The document discusses operational excellence for identity and access management using an AWS Landing Zone solution, which automates the setup of new AWS multi-account environments based on best practices and recommendations and provides initial security, governance, and shared service controls. It describes the components of the AWS Landing Zone including AWS Organizations, AWS Config, and IAM and how labs can be used to demonstrate creating guardrails, applying governance, and handling drift across accounts to meet security and operational goals.
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Amazon Web Services
In this session, learn how an AWS HPC customer in the life sciences domain runs some of their largest HPC workloads and machine learning (ML)-based workloads on AWS. Learn how the customer is using AWS technologies to build their imaging processing cluster and how they identify critical features that would never have been possible with on-premises infrastructure.
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Amazon Web Services
You may have heard of the buzzwords “chaos engineering” and “containers.” But what do they have to do with each other? In this session, we introduce chaos engineering and share a live demo of how to practice chaos engineering principles on AWS. We walk through chaos engineering practices, tools, and success metrics you can use to inject failures in order to make your systems more reliable.
Petabyte-Scale Migration to Amazon S3 Building Photobox's Data Lake (STG393) ...Amazon Web Services
Large-scale migration to the cloud can be complex and time-consuming. AWS solutions, like AWS Snowball, AWS Snowball Edge, and AWS Snowmobile, help customers move petabytes of data cost-effectively and without saturating a network connection for months at a time. In this chalk talk, hear about a real-world scenario with AWS customer, Photobox, Europe's leading provider of photobooks and other personalized items, which migrated over 10 PB of data to Amazon S3 and Amazon Glacier using Snowball Edge to build its data lake. The technical architects responsible for this migration are available to answer detailed questions.
Enterprise Governance and Security Build Your AWS Landing Zone (SEC315) - AWS...Amazon Web Services
In this workshop, we present best practices for establishing an AWS Landing Zone. You will see a demonstration of the automated AWS Landing Zone solution and how it builds a multi-account architecture that is enterprise-ready for application deployment and compliant with common operations, security, and procurement processes, as well as experience how to modify the code for custom deployments. You will leave the workshop with an understanding of the mechanism to update the Landing Zone using a CI/CD pipeline, how to create new AWS accounts using the built-in account vending machine, and how the AWS Landing Zone solution components integrate to provide a secure, scalable starting environment for your cloud journey. We encourage you to attend the full AWS Landing Zone track. Search for #awslandingzone in the session catalog.
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
In this workshop, we illustrate how to set up your own resiliency testing. We set up a simple three-tier architecture and explore the failure modes with Bash and Python scripts. To participate, you need an account that can run AWS CloudFormation, AWS Step Functions, AWS Lambda, Application Load Balancers, Amazon EC2, Amazon RDS (MySQL), and the AWS Database Migration Service, and Route53.
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Amazon Web Services
In this session, learn how an AWS HPC customer in the life sciences domain runs some of their largest HPC workloads and machine learning (ML)-based workloads on AWS. Learn how the customer is using AWS technologies to build their imaging processing cluster and how they identify critical features that would never have been possible with on-premises infrastructure.
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Amazon Web Services
You may have heard of the buzzwords “chaos engineering” and “containers.” But what do they have to do with each other? In this session, we introduce chaos engineering and share a live demo of how to practice chaos engineering principles on AWS. We walk through chaos engineering practices, tools, and success metrics you can use to inject failures in order to make your systems more reliable.
Petabyte-Scale Migration to Amazon S3 Building Photobox's Data Lake (STG393) ...Amazon Web Services
Large-scale migration to the cloud can be complex and time-consuming. AWS solutions, like AWS Snowball, AWS Snowball Edge, and AWS Snowmobile, help customers move petabytes of data cost-effectively and without saturating a network connection for months at a time. In this chalk talk, hear about a real-world scenario with AWS customer, Photobox, Europe's leading provider of photobooks and other personalized items, which migrated over 10 PB of data to Amazon S3 and Amazon Glacier using Snowball Edge to build its data lake. The technical architects responsible for this migration are available to answer detailed questions.
