In this webinar, we will take a deep dive into AWS Organizations, what it is, and why you should use it. We will review how to use the open-source tool org-formation to manage your entire AWS Organization using infrastructure-as-code.
Serverless Summit 21 - Resilient serverless architecture on AWSLee Gilmore
Resilient serverless architectures on AWS by Lee Gilmore - Serverless Summit 2021 (17th November 2021)
Three key factors in building resilient serverless architectures
https://www.serverless-summit.io/
API310 - How to refactor a monolith to serverless in 8 stepsYan Cui
Refactoring a monolith to serverless can be intimidating, but there are discrete steps that you can take to simplify the process. In this chalk talk, we outline eight steps for successfully refactoring your monolith and highlight key decision points such as language and tooling choices. Through real-world examples of successful migrations, we uncover common mistakes, useful techniques for identifying components for migration and service boundaries, and processes for migrating large amounts of data without downtime. Bring your refactoring challenges to this interactive session to see how these techniques can be applied in the context of your own application.
Why your next serverless project should use AWS AppSyncYan Cui
In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
Serverless in production, an experience report (JeffConf)Yan Cui
In this talk Yan Cui shares his experience of migrating an existing monolithic architecture for a social network to AWS Lambda, and how it empowered a small team to deliver features quickly and how they address operational concerns such as CI/CD, logging, monitoring and config management.
The present and future of Serverless observabilityYan Cui
As engineers, we’re empowered by advancements in cloud platforms to build ever more complex systems that can achieve amazing feats at a scale previously only possible for the elite few. The monitoring tools have evolved over the years to accommodate our growing needs with these increasingly complex systems, but the emergence of serverless technologies like AWS Lambda has shifted the landscape and broken some of the underlying assumptions that existing tools are built upon - eg. you can no longer access the underlying host to install monitoring agents/daemons, and it’s no longer feasible to use background threads to send monitoring data outside the critical path.
Furthermore, event-driven architectures has become easily accessible and widely adopted by those adopting serverless technologies, and this trend has added another layer of complexity with how we monitor and debug our systems as it involves tracing executions that flow through async invocations, and often fan’d-out and fan’d-in via various event processing patterns.
Join us in this talk as Yan Cui gives us an overview of the challenges with observing a serverless architecture (ephemerality, no access to host OS, no background thread for sending monitoring data, etc.), the tradeoffs to consider, and the state of the tooling for serverless observability.
One of the most common performance issues in serverless architectures is elevated latencies from external services, such as DynamoDB, ElasticSearch or Stripe. In this webinar, we will focus on how to monitor, detect and fix latency issues that arise when our Lambda functions need to talk to other services.
Serverless Summit 21 - Resilient serverless architecture on AWSLee Gilmore
Resilient serverless architectures on AWS by Lee Gilmore - Serverless Summit 2021 (17th November 2021)
Three key factors in building resilient serverless architectures
https://www.serverless-summit.io/
API310 - How to refactor a monolith to serverless in 8 stepsYan Cui
Refactoring a monolith to serverless can be intimidating, but there are discrete steps that you can take to simplify the process. In this chalk talk, we outline eight steps for successfully refactoring your monolith and highlight key decision points such as language and tooling choices. Through real-world examples of successful migrations, we uncover common mistakes, useful techniques for identifying components for migration and service boundaries, and processes for migrating large amounts of data without downtime. Bring your refactoring challenges to this interactive session to see how these techniques can be applied in the context of your own application.
Why your next serverless project should use AWS AppSyncYan Cui
In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
Serverless in production, an experience report (JeffConf)Yan Cui
In this talk Yan Cui shares his experience of migrating an existing monolithic architecture for a social network to AWS Lambda, and how it empowered a small team to deliver features quickly and how they address operational concerns such as CI/CD, logging, monitoring and config management.
