AWS Multiple Account Management

•Download as PPTX, PDF•

1 like•342 views

Yihui Xu

Mulitple Account Management in AWS

Technology

AWS Multiple Account Management
Yihui Xu, Platform Security Architect
AWS Cummunity Day Nordics 2019
2019.02.19

About Me
AWS Multiple Account Management AWS Community Day Nordics 2019
• Yihui Xu
Platform Security Architect @ Aera Payment & Identification AS
• Cyber Security
• IAM
• DevOps
• Application Security
• Penetration Testing
• All 5 AWS Certifications + AWS Certified Security Specialty
• Microsoft Certified
2019.02.19

Agenda
• Reasons for multiple account approach
• AWS multiple account management
• AWS Landing Zone
• AWS Control Tower
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

Possible reasons for Multi-Account
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Department keeps the sensitive data in there own account
• One account each environment (dev, test, pre-prod, prod, shared services, etc)
• Acquisitions
• Geo location

Separate AWS Account
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
Development
Test
Production
Development
Test
Production
eu-central-1 us-east-1
Pros:
• Separate control
• Separate Billing
Cons:
• Duplicated configuration
• At least 2 reserved
instance resource pool
• Consistency

Consolidated Billing Account
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
Billing Account
Development Test Production
Pros:
• Centralized Management
• Consolidated Billing
• Shared RI
Cons:
• More complex control
• Billing Analysis

Multiple Billing Account
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
Billing Account
Development Test Production
Billing Account
Development Test Production
eu-central-1 us-east-1
Pros:
• Native Regional Isolation
• Regional Based Billing
Cons:
• Even More complex control
• Billing Analysis

2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
Account Level Management

AWS Organizations
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Policy-based account management
• Automated account provisioning via API
• Simplified billing

AWS Organizations: Creation
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
https://aws.amazon.com/cn/blogs/aws/category/aws-organizations/

AWS Organizations: Core Concept
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
ROOT OU
OU 1 OU 2
OU 3 OU 4
Service Control Policies
Account
Account
Account Account Account Account Account

Whitelist v.s. Blacklist
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Complementary Control
• Service Control Policies(SCP) to setup permission boundary
• Whitelist: ALLOW boundary
• Blacklist: DENY boundary

Permission Boundary
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Max permission
• Don’t grant any permission

$SCP Example 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Root OU OU 1 OU 2 { “Effect”: “Allow”, “Action”: “*”, “Resource”: “*” } { “Effect”: “Deny”, “Action”: [ “ec2:DeleteFlowLogs”, “logs:DeleteLogGroup”, “logs:DeleteLogStream” ], “Resource”: “*” } Attached: FullAWSAccess Attached: FullAWSAccess Attached: Deny_DeleteLogs$

Create Organization
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tutorials_basic.html

2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
Resource Level Management

Resource Level Management
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Centralized Control
• Approval Mode
• Self-Service

AWS CloudFormation StackSets –
Centralized Control
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html
• AWS CloudFormation Template
• Centralized provision, update, delete multiple
account across region
• Highly integrated with AWS Organizations

AWS CloudFormation ChangeSets:
Approval Mode
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html

AWS Service Catalog: Self-Service Action
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

AWS Landing Zone
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
https://aws.amazon.com/cn/solutions/aws-landing-zone/

AWS Control Tower
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

Summary
2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019
• Reasons for using multiple AWS account
• AWS multiple account management
• AWS Landing Zone
• AWS Control Tower

AWS Multiple Account Management AWS Community Day Nordics 20192019.02.19

Thank You
AWS Multiple Account Management AWS Community Day Nordics 20192019.02.19

What's hot

Application Delivery on Amazon Web Services for Developers Every developer has gone through the frustration of creating new features, fixing bugs, or refactoring beautiful code, and then wait for it to reach the promise land of production. Come and learn how to get your changes in the hands of your customers with more speed, reliability, security and quality. Speaker: Daniel Zoltak & Shiva Narayanaswamy, Solutions Architects, Amazon Web Services

