The document discusses serverless architectures and best practices. It covers topics like serverless foundations, web applications, stream processing, data lakes, and machine learning. It provides an overview of AWS serverless offerings and architectural patterns for building serverless applications and processing streaming data with services like AWS Lambda, Amazon API Gateway, Amazon Kinesis, Amazon S3, and AWS Step Functions.
How can you accelerate the delivery of new, high-quality services? How can you be able to experiment and get feedback quickly from your customers? To get the most out of the agility afforded by serverless and containers, it is essential to build CI/CD pipelines that help teams iterate on code and quickly release features. In this talk, we demonstrate how developers can build effective CI/CD release workflows to manage their serverless or containerized deployments on AWS. We cover infrastructure-as-code (IaC) application models, such as AWS Serverless Application Model (AWS SAM) and new imperative IaC tools. We also demonstrate how to set up CI/CD release pipelines with AWS CodePipeline and AWS CodeBuild, and we show you how to automate safer deployments with AWS CodeDeploy.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
Continuous Deployment Practices, with Production, Test and Development Enviro...Amazon Web Services
With AWS companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100% API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session we'll talk about some key concepts and design patterns for Continuous Deployment and Continuous Integration, two elements of lean development of applications and infrastructures.
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitAmazon Web Services
The AWS Cloud Development Kit (AWS CDK) is a multi-language, open-source framework from AWS that enables developers to harness the full power of modern programming languages to define reusable cloud components and provision applications built from those components using AWS CloudFormation. In this session, we quickly cover the basic concepts of the AWS CDK. We then develop an application using the AWS CDK. We show you how to use the AWS CDK to quickly assemble your AWS infrastructure using the new Python CDK that launched earlier this year. We explore the AWS Construct Library and show you how easy it is configure your cloud resources, manage permissions, connect event sources, and even build and publish your own constructs. Join us for a fun session with a heavy emphasis on live coding.
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Instrumenting Kubernetes for Observability Using AWS X-Ray and Amazon CloudWa...Amazon Web Services
In this hands-on workshop, we walk you through instrumenting container workloads running on the Amazon Elastic Container Service for Kubernetes (Amazon EKS). Learn how Amazon CloudWatch and the new AWS X-Ray capabilities enable you to quickly understand problem areas in your application and determine customer impact. To participate in this workshop, bring your laptop and have a nonproduction AWS account.
How can you accelerate the delivery of new, high-quality services? How can you be able to experiment and get feedback quickly from your customers? To get the most out of the agility afforded by serverless and containers, it is essential to build CI/CD pipelines that help teams iterate on code and quickly release features. In this talk, we demonstrate how developers can build effective CI/CD release workflows to manage their serverless or containerized deployments on AWS. We cover infrastructure-as-code (IaC) application models, such as AWS Serverless Application Model (AWS SAM) and new imperative IaC tools. We also demonstrate how to set up CI/CD release pipelines with AWS CodePipeline and AWS CodeBuild, and we show you how to automate safer deployments with AWS CodeDeploy.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
Continuous Deployment Practices, with Production, Test and Development Enviro...Amazon Web Services
With AWS companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100% API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session we'll talk about some key concepts and design patterns for Continuous Deployment and Continuous Integration, two elements of lean development of applications and infrastructures.
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitAmazon Web Services
The AWS Cloud Development Kit (AWS CDK) is a multi-language, open-source framework from AWS that enables developers to harness the full power of modern programming languages to define reusable cloud components and provision applications built from those components using AWS CloudFormation. In this session, we quickly cover the basic concepts of the AWS CDK. We then develop an application using the AWS CDK. We show you how to use the AWS CDK to quickly assemble your AWS infrastructure using the new Python CDK that launched earlier this year. We explore the AWS Construct Library and show you how easy it is configure your cloud resources, manage permissions, connect event sources, and even build and publish your own constructs. Join us for a fun session with a heavy emphasis on live coding.