The present and future of Serverless observabilityYan Cui
As engineers, we’re empowered by advancements in cloud platforms to build ever more complex systems that can achieve amazing feats at a scale previously only possible for the elite few. The monitoring tools have evolved over the years to accommodate our growing needs with these increasingly complex systems, but the emergence of serverless technologies like AWS Lambda has shifted the landscape and broken some of the underlying assumptions that existing tools are built upon - eg. you can no longer access the underlying host to install monitoring agents/daemons, and it’s no longer feasible to use background threads to send monitoring data outside the critical path.
Furthermore, event-driven architectures has become easily accessible and widely adopted by those adopting serverless technologies, and this trend has added another layer of complexity with how we monitor and debug our systems as it involves tracing executions that flow through async invocations, and often fan’d-out and fan’d-in via various event processing patterns.
Join us in this talk as Yan Cui gives us an overview of the challenges with observing a serverless architecture (ephemerality, no access to host OS, no background thread for sending monitoring data, etc.), the tradeoffs to consider, and the state of the tooling for serverless observability.
One of the most common performance issues in serverless architectures is elevated latencies from external services, such as DynamoDB, ElasticSearch or Stripe. In this webinar, we will focus on how to monitor, detect and fix latency issues that arise when our Lambda functions need to talk to other services.
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
Cloud adoption is driving digital business growth and enabling companies to shift to processes and practices that make innovation continual. As with any paradigm shift, cloud computing requires different rules and a different way of thinking. This presentation will highlight best practices to build and secure scalable systems in the cloud and capitalize on the cloud with confidence and clarity.
In this session we will cover:
Key market drivers and advantages for leveraging cloud architectures.
Foundational design principles to guide strategy for securely leveraging the cloud.
The “Defense in Depth” approach to building secure services in the cloud, whether it’s private, public, or hybrid.
Real-world customer insights from organizations who have successfully adopted the ""Defense in Depth"" approach.
Session sponsored by Sumo Logic.
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you will learn about the benefits of serverless architectures and the basics of the serverless stack AWS provides. We will also walk through how you can use serverless architectures for everything from data processing to mobile and web backends.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Jeremy Edberg, Co-Founder, CloudNative, & AWS Community Hero
The present and future of Serverless observabilityYan Cui
As engineers, we're empowered by advancements in cloud platforms to build ever more complex systems that can achieve amazing feats at a scale previously only possible for the elite few. The monitoring tools have evolved over the years to accommodate our growing needs with these increasingly complex systems, but the emergence of serverless technologies like AWS Lambda has shifted the landscape and broken some of the underlying assumptions that existing tools are built upon - eg. you can no longer access the underlying host to install monitoring agents/daemons, and it's no longer feasible to use background threads to send monitoring data outside the critical path.
Furthermore, event-driven architectures has become easily accessible and widely adopted by those adopting serverless technologies, and this trend has added another layer of complexity with how we monitor and debug our systems as it involves tracing executions that flow through async invocations, and often fan'd-out and fan'd-in via various event processing patterns.
Join us in this talk as serverless expert Yan Cui gives us an overview of the challenges with observing a serverless architecture, the tradeoffs to consider, the current state of the tooling for serverless observability and a sneak peek at some of the new and coming tools that will hopefully inform us what the future of serverless observability might look like.
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR HadoopAdrian Cockcroft
A introductory discussion of cloud computing and capacity planning implications is followed by a step by step guide to running a Hadoop job in EMR, and finally a discussion of how to write your own Hadoop queries.
Learn about what a serverless architecture is, why they are growing in popularity, and who the key players are in a serverless API build on the AWS platform. Then get started building your own servless API!
Adopting DevOps in an organization can start in many ways but from the technical perspective, a solid continuous integration environment is the mandatory foundation for many of the tools used by a DevOps team. This webinar shows how to build a continuous integration environment on Amazon Web Services (AWS) using services such as Amazon EC2, Amazon RDS and AWS CloudFormation. We also cover the benefits of using Amazon VPC to enable VPN access to the environment components, such as the source code repository, or the issue tracking database.
Demos included in this webinar:
- Building a core continuous integration environment with components such as Jenkins, Git and Bugzila, using Amazon EC2, Amazon RDS and Amazon CloudFormation.