Application Delivery on Amazon Web Services for Developers

Amazon Web Services

AWS+Intel: Smart Greenhouse Demo

Amazon Web Services

Defining infrastructure resource policies in an organized manner can help your company better manage its infrastructure resources. This session will familiarize you with using AWS Lambda to process data and provide control logic for your infrastructure. You can use Amazon CloudWatch Events to monitor infrastructure resources in real-time, and you can use AWS Lambda to react to events based on a set of rules. We will demonstrate how you can build a rules engine for creating, monitoring, and managing policies. AWS DevDay San Francisco, June 21, 2016. Presenter: Bryan Liston, Community Manager, AWS Lambda

Using AWS Lambda to Build Control Systems for Your AWS Infrastructure

Amazon Web Services

Learn how to build a text enabled robot that will take your beer order, serve your pint, and notify you when it is ready, all while keeping an eye on your consumption so that you wake up on time the next morning. In this demo-heavy workshop, we will use the Zipwhip Texterator as the platform on which we will show you how to use Alexa, AWS Lambda, and AWS IoT to build the ultimate beer serving device. AWS DevDay San Francisco, June 21, 2016. Presenter: John Rotach, SDE, AWS IoT

Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda

Amazon Web Services

You can now develop your AWS Lambda functions in C# using the .NET Core 1.0 runtime. The easiest way to get started is with the AWS Toolkit for Visual Studio, which includes project templates for individual C# Lambda functions, full C# serverless applications, and also tools to publish both projects types to AWS. To manually create a C# Lambda function, you simply specify the Lambda runtime parameter as “netcore1.0” and upload the ZIP of all NuGet dependencies as well as your own published DLL assemblies through the AWS CLI or AWS Lambda console. Alternatively, you can use AWS CloudFormation through the AWS Serverless Application Specification for deploying your C# Lambda function.

AWS Lambda in C#

Amazon Web Services

Getting started with AWS Lambda and the Serverless Cloud

Ian Massingham

Presentation from the developer track at I Love APIs London 2016 featuring Matt McClean, Amazon Web Services. Developers have been jumping on the microservices bandwagon because of the obvious benefits of faster release cycles and innovation. However, microservices' downside is the increased server costs, operational costs, and performance costs. To reduce this complexity, Amazon Web Services created AWS Lambda - a compute platform that lets you build microservices with no provisioning and servers. Matt McClean, Solution Architect from AWS, presents how to use AWS Lambda to build your microservices. He covers various architectural patterns and anti-patterns for using AWS Lambda.

Serverless computing with AWS Lambda

Apigee | Google Cloud

AWS Amplify

AWS Riyadh User Group

Bots are eating the world! Wild Rydes (www.wildrydes.com), a new startup that is building the world’s leading mobile/VR/AR unicorn transportation system, has decided to use serverless chatbots to staff its customer service department. As it scales to millions of users, Wild Rydes needed a scalable way to meet the customer service needs of its customers instead of relying on human customer service agents. Wild Rydes needs your help to implement its vision. In this workshop, you will help Wild Rydes launch the future of customer service. You will build a customer service bot for Facebook that runs on AWS Lambda and Amazon API Gateway. You’ll enable the bot to respond intelligently to customers by building in Natural Language Processing (NLP). The bot will use an event-driven architecture in which Lambda functions trigger workflows that pull customer responses from a Knowledge Base of Q&A. You’ll also write a function to trigger a manual approval request to a Slack channel, so that Wild Rydes’ technical staff can approve or reject messages from the bot to the customer. Finally, you’ll also learn to use Amazon S3, Amazon DynamoDB, and Amazon Elasticsearch Service to log all incoming requests and create live analytical dashboards, such as for sentiment analysis, to track customer satisfaction.

AWS re:Invent 2016: All Your Chats are Belong to Bots: Building a Serverless ...

Amazon Web Services

This talk will be a 2-300 level discussion on Serverless Architectures on AWS. We’ll first explore the Serverless ecosystem on AWS, looking at some particular use cases for Serverless. Looking through the lens of AWS customers, we’ll look at the typical Serverless journey, as well some of the key emerging patterns and benefits of Serverless Architectures. We’ll also touch some of the key challenges in a distributed environment and some potential solutions and tools that customers might want to consider.

