aws business essentials
TRANSCRIPT
Welcome to:
AWS Business Essentials
Why Organizations Are Moving
to the Cloud
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Customers
Over a million customers running every imaginable use case
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
900+ Government Agencies
3,400+ Education Institutions
11,200+ Nonprofits
What is Cloud Computing?
"Cloud Computing" refers to the on-demand delivery of IT resources and
applications via the Internet with pay-as-you-go pricing.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Increased Agility
Speed
Experimentation
Culture of innovation
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Hotels Music Storage Magazines
Agility: Speed
Go global in minutes.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Why Agility Matters: Experimentation
To invent you must experiment often and fail with lower
risk. With AWS you can:
• Spin up servers in minutes for experimenting
• Return or repurpose servers for other experiments
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Increase Innovation
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Experiment quickly with low cost and low risk.
On-Premises
• Experiment infrequently
• Failure is expensive
• Less Innovation
• Experiment often
• Fail quickly at a low cost
• More Innovation
$ Millions Nearly $0
Agility and Instant Elasticity
Quickly deploy new applications.
Instantly scale up as the workload grows.
Instantly shut down resources that are no
longer required.
Scale down and don’t pay for the infrastructure.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Easily Scale Up and Down
Case Study: Airbnb
150,000 people are hosted on any given night.
A five-person team runs the entire IT operations infrastructure on AWS.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Case Study: Airbnb
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Total number of guests
15M
12M
9M
6M
3M
January 2013
4 Million
Mar 2009 Sep 2009 Mar 2010 Mar2011 Sep 2011 Mar 2012 Sep 2012 Mar 2013 Sep 2013 Mar 2014
Case Study: Airbnb
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Total number of guests
Up by over 10 million in one year
15M
12M
9M
6M
3M
June 2014
15 Million
Mar 2009 Sep 2009 Mar 2010 Mar2011 Sep 2011 Mar 2012 Sep 2012 Mar 2013 Sep 2013 Mar 2014 Jun 2014
Case Study: Airbnb
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Total number of Amazon EC2 instances
1,400
1,050
700
350
1,300
2010 2014
0
432
48
Pay For Infrastructure As You Need it, Not Upfront
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
On-Premises
No upfront cost
Pay as you go
Lower Total Cost of IT
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Scale allows AWS to
constantly reduce costs.
AWS is comfortable
running a high volume,
low margin business.
AWS passes the
savings along to
customers in the form
of low prices.
You Don’t Need to Guess Capacity
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Self
HostingWaste
Customer
Dissatisfaction
Actual demand
Predicted Demand
Rigid Elastic
Actual demand
AWS
Remove Waste – Focus on the Business
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS
Cloud-Based
Infrastructure
Your
Business
More Time to Focus on
Your Business
Configuring
Your Cloud
Assets
70%
30%70%
On-Premises
Infrastructure
30%
Managing All of the
“Undifferentiated Heavy Lifting”
Only 30% of your time should be spent architecting for the cloud and configuring your assets.
Topic Summary
Increase speed and agility.
Go global in minutes.
Benefit from massive economies of scale.
Eliminate guessing on infrastructure capacity needs.
Focus on projects that differentiate your business, not
on managing the assets of your infrastructure.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Why AWS?
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Partner Ecosystem
Thousands of consulting, systems
integrator and technology, and
independent software vendor partners.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Marketplace
23 product categories
More than1,900 listings
More than 70 million hours of AWS
Marketplace software per month.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Marketplace allows customers to discover, evaluate and purchase IT and
business software optimized for the AWS Cloud.
AWS Platform Breadth
A broad and deep platform helps
customers build sophisticated,
scalable applications.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Global Infrastructure
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Regions
AWS Edge Locations
Support Virtually Every Use Case
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Pace of innovation Robust platform and geographic breadth
Continual Iteration and Innovation
AWS continuously upgrades infrastructure, so you don’t have to
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
On-Premises Infrastructure
Upgrades are the
customer’s responsibilityUpgrades happen
automatically
Cost Savings and Flexibility
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
1
Replace up-front
capital expense with
low variable cost
2
Continual Price
Reductions
Economies of scale
allow AWS to continually
lower costs
4
Save more money as
you grow bigger
Tiered Pricing
Volume Discounts
Custom Pricing
3
Pricing model choice
to support variable &
stable workloads
The AWS Price Reduction Philosophy
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS can take the efficiencies gained
from its global scale and pass that on to
customers in the form of lower prices.
Topic Summary
AWS Partner Ecosystem provides support for customers
to build a successful cloud business.
AWS Marketplace - immediately use software and
services that run on AWS.
AWS Platform is broad and deep and supports virtually
every use case.
AWS Pricing Philosophy takes the efficiencies gained
from its global scale and passes it on to customers in
the form of lower prices.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
How Enterprises Are Using
the Cloud
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
How Enterprises Use AWS
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Migrate existing apps &
data to the cloud
Build new apps, sites,
services & lines of
businesses
Augment On-Premises
resources with cloud capacity
(Hybrid Architecture)
Development and Testing
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Customers can get comfortable with the AWS platform and business model.
SAP ERP systems, at 70%
savings
Oracle environment
SharePoint and SAP
environment
New apps for faster
provisioningDevelopment & testing of new
software products
Supports 1,000
developers
Altogether New Applications
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Product Prototyping & DesignVideo Streaming Hotel Booking
Diagnostics Player Tracking Analytics
Leverage the AWS platform to develop entirely new, innovative applications.
Websites & Digital Transformation
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Analytics
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Data Analysis
Social Media Campaign Analytics
Hard Drive DesignManufacturing Quality Improvement
Pension Risk AnalysisGame and Social Analytics
Mobile
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Mobile push notificationsCloud-connected trucks App store
Mobile services and analytics Web and mobile site Apps for cabin crew staff
Business Critical Production Applications
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Solvency simulationsFleet managementNational retail banking
SAP HANA HR and legal apps SAP Business Suite
Migrating Datacenters
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Entire data center migration is now happening more and more.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
All-In Migrations
Enterprises
Independent Software
Vendors
More Than Two Choices
Enterprises are concerned that there are only two choices.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Build your own datacenter
on-premises
Replace infrastructure
with AWS
The Cloud Isn’t An “All or Nothing” Choice
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Corporate Data
Centers
On-Premises
ResourcesIntegration
Cloud
Resources
AWS Support for Hybrid IT Architectures
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Corporate Data
Centers
Your On-Premises Apps Your Cloud Apps
Active Directory
Network Configuration
Encryption
Backup Appliances
Users & Access Rules
Your Private Network
HSM Appliance
Cloud Backups
AWS Identity & Access Mgmt.