- Baseline maintenance of the continuous integration environment.
View the Recording: http://youtu.be/5dJxhX1ChT4
Building a social network in under 4 weeks with Serverless and GraphQLYan Cui
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Recording of this talk is available at https://www.youtube.com/watch?v=evsz__BDprs
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
Since AWS launched Lambda in 2014, the term “serverless” has been used (and misused) to describe compute models, technologies, architectural patterns, operational constructs, and even rebranded cgi-bins. The term is now used so broadly that it’s turning into a buzzword with no discernible meaning.
In this talk, we’ll cut through all the marketing hype, and discuss why the underlying concept of “serverless”, and the superpowers that come with it, are much more important than the name itself.
"Amazon Inspector is a new service from AWS that identifies security issues in your application deployments. Use Inspector with your applications to assess your security posture and identify areas that can be improved. Inspector works with your Amazon EC2 instances to monitor activity in your applications and system.
This session will cover getting started with Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Inspector."
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...Amazon Web Services
Ensuring security and compliance across a globally distributed, large-scale AWS deployment requires a scalable process and a comprehensive set of technologies. In this session, Adobe will deep-dive into the AWS native monitoring and security services and some Splunk technologies leveraged globally to perform security monitoring across a large number of AWS accounts. You will learn about Adobe’s collection plumbing including components of S3, Kinesis, CloudWatch, SNS, Dynamo DB and Lambda, as well as the tooling and processes used at Adobe to deliver scalable monitoring without managing an unwieldy number of API keys and input stanzas. Session sponsored by Splunk.
AWS Competency Partner
Microservice Architecture on AWS using AWS Lambda and Docker ContainersDanilo Poccia
The use of microservices as an architectural pattern, decomposing an application into small, independent components, can improve development, deployment and security. We’ll build a real architecture using AWS Lambda to run event-based functions and Amazon EC2 Container Service and AWS Elastic Beanstalk to manage backend and frontend Docker containers. We’ll evolve from a web based interface to a mobile, cross platform architecture, using a least-privilege approach on security based on AWS Identity and Access Management roles.
At the end of this presentation, audience will be aware of the following topics.
1. Introduction to AWS
2. Accessing AWS console via cli.
3. Launching and logging into an EC2 instance
4. Creating a S3 bucket and uploading an image.
5. Security misconfigurations in S3 bucket.
6. Subdomain takeover via S3 bucket.
7. Hardcoded AWS credentials in github.
8. Aasna AWS credentials leak using pixel flood attack
9. Murder in the cloud - Codespace hack
(DVO311) Containers, Red Hat & AWS For Extreme IT AgilityAmazon Web Services
Red Hat is helping organizations like Duke University become more efficient by delivering environmental parity for container-based applications across physical, virtual, private cloud, and public cloud environments. Red Hat delivers a comprehensive, integrated, and modular platform for containerized application delivery across the open hybrid cloud - from the OS platform, to software-defined storage, to development and deployment, and management. Through its work with Certified Cloud Service Providers like AWS, Red Hat ensures that application containers built for Red Hat Enterprise Linux can seamlessly move across public clouds. In this session, you will learn how Duke University used containers on Red Hat Enterprise Linux and AWS to combat a denial-of-service attack; how companies are using containers to increase the quality and speed of software delivery; key considerations for implementing container-based applications that can be moved across public clouds; and challenges organizations experience when using containers and how to address them. This session is sponsored by Red Hat.
Presented at ServerlessConf NYC 2016.
What happens when you give 6k developers access to the cloud? Introducing Cloud Custodian, an opensource project from Capital One, which provides a DSL for AWS management that operates in real-time using cloud watch events and lambda. We use it for the gamut of compliance/encryption/cost controls. What can it do for you?
Managing your AWS Organization using org-formationOlaf Conijn
AWS Organizations is great way to mange serverless applications across different AWS Accounts (like development and production). At Moneyou we have considerable experience managing large and complex serverless application that need to adhere to the highest of standards. The tool we use to do this is called org-formation and has sparked quite some interest by other companies doing serverless.