Enterprise Governance and Security Build Your AWS Landing Zone (SEC315) - AWS...Amazon Web Services
In this workshop, we present best practices for establishing an AWS Landing Zone. You will see a demonstration of the automated AWS Landing Zone solution and how it builds a multi-account architecture that is enterprise-ready for application deployment and compliant with common operations, security, and procurement processes, as well as experience how to modify the code for custom deployments. You will leave the workshop with an understanding of the mechanism to update the Landing Zone using a CI/CD pipeline, how to create new AWS accounts using the built-in account vending machine, and how the AWS Landing Zone solution components integrate to provide a secure, scalable starting environment for your cloud journey. We encourage you to attend the full AWS Landing Zone track. Search for #awslandingzone in the session catalog.
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
In this workshop, we illustrate how to set up your own resiliency testing. We set up a simple three-tier architecture and explore the failure modes with Bash and Python scripts. To participate, you need an account that can run AWS CloudFormation, AWS Step Functions, AWS Lambda, Application Load Balancers, Amazon EC2, Amazon RDS (MySQL), and the AWS Database Migration Service, and Route53.
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018Amazon Web Services
Attend this chalk talk to learn how we use Amazon WorkSpaces to power the hands-on lab and certification environments at AWS re:Invent. During re:Invent 2018, tens of thousands of customers will come through the Hands-On Labs experience and use over one hundred thousand hours of lab time, all through Amazon WorkSpaces. We build the environment in three days, run it for a week, and tear it all down in an afternoon. This chalk talk provides the inside story for how we build the Amazon WorkSpaces environment to support the Hands-On Labs, from deployment to managing peak operations, and then to a fast and easy tear-down.
AWS Storage Leadership Session: What's New in Amazon S3, Amazon EFS, Amazon E...Amazon Web Services
Mai-Lan Tomsen Bukovec, VP of Amazon S3, introduces the latest innovations across all AWS storage services. In this keynote address, we announce new storage capabilities, and we talk about features and services that make AWS storage unique. We focus on new innovations in object storage, file storage, block storage, and data transfer services. You also hear from executives from companies that are major AWS storage customers, Sony and Expedia, about how they're using AWS storage to create a competitive advantage in their businesses.
Learn about the threat detection capabilities of Amazon GuardDuty and the available remediation options by walking through some real-world threat scenarios. First, explore a scenario where an Amazon EC2 instance is compromised, then one where IAM credentials are compromised. In each scenario, we explore a method to remediate the threat. We use the following services: AWS CloudFormation, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch events, Amazon SNS, Amazon S3, AWS Lambda, and, of course, Amazon GuardDuty. Be sure you have an AWS account. This should be your own personal account and not one through your company. We provide AWS credits to help cover any costs incurred during the lab.
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
AWS Lambda enables you to run code without provisioning or managing servers in an AWS Region. Lambda@Edge provides the same benefits, but runs closer to your end users, enabling you to assemble and deliver content, on-demand, to create low-latency web experiences. Come and join us for examples of how customers can move significant workloads they previously managed with server fleets to truly serverless website backends. Sentient Technologies, an artificial intelligence technology company, will share how they use Lambda@Edge for solving various use cases such as leveraging AI to improve customer engagement and uplift website conversions, and many more.
AWS and Symantec: Cyber Defense at Scale (SEC311-S) - AWS re:Invent 2018Amazon Web Services
Learn how Symantec uses AWS to provide complete, integrated security solutions that monitor and protect companies and governments from hackers. Hear about lessons learned from how Symantec scaled up its infrastructure to analyze billions of logs every day to detect the world’s most sophisticated cyber attacks, and you’ll see how Symantec integrates with native AWS services, like Amazon GuardDuty, AWS Lambda, and AWS Systems Manager, into its own security solutions to provide even better security in the cloud. This session is brought to you by AWS partner, Symantec Corporation.
The Executive Security Simulation takes senior security management and IT/business executive teams through an experiential exercise that illuminates key decision points for a successful and secure cloud journey. During this team-based, game-like competitive simulation, participants leverage an industry case study to make strategic security, risk, and compliance time-based decisions and investments. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. Join this workshop to gain an understanding of the major success factors to lead security, risk, and compliance in the cloud, and learn applicable decision and investment approaches to specific secure cloud adoption journeys. AWS facilitators translate lessons learned in the simulation into real-life examples and practical advice for your team.
