aws deck template - switch · 2020. 8. 20. · 2020. 8. 20. · aws support plans –no long-term...
TRANSCRIPT
Grischa BaeldenAWS Public Sector Account Manager, DACH
Brendan Bouffler
Worldwide Research and Technical Computing Lead
Education Customers Worldwide
AWS Global Infrastructure
16 R e g i o n s
42 AZ s
68 Edge
Locations
Region & Number of Availability Zones
New Region (coming soon)
ENTERPRISE
APPS
DEVELOPMENT & OPERATIONSMOBILE SERVICESAPP SERVICESANALYTICS
Data
Warehousing
Hadoop/
Spark
Streaming Data
Collection
Machine
Learning
Elastic
Search
Virtual
Desktops
Sharing &
Collaboration
Corporate
Backup
Queuing &
Notifications
Workflow
Search
Transcoding
One-click App
Deployment
Identity
Sync
Single Integrated
Console
Push
Notifications
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource
Templates
TECHNICAL &
BUSINESS
SUPPORT
Account
Management
Support
Professional
Services
Training &
Certification
Security
& Pricing
Reports
Partner
Ecosystem
Solutions
Architects
MARKETPLACE
Business
Apps
Business
IntelligenceDatabases
DevOps
ToolsNetworkingSecurity Storage
RegionsAvailability
Zones
Points of
Presence
INFRASTRUCTURE
CORE SERVICES
ComputeVMs, Auto-scaling,
& Load Balancing
StorageObject, Blocks,
Archival, Import/Export
DatabasesRelational, NoSQL,
Caching, Migration
NetworkingVPC, DX, DNS
CDN
Access
Control
Identity
Management
Key
Management
& Storage
Monitoring
& Logs
Assessment
and reporting
Resource &
Usage Auditing
SECURITY & COMPLIANCE
Configuration
Compliance
Web application
firewall
HYBRID
ARCHITECTURE
Data
Backups
Integrated
App
Deployments
Direct
Connect
Identity
Federation
Integrated
Resource
Management
Integrated
Networking
API
Gateway
IoT
Rules
Engine
Device
Shadows
Device
SDKs
Registry
Device
Gateway
Streaming Data
Analysis
Business
Intelligence
Mobile
Analytics
7
Compute ServicesVirtual Server Hosting, Container management, and Serverless Computing
Amazon EC2Provides resizable cloud-based compute
capacity in the form of EC2 instances, which
are equivalent to virtual servers
AWS Lambda
Run code without thinking about servers.
Pay for only the compute time you consume.
Amazon EC2 Container Service
A highly scalable, high performance
container management service
Storage Services
8
A reliable, scalable, and secure place for your data
Amazon S3Designed to store and access any type of data
over the Internet
Amazon Elastic File System
Simple, scalable file storage for use with
Amazon EC2 instances in the AWS Cloud
Amazon Elastic Block Storage
Block-level storage that serves as a virtual
hard drive for your Amazon EC2 instance
Amazon GlacierLow-cost and highly durable storage
service for long-term backup and archive of
any type of data
AWS Storage Gateway
Seamlessly links your on-premises
environment to Amazon cloud storage
Data Transfer ServicesA portfolio of data transfer services to
migrate data into and out of the AWS cloud
Database Services
9
Amazon RDSManaged relational database service. Cost-
efficient and resizable capacity while managing
time-consuming database administration tasks
Amazon Aurora
Amazon Redshift
AWS DMSMigrate your databases to AWS with zero
downtime. More than 12,000 databases have
been migrated using AWS DMS.
Fast, fully managed, petabyte-scale data
warehouse
MySQL-compatible relational database with
5X performance. Security, availability, and
reliability of commercial databases at 1/10th
the cost.
Amazon DynamoDB
Fast and flexible NoSQL database service
for all applications that need consistent,
single-digit millisecond latency at any scale
Amazon Elasticache
Deploy, operate, and scale an in-memory
cache in the cloud.
Managed relational databases, NoSQL database, data warehouse service and in-
memory cache.
Networking Services
10
Virtual private cloud, direct connections, load balancing, and DNS
Amazon VPCProvision a logically isolated section of the
AWS cloud where you can launch AWS
resources in a virtual network that you define
Amazon Route 53
A highly available and scalable cloud
Domain Name System (DNS) web service
AWS Direct Connect
Establish a dedicated network connection
from your premises to AWS
Elastic Load BalancingDistributes incoming application traffic
across multiple Amazon EC2 instances in
the cloud
We continuously evolve and improve our existing
services, and frequently add new services.
We may change or discontinue any APIs for the
Services from time to time.
We will notify you of any material change to or
discontinuation of the Service Offerings.
For any discontinuation of or material change to an
API for a Service, we will use commercially
reasonable efforts to continue supporting the
previous version of such API for 12 months after the
change or discontinuation.