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
Cloud adoption is driving digital business growth and enabling companies to shift to processes and practices that make innovation continual. As with any paradigm shift, cloud computing requires different rules and a different way of thinking. This presentation will highlight best practices to build and secure scalable systems in the cloud and capitalize on the cloud with confidence and clarity.
In this session we will cover:
Key market drivers and advantages for leveraging cloud architectures.
Foundational design principles to guide strategy for securely leveraging the cloud.
The “Defense in Depth” approach to building secure services in the cloud, whether it’s private, public, or hybrid.
Real-world customer insights from organizations who have successfully adopted the ""Defense in Depth"" approach.
Session sponsored by Sumo Logic.
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you will learn about the benefits of serverless architectures and the basics of the serverless stack AWS provides. We will also walk through how you can use serverless architectures for everything from data processing to mobile and web backends.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Jeremy Edberg, Co-Founder, CloudNative, & AWS Community Hero
The present and future of Serverless observabilityYan Cui
As engineers, we're empowered by advancements in cloud platforms to build ever more complex systems that can achieve amazing feats at a scale previously only possible for the elite few. The monitoring tools have evolved over the years to accommodate our growing needs with these increasingly complex systems, but the emergence of serverless technologies like AWS Lambda has shifted the landscape and broken some of the underlying assumptions that existing tools are built upon - eg. you can no longer access the underlying host to install monitoring agents/daemons, and it's no longer feasible to use background threads to send monitoring data outside the critical path.
Furthermore, event-driven architectures has become easily accessible and widely adopted by those adopting serverless technologies, and this trend has added another layer of complexity with how we monitor and debug our systems as it involves tracing executions that flow through async invocations, and often fan'd-out and fan'd-in via various event processing patterns.
Join us in this talk as serverless expert Yan Cui gives us an overview of the challenges with observing a serverless architecture, the tradeoffs to consider, the current state of the tooling for serverless observability and a sneak peek at some of the new and coming tools that will hopefully inform us what the future of serverless observability might look like.
Crunch Your Data in the Cloud with Elastic Map Reduce - Amazon EMR HadoopAdrian Cockcroft
A introductory discussion of cloud computing and capacity planning implications is followed by a step by step guide to running a Hadoop job in EMR, and finally a discussion of how to write your own Hadoop queries.
Learn about what a serverless architecture is, why they are growing in popularity, and who the key players are in a serverless API build on the AWS platform. Then get started building your own servless API!
Adopting DevOps in an organization can start in many ways but from the technical perspective, a solid continuous integration environment is the mandatory foundation for many of the tools used by a DevOps team. This webinar shows how to build a continuous integration environment on Amazon Web Services (AWS) using services such as Amazon EC2, Amazon RDS and AWS CloudFormation. We also cover the benefits of using Amazon VPC to enable VPN access to the environment components, such as the source code repository, or the issue tracking database.
Demos included in this webinar:
- Building a core continuous integration environment with components such as Jenkins, Git and Bugzila, using Amazon EC2, Amazon RDS and Amazon CloudFormation.
- Baseline maintenance of the continuous integration environment.
View the Recording: http://youtu.be/5dJxhX1ChT4
Building a social network in under 4 weeks with Serverless and GraphQLYan Cui
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Recording of this talk is available at https://www.youtube.com/watch?v=evsz__BDprs
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
Since AWS launched Lambda in 2014, the term “serverless” has been used (and misused) to describe compute models, technologies, architectural patterns, operational constructs, and even rebranded cgi-bins. The term is now used so broadly that it’s turning into a buzzword with no discernible meaning.
In this talk, we’ll cut through all the marketing hype, and discuss why the underlying concept of “serverless”, and the superpowers that come with it, are much more important than the name itself.
"Amazon Inspector is a new service from AWS that identifies security issues in your application deployments. Use Inspector with your applications to assess your security posture and identify areas that can be improved. Inspector works with your Amazon EC2 instances to monitor activity in your applications and system.
This session will cover getting started with Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Inspector."