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Instrumenting Kubernetes for Observability Using AWS X-Ray and Amazon CloudWa...Amazon Web Services
In this hands-on workshop, we walk you through instrumenting container workloads running on the Amazon Elastic Container Service for Kubernetes (Amazon EKS). Learn how Amazon CloudWatch and the new AWS X-Ray capabilities enable you to quickly understand problem areas in your application and determine customer impact. To participate in this workshop, bring your laptop and have a nonproduction AWS account.
Do you want to run your code without the cost and effort of provisioning and managing servers? Find out how in this deep dive session on AWS Lambda, which allows you to run code for virtually any type of application or back end service – all with zero administration. During the session, we’ll look at a number of key AWS Lambda features and benefits, including automated application scaling with high availability; pay-as-you-consume billing; and the ability to automatically trigger your code from other AWS services or from any web or mobile app.
From One to Many: Evolving VPC Design (ARC309-R1) - AWS re:Invent 2018Amazon Web Services
As more customers adopt Amazon VPC architectures, the features and flexibility of the service are encountering the obstacles of evolving design requirements. In this session, we follow the evolution of a single regional VPC to a multi-VPC, multi-region design with diverse connectivity into on-premises systems and infrastructure. Along the way, we investigate creative customer solutions for scaling and securing outbound VPC traffic, securing private access to Amazon S3, managing multi-tenant VPCs, integrating existing customer networks through AWS Direct Connect, and building a full VPC mesh network across global regions. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Today’s cutting edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous integration and delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes followed by Amazon engineers and discuss how you can bring them to your company by using a set of application lifecycle management tools from AWS: the newly announced AWS CodeBuild service, AWS CodePipeline, and AWS CodeDeploy.
AWS Lambda Tutorial For Beginners | What is AWS Lambda? | AWS Tutorial For Be...Simplilearn
This AWS Lambda Tutorial will help you understand what is AWS Lambda, why do we use AWS Lambda, how does AWS Lambda work, AWS Lambda concepts such as requests, containers and backups along with a demo on Backing up data on AWS S3 using AWS Lambda. AWS Lambda is an event-driven, serverless computing platform provided by Amazon as a part of the Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code. Now, let us deep dive into this presentation and understand what AWS Lambda actually is.
Below topics are explained in this AWS Lambda Tutorial:
1. Features of AWS Lambda
2. What is AWS Lambda?
3. Where is AWS Lambda used?
4. Use Case - Backing up data in S3 using AWS Lambda
This AWS certification training is designed to help you gain the in-depth understanding of Amazon Web Services (AWS) architectural principles and services. You will learn how cloud computing is redefining the rules of IT architecture and how to design, plan, and scale AWS Cloud implementations with best practices recommended by Amazon. The AWS Cloud platform powers hundreds of thousands of businesses in 190 countries, and AWS certified solution architects take home about $126,000 per year.
This AWS certification course will help you learn the key concepts, latest trends, and best practices for working with the AWS architecture – and become industry-ready AWS certified solutions architect to help you qualify for a position as a high-quality AWS professional.
The course begins with an overview of the AWS platform before diving into its individual elements: IAM, VPC, EC2, EBS, ELB, CDN, S3, EIP, KMS, Route 53, RDS, Glacier, Snowball, Cloudfront, Dynamo DB, Redshift, Auto Scaling, Cloudwatch, Elastic Cache, CloudTrail, and Security. Those who complete the course will be able to:
1. Formulate solution plans and provide guidance on AWS architectural best practices
2. Design and deploy scalable, highly available, and fault tolerant systems on AWS
3. Identify the lift and shift of an existing on-premises application to AWS
4. Decipher the ingress and egress of data to and from AWS
5. Select the appropriate AWS service based on data, compute, database, or security requirements
6. Estimate AWS costs and identify cost control mechanisms
This AWS course is recommended for professionals who want to pursue a career in Cloud computing or develop Cloud applications with AWS. You’ll become an asset to any organization, helping leverage best practices around advanced cloud-based solutions and migrate existing workloads to the cloud.