Amazon Virtual Private Cloud
AWS Cloud HSM
AWS Storage Gateway
AWS Direct Connect
Integration with On-Premises Resources
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Integrated
networking
Integrated
access control
Integrated
cloud backup
Single pane
of glass
What Are Customers Really Looking For?
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Private
network
Private
compute
Private
storage
Private key
management
Governance
Customer Testimonial: Mortar
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
”
“ Without AWS we
would have needed
to raise $7.1M to
launch instead of
$1.8M
Customer Testimonial: Commonwealth Bank
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
”
“We’ve halved
storage costs of
millions of dollars.
Customer Testimonial: U.S. Navy
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
”
“ The move could
save the Navy as
much as 60% versus
the cost of hosting
or managing data in
its own data centers.
Topic Summary
Companies use AWS in 3 main ways:
• To augment the IT capacity they run in their own
data center.
• To move existing workloads from their own data
center into the cloud.
• To build entirely new projects, applications, web
apps, and services.
AWS supports hybrid IT architectures.
Customers maintain the control over their resources.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module 2: Using The AWS Platform
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module Overview
Module 2 establishes a foundational level of
knowledge of the AWS platform, its
capabilities, and how it can be used in different
application scenarios.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Learning Objectives
This module is designed to teach you about:
The AWS global infrastructure
Featured AWS services and service categories.
Ways that many of the service categories are being used.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The AWS Global Infrastructure
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Platform
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Enterprise
ApplicationsVirtual
Desktop
Sharing and
Collaboration
Platform
Services
Analytics
Hadoop
Real-Time
Streaming
Data
Data
Warehouse
Data
Pipelines
App Services
Queuing and
Notifications
Workflow
App
Streaming
Transcoding
Search
Deployment and Management
One-Click
Web App
Deployment
Dev/Ops Resource
Management
Resource
Templates
Mobile Services
Identity
Sync
Mobile
Analytics
Push
Notifications
Administration
and Security
Identity
Management
Access
Control
Usage
Auditing
Key
Storage
Monitoring
And Logs
Core
ServicesCompute Storage CDN Databases Networking
Infrastructure Regions Availability Zones Points of Presence
AWS Global Infrastructure
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
11 Regions | 28 Availability Zones | 53 Edge Locations
As of March 2015
http://aws.amazon.com/about-aws/globalinfrastructure/
Regions, Availability Zones
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
US Regions
AZ - A AZ - B
GovCloud (US)
AZ - A AZ - B
AZ - C AZ - D
US East (VA)
AZ - A AZ - B
US West (CA)
AZ - A AZ - B
AZ - C
US West (OR)
Note: Conceptual drawing only. The number of Availability Zones (AZ) may vary.
Global Regions
AZ - A AZ - B
AZ - C
EU (Ireland)
AZ - A AZ - B
South America
(São Paulo)
AZ - A AZ - B
Asia Pacific
(Sydney)
AZ - A AZ - B
Asia Pacific
(Singapore)
AZ - A AZ - B
AZ - C
Asia Pacific
(Tokyo)
AZ
China (Beijing)
AZ - A AZ - B
EU (Frankfurt)
AWS Expansion
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
• $7B retail business
• 7,800 employees
• Lots of servers
2003: Amazon.com 2015:
• Every day, AWS adds
enough server capacity to
power this $7B enterprise.
Topic Summary
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The AWS platform is a very broad and robust technology that offers more
functionality than you will find anywhere else.
The AWS data center footprint is global—spanning five continents—with
highly redundant clusters of data centers in each region.
This global infrastructure forms the basis of all other layers of the AWS
cloud computing platform.
AWS Core Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon Web Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Core
Services
Platform
Services
Enterprise
Applications
Analytics App Services Deployment and Management Mobile Services
AWS Data
Pipeline
AWS
CloudTrailCloudWatch
AWS
CloudFormation
Elastic
Beanstalk
ElastiCacheAmazon
Redshift
Amazon
RDSDynamoDB
Amazon
CloudSearch
Amazon
SES
Amazon
SWF
Elastic
Transcoder
Amazon
Kinesis
Amazon
EMR
IAM
AWS
OpsWorks
Compute Networking DatabaseStorage
CloudFront
Amazon
Glacier
Amazon S3
Amazon
EBS
Auto ScalingAmazon
Route 53
Elastic Load
BalancingAWS Direct
Connect
Amazon VPC
Amazon EC2
Amazon
WorkSpaces
Amazon
WorkDocs
Amazon
SNS
Mobile
Analytics
Amazon
Cognito
AWS Compute Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Actual
EC2
Amazon EC2 Elastic Load BalancingAuto Scaling
Web service
providing resizable
compute capacity
Automatically scale
Amazon EC2
capacity up or down
Automatically distribute
traffic across multiple
Amazon EC2 instances
Broadest Collection of Instance Types
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
GPU
Enabled
General
Purpose
Storage and IO
Optimized
Compute
Optimized
Memory
Optimized
M3 C4 I2 HS1 R3G2
M3 C3 I2 G2
CG1M1 C1 CR1CC2 HI1 HS1 M2
Added
Instance
Types
Instance Types
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Type Description
General Purpose (M3) • Balance of compute, memory, and network resources.
Compute Optimized (C4) • Highest performing processors and the lowest price/compute performance.
Memory Optimized (R3) • High speed video encoding. Super fast databases.
GPU (G2) • Graphics and general purpose GPU (Graphics Processing Unit) compute
applications.
Storage Optimized (I2) • Transactional systems, high-performance NoSQL databases.
• Very fast SSD-backed instance. High IOPS at low cost.
High Storage Density (HS1) • Very high storage density.
• Technical computing to grid deployments to analytics workloads.
T2 • Low cost with burstable performance.
• Reduced costs for modest-demand apps that benefit from bursts of power.
Storage
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon EBS
Block storage
for use with Amazon
EC2
EBS
Amazon Glacier
Low cost storage
for archiving and
backup
AWS Storage Gateway
Integrates on-
premises IT and
AWS storage
Images
Videos
Files
Binaries
Snapshots
S3,
Glacier
Amazon S3
Images
Videos
Files
Binaries
Snapshots
A durable, scalable
object store
Amazon Simple Storage Service (S3)
Store any amount of data.
Amazon S3 holds trillions of objects.
Highly durable.
