Assurance Agency Migration Team(s) Transformation/Migration Lead Programme Manager Delivery Manager Developers Information Assurance Service Manager Technical Architect QA Testers DBAs WebOps & Reliability Engineers
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SLAs ARE PROPORTIONATE TO LEVEL OF STANDARDIZATION Operations Landing Zones provide a Service Level framework Variability from stable/foundational to specific to every application/platform Infrequent changes, all configuration is versioned and can be ‘assured’ Occasional changes, can be centrally assured based on data classification May change frequently Frequent change Administrative Identity & Access Network Configuration Patterns Shared Data & Services Platform/ Application Data Application Infrastructure Application Code Central Team Local Platform Team Application Team Lean WebOps Team Service Catalog Coverage Baseline level of automation & standardization to ensure efficiency and continuous assurance Desired level of automation for existing applications (entry-level managed services) Default level of automation for cloud-native services Born in the cloud applications Existing core business applications
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEGAL AID AGENCY IS PIONEERING THE “NEW NORMAL” Seeking change the existing infrastructure contract is expiring in October 2018 Isolatedfrom broader UK MoJ organization which minimizes the risk – sometimes limitation can be a benefit too! Business need - platform transformation will allow greater cost optimization, agility, increased resiliency (DR was one of main business risks) and rationalization of technology debt (moving off SPARC) Existing skillset was there as applications were developed by internal teams and only infrastructure was outsourced 2,000,000 people in England and Wales provided with criminal legal aid and advice annually
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “DO AND REFLECT” APPROACH HELPED TO BUILD CONFIDENCE AND MOVE THROUGH UNCERTAINTY Initial effort estimation (30+ months) 1. Sort and practice Components and concerns were grouped into patterns with most critical ones tested as a Proof of Concept (with AWS Envision Engineering Center) 2. Re-usable approach As PoC were deployed to AWS, local team was able quickly scale PoC results and do spikes covering broader platform scope Current migration estimation (9-12 months) (thanks to 2.) First pattern cutover (3 months) (thanks to 4 & 5.) 3. Sprint workshop LAA, partner and AWS teams working together, sharing their findings and planning the migration 4. Automated testing (in progress) Accelerating application transformation process, enabling quicker release process 5. Landing Zone Starting small and simple, iterating on Landing Zone design, addressing all parts in parallel
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “REVOLVING DOOR” DECISION APPROACH AND RE-USABLE BITS ALLOW US TO MOVE QUICKLY WITH THE LANDING ZONES Platform Security OperationsGovernance Spend Culture Landing Zones force us to constantly iterative and improve 4 accounts, 2 VPC patterns, VPN and cross-account IAM roles management CI/CD pipeline for the first application pattern 10 tags sitting inside templates (no way to miss them) CIS Framework baseline + UK Official + NSCS recommendations Infrastructure as Code (IaC) CI/CD pipeline Centralized logging and monitoring © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LANDING ZONE CAN BE EXTENDED OR RE -USED AS PATTERN BY OTHER AGENCIES Anticipated to be scaled horizontally (multiple accounts) Anticipated to be scaled vertically (more agencies sharing processes and tools)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. OperationsCultureSecuritySpendGovernancePlatform WE ANTICIPATE THE CURRENT TARGET VISION WILL BE REFINED THROUGH EXPERIENCE… Landing Zones get better as we complete each migration > 100 accounts, integrated SSO & IAM roles management, scalable on-premises connectivity Service catalog as a single source of truth for infrastructure and application lifecycle needs & patterns Cost prediction and optimization based on automation Continuous assurance framework implemented and updated as part of IaaC Teams architecting for cost efficiency and resiliency, re-using patterns Proactive resilience and recovery, integrated teams
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. YET THE FRAMEWORK WILL STAY THE SAME A single set of directive, preventive, detective, and responsive controls across the landing zone Payer account Legal Aid Agency (Agency Pattern) Resources & Environments Resources & Environments Resources & Environments Shared services account (s) Network Access Resources & Environments Resources & Environments Resources & Environments Network Access Network Access Network Access Network Access Network Access Shared logging account (s) Shared audit account (s) Shared user federation account (TBD) Partner accounts Current scope Final outlook will be defined by MoJ-wide operations model
OUR PLANS TO MOVE FORWARD Application and infrastructure patterns reiteration sourced by next agencies coming on the platform Cross-pollinating new ways of working by rotating team membership and mentoring Processes refinement based on practical experience of operation in the cloud Next iterations for central team functional scope, extending financial team involvement © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEARNINGS SO FAR... - Move quickly - Have executive buy-in - Use revolving door decisions, ensure all stakeholders are participating - Keep on eye on available skills vs. managed services choices - Leverage AWS Support
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!