Learn more at: https://www.simplilearn.com/
Amazon Web Services (AWS) approaches security using a shared responsibility model with our customers. We manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. As part of that model, our customers are responsible for building secure applications. We will provide a complete walkthrough from a blank canvas to a secure architecture from a development perspective. No matter the size of your team, you can implement your IT solutions using industry wide best security practices.
[NEW LAUNCH!] Deep Dive on Amazon FSx for Windows File Server (STG322-R) - AW...Amazon Web Services
If you have compute-intensive workloads like high performance computing, machine learning, and media processing then this is the workshop for you! Our new file storage service, Amazon FSx for Lustre, provides compute-optimized storage with fully managed Lustre file systems that can deliver hundreds of gigabytes of throughput and sub-millisecond latencies. You will learn how to spin up an FSx for Lustre file system in minutes, feed data to it from an S3 data lake, run analyses while writing results back to S3, and then spin down the file system once the workload is finished.
Cloud Migration 과 Modernization 을 위한 30가지 아이디어-박기흥, AWS Migrations Specialist...Amazon Web Services Korea
규모의 경제에서 속도의 경제로 이동하고 있는 요즘, 기업의 경쟁우위를 위하여 클라우드 마이그레이션과 애플리케이션 및 프로세스 현대화는 생존을 위한 필수조건이 되었습니다. 본 세션에서는 마이그레이션과 현대화를 위한 30여 가지 아이디어를 살펴보고자 합니다. 제약 이론, 도요타 생산방식과 같이 개선을 위한 기반 사상에서 DevOps, FinOps, SRE 등의 프랙티스와 그를 구성하는 SLA, Loosely Couple Architecture, CI/CD 등의 메카니즘, 그리고 마이그레이션을 위한 Transitional Architecture, Data Migration Architecture 등 30여 가지 아이디어를 공유합니다.
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
"Cloud infrastructure design is complex and makes even the most straight-forward topics, such as Identity and Access Management (IAM), non-trivial and confusing and therefore, full of security risk. While AWS IAM provides for access via console and API/CLI using access keys, there is also a temporary security tokens feature, designed for secure temporary access. However, temporary tokens have multiple security pot-holes that can lead to exploits.
I'll explore the limitations of temporary tokens including:
- the lack of visibility/management
- minimal logging
- limited remediation options
and how this can be taken advantage of, especially in combination with other techniques such as assuming of roles, pre-signed URLs, log attacks, and serverless functions to achieve persistence, lateral movement, and obfuscation.
In addition, I’ll look at common defensive techniques and best practices around lockdown, provisioning, logging and alerting to see whether these are practical and can shift the field."
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
CI/CD for a Docker Node.JS application using Code* services. This session will walkthrough what a solution like this would look like, what Code* services are used, how your build will work, and how deploys will work. The purpose of this session is to allow customers to see how to deploy their containerized applications in Amazon Elastic Container Service (ECS) Fargate using our CI/CD solutions. Come with your questions and pain points. We will also talk about how to use Bitbucket as your source control rather than Code Commit for the many customers already using BitBucket and Jenkins.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Designing security & governance via AWS Control Tower & Organizations - SEC30...Amazon Web Services
Whether it is per business unit or per application, many AWS customers use multiple accounts to meet their infrastructure isolation, separation of duties, and billing requirements. In this session, we cover considerations, limitations, and security patterns when building a multi-account strategy. We explore topics such as thought pattern, identity federation, cross-account roles, consolidated logging, and account governance. We conclude by presenting an enterprise-ready landing-zone framework and providing the background needed to implement an AWS Landing Zone using AWS Control Tower and AWS Organizations.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
by Omar Lari, Partner Solutions Architect, AWS
Amazon Elastic Container Service for Kubernetes (Amazon EKS) is a new managed service for running Kubernetes on AWS. This session will provide an overview of Amazon EKS, why we built it, and how it works.
Serverless Architecture - Design Patterns and Best PracticesAmazon Web Services
As serverless architectures become more popular, customers are looking for a framework of patterns to help them identify how they can leverage AWS to deploy their workloads without managing servers or operating systems.