99.999999999% of durability.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon Elastic Block Store (EBS)
Consistent performance with the ability to burst
up to 3,000 IOPS
SSD backed: the new default for Amazon EC2
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
EBS General Purpose Solid State Drive (SSD)
AWS Case Study: Pinterest
Challenge
• Rapidly expanding users
• Dedicate staff to business, not data center
Why AWS?
• Amazon S3 storage capacity
• Amazon EC2 compute power
• Auto Scaling scale up or down
• Amazon EMR big data analysis
Benefits
• Able to scale its business
• Store 8 billion objects; 400 terabytes of data
• 225,000 instance hours a month
• Big data analysis capability
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
“Being in the cloud and being
able to scale up and down
throughout the day or scale up
very quickly and have that
balanced across multiple
availability zones throughout
the world …that is what makes
AWS very cost-effective.”
Ryan Park
Technical Operations and
Infrastructure Lead
Watch the video
Database Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon RDS
Managed relational
database service
Amazon ElastiCache
In-memory caching
service
Amazon DynamoDB
Managed NoSQL
database service
DBA
Amazon RDS
For Aurora
Newest MySQL-
compatible relational
database engine
Networking Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon VPC
Private, isolated
section of the AWS
cloud
Amazon Route 53
Domain Name
System (DNS) web
service
AWS Direct Connect
Private connectivity
between AWS and your
data center
Availability
Zone BAvailability
Zone A
High Performance Cloud Network
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
High packets-per-
second performanceLow jitter Amazon EBS–optimized
instances
Physical placement
optimizationVirtual network interfacesHigh throughput,
low latency
Network Case Study: Pfizer
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
”
“ Challenge
• To handle peak computing needs beyond the
dedicated high performance computing systems
Why AWS?
• Additional level of security
• Ability to integrate with other aspects of
infrastructure
Benefit
• Cost avoidance: able to scale up without investing
in additional hardware for peak loads
• Able to invest in other business activities
The Amazon Virtual Private
Cloud was a unique option that
offered an additional level of
security and an ability to
integrate with other aspects of
our infrastructure.
Dr. Michael Miller
Head of HPC for R&D
Topic Summary
AWS compute services provide resizable compute capacity that can automatically scale up or down.
AWS storage services provide low-cost data storage with high durability and availability for block store, archiving, and backup that integrates with on-premises IT.
AWS database services provide fully managed relational and NoSQL database services, fully managed in-memory caching as a service, and a fully managed petabyte-scale data-warehouse service.
AWS provides a range of networking services that enable you to create a logically isolated network that you define.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Administration and Security
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Case Study: FINRA
Challenge
• To respond to rapidly changing market dynamics
• Analyze and store 30 billion market events every day
Why AWS?
• Level of functionality at the right layers
• Fulfilled security requirements
• Automated infrastructure deployment
• Big Data processing with Amazon Elastic MapReduce and Amazon S3
Benefits
• Agility and speed
• Cost savings: 10-20 million annually
• Transforming technology and culture
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Watch the video
Comprehensive Security Capabilities
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
PHYSICAL
NETWORK
SYSTEM
PEOPLE AND PROCESS
Familiar
security modelCustomer
ecosystemEvery customer
benefits
Partner
ecosystem
AWS Gives You Control
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Secure compute Secure storageSecure network Governance
Software-
defined private
network
Fine-grained
access roles
and groups
Encrypted
object storage
Private
encryption key
management
Geographic
data locality
Dedicated
private network
connection
Software-
defined network
isolation
Encrypted
block storage
Integrated with
AWS products
Fine-grained
access control
Dedicated
instances
Single tenant
block storage
Built-in auditing In-depth audits
Secure key
management
Identity and Access Control
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS
CloudHSM
Dedicated
hardware security
module
appliances
AWS IAM (Identity
and Access Mgmt)
Manage users,
groups, and
permissions
AWS Directory
Service
Connect existing
on-premises MS
Directory or set up
new standalone
Monitoring and Usage Auditing
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon
CloudWatch
Monitor
resources
AWS CloudTrail
Records AWS API
calls for your
account
Topic Summary
AWS has a broad set of identity and access control services that allow
you to manage users, groups, and permissions, connect or set up
Microsoft directories.
AWS provides on-demand infrastructure while also ensuring the security
isolation that customers are accustomed to in their existing, privately
owned environments.
AWS provides security control and governance across the network,
compute and storage services.
AWS has a number of monitoring and auditing capabilities.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Platform Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Analytics
Hadoop
Real-Time
Streaming
Data
Data
Warehouse
Data
Pipelines
App Services
Queuing and
Notifications
Workflow
App
Streaming
Transcoding
Search
Deployment and Management
One-Click
Web App
Deployment
Dev/Ops Resource
Management
Resource
Templates
Mobile Services
Identity
Sync
Mobile
Analytics
Push
Notifications
Analytics
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon
Kinesis
Amazon
RedshiftAmazon Elastic
MapReduce
Process large
amounts of data
Fast, powerful,
petabyte-scale data
warehouse
Real-time data
stream processing
Analytics Case Study: Nokia
Challenge
• The volume of data became too large for a
traditional relational database
• Scale the database and generate reports
Why AWS?
• Using Amazon Redshift, run queries twice as
fast as its previous solution
Benefits
• Use business intelligence tools to mine and
analyze big data at a 50% cost savings
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
“AWS takes a lot of
the burden out of
having to managethe database…a huge
savings in terms of
staff and expertise.”Greg Johnson
Head of Analytics
Nokia
Nokia’s Xpress Internet Services platform provides mobile Internet services for
emerging global markets.
Analytics Case Study: Major League Baseball
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Challenge
• Lots of data to be processed and delivered
• Systems need to evolve quickly
• Ever-increasing data set
Why AWS?
• Push notifications and media tracking running in
AWS
• Flexibility and speed to market are critical
• Most reliable and robust cloud provider
Benefits
• Able to spin up compute capacity to process 17 PB
of game data per season
• Reduce capacity to lower costs during off-season
• Flexibility and speed-to-market for Statcast platform
Amazon Kinesis
Amazon Redshift
AWS Direct Connect
Watch the video
Application Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon Simple Email Service (SES)
Amazon
Simple Queue Service
(SQS)
Amazon Simple
Notification Service
(SNS)
Amazon
AppStream
Amazon
CloudSearchAmazon
Elastic Transcoder
Deployment and Management
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Elastic
Beanstalk
AWS
OpsWorksAWS
CloudFormation
Templates to deploy
and manage
DevOps framework
for application
lifecycle management
Automate resource
management
Mobile Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
H
i
!