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...Amazon Web Services
Ensuring security and compliance across a globally distributed, large-scale AWS deployment requires a scalable process and a comprehensive set of technologies. In this session, Adobe will deep-dive into the AWS native monitoring and security services and some Splunk technologies leveraged globally to perform security monitoring across a large number of AWS accounts. You will learn about Adobe’s collection plumbing including components of S3, Kinesis, CloudWatch, SNS, Dynamo DB and Lambda, as well as the tooling and processes used at Adobe to deliver scalable monitoring without managing an unwieldy number of API keys and input stanzas. Session sponsored by Splunk.
AWS Competency Partner
Microservice Architecture on AWS using AWS Lambda and Docker ContainersDanilo Poccia
The use of microservices as an architectural pattern, decomposing an application into small, independent components, can improve development, deployment and security. We’ll build a real architecture using AWS Lambda to run event-based functions and Amazon EC2 Container Service and AWS Elastic Beanstalk to manage backend and frontend Docker containers. We’ll evolve from a web based interface to a mobile, cross platform architecture, using a least-privilege approach on security based on AWS Identity and Access Management roles.
At the end of this presentation, audience will be aware of the following topics.
1. Introduction to AWS
2. Accessing AWS console via cli.
3. Launching and logging into an EC2 instance
4. Creating a S3 bucket and uploading an image.
5. Security misconfigurations in S3 bucket.
6. Subdomain takeover via S3 bucket.
7. Hardcoded AWS credentials in github.
8. Aasna AWS credentials leak using pixel flood attack
9. Murder in the cloud - Codespace hack
(DVO311) Containers, Red Hat & AWS For Extreme IT AgilityAmazon Web Services
Red Hat is helping organizations like Duke University become more efficient by delivering environmental parity for container-based applications across physical, virtual, private cloud, and public cloud environments. Red Hat delivers a comprehensive, integrated, and modular platform for containerized application delivery across the open hybrid cloud - from the OS platform, to software-defined storage, to development and deployment, and management. Through its work with Certified Cloud Service Providers like AWS, Red Hat ensures that application containers built for Red Hat Enterprise Linux can seamlessly move across public clouds. In this session, you will learn how Duke University used containers on Red Hat Enterprise Linux and AWS to combat a denial-of-service attack; how companies are using containers to increase the quality and speed of software delivery; key considerations for implementing container-based applications that can be moved across public clouds; and challenges organizations experience when using containers and how to address them. This session is sponsored by Red Hat.
Presented at ServerlessConf NYC 2016.
What happens when you give 6k developers access to the cloud? Introducing Cloud Custodian, an opensource project from Capital One, which provides a DSL for AWS management that operates in real-time using cloud watch events and lambda. We use it for the gamut of compliance/encryption/cost controls. What can it do for you?
Managing your AWS Organization using org-formationOlaf Conijn
AWS Organizations is great way to mange serverless applications across different AWS Accounts (like development and production). At Moneyou we have considerable experience managing large and complex serverless application that need to adhere to the highest of standards. The tool we use to do this is called org-formation and has sparked quite some interest by other companies doing serverless.
As companies shift workloads into the cloud, IT organizations are required to manage an increasing number of cloud resources. AWS provides a broad set of services that help IT organizations with provisioning, tracking, auditing, configuration management, and cost management of their AWS resources. In this session, we will explore the AWS Management Tools suite of services that support the lifecycle management of AWS resources at scale and enable IT governance and compliance. The Deep Dive on AWS Management Tools session will benefit both new and experienced IT administrators, systems administrators, and developers operating infrastructure on AWS and interested in learning about the AWS resource management capabilities.
AWS Landing Zone - Architecting Security and GovernanceAkesh Patil
This slide deck provides an overview of the AWS Landing Zone, which is a well-architected, multi-account AWS environment designed to be scalable and secure. It serves as a starting point for organizations to quickly launch and deploy workloads and applications on AWS.
The deck explains the key components and capabilities of the AWS Landing Zone, including:
The use of AWS Control Tower, a service that simplifies the setup and governance of a multi-account Landing Zone environment following AWS best practices.