Source: AWS Customer Agreement
Education and Science not Servers and Data Centers
Focus on your core
mission
Elastic and Scalable
Secure
Accelerated Time to
Science
Lower costs
Flexible
Campus on a Cloud
Teaching and Learning Solutions
• Distance Learning and MOOCs
• Learning Management Systems
• Lecture Capture
• Student Lab Environments
• Virtual Desktop and App Delivery
• Collaboration Tools
Research and
Technical Computing
• High Performance
Computing
• Big Data Analytics
• Machine Learning
& AI
• Storage & Backup
• Public Data Sets
• Tools and
Techniques
• Platforms for
collaboration &
sharing
Campus IT Solutions
• University Websites
• Dev. Environments
• ERP and SIS Systems
• Data Analytics
• Disaster Recovery
• Data Center Migrations
• Storage & Backup
With AWS, Security Is a Shared Responsibility
DatabaseStorageCompute Networking
Edge
Locations
Regions
Avail. Zones
AWS Global
Infrastructure
Customers are
responsible for
security ‘in’ the Cloud
AWS is responsible for
security ‘of’ the Cloud
Customer Data
Platform, Applications,
Identity & Access Management
Operating System, Network &
Firewall Configuration
Client-side Data
Encryption & Data
Integrity
Authentication
Server-side Encryption
(File System and/or
Data)
Network Traffic
Protection (Encryption /
Integrity / Identity)
AWS is Architected for Government Security Requirements
Certifications and accreditations for
workloads that matter – Compliant Solutions
AWS CloudTrail and AWS Config –
Call logging and configuration
management for governance and
compliance
15
• Log, review, alarm
on all user actions
• Browse-and-query
database of current
and previous state
of cloud resources
MTCS
Access a deep set of cloud security tools
Virtual Private CloudIsolated cloud resources
Web Application
FirewallFilter Malicious Web
Traffic
ShieldDDoS protection
Certificate ManagerProvision, manage, and
deploy SSL/TSL
certificates
Key Management
ServiceManage creation and
control of encryption keys
CloudHSMHardware-based key
storage
Server-Side
EncryptionFlexible data encryption
options
IAMManage user access and
encryption keys
SAML FederationSAML 2.0 support to
allow on-prem identity
integration
Directory ServiceHost and manage
Microsoft Active Directory
OrganizationsManage settings for
multiple accounts
Service CatalogCreate and use
standardized products
ConfigTrack resource inventory
and changes
CloudTrailTrack user activity and
API usage
CloudWatchMonitor resources and
applications
InspectorAnalyze application
security
ArtifactSelf-service for AWS’
compliance reports
Networking Encryption Identity & Management Compliance
Your Content on AWS
• You own and manage your
content. We won’t disclose your
content except as you authorize or as
necessary to comply with the law.
• You select the geographic location
where your content is stored using
API calls or the AWS Management
Console, and we won’t move your
content except as you authorize or
as necessary to comply with law.
• You can encrypt your content at
rest and in transit.
• We don’t monitor or control the
content you or your end users
upload to our services, so this
content is your responsibility. We may
disable content that is illegal or
violates our acceptable use policy.
Source: AWS Customer Agreement
AWS Data Access Policy
• AWS will not disclose customer
content unless required to do so to
comply with a legally valid and
binding order, such as a subpoena
or a court order.
• We will challenge requests that are
overbroad, exceed the requestor’s
authority or do not fully comply with
applicable law.
• […] we notify customers before
disclosure to provide them with
the opportunity to seek protection
from disclosure, unless prohibited
by law.
• AWS restricts its personnel from
processing Customer Data without
authorisation as described in the AWS
Security Standards.
• AWS will impose appropriate
contractual obligations upon its
personnel, including relevant
obligations regarding confidentiality,
data protection and data security.
Source: AWS Data Processing Addendum
Data Privacy Addendum including Model Clauses
The AWS Data Processing
Addendum with Model Clauses
is available on a self-service
basis for customers that are
processing personal data on
AWS.
https://aws.amazon.com/compliance/eu-data-protection/
Terms & Termination Service Levels
• Neither party is locked into a fixed-
term contract. You may terminate for
convenience at any time upon written
notice.
• You will have 30 days after a
termination to remove your
content from our services.
• Our Amazon EC2, S3, CloudFront,
RDS, and Route 53 services have
service level agreements.
• We provide a Service Health
Dashboard that shows the current
operational status of our services in
real-time.
• Because our cloud computing
platform functions the same way for
all customers, we can’t administer
custom SLAs for individual
customersSource: AWS Customer Agreement
Customer Agreement Enterprise Agreement
• Online AWS Customer Agreement
customers click to accept during the
AWS account registration process.
The Online CA is located on the AWS
Site at http://aws.amazon.com/agreement.
• AWS can update these terms and
conditions at any time. The vast
majority of AWS customers are on the
Online CA.
• For certain enterprise customers who
indicate that the Online CA is not
acceptable, we offer the AWS
Enterprise Agreement.