Amazon
Cognito
Amazon
Mobile Analytics
Amazon
SNS
User identity and data
synchronization
service
Collect, visualize,
and understand app
usage data
Fully managed push
messaging service
Mobile Case Study: Concrete Software
Challenge• A seamless user experience across devices
and platforms
• Store and save games in the cloud and
synchronize across all of a user’s devices
without creating or hosting a backend
Benefits• Users securely access AWS resources.
• Flexibility to save data in the cloud, cache it
on a user’s devices, without managing any
backend infrastructure
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Concrete Software has been making hit mobile games
like Jellyflop and PBA Bowling Challenge since 2003.
With Amazon Cognito, We
can build games much faster
and provide great user
experience to our customers.
Keith A. Pichelman
CEO, Concrete Software
”
“
Enterprise Applications
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Enterprise Applications
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon
WorkSpaces
Amazon
WorkDocs
Virtual desktop
in the cloud
Secure enterprise
storage and sharing
Amazon
WorkMail
Business email and
calendaring service
in the cloud
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Topic Summary
Customers from many different industries are taking advantage of AWS to
perform big data analytics and meet the challenges of the increasing
volume, variety, and velocity of digital information.
Amazon Web Services offers you a variety of managed services to use
with your applications: application streaming, queueing, push notification,
email delivery, searching, and transcoding.
Amazon Web Services provides you with services to help with the
deployment and management of your applications.
Amazon mobile services help you securely manage and synchronize app
data for your users across mobile devices.
Module 3: Cloud Financials
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module Overview
Module 3 discusses the multiple ways AWS helps you
reduce your overall IT costs as well as the financial impact
the AWS cloud can have on an organization’s procurement
cycle, cost management, and contracts.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Learning Objectives
This module is designed to teach you about:
The economic benefits of AWS.
The AWS pricing principles.
The Total Cost of Ownership (TCO) Calculator
The AWS Simple Calculator
The impacts to the procurement cycle change as a result of migration to the cloud.
The impacts to vendors and contract terms.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The Economic Benefits of AWS
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Reducing Cost and Increasing Business Value
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Pay-as-you go model
Lower overall costs
Stopguessing capacity
Agility / speed /
innovation
Avoid undifferentiated
heavy lifting
Go global in minutes
✔ ✔ ✔ ✔ ✔ ✔
On-premises/
colocation x x x x x x
Cost Reasons Business Value
Reasons
Total Cost of Ownership (TCO)
Acquisition
Operating costs
Decommissioning / retiring systems
Opportunity cost
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
TCO Definition: the entire set of acquisition and operating costs for running an
infrastructure environment end-to-end.
1
Replace large upfront
expenditures with pay
as you go and only for
what you use.
3
Save more money as
you grow bigger
Tiered Pricing
Volume Discounts
Custom Pricing
2
Pricing model choice
to support variable &
stable workloads
On-Demand
Reserved
Spot
How can you achieve lower TCO with AWS?
AWS Enables Lower TCO Than On-Premises Environments
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Utilization fundamentally higher in
AWS cloud• Aggregating non-correlated workloads,
scale, spot market
Amazon specific hardware designs• OEM (original equipment manufacturer)
acquisition of custom servers & net gear
• Direct purchasing of disk, memory, & CPU
• AWS controlled hypervisor & net protocol
layers
AWS Immense scale• New data centers built each year
• Volume purchasing, highly automated,
supply chain optimizationTraditional
Data CenterVirtualized
Data Center
UPFRONT
COSTS
VARIABLECOSTS
VARIABLE COSTS
AWS
UPFRONT
COSTS
UPFRONT
COSTS
VARIABLE COST
Cost savings from running
internal IT more efficiently
Cost savings from moving
to a public cloud provider
Initial Questions to Consider When Exploring TCO
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Operations
Utilization
Capacity
Planning
Optimization
1
2
3
4
• How do you plan for capacity?
• How many servers have you added in the past year? Anticipating next year?
• Can you switch your hardware on and off and only pay for what is used?
• What is your average server utilization?
• How much do you overprovision for peak load?
• Will you run out of data center space some time in the future?
• What was your last year power utility bill for the Data Center(s)?
• Have you budgeted for both average and peak power requirements?
• Are you on AWS today?
• Is your architecture cost-optimized (Auto Scaling, Reserved Instances, Spot, Instances turn on/off)?
Traditional Capacity Planning
Limitations of traditional data centers:
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Inflexible physical assets Costs are never in sync
Migration and expansion
costs are high
Cost of unexpected
inefficiencies
Inflexible Physical Assets
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Large up-front spending
Costs driven by peak, not average
infrastructure requirements
Typically under-utilized environment
Costs are Never In Sync
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Many cost elements
Industry technology cycles
Timing of upgrades and refresh
Changes in networking technology
and virtualization
Migration and Expansion Costs
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Per rack cost on an unplanned move
Cost of an incremental move, expansion, or
large scale event
Business continuity strategy
New global market
Rapid, unexpected growth
Unexpected Inefficiencies
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Under-deployment, over-deployment
Unexpected high demand or low demand
Non-optimal, non-scalable
No Capital Intensive Infrastructure
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
On-Premises (or Co-location) AWS Cloud
Physical space
Cabling
Cooling
Power
Networking
Racks
Servers
Storage
Certification
Labor
No infrastructure to
build to get started
TCO CalculatorCompare the cost of running your applications in an on-premises or colocation
environment to AWS
Environment Region Servers Virtual Machines Storage
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Three Steps to Comparing TCO
Using the TCO Calculator
1. Describe your existing or
planned on-premises or hosting
infrastructure in four steps, or
enter detailed configurations.
2. Get an instant summary
report which shows you the
three year TCO comparison by
cost categories.
3. Download a full report
including detailed cost
breakdowns or save the report
to share with others.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Customers Are Realizing Lower TCO
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
“If we were to use the traditional on-premises data center, we would have spent $34
million dollars in hardware and maintenance expenses during the first two years. With
AWS cloud, we met our reliability and performance objectives at a fraction of the cost.”
– Mr. Chun Kang, Principal Engineer, Samsung
”
“$34 million saved in
the first two years
AWS Customers Are Realizing Lower TCO
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The AWS-based infrastructure has decreased the publication’s overall monthly operating costs
by 75%. The publication has also been able to streamline its system administration personnel
by approximately 50%.”
– Nathan Butler of The Newsweek/Daily Beast Company
Decreased monthly
operating costs by 75%
”
“
Customer Spotlight: Dow Jones Intl.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
TCO analysis is crucial in making a favorable business case
• From over 40 data centers down to 6
• Migration of thousands of applications
• Estimated saving $100M over 3 Years
1. Evaluate infrastructure
costs & architecture
VS
2. Make business case 3. Enable decision to
move to the cloud
Topic Summary – Economic Benefits of AWS
AWS’ economies of scale provide direct cost benefits to customers.