Recommended

GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaGPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
Amazon Web Services
 
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
Amazon Web Services
 
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
Amazon Web Services
 
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeGPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
Amazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security Team
Amazon Web Services
 
AI & Deep Learning At Amazon
AI & Deep Learning At AmazonAI & Deep Learning At Amazon
AI & Deep Learning At Amazon
Amazon Web Services
 
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Boaz Ziniman
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWS
Amazon Web Services
 

Recommended

GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaGPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
Amazon Web Services
 
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
Amazon Web Services
 
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
Amazon Web Services
 
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeGPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
Amazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security Team
Amazon Web Services
 
AI & Deep Learning At Amazon
AI & Deep Learning At AmazonAI & Deep Learning At Amazon
AI & Deep Learning At Amazon
Amazon Web Services
 
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018
Boaz Ziniman
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWS
Amazon Web Services
 
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
Amazon Web Services
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Amazon Web Services
 
Secure Your Customers' Data From Day One
Secure Your Customers' Data From Day OneSecure Your Customers' Data From Day One
Secure Your Customers' Data From Day One
Amazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
Amazon Web Services
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account Strategy
Amazon Web Services
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
Amazon Web Services
 
GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureGPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through Failure
Amazon Web Services
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
Amazon Web Services
 
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
Amazon Web Services
 
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in awsAWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Riyadh User Group
 
Modernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSModernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWS
Amazon Web Services
 
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech TalksImprove Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Amazon Web Services
 
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACModule 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Amazon Web Services
 
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingGetting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
Amazon Web Services
 
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Amazon Web Services
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWS
Amazon Web Services
 
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDSManaged Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
 
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game BalancingGAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
Amazon Web Services
 
ENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdfENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdf
Amazon Web Services
 
Soup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWSSoup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWS
Amazon Web Services
 
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
Amazon Web Services
 
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Amazon Web Services
 

More Related Content

What's hot

EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
Amazon Web Services
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Amazon Web Services
 
Secure Your Customers' Data From Day One
Secure Your Customers' Data From Day OneSecure Your Customers' Data From Day One
Secure Your Customers' Data From Day One
Amazon Web Services
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
Amazon Web Services
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account Strategy
Amazon Web Services
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
Amazon Web Services
 
GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureGPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through Failure
Amazon Web Services
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
Amazon Web Services
 
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
Amazon Web Services
 
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in awsAWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Riyadh User Group
 
Modernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSModernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWS
Amazon Web Services
 
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech TalksImprove Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Amazon Web Services
 
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACModule 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Amazon Web Services
 
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingGetting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
Amazon Web Services
 
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Amazon Web Services
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWS
Amazon Web Services
 
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDSManaged Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
 
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game BalancingGAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
Amazon Web Services
 
ENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdfENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdf
Amazon Web Services
 
Soup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWSSoup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWS
Amazon Web Services
 

What's hot (20)

EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
 
Secure Your Customers' Data From Day One
Secure Your Customers' Data From Day OneSecure Your Customers' Data From Day One
Secure Your Customers' Data From Day One
 
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdfWIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf
 
SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account Strategy
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
 
GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureGPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through Failure
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
 
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
FSV307-Capital Markets Discovery How FINRA Runs Trade Analytics and Surveilla...
 