1. The Landing Zone's objectives, such as establishing an account structure, developing a governance framework, implementing centralized identity and access management, and optimizing costs.
2. The technical foundations of the Landing Zone, including Organization Units (OUs), preventive and detective guardrails, and the integration of AWS security services like CloudTrail, Config, GuardDuty, Inspector, and Security Hub.
Using AWS Management Tools to Enable Governance, Compliance, Operational, and...Amazon Web Services
In this session, you learn how to enable governance, compliance, operational, and risk auditing of your AWS account. Approaches discussed include a combination of continuous monitoring and assessing, auditing, and evaluating your AWS resources. With AWS management tools, you can view a history of AWS API calls for your various accounts, review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, determine your overall compliance against the configurations specified in your internal guidelines, and give developers and systems administrators a secure and compliant means to create and manage AWS resources.
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWSAmazon Web Services
"Do you need to develop a business case for moving to cloud or communicate business value of your investment in AWS? This session introduces you to methods and tools to help you calculate total cost of ownership (TCO) and evaluate your business value gains from AWS.
In this session, you learn how to measure TCO and business value, and communicate a business case to organizations such as finance and procurement. You compare the costs of running your own IT infrastructure on-premises vs. on AWS and quantify intangible benefits. You also learn about resources available from AWS to help you engage in business value conversations with your organization’s leaders and what contact is available to you for further evaluation. "
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and explain features for account structuring, user configuration, provisioning, networking and operation automation. The Migration Landing Zone solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and AWS Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations.
Speaker: Koen Biggelaar, Senior Manager, Solutions Architecture, Amazon Web Services and Mahmoud ElZayet
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and will cover solutions for account structure, user configuration, provisioning, networking and operation automation. This solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and Amazon Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations. Additionally, Philips will explain their cloud journey and how they have applied their guiding principles when building their landing zone.
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
As Chick-fil-A became a cloud-first organization, their security team didn't want to become the bottleneck for agility. But the security team also wanted to raise the bar for their security posture on AWS. Robert Davis, security architect at Chick-fil-A, provides an overview about how he and his team recognized that writing code was the best way for their security policies to scale across the many AWS accounts that Chick-fil-A operates. The use of DevSecOps within Chick-fil-A led to the creation of a set of account bootstrapping tools, auditing capabilities, and event-based policy enforcement. This session goes over these tools and how they were built on AWS.
ENT302 Deep Dive on AWS Management Tools and New LaunchesAmazon Web Services
As companies shift workloads into the cloud, IT organizations are required to manage an increasing number of cloud resources. AWS provides a broad set of services that help IT organizations with provisioning, tracking, auditing, configuration management, and cost management of their AWS resources. In this session, we will explore the AWS Management Tools suite of services that support the lifecycle management of AWS resources at scale and enable IT governance and compliance. The Deep Dive on AWS Management Tools session will benefit both new and experienced IT administrators, systems administrators, and developers operating infrastructure on AWS and interested in learning about the AWS resource management capabilities.
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
This session will demonstrate how to embrace DevSecOps to improve your security and compliance agility and posture within the highly regulated HIPAA environment. We will cover compliance frameworks, data decoupling strategies to fully utilize AWS, and best practices learned from the industry most active cloud adopters.
Elasticity and security are enabling enterprises to move highly regulated workloads to the AWS Cloud. However, given the sensitivity around this protected customer data, what newly released services can be implemented to remain secure and compliant? Find out in this session for Chief Security, Risk and Compliance Officers.
Speaker: Dave Walker, Security Solutions Architect, Amazon Web Services
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
Launch AWS Faster using Automated Landing Zones - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn about the AWS best practice recommendations for setting up your environment
- Learn how the automated AWS Landing Zone solution can set up a baseline environment in just a few hours
- Learn how you can extend the AWS Landing Zone to meet your organization's requirements
AWS re:Invent 2016: Reduce Your Blast Radius by Using Multiple AWS Accounts P...Amazon Web Services
This session shows you how to reduce your blast radius by using multiple AWS accounts per region and service, which helps limit the impact of a critical event such as a security breach. Using multiple accounts helps you define boundaries and provides blast-radius isolation. Though managing multiple accounts can be difficult, we will present an upcoming AWS solution that will help automate the process for controlling cross- account access by managing roles across multiple accounts.