Customers can move away from a traditional emphasis on heavy capital spending on infrastructure to low variable expense.
Customers gain improved flexibility to grow (or contract) with a lower overall TCO.
Use the TCO Calculator to compare the cost of running your applications in an on-premises or colocation environment to AWS.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Pricing Principles
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Pricing Principles
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Pay as you go
Pay less by using more
Pay less when you reserve
Pay less when AWS grows
Customers pay for exactly the amount of resources that they actually use
No up-front investment
Pay per use
Demand-driven operating model for IT
Customers pay for exactly what they use
Customers do not pay for unutilized feature or services
Charge is based on infrastructure and services consumed
Customers have control of how they utilize AWS products and services, which leads to control over cost expenditures
Turn cloud resources off and on
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Metered, Pay As You Go
Pricing Model
Pay Less Per Unit When You Use More
Volume discounts on overall bill when revenue hits certain thresholds.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
$0.030
$0.030
$0.029
$0.029
$0.028
$0.028
<1 TB <50 TB 50-500 TB 500-1000TB
1000-5000TB
>5000 TB
$0.12
$0.09
$0.07
$0.05
1-10 TB 10- 50 TB 50- 150 TB 150 - 500 TB
Storage (S3)
Tiered Pricing
Data Transfer (Bandwidth)
Tiered Pricing
Pricing as of February 2015
Compute Purchasing Models
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
On-Demand
Pay for compute
capacity by the hour
with no long-term
commitments
For spiky workloads,
or to define needs
Reserved
Make a low, one-time
payment and receive a
significant discount on
the hourly charge
For committed
utilization
Spot
Bid for unused capacity,
charged at a Spot Price
which fluctuates based
on supply and demand
For time-insensitive or
transient workloads
Dedicated
Launch instances within
Amazon VPC that run
on hardware dedicated
to a single customer
For highly sensitive or
compliance related
workloads
Free Tier
Get Started on AWS
with free usage & no
commitment
For POCs and
getting started
Reserved Instances (RI)
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
For example:
Reserve capacity for one or three years
Pay a low, one-time fee for the capacity reservation
Receive a significant discount on the hourly charge for your instance
Reserved Instance Payment Options Explained
No Upfront option:
• Up to a 55% discount compared to On-Demand
• Does not require upfront payment
• Low hourly rate for the RI on an ongoing hourly basis
Partial Upfront option:
• Balances the payments of an RI between upfront and hourly
• Provides a higher discount (up to 76%) compared to the No Upfront option
• Pay a very low hourly rate upfront for every hour in the term regardless of usage
With the All Upfront option:
• Highest discount compared to On-Demand (up to 77% off).
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Reserved Instance vs. On-Demand
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
$-
$500
$1,000
$1,500
$2,000
$2,500
$3,000
30% 40% 50% 60% 70% 80% 90% 100%
Utilization Over a Year
m3.xlarge 1yr OD/RI Break Even Utilization
On Demand No Upfront Partial Upfront All Upfront
What are the “break-even” points of each of these options in relation to
purchasing instances On-Demand?
Spot instances
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
What are Spot instances?
• Spare EC2 instances bid on in hourly increments
• One hour at a time
• Behave exactly like a regular instances
Cost Benefits
• Up to 92% off regular on-demand prices per hour
What is the trade-off?
• May be interrupted if that instance is needed for a
EC2 capacity
• No charge for any partial hour due to termination
Spot Pricing Use Case: Honda
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Spot Accelerates Innovation
Scalable Materials Simulations at Honda
Before:
80 in-house HPC nodes, 1 year to complete all needed simulations
After:
Scalable, on-demand HPC cluster on AWS
Up to 1000 Spot Instances, 16,000 cores
Able to run more simulations, faster, with more accurate results
“Cloud offers us an opportunity, as we can innovate faster
than before.”
- Ayumi Tada, IT System Administrator, Honda R&D
The Simple Monthly Calculator
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The Simple Monthly Calculator
Customers can effectively estimate the costs of running their specific project on AWS
http://aws.amazon.com/calculator
Estimate monthly charges based on:
• Architecture
• Usage of each service
• Features for each service in each region
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application• Access the Simple Monthly Calculator
• Choose the right region
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application• Choose the EC2 service from the service options in the left-hand menu of the Simple Monthly Calculator
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application• Add A New Row to add an EC2 server to your estimate
• Determine the number of hours per month the server is likely to run. To determine this, you have a number of choices.
Calculating the Cost of Launching a Web Application
• Select the Instance Type you need and
the Operating System (& Database)
required.
• In this case, we are going to choose an
m3.medium instance packaged with
Windows and Std (Edition) SQL Server.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application
• We plan on running this server
24x7 so we should choose a
pricing model to minimize the
cost of running it.
• 1yr Heavy Reserved Instance
as we anticipate an upgrade of
the application and database
in 12 months and unsure of
the server requirements at that
point in time.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application• Add “persistent” storage to your instance, you should add an EBS (Elastic Block Store) to your instance.
• Click on Add New Row under Storage: Amazon EBS Volumes
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application
• Choose the size of your volume. If you’d like to backup this volume to S3, choose the snapshot size you’d like captured
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application
• There are some other inputs/options you need to consider when providing an estimate for
an EC2 instance.
If you want your instance to maintain the
same IP address even after it has stopped or
been terminated, you should use Elastic IP’s.
AWS will charge for Elastic IP’s if they are
not attached to an EC2 instance.
Data transfer into AWS is free, however, data
transfer out of AWS incurs a charge
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Calculating the Cost of Launching a Web Application
• Click on the Estimate tab at the top of the screen to check estimate..
• To remove Reserved Instance upfront fee and
reveal ongoing monthly estimates, check the box
at the top of the screen.
• To share this estimate, click on the Save and Share button.
• Once completed, a unique URL of your estimate will be created.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Topic Summary – Pricing Principles
Customers pay for the amount of resources that they
actually use.
Customers pay less per unit the more they use AWS.
AWS offers several purchasing models to support different
needs and cost requirements (e.g., for compute: On-
Demand, RI, Spot).
