Learning Objectives:
- Understand the identity and access management evolution
- Learn best practices for managing AWS root user credentials and Users, Groups, and Roles, especially as the number of users and AWS accounts grow
- Better understand identity federation by viewing two demos
Enterprise Applications with Amazon EFS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Recognize why and when to use Amazon EFS and the economic benefits versus other solutions
- Understand best practices for deploying enterprise applications with Amazon EFS
- Learn tips for a successful deployment
Transforming Data Lakes with Amazon S3 Select & Amazon Glacier Select - AWS O...Amazon Web Services
Learning Objectives:
- Define Amazon S3 Select and Amazon Glacier Select
- Understand the scenarios in which these features can help you increase performance and extend your data lake
- See a before & after scenario of a query with and without Amazon S3 Select
Media Processing Workflows at High Velocity and Scale using AI and ML - AWS O...Amazon Web Services
Learning Objectives:
- See how AI and ML in media processing can reduce time and costs while generating actionable insights
- Understand why and how to add orchestration to performance-sensitive media workflows
- See real customer examples of media processing workflows on AWS
Navigating GDPR Compliance on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn about General Data Protection Regulation (GDPR)
- Learn how AWS supports your journey to GDPR compliance
- Examples of how the GDPR articles may map to your own business activities
Mastering Identity at Every Layer of the Cake (SEC401-R1) - AWS re:Invent 2018Amazon Web Services
Most workloads on AWS resemble a finely crafted cake, with delight at every layer. In this session, we help you master identity at each layer of deliciousness: from platform, to infrastructure, to applications, using services like AWS Identity and Access Management (IAM), AWS Directory Service, Amazon Cognito, and many more. Leave with a firm mental model for how identity works both harmoniously and independently throughout these layers, and with ready-to-use reference architectures and sample code. We keep things fun and lively along the way with lots of demos, which will hopefully make up for our decided lack of anything resembling the sweet confections we'll be talking so much about!
Enterprises require that their mission critical business applications such as Microsoft, SAP and Oracle are up and running 24x7. Whatever it is, the requirements are the same: Availability, security and flexibility are key. In this session we will walk through practical examples of how AWS customers operate heavily mission critical applications in the cloud. Through real world customer examples, you will learn how Enterprise deploy mission critical workloads in highly redundant manner as well as apply security controls which will provide you with increased visibility and control of your applications.
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Amazon Web Services
How can you ensure your environment is Secure? How can you implement an effective governance model in your organization? The AWS Cloud Adoption Framework (CAF) and its Security Perspective provide a structured approach to make risk based decisions, build security guardrails and meet your compliance goals as you migrate to AWS. The Security perspective of the CAF provides a set of 5 core themes designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. In this session you will learn what it takes to lead a Secure Cloud Journey for your organization and make key strategic decisions.
Enterprise Applications with Amazon EFS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Recognize why and when to use Amazon EFS and the economic benefits versus other solutions
- Understand best practices for deploying enterprise applications with Amazon EFS
- Learn tips for a successful deployment
Transforming Data Lakes with Amazon S3 Select & Amazon Glacier Select - AWS O...Amazon Web Services
Learning Objectives:
- Define Amazon S3 Select and Amazon Glacier Select
- Understand the scenarios in which these features can help you increase performance and extend your data lake
- See a before & after scenario of a query with and without Amazon S3 Select
Media Processing Workflows at High Velocity and Scale using AI and ML - AWS O...Amazon Web Services
Learning Objectives:
- See how AI and ML in media processing can reduce time and costs while generating actionable insights
- Understand why and how to add orchestration to performance-sensitive media workflows
- See real customer examples of media processing workflows on AWS
Navigating GDPR Compliance on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn about General Data Protection Regulation (GDPR)
- Learn how AWS supports your journey to GDPR compliance
- Examples of how the GDPR articles may map to your own business activities
Mastering Identity at Every Layer of the Cake (SEC401-R1) - AWS re:Invent 2018Amazon Web Services
Most workloads on AWS resemble a finely crafted cake, with delight at every layer. In this session, we help you master identity at each layer of deliciousness: from platform, to infrastructure, to applications, using services like AWS Identity and Access Management (IAM), AWS Directory Service, Amazon Cognito, and many more. Leave with a firm mental model for how identity works both harmoniously and independently throughout these layers, and with ready-to-use reference architectures and sample code. We keep things fun and lively along the way with lots of demos, which will hopefully make up for our decided lack of anything resembling the sweet confections we'll be talking so much about!