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in awsAWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
AWS Technical Day Riyadh Nov 2019 - Scaling threat detection and response in aws
 
Modernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSModernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWS
 
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech TalksImprove Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech Talks
 
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACModule 1: AWS Introduction and History - AWSome Day Online Conference - APAC
Module 1: AWS Introduction and History - AWSome Day Online Conference - APAC
 
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingGetting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
 
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
Navigating Microservice Architecture with AWS - AWS Public Sector Summit Sing...
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWS
 
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDSManaged Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
 
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game BalancingGAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
GAM310_Build a Telemetry and Analytics Pipeline for Game Balancing
 
ENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdfENT203-Building a Solid Business Case for Cloud Migration.pdf
ENT203-Building a Solid Business Case for Cloud Migration.pdf
 
Soup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWSSoup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWS
 

Similar to ENT315_Landing Zones

GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
Amazon Web Services
 
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Amazon Web Services
 
An Overview of Best Practices for Large Scale Migrations
An Overview of Best Practices for Large Scale MigrationsAn Overview of Best Practices for Large Scale Migrations
An Overview of Best Practices for Large Scale Migrations
Amazon Web Services
 
GPSBUS212-Migration Tools – A Puzzle or Lego Blocks
GPSBUS212-Migration Tools – A Puzzle or Lego BlocksGPSBUS212-Migration Tools – A Puzzle or Lego Blocks
GPSBUS212-Migration Tools – A Puzzle or Lego Blocks
Amazon Web Services
 
Financial Services Industry Forum
Financial Services Industry ForumFinancial Services Industry Forum
Financial Services Industry Forum
Amazon Web Services LATAM
 
Accelerate Your Cloud Migration Journey.pdf
Accelerate Your Cloud Migration Journey.pdfAccelerate Your Cloud Migration Journey.pdf
Accelerate Your Cloud Migration Journey.pdf
Amazon Web Services
 
ENT212-An Overview of Best Practices for Large-Scale Migrations
ENT212-An Overview of Best Practices for Large-Scale MigrationsENT212-An Overview of Best Practices for Large-Scale Migrations
ENT212-An Overview of Best Practices for Large-Scale Migrations
Amazon Web Services
 
AWS Marketplace on Reaching Enterprises
AWS Marketplace on Reaching EnterprisesAWS Marketplace on Reaching Enterprises
AWS Marketplace on Reaching Enterprises
Amazon Web Services
 
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWSGPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
Amazon Web Services
 
Enabling Broad Organisational Transformation through the Adoption of AWS
Enabling Broad Organisational Transformation through the Adoption of AWSEnabling Broad Organisational Transformation through the Adoption of AWS
Enabling Broad Organisational Transformation through the Adoption of AWS
Amazon Web Services
 
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public SectorGPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
Amazon Web Services
 
規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐
Amazon Web Services
 
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
Amazon Web Services
 
GPSBUS209-AWS Partner Solutions
GPSBUS209-AWS Partner SolutionsGPSBUS209-AWS Partner Solutions
GPSBUS209-AWS Partner Solutions
Amazon Web Services
 
Design, Build, and Modernize Your Web Applications with AWS
Design, Build, and Modernize Your Web Applications with AWSDesign, Build, and Modernize Your Web Applications with AWS
Design, Build, and Modernize Your Web Applications with AWS
Irene Luong
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAP
Amazon Web Services
 
Build Your Case for the Cloud: How to Engage Stakeholders Across Your Business
Build Your Case for the Cloud: How to Engage Stakeholders Across Your BusinessBuild Your Case for the Cloud: How to Engage Stakeholders Across Your Business
Build Your Case for the Cloud: How to Engage Stakeholders Across Your Business
Amazon Web Services
 
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
Amazon Web Services
 
IOT311_Customer Stories of Things, Cloud, and Analytics on AWS
IOT311_Customer Stories of Things, Cloud, and Analytics on AWSIOT311_Customer Stories of Things, Cloud, and Analytics on AWS
IOT311_Customer Stories of Things, Cloud, and Analytics on AWS
Amazon Web Services
 
Containers on AWS - State of the Union - CON201 - re:Invent 2017
Containers on AWS - State of the Union - CON201 - re:Invent 2017Containers on AWS - State of the Union - CON201 - re:Invent 2017
Containers on AWS - State of the Union - CON201 - re:Invent 2017
Amazon Web Services
 

Similar to ENT315_Landing Zones (20)

GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
 
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
Cox Automotive’s Data Center Migration to the AWS Cloud - ENT330 - re:Invent ...
 