This webinar session describes reusable serverless patterns. For each pattern, operational and security best practices with potential pitfalls and nuances will be described. The patterns involve services including but not limited to AWS Lambda, Amazon API Gateway, Amazon Kinesis Data Streams and Data Firehose, Amazon DynamoDB, Amazon S3, AWS Step Functions, AWS Config, AWS X-Ray, and Amazon Athena.
This session can help audience recognise candidates for various serverless architectures in an organisation and understand areas of potential savings and increased agility. For example, using X-Ray in Lambda for tracing and operational insight; a pattern on high performance computing (HPC) using Lambda at scale; Step Functions as a way to handle orchestration for both the Automation and Batch patterns; a pattern for Security Automation using AWS Config rules to detect and automatically remediate violations of security standards; CI/CD development pipelines for serverless, which includes testing, deploying, and versioning (SAM tools); working with services from AI/ML area; plus tips to optimise Lambda functions for performance and cost-effectiveness.
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities. In this session, you will learn about serverless architectures, their benefits, and the basics of the AWS’s serverless stack (e.g., AWS Lambda, Amazon API Gateway, and AWS Step Functions). We will discuss how to use serverless architectures for a variety of use cases including data processing, website backends, serverless applications, and “operational glue.” You will also get practical tips and tricks, best practices, and architecture patterns that you can take back and implement immediately.
Do you want to run your code without the cost and effort of provisioning and managing servers? Find out how in this deep dive session on AWS Lambda, which allows you to run code for virtually any type of application or back end service – all with zero administration. During the session, we’ll look at a number of key AWS Lambda features and benefits, including automated application scaling with high availability; pay-as-you-consume billing; and the ability to automatically trigger your code from other AWS services or from any web or mobile app.
From One to Many: Evolving VPC Design (ARC309-R1) - AWS re:Invent 2018Amazon Web Services
As more customers adopt Amazon VPC architectures, the features and flexibility of the service are encountering the obstacles of evolving design requirements. In this session, we follow the evolution of a single regional VPC to a multi-VPC, multi-region design with diverse connectivity into on-premises systems and infrastructure. Along the way, we investigate creative customer solutions for scaling and securing outbound VPC traffic, securing private access to Amazon S3, managing multi-tenant VPCs, integrating existing customer networks through AWS Direct Connect, and building a full VPC mesh network across global regions. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Today’s cutting edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous integration and delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes followed by Amazon engineers and discuss how you can bring them to your company by using a set of application lifecycle management tools from AWS: the newly announced AWS CodeBuild service, AWS CodePipeline, and AWS CodeDeploy.
AWS Lambda Tutorial For Beginners | What is AWS Lambda? | AWS Tutorial For Be...Simplilearn
This AWS Lambda Tutorial will help you understand what is AWS Lambda, why do we use AWS Lambda, how does AWS Lambda work, AWS Lambda concepts such as requests, containers and backups along with a demo on Backing up data on AWS S3 using AWS Lambda. AWS Lambda is an event-driven, serverless computing platform provided by Amazon as a part of the Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code. Now, let us deep dive into this presentation and understand what AWS Lambda actually is.
Below topics are explained in this AWS Lambda Tutorial:
1. Features of AWS Lambda
2. What is AWS Lambda?
3. Where is AWS Lambda used?
4. Use Case - Backing up data in S3 using AWS Lambda
This AWS certification training is designed to help you gain the in-depth understanding of Amazon Web Services (AWS) architectural principles and services. You will learn how cloud computing is redefining the rules of IT architecture and how to design, plan, and scale AWS Cloud implementations with best practices recommended by Amazon. The AWS Cloud platform powers hundreds of thousands of businesses in 190 countries, and AWS certified solution architects take home about $126,000 per year.
This AWS certification course will help you learn the key concepts, latest trends, and best practices for working with the AWS architecture – and become industry-ready AWS certified solutions architect to help you qualify for a position as a high-quality AWS professional.