Similar to Mastering AWS Organizations with Infrastructure as code (20)
Delivered at the Serverless Summit 2022. Learn how to design serverless systems and tip the balance of trade-offs in your favour.
To learn how to build production-grade serverless applications, check out my upcoming workshops at productionreadyserverless.com and get 15% off with the code "serverlesssummit22".
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
How to choose the right messaging service for your workloadYan Cui
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
Patterns and practices for building resilient serverless applications.pdfYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production.
Serverless observability - a hero's perspectiveYan Cui
Yan Cui, an AWS Serverless Hero, will talk about the learnings from using serverless at scale.
He will cover the challenges for observability in serverless asynchronous workloads and the patterns to address those challenges, like using centralized logging, correlation IDs, tracing, lambda extensions.
How to ship customer value faster with step functionsYan Cui
Learn all about AWS Step Functions and how to use them to model business workflows and ship customer values quickly. In this session, we will talk about what is Step Functions, how to model business workflows as state machines, real-world case studies, and design patterns. By the end of this webinar, you should have a good idea of where Step Functions fit into your application and why you should use them (and why not!) to model workflows instead of building a custom solution yourself.
One of the key characteristics of serverless components is the pay-per-use pricing model. For example, with AWS Lambda, you don’t pay for the uptime of the underlying infrastructure but for the no. of invocations and how long your code actually runs for.
This important characteristic removes the need for many premature micro-optimizations as your cost is always tightly linked to usage and minimizes waste. As a result, many applications would run at a fraction of the cost if they were moved to serverless.
The pay-per-use pricing model also enables more accurate cost prediction and monitoring based on your application’s throughput. This gives rise to the notion of FinDev, where finance and development can intersect and allows optimization to be targeted to give the optimal return-on-invest on the engineering efforts.
And by building your application on serverless components, you can also leverage it as a business advantage and offer a more competitive, usage-based pricing to your customers. Which is going to be crucial at a time when businesses all around the world are affected by COVID and are looking for better efficiencies.
In this webinar, we will cover topics such as:
- How does the cost of serverless differ from serverful applications?
- How to predict and monitor cost in serverless applications?
- When should you optimize for cost?
- How can you leverage usage-based pricing as a business advantage?
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
Patterns and practices for building resilient serverless applicationsYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production
How to bring chaos engineering to serverlessYan Cui
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build a defence against them and make our serverless applications more robust and more resilient!
Migrating existing monolith to serverless in 8 stepsYan Cui
Refactoring a monolith to serverless can be intimidating, but there are discrete steps that you can take to simplify the process. In this talk, AWS Serverless Hero Yan Cui outlines 8 steps to successfully refactor your monolith and highlight key decision points such as language and tooling choices.
Building a social network in under 4 weeks with Serverless and GraphQLYan Cui
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
FinDev as a business advantage in the post covid19 economyYan Cui
The impact COVID19 has had on consumer economy, ripples out to other service providers - analytics tools, etc because everyone is going to be squeezed. And the variable-cost (or pay-as-you-use) pricing model will be more appealing as companies tighten up their budgets for non-essential services/tools.
AWS has improved Lambda cold starts by leaps and bounds in the last year. But for performance-sensitive applications such as user-facing APIs, Lambda cold starts are still a thorn in one’s side, especially when working with languages such as Java and .Net Core.
In this webinar, we will dive into strategies for improving cold start latency and how to mitigate them altogether with Provisioned Concurrency, and how Lumigo helps you optimize your use of Provisioned Concurrency.
In this session, we will look at 10 common use cases for AWS Lambda such as REST APIs, WebSockets, IoT and building event-driven systems. We will also touch on some of the latest platform features such as Provisioned Concurrency, EFS integration and Lambda Destinations and when and where we should use them.