An Overview of Best Practices for Large Scale Migrations
An Overview of Best Practices for Large Scale MigrationsAn Overview of Best Practices for Large Scale Migrations
An Overview of Best Practices for Large Scale Migrations
 
GPSBUS212-Migration Tools – A Puzzle or Lego Blocks
GPSBUS212-Migration Tools – A Puzzle or Lego BlocksGPSBUS212-Migration Tools – A Puzzle or Lego Blocks
GPSBUS212-Migration Tools – A Puzzle or Lego Blocks
 
Financial Services Industry Forum
Financial Services Industry ForumFinancial Services Industry Forum
Financial Services Industry Forum
 
Accelerate Your Cloud Migration Journey.pdf
Accelerate Your Cloud Migration Journey.pdfAccelerate Your Cloud Migration Journey.pdf
Accelerate Your Cloud Migration Journey.pdf
 
ENT212-An Overview of Best Practices for Large-Scale Migrations
ENT212-An Overview of Best Practices for Large-Scale MigrationsENT212-An Overview of Best Practices for Large-Scale Migrations
ENT212-An Overview of Best Practices for Large-Scale Migrations
 
AWS Marketplace on Reaching Enterprises
AWS Marketplace on Reaching EnterprisesAWS Marketplace on Reaching Enterprises
AWS Marketplace on Reaching Enterprises
 
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWSGPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
GPSBUS215-Maximize Innovation and Agility by Building Your SAAS Solution on AWS
 
Enabling Broad Organisational Transformation through the Adoption of AWS
Enabling Broad Organisational Transformation through the Adoption of AWSEnabling Broad Organisational Transformation through the Adoption of AWS
Enabling Broad Organisational Transformation through the Adoption of AWS
 
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public SectorGPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
 
規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐規劃大規模遷移到 AWS 的最佳實踐
規劃大規模遷移到 AWS 的最佳實踐
 
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
RET303_Drive Warehouse Efficiencies with the Same AWS IoT Technology that Pow...
 
GPSBUS209-AWS Partner Solutions
GPSBUS209-AWS Partner SolutionsGPSBUS209-AWS Partner Solutions
GPSBUS209-AWS Partner Solutions
 
Design, Build, and Modernize Your Web Applications with AWS
Design, Build, and Modernize Your Web Applications with AWSDesign, Build, and Modernize Your Web Applications with AWS
Design, Build, and Modernize Your Web Applications with AWS
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAP
 
Build Your Case for the Cloud: How to Engage Stakeholders Across Your Business
Build Your Case for the Cloud: How to Engage Stakeholders Across Your BusinessBuild Your Case for the Cloud: How to Engage Stakeholders Across Your Business
Build Your Case for the Cloud: How to Engage Stakeholders Across Your Business
 
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
AWS Compute: What’s New in Amazon EC2, Containers and Serverless - CMP218 - r...
 
IOT311_Customer Stories of Things, Cloud, and Analytics on AWS
IOT311_Customer Stories of Things, Cloud, and Analytics on AWSIOT311_Customer Stories of Things, Cloud, and Analytics on AWS
IOT311_Customer Stories of Things, Cloud, and Analytics on AWS
 
Containers on AWS - State of the Union - CON201 - re:Invent 2017
Containers on AWS - State of the Union - CON201 - re:Invent 2017Containers on AWS - State of the Union - CON201 - re:Invent 2017
Containers on AWS - State of the Union - CON201 - re:Invent 2017
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