Optimize Performance and Reduce Risk Using AWS Support Tools (ENT316-R1) - AW...Amazon Web Services
To help manage the risk of downtime, AWS Support offers tools, such as Personal Health Dashboard (PHD) and Trusted Advisor (TA), that enable you to monitor your environments and automate actions for compliance with best practices. In this session, we review how AWS Support tools monitor your resources, provide alerts for issues, and automate best practice recommendations and remediation. We also showcase the integration of these tools with Alexa for Business to make it easier to access information about your AWS environment just by asking Alexa. Join us to see how you can optimize your AWS environment and reduce risk by implementing automation of AWS best practice recommendations from with AWS Support tools. Bring your own laptop.
Container Security and Avoiding the 2 A.M. Call (CON303-R1) - AWS re:Invent 2018Amazon Web Services
Containers are becoming one of the new normal infrastructures for deploying applications. One of the challenges that customers face is how to secure their applications. Traditional security practices and tools are designed for applications running directly on the hosts, whereas containers are virtualized and multi-tenant. In this session, learn about techniques that can be used to secure hosts, containers themselves, and the applications hosted in individual containers. We look at using Amazon ECS with Amazon EC2, AWS Fargate, and Amazon EKS, and we discuss what techniques and best practices to employ as part of CI/CD processes and for running applications.
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018Amazon Web Services
Today, more teams are adopting continuous integration (CI) techniques to enable collaboration, increase agility, and deliver a high-quality product faster. Cloud-based development tools such as AWS CodeCommit and AWS CodeBuild can enable teams to easily adopt CI practices without the need to manage infrastructure. In this session, we showcase best practices for code reviews and continuous integration, drawing on practices used by Amazon engineering teams. We’ll incorporate demos to not just explain the practices but show you how.
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018Amazon Web Services
DevOps is a powerful movement that can help enterprises speed up their rate of innovation. But many large organizations struggle to implement DevOps at scale due to conflicts (real and perceived) with existing IT processes. Enterprise DevOps is the convergence of the speed and agility from modern development processes with the governance, security, and compliance control from traditional IT operations processes. In this session, learn how to implement enterprise DevOps in your organization through building a culture of inclusion, common sense, and continuous improvement. Also learn how to incorporate the knowledge from subject matter experts across your business into your automated DevOps guardrails to create the positive feedback loop we call "patterns of efficiency." This session contains actionable advice for leaders from IT as well as finance, compliance, and security departments.
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...Amazon Web Services
Performing forensics on AWS resources is a new experience for many customers who might have older runbooks based on on-premises workflows using manual steps, or perhaps no processes in place at all. In this session, get a deeper insight into the various runbooks to perform practical forensic tasks on AWS resources like Amazon EC2 instances, using a combination of industry tooling, AWS serverless services like AWS Lambda and AWS Step Functions, and managed services like Amazon Athena.
Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...Amazon Web Services
This session will focus on how leveraging Fargate and its serverless approach to deploying and managing containers will help increase operational efficiencies and reduce the time to ramp up your operations to run production containerized workloads. Datree will share their journey to adopt containers and the steps they were able to accelerate and avoid by using Fargate as well do a demo.
Secure your AWS Account and your Organization's Accounts Amazon Web Services
The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.
A Chronicle of Airbnb Architecture Evolution (ARC407) - AWS re:Invent 2018Amazon Web Services
Airbnb is going through tremendous growth internationally, evolving from a home sharing company to a global travel community with many product offerings. The growth driven by the business, increase in traffic, and aggressive hiring created a new challenge for the Production Infrastructure Team. The team has grown from a small team of 10 to a production platform organization with 100 engineers that builds foundational services that support homes, experiences, luxury, and China. We shifted our priority and focus to move away from putting out fires to building a platform that can grow with the company. In this session, we chronicle Airbnb’s architectural evolution that aligns with organizational growth strategy, and review how we overcame different architectural challenges leveraging AWS technologies.
[NEW LAUNCH!] Scaling Tightly-coupled HPC workloads on HPC with Elastic Fabri...Amazon Web Services
Elastic Fabric Adapter (EFA) is a network interface for Amazon EC2 instances that enables customers to run HPC applications requiring high levels of inter-instance communications, like computational fluid dynamics, weather modeling, and reservoir simulation, at scale on AWS. It uses a custom-built operating system bypass technique to enhance the performance of inter-instance communications, which is critical to scaling HPC applications. With EFA, HPC applications using popular HPC technologies like Message Passing Interface (MPI) can scale to thousands of CPU cores. Get a deep dive on EFA and learn how to use EFA to enhance application performance for your HPC workloads.