The course begins with an overview of the AWS platform before diving into its individual elements: IAM, VPC, EC2, EBS, ELB, CDN, S3, EIP, KMS, Route 53, RDS, Glacier, Snowball, Cloudfront, Dynamo DB, Redshift, Auto Scaling, Cloudwatch, Elastic Cache, CloudTrail, and Security. Those who complete the course will be able to:
1. Formulate solution plans and provide guidance on AWS architectural best practices
2. Design and deploy scalable, highly available, and fault tolerant systems on AWS
3. Identify the lift and shift of an existing on-premises application to AWS
4. Decipher the ingress and egress of data to and from AWS
5. Select the appropriate AWS service based on data, compute, database, or security requirements
6. Estimate AWS costs and identify cost control mechanisms
This AWS course is recommended for professionals who want to pursue a career in Cloud computing or develop Cloud applications with AWS. You’ll become an asset to any organization, helping leverage best practices around advanced cloud-based solutions and migrate existing workloads to the cloud.
Learn more at: https://www.simplilearn.com/
Amazon Web Services (AWS) approaches security using a shared responsibility model with our customers. We manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. As part of that model, our customers are responsible for building secure applications. We will provide a complete walkthrough from a blank canvas to a secure architecture from a development perspective. No matter the size of your team, you can implement your IT solutions using industry wide best security practices.
[NEW LAUNCH!] Deep Dive on Amazon FSx for Windows File Server (STG322-R) - AW...Amazon Web Services
If you have compute-intensive workloads like high performance computing, machine learning, and media processing then this is the workshop for you! Our new file storage service, Amazon FSx for Lustre, provides compute-optimized storage with fully managed Lustre file systems that can deliver hundreds of gigabytes of throughput and sub-millisecond latencies. You will learn how to spin up an FSx for Lustre file system in minutes, feed data to it from an S3 data lake, run analyses while writing results back to S3, and then spin down the file system once the workload is finished.
Cloud Migration 과 Modernization 을 위한 30가지 아이디어-박기흥, AWS Migrations Specialist...Amazon Web Services Korea
규모의 경제에서 속도의 경제로 이동하고 있는 요즘, 기업의 경쟁우위를 위하여 클라우드 마이그레이션과 애플리케이션 및 프로세스 현대화는 생존을 위한 필수조건이 되었습니다. 본 세션에서는 마이그레이션과 현대화를 위한 30여 가지 아이디어를 살펴보고자 합니다. 제약 이론, 도요타 생산방식과 같이 개선을 위한 기반 사상에서 DevOps, FinOps, SRE 등의 프랙티스와 그를 구성하는 SLA, Loosely Couple Architecture, CI/CD 등의 메카니즘, 그리고 마이그레이션을 위한 Transitional Architecture, Data Migration Architecture 등 30여 가지 아이디어를 공유합니다.
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
"Cloud infrastructure design is complex and makes even the most straight-forward topics, such as Identity and Access Management (IAM), non-trivial and confusing and therefore, full of security risk. While AWS IAM provides for access via console and API/CLI using access keys, there is also a temporary security tokens feature, designed for secure temporary access. However, temporary tokens have multiple security pot-holes that can lead to exploits.
I'll explore the limitations of temporary tokens including:
- the lack of visibility/management
- minimal logging
- limited remediation options
and how this can be taken advantage of, especially in combination with other techniques such as assuming of roles, pre-signed URLs, log attacks, and serverless functions to achieve persistence, lateral movement, and obfuscation.
In addition, I’ll look at common defensive techniques and best practices around lockdown, provisioning, logging and alerting to see whether these are practical and can shift the field."