ENT315_Landing Zones

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Landing Zones Creati ng a F ound ation for Your AWS Mi grati ons E n t e r p r i s e T r a c k E N T 3 1 5 N o v e m b e r 2 7 , 2 0 1 7 J o e H e a l y – A W S P r i n c i p a l C o n s u l t a n t C a r l M a s s a – M i n i s t r y o f J u s t i c e U K
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Session Agenda 1 Definition of the Problem 2 Landing Zone Concept 3 Components of a Landing Zone 4 Customer Story – Ministry of Justice UK
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is a Landing Zone? H • AWS best practices • AWS account structure • Patterns based • Standards defined • Adaptable foundation • Governance guardrails • Automation driven • Versioned infrastructure
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Account Structure Outcomes • Billing visibility • Environment isolation • Small blast radius • Centralized services • Centralized logs
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Identity Management
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – VPC Design Multi-AZ Public vs. Private Ingress/ Egress points
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Networking
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Continuous Compliance Event Driven Deployment Pipeline Holistic Inspection
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Build Buy VS. Landing Zone – Implementation Paths
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zone – Customer Story
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Landing Zones: Flexible Foundations
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. UK GOVT. BUDGET WILL BE CUT BY 15% BY 2020 Ministry of Justice (MoJ) digital services are essential to protecting and advancing the principles of justice in the UK MoJ Digital uses open standards and open-source technologies to maximize cross- organization re-use Digital transformation pace has left no time for re-inventing how we ”keep the lights on”
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ALL OFFICIAL SERVICES IN CLOUD BY 2020 Almost 100 cloud- native digital services born in the cloud Transformation to achieve synergy Over 1,000 existing monolith workloads with history of transformations undercover, “big bang” release schedule, and “gated” culture, which is no longer fit for purpose Platform Security OperationsGovernance Spend Culture A Landing Zone is not just a platform Scaling up best practices
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LANDING ZONES ARE ENABLING US TO ACHIEVE OUR STRATEGIC GOALS Platform Security OperationsGovernance Spend Culture A Landing Zone is more than a place to deploy application code Multiple AWS accounts and VPCs with network connectivity back to legacy data centers Evolving, versioned, configuration available as re- usable patterns Cost visibility, predictability, and reporting for every digital service Usual conversation scope Information assurance baseline defined, continuously monitored and enforced through automation Self-service culture, migration skills acquired are easily deployed to next project Resiliency for minimized on- call duties, and integrated operations across the organization
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CONTINUOUS ASSURANCE Framework to evaluate the security of cloud services, and to ensure the approach used is secure enough to handle the data Non-negotiable baseline enabling a consistent, quick start for new agencies Re-usable templates are provided to teams for common architectures, using the most common services Security OperationsCulture Landing Zones are an essential part of improving our security posture MoJ risks register and platforms data classification NCSC cloud security principles CIS Frame- work
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Central Team Service Manager Infrastructure Architect WebOps & Reliability Engineers BUILT BY BUILDERS, FOR BUILDERS Internal skills develop as migrations are completed and repeated Different perspectives and disciplines working together as a blended team OperationsCulture Landing Zones empower product teams to take ownership + Shared between multiple agency teams Transformation / Migration Lead Transformation / Migration Lead Product Owner Delivery Manager Developers Security Operations Information Assurance Agency Migration Team(s) Transformation/Migration Lead Programme Manager Delivery Manager Developers Information Assurance Service Manager Technical Architect QA Testers DBAs WebOps & Reliability Engineers