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and availability zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
ProTips for Scaling AWS Training to Accelerate Adoption (DVC203) - AWS re:Inv...Amazon Web Services
Learn the tips, techniques, and tricks for accelerating your team's cloud transformation with an education framework that scales. As director of cloud engineering at Capital One, Drew Firment founded a cloud engineering college that was integrated within a Cloud Center of Excellence. As the Dean of Cloud Computing, Drew earned a patent for measuring cloud maturity and demonstrated how cloud education program can accelerate adoption. Come to this session to hear key lessons from his experience, and learn how to apply the framework to your organization’s cloud transformation journey. This session is part of re:Invent Developer Community Day, a series led by AWS enthusiasts who share first-hand, technical insights on trending topics.
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...Amazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days. There will be code giveaways and more!
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018Amazon Web Services
Attend this chalk talk to learn how we use Amazon WorkSpaces to power the hands-on lab and certification environments at AWS re:Invent. During re:Invent 2018, tens of thousands of customers will come through the Hands-On Labs experience and use over one hundred thousand hours of lab time, all through Amazon WorkSpaces. We build the environment in three days, run it for a week, and tear it all down in an afternoon. This chalk talk provides the inside story for how we build the Amazon WorkSpaces environment to support the Hands-On Labs, from deployment to managing peak operations, and then to a fast and easy tear-down.
AWS Storage Leadership Session: What's New in Amazon S3, Amazon EFS, Amazon E...Amazon Web Services
Mai-Lan Tomsen Bukovec, VP of Amazon S3, introduces the latest innovations across all AWS storage services. In this keynote address, we announce new storage capabilities, and we talk about features and services that make AWS storage unique. We focus on new innovations in object storage, file storage, block storage, and data transfer services. You also hear from executives from companies that are major AWS storage customers, Sony and Expedia, about how they're using AWS storage to create a competitive advantage in their businesses.
Learn about the threat detection capabilities of Amazon GuardDuty and the available remediation options by walking through some real-world threat scenarios. First, explore a scenario where an Amazon EC2 instance is compromised, then one where IAM credentials are compromised. In each scenario, we explore a method to remediate the threat. We use the following services: AWS CloudFormation, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch events, Amazon SNS, Amazon S3, AWS Lambda, and, of course, Amazon GuardDuty. Be sure you have an AWS account. This should be your own personal account and not one through your company. We provide AWS credits to help cover any costs incurred during the lab.
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
AWS Lambda enables you to run code without provisioning or managing servers in an AWS Region. Lambda@Edge provides the same benefits, but runs closer to your end users, enabling you to assemble and deliver content, on-demand, to create low-latency web experiences. Come and join us for examples of how customers can move significant workloads they previously managed with server fleets to truly serverless website backends. Sentient Technologies, an artificial intelligence technology company, will share how they use Lambda@Edge for solving various use cases such as leveraging AI to improve customer engagement and uplift website conversions, and many more.
AWS and Symantec: Cyber Defense at Scale (SEC311-S) - AWS re:Invent 2018Amazon Web Services
Learn how Symantec uses AWS to provide complete, integrated security solutions that monitor and protect companies and governments from hackers. Hear about lessons learned from how Symantec scaled up its infrastructure to analyze billions of logs every day to detect the world’s most sophisticated cyber attacks, and you’ll see how Symantec integrates with native AWS services, like Amazon GuardDuty, AWS Lambda, and AWS Systems Manager, into its own security solutions to provide even better security in the cloud. This session is brought to you by AWS partner, Symantec Corporation.
The Executive Security Simulation takes senior security management and IT/business executive teams through an experiential exercise that illuminates key decision points for a successful and secure cloud journey. During this team-based, game-like competitive simulation, participants leverage an industry case study to make strategic security, risk, and compliance time-based decisions and investments. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. Join this workshop to gain an understanding of the major success factors to lead security, risk, and compliance in the cloud, and learn applicable decision and investment approaches to specific secure cloud adoption journeys. AWS facilitators translate lessons learned in the simulation into real-life examples and practical advice for your team.
Optimize Performance and Reduce Risk Using AWS Support Tools (ENT316-R1) - AW...Amazon Web Services
To help manage the risk of downtime, AWS Support offers tools, such as Personal Health Dashboard (PHD) and Trusted Advisor (TA), that enable you to monitor your environments and automate actions for compliance with best practices. In this session, we review how AWS Support tools monitor your resources, provide alerts for issues, and automate best practice recommendations and remediation. We also showcase the integration of these tools with Alexa for Business to make it easier to access information about your AWS environment just by asking Alexa. Join us to see how you can optimize your AWS environment and reduce risk by implementing automation of AWS best practice recommendations from with AWS Support tools. Bring your own laptop.