A Brief Look at Serverless Architecture

Amazon Web Services

In this session we’ll take a high-level overview of AWS Lambda, a serverless compute platform that has changed the way that developers around the world build applications. We’ll explore how Lambda works under the hood, the capabilities it has, and how it is used. By the end of this talk you’ll know how to create Lambda based applications and deploy and manage them easily. Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS

Introduction to AWS Lambda and Serverless Applications

Amazon Web Services

In this session we will get into the nitty gritty of implementing mobile applications with AWS Mobile Services to accelerate and scale your mobile application development and user community. Learn how to use the Mobile Hub for quickly implementing main mobile developer use cases or to use the AWS Mobile SDKs to build your own mobile services with direct access to AWS primitives. Manage user onboarding/sign-up, authentication, and authorization with AWS Cognito. Re-engage with your users to increase key conversation rates in your app with AWS Pinpoint push notifications and user/app analytics. Deliver high quality applications by testing your devices on a wide array of real devices.

SRV411 Deep Dive on Mobile Application Development with AWS

Amazon Web Services

Learn how to develop voice-based serverless back ends for Alexa Voice Service (AVS) and Alexa devices using the Alexa Skills Kit (ASK), which allows you to add new voice-based interactions to Alexa. We’ll code a new skill, implemented by a serverless backend leveraging AWS services such as Amazon Cognito, AWS Lambda, and Amazon DynamoDB. Often, your skill needs to authenticate your users and link them back to your backend systems and to persist state between user invocations. User authentication is performed by leveraging OAuth compatible identity systems. Running such a system on your back end requires undifferentiated heavy lifting or boilerplate code. We’ll leverage Login with Amazon as the identity provider instead, allowing you to focus on your application implementation and not on the low-level user management parts. At the end of this session, you’ll be able to develop your own Alexa skills and use Amazon and AWS services to minimize the required backend infrastructure. This session shows you how to deploy your Alexa skill code on a serverless infrastructure, leverage AWS Lambda, use Amazon Cognito and Login with Amazon to authenticate users, and leverage AWS DynamoDB as a fully managed NoSQL data store.

AWS re:Invent 2016: Build a Serverless Back End for Your Alexa-Based Voice In...

Amazon Web Services

You have heard how containers are great for running microservices, but running and managing large scale applications with microservices architectures is hard and often requires operating complex container management infrastructure. So what exactly is needed to get microservices to run in production at scale? In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications, and we will walk through a number of patterns used by our customers to run their microservices platforms. We will also dive deep into some of the challenges of running microservices, such as load balancing, service discovery, and secrets management, and we’ll see how Amazon EC2 Container Service (ECS) can help address them. We will also demo how you can easily deploy complex microservices applications using Amazon ECS.

SRV409 Deep Dive on Microservices and Docker

Amazon Web Services

Serverless use cases with AWS Lambda - More Serverless Event

Boaz Ziniman

Platform for Innovation - AWS

Shiva Narayanaswamy

Workshop: Building Containerized Swift Applications on Amazon ECS

Amazon Web Services

Building CICD Pipelines for Serverless Applications - DevDay Los Angeles 2017

Amazon Web Services

Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...

Philipp Müns

Getting Started with AWS Lambda and Serverless Computing

Kristana Kane

What's hot (20)

Application Delivery on Amazon Web Services for Developers

AWS+Intel: Smart Greenhouse Demo

Using AWS Lambda to Build Control Systems for Your AWS Infrastructure

Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda

AWS Lambda in C#

Getting started with AWS Lambda and the Serverless Cloud

Serverless computing with AWS Lambda

AWS Amplify

AWS re:Invent 2016: All Your Chats are Belong to Bots: Building a Serverless ...

A Brief Look at Serverless Architecture

Introduction to AWS Lambda and Serverless Applications

SRV411 Deep Dive on Mobile Application Development with AWS

AWS re:Invent 2016: Build a Serverless Back End for Your Alexa-Based Voice In...