• The EA is similar to the Online CA,
but some of the terms are
adaptable to specific customer
needs, and the EA is a paper
agreement signed by both parties.
Pay-as-you-go
Pay less by
using more
Save when
you reserve
Simple Monthly Calculator
TCO Calculator
AWS Pricing
• You aren’t required to make any
upfront financial commitments.
• The pricing for our services is
described on our websitehttp://aws.amazon.com/pricing/
• As we have grown and scaled our
services, we have continuously
passed along these economies of
scale to our customers by
lowering our prices.
AWS Support Plans – no long-term contracts
Basic Support - FreeContact Customer Service for account and billing questions and receive technical support for
resources that don’t pass system health checks.
Developer-level Support – Starting at $49/monthGet started on AWS – ask technical questions and get a response to your web case within 12 hours
during local business hours.
Business-level Support – Starting at $100/month24/7/365 real-time assistance by phone and chat, a 1 hour response to web cases, and help with 3rd
party software. Access Trusted Advisor to increase performance, fault tolerance, security, and
potentially save money.
Enterprise-level Support – Starting at $15,000/month15 minute response to web cases, an assigned technical account manager (TAM) who is an expert in
your use case, and white-glove case handling that notifies your TAM and the service engineering team
of a critical issue.
Administration and Governance
• Tools for budget management that will help you control your
spending and limit costs.
• AWS Organizations – Easily manage policies for groups of
accounts and automate account creation.
• Bring your own license (BYOL), e.g. Microsoft, Oracle, SAP, …
• AWS Marketplace – Easily find, buy, deploy and manage software
solutions, including SaaS.
• …
Cloud Data MigrationMoving existing on-premises data to a new cloud storage location in batches, trickles and
streams.
Direct Connect
Import/Export
Snowball
Amazon S3 Transfer
Acceleration
Storage Gateways
Technology Partnerships
Kinesis Firehose
Hybrid Architecture
Amazon Virtual
Private Cloud
Amazon
Direct Connect
Simplify the migration and management of applications by integrating your on-premises
environments with the AWS Cloud.
https://aws.amazon.com/about-aws/whats-new/2017/03/announcing-new-aws-direct-connect-location-in-munich-prague-berlin-zurich/
Introducing VMware Cloud on AWS
Customer data
center
Management
(vCenter Server) VMware Cloud on AWS
AWS global infrastructureAWS global infrastructure
vRealize Suite, PowerCLI
Access to all AWS services
Amazon
EC2
Amazon
S3
Amazon
RDS
AWS Direct
ConnectAWS Identity & Access
Management (IAM)
Amazon
Redshift
…
…
…
…
AWS CloudFormation, CLI, SDK
vCenter Server
AWS Channel Reseller Program
Billing-Services
• Written Offers, Local Sellers and
Contracts, Consolidated Billing,
Invoices in EUR or CHF, extra
Tools, Monitoring, Cost
Management, Deposits, etc.
Partners add value
• Training
• Consulting
• Development
• Managed Hosting
• …
Enables qualified APN Consulting Partners to resell AWS Services to both commercial and public
sector AWS Customers
Being an AWS Channel Reseller enables us to establish an even closer
relationship with our customers and deliver value to them by accelerating
adoption of the services provided by AWS.
—Cloudreach
GÉANT Framework AWS Resellers
Cloud is not an I/0 decision
Establish a cloud practice
Start your journey
With the increasing demand for
cloud employees, AWS Educate
provides an academic gateway
for the next generation of IT and
cloud professionals.
Labs and training on
cloud topics and AWS
products
Open course content
by leading professors
and AWS
Grants for free
usage of AWS
services
Communities that
share best practices
virtually and in person
JOBS
Previously, large datasets such as
the mapping of the Human Genome
required hours or days to locate,
download, customize, and analyze.
Now, anyone can access these
datasets via the AWS public data
repository and analyze them using
instant clusters and compute
resources ion AWS, enabling more
innovation, more quickly.
While research is often a compute-intensive
activity, most researchers are not IT
experts. Focus on methods, resources and
straight forward guides that permit exploration
whilst keeping your data secure and your
budget safe.
Open Data
and Public
Data sets
The 150-
page
missing
manual for
research
workloads
in the
cloud.
Thank you!
Grischa Baelden
Public Sector Account Manager, DACH
+49 176 1917 4173
Brendan Bouffler
Research and Technical Computing Lead
+44 7506 930 222
What sets AWS apart?
Building and managing cloud since 2006
90+ services to support any cloud workload
16 regions, 42 availability zones, 68+ edge locations
59 proactive price reductions to date
Thousands of partners; 3500+ Marketplace products
Experience
Service Breadth & Depth
Global Footprint
Pricing Philosophy
Ecosystem
AWS in the Public Sector
7,000+educational
institutions
2,300+government
agencies
22,000+nonprofit
organizations
34