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
CI/CD for a Docker Node.JS application using Code* services. This session will walkthrough what a solution like this would look like, what Code* services are used, how your build will work, and how deploys will work. The purpose of this session is to allow customers to see how to deploy their containerized applications in Amazon Elastic Container Service (ECS) Fargate using our CI/CD solutions. Come with your questions and pain points. We will also talk about how to use Bitbucket as your source control rather than Code Commit for the many customers already using BitBucket and Jenkins.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Designing security & governance via AWS Control Tower & Organizations - SEC30...Amazon Web Services
Whether it is per business unit or per application, many AWS customers use multiple accounts to meet their infrastructure isolation, separation of duties, and billing requirements. In this session, we cover considerations, limitations, and security patterns when building a multi-account strategy. We explore topics such as thought pattern, identity federation, cross-account roles, consolidated logging, and account governance. We conclude by presenting an enterprise-ready landing-zone framework and providing the background needed to implement an AWS Landing Zone using AWS Control Tower and AWS Organizations.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
by Omar Lari, Partner Solutions Architect, AWS
Amazon Elastic Container Service for Kubernetes (Amazon EKS) is a new managed service for running Kubernetes on AWS. This session will provide an overview of Amazon EKS, why we built it, and how it works.
Serverless Architecture - Design Patterns and Best PracticesAmazon Web Services
As serverless architectures become more popular, customers are looking for a framework of patterns to help them identify how they can leverage AWS to deploy their workloads without managing servers or operating systems.
This webinar session describes reusable serverless patterns. For each pattern, operational and security best practices with potential pitfalls and nuances will be described. The patterns involve services including but not limited to AWS Lambda, Amazon API Gateway, Amazon Kinesis Data Streams and Data Firehose, Amazon DynamoDB, Amazon S3, AWS Step Functions, AWS Config, AWS X-Ray, and Amazon Athena.
This session can help audience recognise candidates for various serverless architectures in an organisation and understand areas of potential savings and increased agility. For example, using X-Ray in Lambda for tracing and operational insight; a pattern on high performance computing (HPC) using Lambda at scale; Step Functions as a way to handle orchestration for both the Automation and Batch patterns; a pattern for Security Automation using AWS Config rules to detect and automatically remediate violations of security standards; CI/CD development pipelines for serverless, which includes testing, deploying, and versioning (SAM tools); working with services from AI/ML area; plus tips to optimise Lambda functions for performance and cost-effectiveness.
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities. In this session, you will learn about serverless architectures, their benefits, and the basics of the AWS’s serverless stack (e.g., AWS Lambda, Amazon API Gateway, and AWS Step Functions). We will discuss how to use serverless architectures for a variety of use cases including data processing, website backends, serverless applications, and “operational glue.” You will also get practical tips and tricks, best practices, and architecture patterns that you can take back and implement immediately.
Serverless use cases with AWS Lambda - More Serverless EventBoaz Ziniman
AWS Lambda allows you to run you code on a Serverless infrastructure, while AWS takes care of all the heavy lifting of Provisioning and utilization, Availability and fault tolerance, Scaling and Operations and management. In this session, we will take few use cases, from common development scenarios, and show how can we AWS Lambda to build smarter and better systems.
Building Serverless Enterprise Applications - SRV315 - Anaheim AWS SummitAmazon Web Services
In this session, learn how to design, develop, deliver, and monitor enterprise applications as they take advantage of the AWS serverless platform and developer toolset. We discuss the common serverless patterns that enterprises use, and we explain how to implement the operational and security features that are used by large and mature organizations.
Build Enterprise-Grade Serverless Apps - SRV315 - Chicago AWS SummitAmazon Web Services
In this session, we explore how developers can design, develop, deliver, and monitor cloud applications as they take advantage of the AWS serverless platform and developer toolset. We share technical insights that developers can use to optimize their workflows and their use of cloud resources, which, in turn, can improve security, scalability, and availability. We also discuss common serverless patterns used by enterprises, and we dive into the operational and security features used by large and mature organizations.
Building serverless enterprise applications - SRV315 - Toronto AWS SummitAmazon Web Services
Learn how to design, develop, deliver, and monitor enterprise applications as they take advantage of the AWS serverless platform and developer toolset. We will discuss discuss common serverless patterns used by enterprises, and hos to implemente operational and security features used by large and mature organizations.