SRV409 Deep Dive on Microservices and Docker

Serverless use cases with AWS Lambda - More Serverless Event

Platform for Innovation - AWS

Workshop: Building Containerized Swift Applications on Amazon ECS

Building CICD Pipelines for Serverless Applications - DevDay Los Angeles 2017

Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...

Getting Started with AWS Lambda and Serverless Computing

Similar to AWS Multiple Account Management

Do you REALLY know what is going on in your AWS Accounts?

Aaron Walker

Aws user group #04 landing zones

PolarSeven Pty Ltd

Public-Cloud Kunden, haben Multi-Account Architekturen (z.B. Landing Zone), um den DevOps-Teams Autonomie und Geschwindigkeit zu geben. In diesem Umfeld zentrale Security Anforderungen im Bezug Governance und Compliance zu erfüllen, ist eine Herausforderung. Nuvibit Semper unterstützt die Reise vom DevOps- zum DevSecOps-Team, indem es erlaubt, Security Anforderungen durch das Applikations-Team zu spezifizieren und direkt zu applizieren. Unterschiedliche Anforderungen für z.B. Dev, Test, Prod können mit Policies spezifiziert werden. Die Lösung zeigt, was mit AWS nativen Security Services erreicht werden kann.

DevSecOps-Teams das Security-Steuer überlassen

BATbern

La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.

Proteggere applicazioni e dati nel cloud AWS

Amazon Web Services

As customers migrate to the cloud, IT needs to maintain structured compliance and governance while providing developers with the flexibility to manage cloud resources at scale. AWS provides a set of management tools that enables you to programmatically provision, monitor, and automate the components of your cloud environment. In this session, learn how you can use these tools to maintain consistent controls without restricting development velocity.

Cloud Governance and Provisioning Management using AWS Management Tools and S...

Amazon Web Services

AWSome Day 是 AWS 在全球各大城市巡迴舉辦的重點活動，為時一天，結合培訓與技術新知的免費研討會。本活動專為大小企業的技術和部門主管們量身訂做，是深入學習 AWS 雲端及與 AWS 專家面對面的絕佳機會。 AWSome Day 是針對 Amazon Web Services (AWS) 雲端服務所設計的訓練課程，我們的專業講師將會深入淺出帶領大家循序漸進地瞭解 AWS 的核心服務，包含：運算 (Compute)、儲存 (Storage)、資料庫 (Database)、和網路 (Networking)。本課程中，您不但可以與講師面對面的探討問題，在課程結束後，您亦將具備適當的雲端能力，瞭解如何在 AWS 平台上建構安全 (Secure) 且高擴充性 (Scalability)的資訊服務平台，為您的公司創造更多利潤與佳績。

Architecting-for-the-cloud-Best-Practices

Amazon Web Services

AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf

Amazon Web Services

Deploy and Govern at Scale with AWS Control Tower

Amazon Web Services

AWS Multi-Account Architecture and Best Practices

Amazon Web Services

To arm you with best practices from day one, this session presents field-tested and reusable designs that’ll set you up for long-term success in the AWS cloud. From account creation and access configuration, through security considerations and VPC design, to the use of VPC peering, ELBs and Internet Gateways, we’ll walk you through the common infrastructure elements and recommended design patterns that lead to AWS cloud adoption success.

Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption ...

Amazon Web Services

Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019

Amazon Web Services

During this session we will describe common methods used to create a Hybrid Cloud with Amazon Web Services. We will step through successful operational models, how to get started, and tools to simplify operations. We will explore topics such as networking, directories, DNS, and security. Importantly, we will cover ongoing operational and management practices. Mark Statham, Senior Cloud Architect - Professional Services, Amazon Web Services, ASEAN

Hybrid IT with Amazon Web Services: Best of Both Worlds

Amazon Web Services

The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.