A chaos experiment a day, keeping the outage awayYan Cui
Presented at ServerlessDays Warsaw
Recording: https://youtu.be/21HprKZQczs
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build defence against them and make our serverless applications more robust and more resilient!
One of the most common performance issues in serverless architectures is elevated latencies from external services, such as DynamoDB, ElasticSearch or Stripe.
In this webinar, we will show you how to quickly identify and debug these problems, and some best practices for dealing with poor performing 3rd party services.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. • Full subsidiary of ABN AMRO
• Online savings since 2008
• 0.5 mio customers in NL and DE
• Combined savings & payments product
• Small organization (<160 fte)
• Focus on UX and customer value
About Moneyou
3. Moneyou <3 Serverless
We believe Serverless greatly improves
• Time to market of solutions built
• Ability to maintain the software we built
• Focus on delivering customer value
• Ability to demonstrate we are compliant
4. AWS Services typically used at Moneyou
• Some satisfy functional requirements
API GW, Lambda, DynamoDB, Step Functions
• Some satisfy nonfunctional requirements
SQS, SNS, CloudWatch
• Some satisfy IT Security requirements
Secrets Manager, IAM and AWS Organizations
Serverless, not FaaS
5. Serverless, not FaaS
Serverless services have:
• Inherently scalable
• Highly available
• Pay per use / no capacity planning
• Host security by AWS
• Compliant under PCI, SOC, ISO & others
6. AWS Organizations
• Account management service
• Provides API to create new AWS accounts
• Central insight in billing & cost analysis
• Hierarchically organize AWS accounts
• Apply policies to accounts
7. Probably for the same reason you don’t run
production software on development environments.
Why have multiple AWS accounts?
8. Why have multiple AWS accounts?
Benefits of a multi account setup
• Limited blast radius – because mistakes can happen
• Security boundary – simplifies implementing least privilege
• Data governance – control access to GDPR governed data
• Scalability – every account gets their own resource limits
• Cost monitoring – without tagging
https://dev.to/oconijn/off-to-a-great-start-with-aws-organizations-1i74
😲
9. Why have multiple AWS accounts?
Typical Serverless application design
• Resources: API GW, Lambda, SNS, Dynamo DB
• Services: Unit of deployment, high cohesion (within), low coupling
• Product: Value delivered to customer, multiple environments
By default, all resources within an account can be accessed by other
resources within that account (resource policy).
🤯
10. Why not use AWS Organization?
Reasons not to use AWS Organizations
• Didn’t know – well, not anymore
• Don’t care – fair enough
• Too Complex – we’ve fixed this
> npm i aws-organization-formation -g
11. AWS Organization Formation
Three main use cases
1. Infrastructure as code for AWS Organizations
2. Continuous delivery of account baseline
3. Cross account, cross region annotated CloudFormation
13. Infra as code for AWS Organizations
Support for
1. Infra as code support for AWS Organizations resources
2. Creating AWS Accounts, OUs and SCPs
3. Multiple models per AWS Organization
4. Setting up Account IAM Alias, Password Policy and Enterprise Support
5. Change sets that can be reviewed and applied
17. Organization annotated CloudFormation
Support for
1. Deploying CloudFormation resources to multiple accounts
2. Referencing organization resources and attributes
3. Resolving !Ref across target AWS Accounts and Regions
4. Generating resources / producing resources `for-each` account in binding
18. Organization annotated CloudFormation
Comparison with CloudFormation StackSets
1. Both deploy stacks across multiple accounts / regions
2. Org-formation deploys stacks based on different parts of single templates
3. Org-formation supports cross account / cross region !Ref, !GetAtt
4. Support for CloudFormation, serverless.com, CDK
19. Thank you!
• No time like the current to get started with AWS Organizations!
• Try org-formation at
https://github.com/OlafConijn/AwsOrganizationFormation
• Reach out over email: olaf.conijn at moneyou.nl
• Questions, issues, stars & PRs are welcome!