Container Security and Avoiding the 2 A.M. Call (CON303-R1) - AWS re:Invent 2018Amazon Web Services
Containers are becoming one of the new normal infrastructures for deploying applications. One of the challenges that customers face is how to secure their applications. Traditional security practices and tools are designed for applications running directly on the hosts, whereas containers are virtualized and multi-tenant. In this session, learn about techniques that can be used to secure hosts, containers themselves, and the applications hosted in individual containers. We look at using Amazon ECS with Amazon EC2, AWS Fargate, and Amazon EKS, and we discuss what techniques and best practices to employ as part of CI/CD processes and for running applications.
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018Amazon Web Services
Today, more teams are adopting continuous integration (CI) techniques to enable collaboration, increase agility, and deliver a high-quality product faster. Cloud-based development tools such as AWS CodeCommit and AWS CodeBuild can enable teams to easily adopt CI practices without the need to manage infrastructure. In this session, we showcase best practices for code reviews and continuous integration, drawing on practices used by Amazon engineering teams. We’ll incorporate demos to not just explain the practices but show you how.
Enterprise DevOps: Patterns of Efficiency (ENT311-R1) - AWS re:Invent 2018Amazon Web Services
DevOps is a powerful movement that can help enterprises speed up their rate of innovation. But many large organizations struggle to implement DevOps at scale due to conflicts (real and perceived) with existing IT processes. Enterprise DevOps is the convergence of the speed and agility from modern development processes with the governance, security, and compliance control from traditional IT operations processes. In this session, learn how to implement enterprise DevOps in your organization through building a culture of inclusion, common sense, and continuous improvement. Also learn how to incorporate the knowledge from subject matter experts across your business into your automated DevOps guardrails to create the positive feedback loop we call "patterns of efficiency." This session contains actionable advice for leaders from IT as well as finance, compliance, and security departments.
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...Amazon Web Services
Performing forensics on AWS resources is a new experience for many customers who might have older runbooks based on on-premises workflows using manual steps, or perhaps no processes in place at all. In this session, get a deeper insight into the various runbooks to perform practical forensic tasks on AWS resources like Amazon EC2 instances, using a combination of industry tooling, AWS serverless services like AWS Lambda and AWS Step Functions, and managed services like Amazon Athena.
Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...Amazon Web Services
This session will focus on how leveraging Fargate and its serverless approach to deploying and managing containers will help increase operational efficiencies and reduce the time to ramp up your operations to run production containerized workloads. Datree will share their journey to adopt containers and the steps they were able to accelerate and avoid by using Fargate as well do a demo.
Secure your AWS Account and your Organization's Accounts Amazon Web Services
The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.
A Chronicle of Airbnb Architecture Evolution (ARC407) - AWS re:Invent 2018Amazon Web Services
Airbnb is going through tremendous growth internationally, evolving from a home sharing company to a global travel community with many product offerings. The growth driven by the business, increase in traffic, and aggressive hiring created a new challenge for the Production Infrastructure Team. The team has grown from a small team of 10 to a production platform organization with 100 engineers that builds foundational services that support homes, experiences, luxury, and China. We shifted our priority and focus to move away from putting out fires to building a platform that can grow with the company. In this session, we chronicle Airbnb’s architectural evolution that aligns with organizational growth strategy, and review how we overcame different architectural challenges leveraging AWS technologies.
[NEW LAUNCH!] Scaling Tightly-coupled HPC workloads on HPC with Elastic Fabri...Amazon Web Services
Elastic Fabric Adapter (EFA) is a network interface for Amazon EC2 instances that enables customers to run HPC applications requiring high levels of inter-instance communications, like computational fluid dynamics, weather modeling, and reservoir simulation, at scale on AWS. It uses a custom-built operating system bypass technique to enhance the performance of inter-instance communications, which is critical to scaling HPC applications. With EFA, HPC applications using popular HPC technologies like Message Passing Interface (MPI) can scale to thousands of CPU cores. Get a deep dive on EFA and learn how to use EFA to enhance application performance for your HPC workloads.