Secure your AWS Account and your Organization's Accounts

Amazon Web Services

AWS Enterprise Summit Netherlands - Infosec by Design

Amazon Web Services

Want to learn about your options for running Microsoft Active Directory on AWS? When you move Microsoft workloads to AWS, it is important to consider how to deploy Microsoft Active Directory in support of group policy management, authentication, and authorization. In this session, we discuss options for deploying Microsoft Active Directory to AWS, including AWS Managed Microsoft AD and deploying Active Directory to Windows on Amazon EC2. We cover such topics as how to integrate your on-premises Microsoft Active Directory environment to the cloud and how to leverage SaaS applications, such as Office 365, with the AWS Single Sign-On service.

Microsoft Active Directory Deep Dive

Amazon Web Services

Fundamentals of Cloud Computing & AWS

Bhuvaneswari Subramani

"In this workshop, cloud architects, Cloud Center of Excellence (CCOE) team members, and IT managers learn how to launch and operate governed cloud workloads on AWS by leveraging AWS management tools. They extend a sample catalog containing Amazon EC2, Amazon S3, and so on, and enable catalog users to only manage the resources they create. They then perform the IT service management process integration using ServiceNow as an example solution.

Build end-to-end IT lifecycle management on AWS - FND301-R - AWS re:Inforce 2...

Amazon Web Services

Secure Your AWS Account and Your Organization's Accounts - SID202 - Chicago A...

Amazon Web Services

[AWS Media Symposium 2019] Perfecting the Media Experience with AWS - Bhavik ...

Amazon Web Services Korea

Technical 101: Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption Building an architecturally sound foundation is a common theme in every AWS success story. The repeatable delivery of applications and services depends on standardising your infrastructure design patterns. To arm you with best practices from day one, this session presents field-tested and reusable designs that'll set you up for long-term success in the AWS cloud. From account creation and access configuration, through security considerations and VPC design, to the use of VPC peering, ELBs and Internet Gateways, we'll walk you through the common infrastructure elements and recommended design patterns that lead to AWS cloud adoption success. Speaker: Craig Dickson, Solutions Architect, Amazon Web Services

Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption

Amazon Web Services

Similar to AWS Multiple Account Management (20)

Do you REALLY know what is going on in your AWS Accounts?

Aws user group #04 landing zones

DevSecOps-Teams das Security-Steuer überlassen

Proteggere applicazioni e dati nel cloud AWS

Cloud Governance and Provisioning Management using AWS Management Tools and S...

Architecting-for-the-cloud-Best-Practices

AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf

Deploy and Govern at Scale with AWS Control Tower

AWS Multi-Account Architecture and Best Practices

Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption ...

Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019

Hybrid IT with Amazon Web Services: Best of Both Worlds

Secure your AWS Account and your Organization's Accounts

AWS Enterprise Summit Netherlands - Infosec by Design

Microsoft Active Directory Deep Dive

Fundamentals of Cloud Computing & AWS

Build end-to-end IT lifecycle management on AWS - FND301-R - AWS re:Inforce 2...

Secure Your AWS Account and Your Organization's Accounts - SID202 - Chicago A...

[AWS Media Symposium 2019] Perfecting the Media Experience with AWS - Bhavik ...

Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption

Recently uploaded

MINDCTI Revenue Release Quarter One 2024

MIND CTI

JohnPollard-hybrid-app-RailsConf2024.pptx

JohnPollard37

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

The presentation was made in “Web3 Fusion: Embracing AI and Beyond” is more than a conference; it's a journey into the heart of digital transformation. The conference a provided a platform where the future of technology meets practical application. This three-day hybrid event, set in the heart of innovation, served as a gateway to the latest trends and transformative discussions in AI, Blockchain, IoT, AR/VR, and their collective impact on the information space.

AI in Action: Real World Use Cases by Anitaraj

AnitaRaj43

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Exploring Multimodal Embeddings with Milvus

Zilliz

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

DBX First Quarter 2024 Investor Presentation

Dropbox

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

Architecting Cloud Native Applications

WSO2

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024

JohnPollard-hybrid-app-RailsConf2024.pptx

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

AI in Action: Real World Use Cases by Anitaraj

Corporate and higher education May webinar.pptx

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

[BuildWithAI] Introduction to Gemini.pdf

Strategies for Landing an Oracle DBA Job as a Fresher

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Exploring Multimodal Embeddings with Milvus