Estimate your monthly bill using the AWS Simple Monthly
Calculator.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Cost Optimization
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Optimizing with AWS
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Choose the right
instance types
Instance Utilization Monitor and turn off
unused instances
Offload architecture Leverage AWS
application services
Leverage AWS tools
Choose the Right Instance Types
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon
CloudWatch
Auto Scaling Current Generation
Instances
Architecture
Review
Instance Utilization
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Stop idle instances Identity
Access Management
(AWS IAM)
Instance Tagging
Reserved Instances and Spot Instances
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Reserved
Instances
Spot Instances Reserved Instance
Analysis Tool
Steady State Workloads Time-insensitive
stateless workloads
Compare on-demand
with reserved instances
Offload Your Architecture
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Reevaluate
Architecture
Leverage AWS
application services
Leverage
AWS tools
AWS Trusted Advisor
Further reduce costs
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
• Inspects your AWS environment
• Recommends opportunities to save money
• Eliminates unused and idle resources
Topic Summary
Use our best practices to optimize for cost on AWS, including:
• Choose the right Instance size
• Auto scaling
• Turn off un-used Instances
• Use Reserved Instances
• Use Spot Instances
• Leverage Storage Classes
Offload your architecture and reduce cost by using application services
(SQS, SES, etc.)
Leverage AWS Tools – Trusted Advisor, EC2 Usage Reports
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Procurement and Contracts
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Simplifying Procurement
AWS empowers customers to be self service
without complex contracts and agreements.
Customers can grow and adapt to their
needs without complex transactions.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS provides customers with a flexible set of tools to simplify procurement.
Understand your organization’s
procurement culture.
The Role of Procurement
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Govern and control purchasing Rationalize the number of vendors
Manage price negotiations Broker relationships
Contract Simplicity
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Simple contractual
model
Flexibility to tailor
contracts
Continual purchases
without amendments or
contract changes
AWS has a single contract available online
Create a customized enterprise agreement
Single Online Agreement
Customers can move swiftly if they decide to
change direction.
Acquire services directly from the website.
Work with AWS with minimal overhead.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Enterprise Agreements
Flexibility – not limited by purchasing, legal,
and contractual constraints.
Discuss the best agreement model.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Larger customers might prefer an enterprise agreement.
Module 4: Security and Compliance
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module Overview
This module discusses the comprehensive AWS
security best practices, capabilities, controls, and
assurances in place to maintain security and data
protection.
Additionally, it discusses the security measures and
areas that the customer is responsible for, what they
need to do to ensure that they are compliant, and the
support AWS can provide to ensure this outcome.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Learning Objectives
This module is designed to teach you about:
The benefits of the pace of innovation of AWS as it applies to security and compliance.
The shared responsibility model.
The robust built-in security features of the AWS platform and services.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Security Innovation
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Platform
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Enterprise
ApplicationsVirtual
Desktop
Sharing and
Collaboration
Platform
Services
Analytics
Hadoop
Real-Time
Streaming
Data
Data
Warehouse
Data
Pipelines
App Services
Queuing and
Notifications
Workflow
App
Streaming
Transcoding
Search
Deployment & Management
1-click Web
App
Deployment
Dev/Ops Resource
Management
Resource
Templates
Mobile Services
Identity
Sync
Mobile
Analytics
Push
Notifications
Administration
and Security
Identity
Management
Access
Control
Usage
Auditing
Key
Storage
Monitoring
And Logs
Core
ServicesCompute Storage CDN Databases Networking
Infrastructure Regions Availability Zones Points of Presence
Rapid Pace of Security Innovation
Security, compliance, governance, and audit-related launches and updates
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
2007 2008 2009 2010 2011 2012 2013 2014
48 6182
159
280
514
Security and Compliance Requirements from Every Industry
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
A Constantly Improving Security Baseline
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Expert Audits: Transparency and Accuracy
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Layers of Security Controls in AWS
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Managed by
AWS
Managed by
customer
Security of the cloud
Security in the cloud
Request reports at:
aws.amazon.com/compliance/#contact
Cross-Service Controls
Service-Specific Controls
Cloud Service Provider
Controls
Optimized
Network/OS/App Controls
Case Study: Vodafone
Payment Card Industry (PCI) and Data Security
Standard (DSS) compliance was essential.
Launched in three months.
Reduced CapEx by 30%.
Deployed to seven channels, including Facebook.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Amazon Web Services was the
clear choice in terms of security.
Stefano Harak
Online Senior Product Manager
Payments
Vodafone built a mobile payment application.
Topic Summary
A third of the features that AWS launches every year
are directly related to security, governance, compliance,
and auditing.
AWS customers also bring their own auditors, each with
their own perspective on how to meet their individual
compliance objectives.
AWS has a constantly improving security baseline.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Security Controls
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Security Shared Responsibility Model
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Watch the Video
Security and Compliance is a Shared Responsibility
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Client-Side Data
Encryption
Server-Side Data
EncryptionNetwork Traffic
Protection
Platform, Applications, Identity and Access Management
Operating System, Network, and Firewall Configuration
Customer applications and content
AWS Foundation Services
Compute Storage Database Networking
AWS Global
InfrastructureRegions
Availability ZonesEdge
Locations
AWS is
responsible for
the security OF
the cloud
Customers
Customers are
responsible for their
security IN the cloud
You Always Have Full Ownership and Control
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS makes no secondary use of customer content.
Manage your privacy objectives any way you want.
Keep data in your format and move it or delete it at any time.
There is no automatic replication of data outside of your
chosen AWS region.
Encrypt your content any way you want.
You Decide Where to Put Your Content and Applications
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Every Network Has Fine-Grained Security Built In
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Av
ailab
ilit
y Z
on
e A
Av
ailab
ilit
y Z
on
e B
Virtual Private Cloud
Your section of the AWS cloud
is private and isolated.
Every VPC has a private IP
address space you define.
Create your own subnets and
control all internal and
external connectivity.
AWS Network Security
AWS network will prevent
spoofing and other common
layer 2 attacks.
Every compute instance gets
multiple security groups
(stateful firewalls).
Every subnet gets network
access control lists (NACL).
Create Multi-Tier Architectures
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Av
ailab
ilit
y Z
on
e A
Jump
hostEC2App Log
E
C
2
Web
Load
balancing
WebWeb
Database
Connect Privately to Your Existing Data Centers
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Create Flexible Multi-VPC Hybrid Environments
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Your organization
Project Teams Marketing
Business Units Reporting
Digital/
Websites
Dev and
Test
Redshift
EMR
Analytics
Internal
Enterprise
Apps
Amazon
S3
Amazon
Glacier
Storage/
Backup
Encrypt Your Sensitive Information
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
DB
A
Amazon Elastic Block Store: Encrypt EBS volumes any
way you like.