Enterprises require that their mission critical business applications such as Microsoft, SAP and Oracle are up and running 24x7. Whatever it is, the requirements are the same: Availability, security and flexibility are key. In this session we will walk through practical examples of how AWS customers operate heavily mission critical applications in the cloud. Through real world customer examples, you will learn how Enterprise deploy mission critical workloads in highly redundant manner as well as apply security controls which will provide you with increased visibility and control of your applications.
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Amazon Web Services
How can you ensure your environment is Secure? How can you implement an effective governance model in your organization? The AWS Cloud Adoption Framework (CAF) and its Security Perspective provide a structured approach to make risk based decisions, build security guardrails and meet your compliance goals as you migrate to AWS. The Security perspective of the CAF provides a set of 5 core themes designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. In this session you will learn what it takes to lead a Secure Cloud Journey for your organization and make key strategic decisions.
Module 5: AWS Elasticity and Management Tools
This module will cover:
Auto Scaling concepts
Elastic Load Balancing concepts
AWS Management tools including CloudWatch
Closing Remarks
Optimizing Storage for Enterprise Workloads and Migrations (STG202) - AWS re:...Amazon Web Services
In this session, we focus on best practices for AWS block and file storage when supporting enterprise workloads (like SAP, Oracle, Microsoft applications, and home directories). We discuss migrating mission-critical workload data, selecting volumes or file systems, optimizing performance, and designing for durability and availability. We also review optimizing for cost to ensure that your lift-and-shift project is a success.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand Hybrid Cloud architecture options
- Understand AWS portfolio of capabilities to support Hybrid Cloud
- Understand AWS partnerships with VMWare, Microsoft and other key enterprise players help you execute your Hybrid Cloud strategy
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn how Amazon MQ makes messaging and migration more manageable so you can maximize productivity and reduce cost
- Learn how other enterprises benefit from moving to a managed message broker
- Learn how to set up a new message broker in 3 quick steps
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCAmazon Web Services
In this session, Warby Warburton, senior product manager at Palo Alto Networks, facilitates a discussion and demonstration of how to fully automate the creation of a Transit VPC with the VM-Series that enables application developers and spoke VPC owners to add and remove applications, as needed, without being slowed by corporate security processes or change control requirements. This session is brought to you by AWS Partner, Palo Alto Networks.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
This session covers how to automate network connectivity across geographically dispersed data centers under a single policy domain with Cisco ACI Multi-Site. We also cover how to achieve policy consistency and enforcement for applications deployed across on-premises sites, AWS Regions, and colocations. We explain how to enable seamless network and services (firewall, load balancers, etc.) automation with Cisco Application Policy Infrastructure Controller (APIC). Finally, we cover how to provide end-to-end visibility, troubleshooting, and compliance for operational simplicity across on-premises data centers, remote locations, colocations, and public clouds. This session is brought to you by AWS Partner, Cisco.
AWS Fargate makes running containerized workloads on AWS easier than ever. In this session, we provide a technical foundation for using AWS Fargate with your existing containerized services. We also provide best practices for building images, configuring task definitions, task networking, secrets management, and monitoring.
In this session, we explore the world’s first cloud-scale file system and its targeted use cases. Learn about Amazon Elastic File System (Amazon EFS) features and benefits, how to identify applications that are appropriate to use with Amazon EFS, and details about its performance and security models. The target audience includes security administrators, application developers, and applications owners who operate or build file-based applications.
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
Accelerate and Modernise Microsoft Workload Migrations on AWSAmazon Web Services
Learn how customers are leveraging AWS for migration and modernization of Enterprise applications. See how AWS helps customers to modernize using serverless and microservices, learn about common pitfalls around licensing. Hear from Guinness World Records on their transformation journey and questions you should ask when considering a migration with Microsoft workloads.
A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1) - ...Amazon Web Services
New to AWS? Given the number of AWS services there are, you may think that it’s going to take a lot of work to get your security house in order in the cloud. In fact, across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud. In this session, we’ll focus on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC). You’ll walk away having seen concrete examples that illustrate the patterns that enable you to properly secure any workload in AWS.
Module 3: Security, Identity and Access Management
This module will cover:
Data Center Security
AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
In this webinar, we will show how you can migrate your Microsoft workloads into AWS and what strategies we’ve seen work best to get the fastest successful outcome. We will also cover Auditing, the 6 R’s methodology, tooling, pre-req’s for Microsoft workloads & migration techniques.