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Six Myths about Ontologies: The Basics of Formal Ontology

Introduction to Multilingual Retrieval Augmented Generation (RAG)

CNIC Information System with Pakdata Cf In Pakistan

DBX First Quarter 2024 Investor Presentation

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Architecting Cloud Native Applications

AWS Multiple Account Management

1. 2019.02.19

2. AWS Multiple Account Management Yihui Xu, Platform Security Architect AWS Cummunity Day Nordics 2019 2019.02.19

3. About Me AWS Multiple Account Management AWS Community Day Nordics 2019 • Yihui Xu Platform Security Architect @ Aera Payment & Identification AS • Cyber Security • IAM • DevOps • Application Security • Penetration Testing • All 5 AWS Certifications + AWS Certified Security Specialty • Microsoft Certified 2019.02.19

4. Agenda • Reasons for multiple account approach • AWS multiple account management • AWS Landing Zone • AWS Control Tower 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

5. Possible reasons for Multi-Account 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Department keeps the sensitive data in there own account • One account each environment (dev, test, pre-prod, prod, shared services, etc) • Acquisitions • Geo location

6. Separate AWS Account 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Development Test Production Development Test Production eu-central-1 us-east-1 Pros: • Separate control • Separate Billing Cons: • Duplicated configuration • At least 2 reserved instance resource pool • Consistency

7. Consolidated Billing Account 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Billing Account Development Test Production Pros: • Centralized Management • Consolidated Billing • Shared RI Cons: • More complex control • Billing Analysis

8. Multiple Billing Account 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Billing Account Development Test Production Billing Account Development Test Production eu-central-1 us-east-1 Pros: • Native Regional Isolation • Regional Based Billing Cons: • Even More complex control • Billing Analysis

9. 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Account Level Management

10. AWS Organizations 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Policy-based account management • Automated account provisioning via API • Simplified billing

11. AWS Organizations: Creation 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 https://aws.amazon.com/cn/blogs/aws/category/aws-organizations/

12. AWS Organizations: Core Concept 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 ROOT OU OU 1 OU 2 OU 3 OU 4 Service Control Policies Account Account Account Account Account Account Account

13. Whitelist v.s. Blacklist 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Complementary Control • Service Control Policies(SCP) to setup permission boundary • Whitelist: ALLOW boundary • Blacklist: DENY boundary

14. Permission Boundary 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Max permission • Don’t grant any permission

15. SCP Example 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Root OU OU 1 OU 2 { “Effect”: “Allow”, “Action”: “*”, “Resource”: “*” } { “Effect”: “Deny”, “Action”: [ “ec2:DeleteFlowLogs”, “logs:DeleteLogGroup”, “logs:DeleteLogStream” ], “Resource”: “*” } Attached: FullAWSAccess Attached: FullAWSAccess Attached: Deny_DeleteLogs

16. Create Organization 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tutorials_basic.html

17. 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 Resource Level Management

18. Resource Level Management 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Centralized Control • Approval Mode • Self-Service

19. AWS CloudFormation StackSets – Centralized Control 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html • AWS CloudFormation Template • Centralized provision, update, delete multiple account across region • Highly integrated with AWS Organizations

20. AWS CloudFormation ChangeSets: Approval Mode 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html

21. AWS Service Catalog: Self-Service Action 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

22. AWS Landing Zone 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 https://aws.amazon.com/cn/solutions/aws-landing-zone/

23. AWS Control Tower 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019

24. Summary 2019.02.19 AWS Multiple Account Management AWS Community Day Nordics 2019 • Reasons for using multiple AWS account • AWS multiple account management • AWS Landing Zone • AWS Control Tower

25. AWS Multiple Account Management AWS Community Day Nordics 20192019.02.19

26. Thank You AWS Multiple Account Management AWS Community Day Nordics 20192019.02.19

27. 2019.02.19

Editor's Notes

5M
15MIN
22M

AWS Multiple Account Management

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to AWS Multiple Account Management

Similar to AWS Multiple Account Management (20)

Recently uploaded

Recently uploaded (20)

AWS Multiple Account Management

Editor's Notes