compliance - amazon web servicesaws-de-media.s3.amazonaws.com/images/aws_summit_2018/june… · ©...

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Dimitrij Zub

Lead of Partner Solutions Architecture, Amazon Web Services

Rodrigue Vitini

Director of Solution Architecture,T-Systems Digital Division

Compliance | Amelia

Programmed Governance and how to deliver secure and compliant accounts

with a click.

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 1An MSP journey

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

“I need help migrating, running, and optimizing my AWS workloads.”

Plan & design

Build & migrate

Run & operate Optimize

The AWS Next Gen MSP experience

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Business health & management

Solution design

Infrastructure & application migration

Security managementBilling & cost management

Process & cost optimization

Customer obsession

Service desk & customer support DevOps & automation

SLAs & reporting

Fit for customer requirements

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 2Preparation

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Cloud Adoption Framework

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Cloud Center of Excellence

Build a cloud practice based on nourishing a learning appetite

§ Training Center for AWS Certified Solution Architect§ Regular know-how exchange webinars§ Sandbox for internal tests and labs§ Regular Architecture Board Review

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 3Mode 1 versus Mode 2

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Where to start?

§ Outsourcing mentality§ Inherited from ITSM§ All implemented in Ops§ Governance > Business§ Say no first…§ …then open a ticket

Mode 1 § Cloud native mentality§ Developers driven§ DevOps model§ Business > Governance§ All rights granted…§ …then you’re on your own

Mode 2

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Where to go?

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

How to get there, following AWS Well-Architected?

source: https://aws.amazon.com/de/architecture/well-architected/

Operational Excellence

Security

Reliability

Performance Efficiency

Cost Optimisation

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 4Getting Started

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Scope of Work and Guidelines

§ Use AWS native tools§ Infrastructure as a Code§ Automate all you can§ Security as a script§ Encrypt everything§ Loosely coupled

systems§ Deliver in 5 minutes

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Challenges to integrate a Public Cloud

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Security as a Code - by Design and by Default

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Shifting to Mode 2

§ Who are the customers ?§ Benefits of admin rights ?§ How to protect our

configuration ?§ Why should tickets be opened ?§ What is meaningful to automate

?

CheckAct

Plan Do

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 5Delivery time

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Automated Provisioning Engine

CloudFormation

AWSCloudTrail

Lambda functions

IAM

AWS KMS

Amazon CloudWatch

AWSConfig

flow logs

Step Functions

AmazonSNS

AmazonS3

AWSLambda

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Security as a CodeProactive and Reactive Control

Automated Policy Injection

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Billing and Cost Management Transparency and cost control

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Demo PageProject “Cheyenne Shepherd”

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Chapter 6Conclusion

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Lessons LearnedFrom working with AWS People and Technology

§ Write 6 pagers, all the time§ Log on every day§ Start small, think big§ Test with friendly customers§ Fail fast, keep learning§ Have fun, be inspired!

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

AWSLead of Partners Solution Architecture

Dimitrij ZubT-SystemsDirector of Solution ArchitectureEmail: r.vitini@t-systems.com

Rodrigue Vitini

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.