Module 3: AWS Security
This module will cover how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to aid you in better understanding AWS Cloud security options.
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
by Jeff Levine, Security Specialist, Solutions Architect, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop.
Module 5: AWS Elasticity and Management Tools
This module will cover:
Auto Scaling concepts
Elastic Load Balancing concepts
AWS Management tools including CloudWatch
Closing Remarks
Optimizing Storage for Enterprise Workloads and Migrations (STG202) - AWS re:...Amazon Web Services
In this session, we focus on best practices for AWS block and file storage when supporting enterprise workloads (like SAP, Oracle, Microsoft applications, and home directories). We discuss migrating mission-critical workload data, selecting volumes or file systems, optimizing performance, and designing for durability and availability. We also review optimizing for cost to ensure that your lift-and-shift project is a success.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand Hybrid Cloud architecture options
- Understand AWS portfolio of capabilities to support Hybrid Cloud
- Understand AWS partnerships with VMWare, Microsoft and other key enterprise players help you execute your Hybrid Cloud strategy
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
Improve Efficiency by Migrating Messaging to Amazon MQ - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn how Amazon MQ makes messaging and migration more manageable so you can maximize productivity and reduce cost
- Learn how other enterprises benefit from moving to a managed message broker
- Learn how to set up a new message broker in 3 quick steps
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCAmazon Web Services
In this session, Warby Warburton, senior product manager at Palo Alto Networks, facilitates a discussion and demonstration of how to fully automate the creation of a Transit VPC with the VM-Series that enables application developers and spoke VPC owners to add and remove applications, as needed, without being slowed by corporate security processes or change control requirements. This session is brought to you by AWS Partner, Palo Alto Networks.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
This session covers how to automate network connectivity across geographically dispersed data centers under a single policy domain with Cisco ACI Multi-Site. We also cover how to achieve policy consistency and enforcement for applications deployed across on-premises sites, AWS Regions, and colocations. We explain how to enable seamless network and services (firewall, load balancers, etc.) automation with Cisco Application Policy Infrastructure Controller (APIC). Finally, we cover how to provide end-to-end visibility, troubleshooting, and compliance for operational simplicity across on-premises data centers, remote locations, colocations, and public clouds. This session is brought to you by AWS Partner, Cisco.
AWS Fargate makes running containerized workloads on AWS easier than ever. In this session, we provide a technical foundation for using AWS Fargate with your existing containerized services. We also provide best practices for building images, configuring task definitions, task networking, secrets management, and monitoring.
In this session, we explore the world’s first cloud-scale file system and its targeted use cases. Learn about Amazon Elastic File System (Amazon EFS) features and benefits, how to identify applications that are appropriate to use with Amazon EFS, and details about its performance and security models. The target audience includes security administrators, application developers, and applications owners who operate or build file-based applications.
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
Accelerate and Modernise Microsoft Workload Migrations on AWSAmazon Web Services
Learn how customers are leveraging AWS for migration and modernization of Enterprise applications. See how AWS helps customers to modernize using serverless and microservices, learn about common pitfalls around licensing. Hear from Guinness World Records on their transformation journey and questions you should ask when considering a migration with Microsoft workloads.
A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1) - ...Amazon Web Services
New to AWS? Given the number of AWS services there are, you may think that it’s going to take a lot of work to get your security house in order in the cloud. In fact, across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud. In this session, we’ll focus on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC). You’ll walk away having seen concrete examples that illustrate the patterns that enable you to properly secure any workload in AWS.
Module 3: Security, Identity and Access Management
This module will cover:
Data Center Security
AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
In this webinar, we will show how you can migrate your Microsoft workloads into AWS and what strategies we’ve seen work best to get the fastest successful outcome. We will also cover Auditing, the 6 R’s methodology, tooling, pre-req’s for Microsoft workloads & migration techniques.
Module 3: AWS Security
This module will cover how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to aid you in better understanding AWS Cloud security options.
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
by Jeff Levine, Security Specialist, Solutions Architect, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop.
IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...Amazon Web Services
In this session, learn how Vanguard has matured their IAM controls and automation to support a micro-account strategy, providing further agility to developers while reducing blast radius and improving governance. You learn how Vanguard uses STS Federation at the OU level, builds common roles across all micro accounts, implements AWS Organizations SCPs, and uses different network control zones for admin vs. non-admin functions. Vanguard also shares how they are using AWS Lambda to block escalation of privilege.
