compliance - amazon web servicesaws-de-media.s3.amazonaws.com/images/aws_summit_2018/june… · ©...
TRANSCRIPT
![Page 1: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/1.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dimitrij Zub
Lead of Partner Solutions Architecture, Amazon Web Services
Rodrigue Vitini
Director of Solution Architecture,T-Systems Digital Division
Compliance | Amelia
Programmed Governance and how to deliver secure and compliant accounts
with a click.
![Page 2: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/2.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 1An MSP journey
![Page 3: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/3.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“I need help migrating, running, and optimizing my AWS workloads.”
Plan & design
Build & migrate
Run & operate Optimize
The AWS Next Gen MSP experience
![Page 4: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/4.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Business health & management
Solution design
Infrastructure & application migration
Security managementBilling & cost management
Process & cost optimization
Customer obsession
Service desk & customer support DevOps & automation
SLAs & reporting
Fit for customer requirements
![Page 5: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/5.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 2Preparation
![Page 6: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/6.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Adoption Framework
![Page 7: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/7.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Center of Excellence
Build a cloud practice based on nourishing a learning appetite
§ Training Center for AWS Certified Solution Architect§ Regular know-how exchange webinars§ Sandbox for internal tests and labs§ Regular Architecture Board Review
![Page 8: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/8.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 3Mode 1 versus Mode 2
![Page 9: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/9.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Where to start?
§ Outsourcing mentality§ Inherited from ITSM§ All implemented in Ops§ Governance > Business§ Say no first…§ …then open a ticket
Mode 1 § Cloud native mentality§ Developers driven§ DevOps model§ Business > Governance§ All rights granted…§ …then you’re on your own
Mode 2
![Page 10: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/10.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Where to go?
![Page 11: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/11.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How to get there, following AWS Well-Architected?
source: https://aws.amazon.com/de/architecture/well-architected/
Operational Excellence
Security
Reliability
Performance Efficiency
Cost Optimisation
![Page 12: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/12.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 4Getting Started
![Page 13: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/13.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Scope of Work and Guidelines
§ Use AWS native tools§ Infrastructure as a Code§ Automate all you can§ Security as a script§ Encrypt everything§ Loosely coupled
systems§ Deliver in 5 minutes
![Page 14: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/14.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Challenges to integrate a Public Cloud
![Page 15: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/15.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security as a Code - by Design and by Default
![Page 16: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/16.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Shifting to Mode 2
§ Who are the customers ?§ Benefits of admin rights ?§ How to protect our
configuration ?§ Why should tickets be opened ?§ What is meaningful to automate
?
CheckAct
Plan Do
![Page 17: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/17.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 5Delivery time
![Page 18: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/18.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automated Provisioning Engine
CloudFormation
AWSCloudTrail
Lambda functions
IAM
AWS KMS
Amazon CloudWatch
AWSConfig
flow logs
Step Functions
AmazonSNS
AmazonS3
AWSLambda
![Page 19: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/19.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security as a CodeProactive and Reactive Control
Automated Policy Injection
![Page 20: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/20.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Billing and Cost Management Transparency and cost control
![Page 21: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/21.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo PageProject “Cheyenne Shepherd”
![Page 22: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/22.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chapter 6Conclusion
![Page 23: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/23.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lessons LearnedFrom working with AWS People and Technology
§ Write 6 pagers, all the time§ Log on every day§ Start small, think big§ Test with friendly customers§ Fail fast, keep learning§ Have fun, be inspired!
![Page 24: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/24.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSLead of Partners Solution Architecture
Dimitrij ZubT-SystemsDirector of Solution ArchitectureEmail: [email protected]
Rodrigue Vitini
![Page 25: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/25.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
![Page 26: Compliance - Amazon Web Servicesaws-de-media.s3.amazonaws.com/images/AWS_Summit_2018/June… · © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Chapter](https://reader035.vdocuments.us/reader035/viewer/2022071022/5fd6191c5edb6d7521050a1d/html5/thumbnails/26.jpg)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.