an introduction to aws govcloud (us) | aws public sector summit 2016
TRANSCRIPT
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Keith Brooks, Sr. Business Development Manager, AWS
An Introduction to AWS GovCloud (US)
June 20, 2016
AWS Cloud adoption in the Public Sector
Government Agencies Education Institutions Nonprofit Organizations
2,300 7,000 22,000
AWS global infrastructure
12 Regions
33AvailabilityZones
56EdgeLocations
AWS GovCloud (US) is an isolated AWS region
Intended for customers with strict regulatory and compliance requirements and sensitive data or workloads
August 2011Available to qualified customers
ComplianceSafeguard sensitive data/systems
Addresses multiple US Government regulations and security requirements
AWS GovCloud (US) distinguishing features
Separate IAM (unique credentials)
Data, network, and machine isolation from other regions
Dedicated GovCloud Management Console
AWS GovCloud (US) distinguishing features
“Community Cloud” with vetted account holders
Managed by US Persons on US soil
Requirements for access to AWS GovCloud (US)
Account holder must be a US Person (defined as a US citizen or a Green Card holder)
US entity incorporated to do business in the United States and is based on US soil
Can handle export control data
Learn more: https://aws.amazon.com/govcloud-us/getting-started/
GovCloud is all about “compliance in the cloud”
SP 800-53 (rev 4) and SP 800-171
Fit for Controlled Unclassified Information (CUI)
Agriculture Copyright Critical infrastructure
Export control Financial Immigration
Intelligence Law enforcement Legal
Nuclear Patent Privacy (PII)
Proprietary (IP) Statistical (census) Tax
Transportation
Many customers use GovCloud for all categories of CUI
Evolution of AWS GovCloud (US) 2011-2014
Amazon VPC
Amazon EC2
Amazon EBS
2011 2012 2013 2014
Amazon IAM
Amazon S3
Evolution of AWS GovCloud (US) 2011-2014
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Command Line
Interface
2011 2012 2013 2014
Auto Scaling
Amazon RDS
Amazon SQS
Amazon SNS
Amazon IAM
Amazon S3
Evolution of AWS GovCloud (US) 2011-2014
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Command Line
Interface
AWS Elastic MapReduce
AWS Management
Console
2011 2012 2013 2014
Auto Scaling
Amazon RDS
Amazon SQS
Amazon SNS
Amazon IAM
Amazon S3Amazon SWF
Amazon DynamoDB
Evolution of AWS GovCloud (US) 2011-2014
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Command Line
Interface
AWS Elastic MapReduce
AWS Management
Console
Second Generation
Instance Families
Amazon Glacier
Amazon EC2 VM Import
Service Health Dashboard
2011 2012 2013 2014
Auto Scaling
Amazon RDS
Amazon SQS
Amazon SNS
Amazon IAM
Amazon S3Amazon SWF
Amazon DynamoDB
Amazon Redshift
AWS CloudTrail
Amazon VPC Peering
Accelerated pace of service launches in 2015/16
Q1 2015 Q2 2015 Q3 2015 Q4 2015
RDS Integration with CloudTrail
Trusted Advisor
EMR Support for C3,
R3, and I2
Key Management
Service
KMS encryption
integration
CloudWatch
Actions
Direct Connect
VPC Endpoints for S3
Glacier: Vault Lock,
Tagging, Access Policies
D2 Instance Type
S3 Lifecycle
Management
CloudTrail Lookup
ElastiCache
EC2 VM Export
CloudHSM
Mobile SDK
CloudWatch Logs
VPC Flow Logs
CloudTrail integration
with CloudWatch Logs
GovCloud Auto Sign-Up
10+ significant services and features launched 2016 YTD
AWS GovCloud (US) Adoption: 2011-2015
221% YoY growth since launch(Q4 2011 to Q4 2015)
2011 2012 2013 2014 2015
Various types of enterprises use GovCloud
US GovernmentFederal, state, and local
Consulting firms and systems integrators
Technology firms and ISVs
Education institutions
Researchorganizations
Regulated industries(Aerospace, Defense, Energy,
Manufacturing, Healthcare)
Nonprofit organizations
Managed service providers
GovCloud users share common characteristics
Sensitive data and applications
Strict regulatory and compliance requirements
Restricted, community cloud preference
AWS Cloud platform
A robust and growing AWS partner ecosystem
Consulting/SI Technology
Announced today: AWS GovCloud (US) Skill Program
Example workloads customers run on GovCloud
Web applicationsand websites
Backup and recovery
Archiving Disaster recovery Development and test
Big data High-performance computing
Business applications Enterprise IT Mobile
Learn more about customer use cases today
3:45 PMMigrating a US Army Application to AWS GovCloud (US)
4:45 PMCSRA’s Migration to AWS GovCloud (US): An All-In Case Study
How to get started with AWS GovCloud (US)
Best practice: Create a new AWS account for GovCloud use
1. Sign in to the standard AWS Management Console as root user2. Navigate to the Account Settings page3. Choose the Sign up for AWS GovCloud (US) button and then follow the
instructions that appear.
Resellers contact your AWS business representative to get started
Important things to remember
AWS GovCloud (US) is physically and logically isolatedSeparate AZs, Management Console, IAM stack, and service endpoints
AWS GovCloud (US) is not just for the US GovernmentAvailable to qualified contractors and organizations in regulated industries
Remember the AWS Shared Responsibility ModelLeverage services like VPC, IAM, KMS and CloudHSM to secure sensitive workloads and manage access to sensitive data
Learn more about AWS GovCloud (US)
AWS GovCloud (US) webpagehttps://aws.amazon.com/govcloud-us/
AWS GovCloud (US) User Guidehttp://docs.aws.amazon.com/govcloud-us/latest/UserGuide/welcome.html
Keith BrooksAWS GovCloud (US)
Sr. Business Development [email protected]
Thank You