Become an IAM Policy Master in 60 Minutes or Less (SEC316-R1) - AWS reInvent ...Amazon Web Services
Are you interested in becoming a IAM policy master and learning about powerful techniques for controlling access to AWS resources? If your answer is “yes,” this session is for you. Join us as we cover the different types of policies and describe how they work together to control access to resources in your account and across your AWS organization. We walk through use cases that help you delegate permission management to developers by demonstrating IAM permission boundaries. We take an in-depth look at controlling access to specific AWS regions using condition keys. Finally, we explain how to use tags to scale permissions management in your account. This session requires you to know the basics of IAM policies.
Understanding the Critical Building Blocks of AWS Identity and GovernanceAmazon Web Services
by Jeff Levine, Sr. Solutions Architect AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Amazon Web Services
The area of identity, authentication, and authorization has significantly evolved in recent years, and this often leaves customers unsure of how to solve for user authentication with .NET applications hosted on AWS. In this workshop, we attempt to baseline the most common technology choices for .NET authentication (Windows Integrated Authentication, SAML, OpenID Connect, OAuth, etc.) and discuss the most common architectures and configurations that customers can leverage when running .NET applications on AWS. Attendees also have a chance to run through hands-on lab exercises for each of the architectures discussed.
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
Identity Round Robin Workshop - Serverless Round: Security Week at the San Francisco Loft
Start the day off by learning how to properly configure identity and access controls for a serverless application built with Amazon S3, Amazon CloudFront, and Amazon Cognito. With a combination of talking and hands-on exercises we will be diving into AWS IAM policy types to better understand the differences and learn how the policy evaluation logic works. We will also be diving into how you can use Cognito User Pools for user management within your serverless applications.
Level: 300
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogAmazon Web Services
In this session, data analysts, big data administrators, system administrators, developers, and IT managers learn how to create a robust computing environment for their teams. As enterprises move to the cloud, providing secure, governed turnkey solutions at scale to a broad set of users has its challenges. We show you how organizations are building solutions that enable data scientists to provision AWS resources through an ITSM system to create a robust, governed, and easy self-service capability.
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Amazon Web Services
Landing Zones: Creating a Foundation for Your AWS Migrations
When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices.
Ali Juzer, Cloud Architect, Professional Services, Amazon Web Services
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOneAmazon Web Services
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: operating systems, services and applications control responsibilities, the automation of security baselines, the configuration of security, and the auditing of controls for AWS customer infrastructure. You'll learn key principles of how to build a secure organization and protect your customers' data. Don't wait until your first security incident before putting these best practices in place.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Amazon Web Services
"Administrators need to enable developers to move quickly when building applications on AWS while also controlling access to meet security needs. In this session, we demonstrate how administrators put permissions guardrails in place that enable them to grant broader access for their applications and developers. Then, we demonstrate how administrators can analyze activity to dial in access controls as applications and developers settle into common patterns. Finally, we show how to simulate permissions changes to understand and assess their impact. This session expects that participants are knowledgeable about IAM permission policies and AWS Organizations.
AWS Identity and Access Management (IAM) is the foundation that all AWS services require to function and perform any action. Mastering IAM is the skill set you need in your arsenal so that you can provide best-in-breed services through your application or services to your customers. This session shows you best practices for IAM, the latest service additions, and advanced automation techniques to become a certified IAM ninja.
AWS STARTUP DAY 2018 I Securing Your Customer Data From Day OneAWS Germany
All companies should build with security and protection of customer data as the number one priority. This talk will cover a wide range of best practices from MFA, root accounts, encrypting laptops, inventory management, MDM, and incident response. You'll learn key principles of how to build a secure organization to protect your data. Don't wait until your first security incident before putting these best practices in place.
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
Zero trust security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the zero trust security approach is next-gen access which combines the critical capabilities of such technologies as identity as a service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a zero trust security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console, and the AWS Command Line Interface, and managing developer access to Amazon EC2 instances and containerized applications that run on them.
Landing zones: Creating a Foundation for Your AWS MigrationsAli Asgar Juzer
When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices.
Products & Services: Amazon CloudWatch, AWS CloudTrail, AWS Config, AWS CloudFormation, AWS IAM and AWS Direct Connect
Similar to The Evolution of Identity and Access Management on AWS - AWS Online Tech Talks (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.