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SLAs ARE PROPORTIONATE TO LEVEL OF STANDARDIZATION Operations Landing Zones provide a Service Level framework Variability from stable/foundational to specific to every application/platform Infrequent changes, all configuration is versioned and can be ‘assured’ Occasional changes, can be centrally assured based on data classification May change frequently Frequent change Administrative Identity & Access Network Configuration Patterns Shared Data & Services Platform/ Application Data Application Infrastructure Application Code Central Team Local Platform Team Application Team Lean WebOps Team Service Catalog Coverage Baseline level of automation & standardization to ensure efficiency and continuous assurance Desired level of automation for existing applications (entry-level managed services) Default level of automation for cloud-native services Born in the cloud applications Existing core business applications
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEGAL AID AGENCY IS PIONEERING THE “NEW NORMAL” Seeking change the existing infrastructure contract is expiring in October 2018 Isolatedfrom broader UK MoJ organization which minimizes the risk – sometimes limitation can be a benefit too! Business need - platform transformation will allow greater cost optimization, agility, increased resiliency (DR was one of main business risks) and rationalization of technology debt (moving off SPARC) Existing skillset was there as applications were developed by internal teams and only infrastructure was outsourced 2,000,000 people in England and Wales provided with criminal legal aid and advice annually
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “DO AND REFLECT” APPROACH HELPED TO BUILD CONFIDENCE AND MOVE THROUGH UNCERTAINTY Initial effort estimation (30+ months) 1. Sort and practice Components and concerns were grouped into patterns with most critical ones tested as a Proof of Concept (with AWS Envision Engineering Center) 2. Re-usable approach As PoC were deployed to AWS, local team was able quickly scale PoC results and do spikes covering broader platform scope Current migration estimation (9-12 months) (thanks to 2.) First pattern cutover (3 months) (thanks to 4 & 5.) 3. Sprint workshop LAA, partner and AWS teams working together, sharing their findings and planning the migration 4. Automated testing (in progress) Accelerating application transformation process, enabling quicker release process 5. Landing Zone Starting small and simple, iterating on Landing Zone design, addressing all parts in parallel
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “REVOLVING DOOR” DECISION APPROACH AND RE-USABLE BITS ALLOW US TO MOVE QUICKLY WITH THE LANDING ZONES Platform Security OperationsGovernance Spend Culture Landing Zones force us to constantly iterative and improve 4 accounts, 2 VPC patterns, VPN and cross-account IAM roles management CI/CD pipeline for the first application pattern 10 tags sitting inside templates (no way to miss them) CIS Framework baseline + UK Official + NSCS recommendations Infrastructure as Code (IaC) CI/CD pipeline Centralized logging and monitoring © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LANDING ZONE CAN BE EXTENDED OR RE -USED AS PATTERN BY OTHER AGENCIES Anticipated to be scaled horizontally (multiple accounts) Anticipated to be scaled vertically (more agencies sharing processes and tools)
  • 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. OperationsCultureSecuritySpendGovernancePlatform WE ANTICIPATE THE CURRENT TARGET VISION WILL BE REFINED THROUGH EXPERIENCE… Landing Zones get better as we complete each migration > 100 accounts, integrated SSO & IAM roles management, scalable on-premises connectivity Service catalog as a single source of truth for infrastructure and application lifecycle needs & patterns Cost prediction and optimization based on automation Continuous assurance framework implemented and updated as part of IaaC Teams architecting for cost efficiency and resiliency, re-using patterns Proactive resilience and recovery, integrated teams
  • 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. YET THE FRAMEWORK WILL STAY THE SAME A single set of directive, preventive, detective, and responsive controls across the landing zone Payer account Legal Aid Agency (Agency Pattern) Resources & Environments Resources & Environments Resources & Environments Shared services account (s) Network Access Resources & Environments Resources & Environments Resources & Environments Network Access Network Access Network Access Network Access Network Access Shared logging account (s) Shared audit account (s) Shared user federation account (TBD) Partner accounts Current scope Final outlook will be defined by MoJ-wide operations model
  • 29. OUR PLANS TO MOVE FORWARD Application and infrastructure patterns reiteration sourced by next agencies coming on the platform Cross-pollinating new ways of working by rotating team membership and mentoring Processes refinement based on practical experience of operation in the cloud Next iterations for central team functional scope, extending financial team involvement © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEARNINGS SO FAR... - Move quickly - Have executive buy-in - Use revolving door decisions, ensure all stakeholders are participating - Keep on eye on available skills vs. managed services choices - Leverage AWS Support
  • 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!