Amazon S3: Offers either server or client-side encryption.
Amazon Redshift: 1-click disk encryption as standard.
Amazon RDS: Supports transparent data encryption.
AWS CloudHSM (Hardware Security Module)
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
You receive dedicated access to HSM
appliances.
HSMs are located in AWS data centers.
HSMs are managed and monitored by AWS.
Only you have access to your keys and
operations on the keys.
HSMs are inside your VPC, isolated from the
rest of the network.
HSMs use SafeNet Luna SA HSM appliances.
AWS
CloudHSM
AWS Administrator
Manages the appliance
You
Control keys and
crypto operations
Virtual Private Cloud
AWS Key Management Service
1-click encryption
Centralized key management
(create, delete, view, set policies)
Enforced, automatic key rotation
Visibility into any changes via AWS CloudTrail
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Encryption key management and compliance made easy.
Available, Durable, and Integrated with AWS Products
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Keys stored in
HSMs
Integrated with AWS
products
Highly available and
durable
(e.g., Amazon S3, Amazon EBS,
Amazon RDS, Amazon Redshift)
You Can Enforce Consistent Security on Your Hosts
Use host-based protection software.
• Apply best-practice top five mitigation strategies.
Think about how you will manage administrative users.
• Restrict access as much as you require.
Build out the rest of your standard security environment.
• Connect to your existing services, e.g., SIEM, monitoring, patching.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Control the configuration of your Amazon EC2 compute instances and configure and
harden operating environments to your own specs.
EC2
AMI catalogue Running instance
Your instance
Hardening
Audit and logging
Vulnerability management
Malware and HIPS
Whitelisting and integrity
User administration
Operating system
AWS Service Catalog
A service for discovering and provisioning applications in the cloud.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Admins can create
and share product
portfolios.
End users can
launch a product
as a stack of AWS
resources.
Meet compliance
needs by
department, cost
code of globally
Conduct reporting
and auditing via
AWS CloudTrail
Control Access and Segregate Duties Everywhere
With AWS IAM, you get to control who can do
what in your AWS environment, and from
where.
You get fine-grained control of your AWS cloud
with multi-factor authentication.
Integrate with your existing corporate directory
using SAML 2.0 and single sign-on.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS account owner
Network management
Security management
Server management
Storage management
AWS Trusted Advisor
Over 1.7 million recommendations
More than $300M in estimated cost
savings
37 checks in 4 categories
Now with Free Tier
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Get Consistent Visibility of Logs That You Can Monitor
Full visibility of your AWS environment
• AWS CloudTrail will record access to API calls and save logs in your Amazon S3 buckets, no matter how those API calls were made.
Who did what and when and from where (IP address)
• Support for AWS products
• Easily aggregate all log information
Several log analysis and SIEM tools are available from AWS partners like Splunk and AlertLogic that work with AWS CloudTrail.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS CloudTrail
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS CloudTrail
Follow the API activity history and monitor resources.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS CloudTrail
Review raw JSON output
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS CloudTrail
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS CloudTrail raw data feeds go into Amazon S3
AWS Config
A new resource dependency and auditing service
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
• Designed to help ensure compliance with internal policies and regulatory standards by providing visibility into the configuration of a resource at any time.
Audit and compliance
• Continuously monitor the configurations of resources and evaluate these configurations for potential security weaknesses.
Security and incident analysis
Audit and Troubleshoot Configuration Changes
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Track a continuous stream of resource
configuration changes.
Review full history of all configuration
changes.
Review configuration change impact across
resources.
Spotlight: AWS Config
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS Config
Copy an Instance ID from running instances.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS Config
Paste the Instance ID in the resource ID field.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS Config
View historical data of changes to the Instance.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS Config
View the full configuration of changes.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Spotlight: AWS Config
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
AWS Config data is written to a JSON file format which is maintained in Amazon S3.
Accreditation and Compliance: On-Premises and on AWS
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
On-Premises
Start with building the data center
Functionally optional
Audits done by an in-house team
Accountable to yourself
Typically check once a year
Workload-specific compliance checks
Must keep pace and invest in security
innovation
On AWS
Start on base of accredited services
Functionally necessary – high standard of
requirements
Audits done by third-party experts
Accountable to everyone
Continuous monitoring
Compliance approach based on all workload
scenarios
Security innovation drives broad compliance
Module Summary
Security and compliance is a shared responsibility
between AWS and customers.
You always have full ownership and control of the content
you place in AWS.
Every network has fine-grained security built in.
You can encrypt your sensitive information.
You can control access and segregate duties everywhere.
You can audit and troubleshooting configuration changes
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module 5: Cloud Migration
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module Overview
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
This module discusses best practices for successful implementation of an IT environment with AWS components.
The framework helps an organization develop a plan to move from where they are to where they want to be.
The plan provides guidance to teams on changes they will make for successful adoption of AWS solutions.
Learning Objectives
The seven steps to cloud success.
Common use cases on AWS.
Foundational perspectives of the Cloud Adoption Framework.
How to leverage your local AWS team.
What you need to get started with AWS.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
This module is designed to teach you about:
AWS Cloud Adoption Journey
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
The AWS Cloud Adoption Journey
Gain Executive
Sponsorship
Experiment
Educate Staff
Create Hybrid
Architecture
Establish Cloud-First Standard
Develop a Shared Plan
Create a Cloud
Center of Excellence
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Steps of the Journey: Executive Sponsorship
Gain
Executive
Sponsorship
Educate
Staff Experiment
Develop
a Shared
Plan
Create Hybrid
Architecture
Create a
Center
of
Excellence
Establish
Cloud-
First Standard
Makin
g it R
eal
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Executive Sponsorship
Follow path of least resistance
Own the business case
Manage the risk
Navigate the internal politics
Start from the bottom if necessary
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Align on the Outcome
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Executive Priority AWS Value
CEO
CIO
CFO
CMO
CISO
CRO
Competitive advantage
Save money
Business alignment
Move faster, more efficiency
Improved cash flow
Save money
Respond to market changes
Run more experiments
Better analytics
Visibility
Auditability control
Get more products to market
Move faster, more efficiency
Experience
Pace of Innovation
Service Depth and Breadth
Pricing Philosophy
Ecosystem
Global
Steps of the Journey: Educate Staff
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Experiment
Makin
g it R
eal
Educate
Staff
Gain
Executive
Sponsorship
Develop
a Shared
Plan
Create Hybrid
Architecture
Create a
Center
of
Excellence
Establish
Cloud-
First Standard
Educate Staff
Invite the AWS team
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Attend industry events Talk with industry peers Run workshops
AWS Training and Certification
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Certification
aws.amazon.com/certification
Demonstrate your skills,
knowledge, and expertise
with the AWS platform
Self-Paced Labs
aws.amazon.com/training/
self-paced-labs
Try products, gain new
skills, and get hands-on
practice working with
AWS technologies
aws.amazon.com/training
Training
Skill up and gain
confidence to design,
develop, deploy, and
manage your applications
on AWS
Steps of the Journey: Experiment
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
ExperimentEducate
Staff
Makin
g it R
eal
Gain
Executive
Sponsorship
Develop
a Shared
Plan
Create Hybrid
Architecture
Create a
Center
of
Excellence
Establish
Cloud-
First Standard
Experiment
Identify your first projects:
• Test and Development
• Digital
• Storage
• Backup
Practice on low-risk workloads.