Serverless Architectural Patterns and Best Practices - Madhu Shekar - AWSCodeOps Technologies LLP
This presentation was made by Madhusudan Shekar (Principal Evangelist) at AWS - on 9th June 2018 in Bridgei2i Analytics, Bangalore as part of Cloud Native meetup.
Build Enterprise-Grade Serverless Apps - SRV315 - Atlanta AWS SummitAmazon Web Services
In this session, we explore how developers can design, develop, deliver, and monitor cloud applications as they take advantage of the AWS serverless platform and developer toolset. We discuss common serverless patterns used by enterprises, and we dive into the operational and security features used by large and mature organizations.
Building Serverless Applications with Amazon DynamoDB & AWS Lambda - Workshop...Amazon Web Services
Join us for this first-ever advanced design and best practices workshop, designed to demonstrate the breadth of AWS serverless offerings and how the components work together. In this interactive workshop, we review the evolution of an e-commerce company that starts with a low-effort serverless product catalog, scales to a million daily users, and then adds analytics and near real-time monitoring. As we progress through the workshop, we dive deeply into AWS serverless services, such as Amazon DynamoDB, AWS Lambda, and Amazon Kinesis. We also use Amazon S3, Amazon API Gateway, Amazon Cognito, and other services that enable you to optimize costs and improve performance. Basic knowledge of DynamoDB, Lambda, and Kinesis is required. Bring your laptop and power supply to this session.
How to build scalable and resilient applications in the cloud - AWS Summit Ca...Amazon Web Services
Speaker: Adrian Hornsby, AWS
Level: 300
Ever wondered how companies delivering global services like Amazon or Netflix are architecting and testing their software systems? If you are curious and wanna learn how they do it - this is for you! In this session, will deep dive into availability, reliability and large-scale architectures and make an introduction to chaos engineering, a discipline that promotes breaking things on purpose in order to learn how to build more resilient systems.
Modern Applications Web Day | Impress Your Friends with Your First Serverless...AWS Germany
"Build and run applications without thinking about servers". You want it? You get it! We will start this session with a motivation why serverless applications are a thing. Once we got there, we will actually start building one, of course with making use of a serverless CI/CD pipeline. After we will have looked into how we can still test it locally, we shall also dive into analyzing and debugging our app - of course in a serverless manner.
Speaker: Dirk Fröhner, Senior Solutions Architect, AWS
In this session, Tim Wagner, general manager of AWS Lambda and Amazon API Gateway, explores how developers can design, develop, deliver, and monitor cloud applications as they take advantage of the AWS serverless platform and developer toolset. He shares technical insights that developers can use to optimize their workflows and their use of cloud resources, which, in turn, can improve security, scalability, and availability. He also discusses common serverless patterns used by enterprises, and he dives into the operational and security features used by large and mature organizations. Tim will be joined by Dougal Ballantyne, Principal Product Manager for API Gateway, to discuss recent launches and new API Gateway features.
Getting started building your first serverless web application on AWSIoannis Polyzos
Getting started with AWS serverless computing. A cloud computing model where developers can build and run applications without having to manage or provision servers. With AWS serverless services like AWS Lambda, developers can focus solely on writing code for their application's business logic, and AWS handles the infrastructure management, scaling, and availability aspects. This allows for highly scalable, event-driven architectures and pay-per-use pricing, where you only pay for the actual usage of your applications or functions.
AWS Serverless Application Model (AWS SAM) is a tool for developing, deploying, and managing your serverless applications on AWS. Learn best practices and tricks for using AWS SAM at scale, including how to make the most of its dynamic template capabilities, how to use advanced features, and how to debug serverless applications. Also explore the Approved open-source AWS SAM translator, and see how AWS SAM works under the hood.
by Kashif Imran, Sr. Solutions Architect, AWS
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
Getting Started with AWS Lambda & Serverless Computing - Kashif Imran.pdfAmazon Web Services
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
Similar to Serverless Architectural Patterns and Best Practices (ARC305-R2) - AWS re:Invent 2018 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.