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and availability zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
ProTips for Scaling AWS Training to Accelerate Adoption (DVC203) - AWS re:Inv...Amazon Web Services
Learn the tips, techniques, and tricks for accelerating your team's cloud transformation with an education framework that scales. As director of cloud engineering at Capital One, Drew Firment founded a cloud engineering college that was integrated within a Cloud Center of Excellence. As the Dean of Cloud Computing, Drew earned a patent for measuring cloud maturity and demonstrated how cloud education program can accelerate adoption. Come to this session to hear key lessons from his experience, and learn how to apply the framework to your organization’s cloud transformation journey. This session is part of re:Invent Developer Community Day, a series led by AWS enthusiasts who share first-hand, technical insights on trending topics.
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...Amazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days. There will be code giveaways and more!
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
Securing your workload in alignment with best practices is necessary to protect information, systems and assets while delivering business value through risk assessments and mitigation strategies. In this tech talk, we’ll walk you through how to secure your workload using AWS Identity & Access Management, AWS CloudTrail, Amazon GuardDuty and AWS Config services.
Securing Your Customers Data From Day One
Speaker: Bruce Wang
Security by design principles include implement a strong identity foundation, enabling traceability, applying security at all layers, automating security best practices, protecting data (in transit and at rest) , preparing for security event
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOneAmazon Web Services
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: operating systems, services and applications control responsibilities, the automation of security baselines, the configuration of security, and the auditing of controls for AWS customer infrastructure. You'll learn key principles of how to build a secure organization and protect your customers' data. Don't wait until your first security incident before putting these best practices in place.
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers data. Don't wait until your first security incident before putting these best practices in place.
AWS STARTUP DAY 2018 I Securing Your Customer Data From Day OneAWS Germany
All companies should build with security and protection of customer data as the number one priority. This talk will cover a wide range of best practices from MFA, root accounts, encrypting laptops, inventory management, MDM, and incident response. You'll learn key principles of how to build a secure organization to protect your data. Don't wait until your first security incident before putting these best practices in place.
Artificial Intelligence (AI) is transforming the world around us. At Amazon.com, we use Artificial Intelligence to improve customer experience, grow its business and optimize its operations. In this session, two local startups will share about their journey on building an AI company and their vision on how their technology is going to disrupt the world.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
In this session, learn how LogMeIn moves quickly and stays secure through the power of automation on AWS. We walk through core AWS security building blocks, such as IAM, AWS CloudTrail, AWS Config, and Amazon CloudWatch. We dive deep into LogMeIn’s approach for empowering developers on AWS while also meeting required security controls.
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
What if security became the reason to move an application to the cloud? Historically, security has been a necessary afterthought. Today, with AWS, security is moving from obligation to advantage. Here, you'll get a glimpse of tools and techniques that enterprise customers are using today to secure their AWS environments at scale.
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
The AWS Landing Zone solution provides a consolidated collection of AWS best practices, prescriptive guidance, and templates for automatically configuring and securing AWS multi-accounts, networks, and core services. In this workshop, you will learn the Landing Zone solution design. With your laptop, you will go through demonstrations of AWS Landing Zone deployment, automated new account creation using the built-in account vending machine, and Landing Zone customization for additional services. You will leave the workshop with an understanding of the AWS Landing Zone solution mechanisms, CI/CD deployment pipeline, and Landing Zone extension methods. This workshop is intended for architects, IT administrators, and engineers of consulting and technology partners as well as customers who will design, deploy, extend, or operate AWS Landing Zones. We encourage you to attend the full AWS Landing Zone track including SEC303; search for #awslandingzone in the session catalog.
Landing Zones - Creating a Foundation for Your AWS MigrationsAmazon Web Services
Dean Samuels, Head of Solutions Architecture, Hong Kong & Taiwan, AWS
When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices.
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
One of the first questions that customers ask during their cloud journeys is how to establish and build AWS environments or landing zones. In this session, we discuss best practices for establishing a scalable approach and necessary landing zone framework. We present an overview of the approach and solutions to help you implement a landing zone. We also introduce the AWS Landing Zone, which is an automated solution for setting up a robust, flexible AWS environment, and we discuss how it reduces the time needed to get started. Finally, we provide a high level overview of AWS Control Tower and how it fits into the overall approach.
Similar to Operational Excellence for Identity & Access Management (SEC334) - AWS re:Invent 2018 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.