Take advantage of the free tier.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Experiment – Digital
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Static Website
Mobile application service
Web application service
Amazon WorkSpaces
Steps of the Journey: Center of Excellence
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Educate
StaffExperiment
Makin
g it R
eal
Gain
Executive
Sponsorship
Create a
Center
of
Excellence
Develop
a Shared
Plan
Create Hybrid
Architecture
Establish
Cloud-
First Standard
Create a Center of Excellence (COE)
COE develops a framework.
Sets the charter.
Acts as the interface back into the
board and technical teams.
Increases agility, decreases risk and
operating costs.
Provides knowledge management.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Cloud Adoption Framework
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Whitepaper: http://bit.ly/AWSCAF
People
PerspectiveProcess
Perspective
Security
Perspective
Maturity
Perspective
Platform
Perspective
Operating
Perspective
Business
Perspective Perspectives in planning, creating,
managing, and supporting a modern IT
service.
Guidelines for establishing, developing and
running AWS environments.
Structure for business and IT teams to
work together.
Seven Core Perspectives
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Process PerspectiveManaging portfolios, programs, and projects to
deliver expected business outcome on time and
within budget, while keeping risks at acceptable
levels.
People PerspectiveDefining and acquiring the skills needed to adopt the
AWS cloud platform. Examples include guiding
processes of role descriptions, training, certification,
and mentoring.
Maturity PerspectiveDefining the target state architecture of the
organization and creating the required
blueprints and roadmaps.
Platform PerspectiveProviding patterns, guidance, and tools for
optimal use of the technology services to
implement. Represents the technology
services of the AWS cloud platform.
Operating PerspectiveProviding process, guidance, and tools for optimum
operational service management of the AWS
environment. Represents the ongoing management
of the functioning IT environment of AWS.
Security PerspectiveDefining and implementing the required levels of
security, governance, and risk management to
achieve compliance.
Business PerspectiveIdentifying, delivering, and measuring
business impact using architectural
approaches that align technical delivery to
business imperatives.
Steps of the Journey: Develop a Shared Plan
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Educate
StaffExperiment
Makin
g it R
eal
Gain
Executive
Sponsorship
Develop
a Shared
Plan
Create Hybrid
Architecture
Establish
Cloud-
First Standard
Create a
Center
of
Excellence
Build Relationships
AWS Executives
AWS Account Executive
AWS Principal Solution Architect
Inside Sales Manager
Customer Experience Manager
Customer Support
Professional Services
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Engage Partners
Consulting Partners
Technology Partners
System Integrators
Specialist Partners
• HPC
• DevOps
• Analytics
Find a suitable partner at http://www.aws-partner-directory.com
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Premier Consulting Partners
AWS Specialists
Security and Compliance
Enterprise Applications
Desktop
Big data/HPC
TCO
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Steps of the Journey: Hybrid Architecture
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Educate
StaffExperiment
Create a
Center
of
Excellence
Establish
Cloud-
First Standard
Makin
g it R
eal
Gain
Executive
Sponsorship
Develop
a Shared
Plan
Create Hybrid
Architecture
Establish Hybrid Architecture
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
VPC Subnet
Availability Zone
Security group
VPC subnet
Availability Zone
Security group
Corporate
data center
Users
Data center router
Servers
AWS Direct Connect
location
AWS Direct
Connect routers
Backup
AWS
Storage
Gateway
Networking
AWS Direct
Connect
Virtual
Private
Cloud
Access Control
Directory
Service
AWS IAM
Identity
Federation
Resource
Management
VCenter
Integration
System
Center
Integration
Compliance
AWS
CloudTrail
AWS Config
Set Up the Foundations
Steps of the Journey: Cloud-First Standard
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Establish
Cloud-
First
Standard
Educate
StaffExperiment
Create Hybrid
Architecture
Create a
Center
of
Excellence
Makin
g it R
eal
Gain
Executive
Sponsorship
Develop
a Shared
Plan
Migration: Recommended Approach
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Application Migration/Experiment
Continuous Feedback
Cycles of Learning
Project 1 Project 2 Project 3 Project.
Strategy
Executive Sponsorship
Educate Staff FoundationsRisk and
ComplianceCenter of
Excellence Operations
Model
Future
State
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Example Application Migration Plan
Initiate Discover Design Migrate Integrate Validate OptimizeOperatePhase
Identify, analyze,
profile, summarize
applications
Architect a well-
defined target
environment
Determine best
approach for each
application
Infrastructure,
application, and
operation
Functional and
business criteria
Architecture, design, deployment of apps to
take full advantage of availability, scalability,
and cost benefits
Enterprise Case Study: Condé Nast
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Challenge
• Improve organizational creativity, productivity, agility, flexibility and time to market for digital content
Why AWS?
• Leverage infrastructure
• Migrate over 500 servers, 1-PB storage, mission critical applications, and 100 database servers to the cloud
Benefits
• Reduced costs by 40%
• Increased operational performance by 30–40%
• Closed their own data centerWatch the video
Getting Started
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Meet Your Local Sales Team
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Account Manager
Inside Sales
Solutions Architects
Partner Introductions
Ecosystem Partners
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
http://www.aws-partner-directory.com
AWS Account
Get started immediately
Set up an AWS account.
Identify an AWS champion in your organization.
Identify the initial workload to migrate.
Start experimenting.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Module Summary
There are seven steps along the journey to cloud adoption.
There is no one-size-fits-all way that companies are moving
to the cloud.
Leverage your local AWS team.
The AWS Cloud Adoption Framework (CAF) separates
complex IT environments into manageable areas of focus.
Get to know the resources that are available to you and
reach out to your local AWS team.
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Conclusion
© 2015 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Thank You
Hope you enjoyed the training!
Let us know what you think and email us at: