(ent305) develop an enterprise-wide cloud adoption strategy | aws re:invent 2014

26
November 13, 2014 | Las Vegas, NV Miha Kralj, Principal Consultant, AWS Professional Services Blake Chism, Senior Consultant, AWS Professional Services

Upload: amazon-web-services

Post on 30-Jun-2015

799 views

Category:

Technology


5 download

DESCRIPTION

Taking a "cloud first" approach requires a different approach than you probably had to consider for your initial few workloads in the cloud. You'll be diving into the deep end of hybrid environments, and that means taking a broad view of your IT strategy, architecture, and organizational design. Through our experience in helping enterprises navigate this change, AWS has developed the Cloud Adoption Framework (CAF) to assist with planning, creating, managing, and supporting the shift. In this session, we cover how the CAF offers practical guidance and comprehensive guidelines to enterprise organizations, particularly around roles, governance, and efficiency.

TRANSCRIPT

Page 1: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

November 13, 2014 | Las Vegas, NV

Miha Kralj, Principal Consultant, AWS Professional Services

Blake Chism, Senior Consultant, AWS Professional Services

Page 2: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014
Page 3: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Customer

Internal Business

Processes

Learning and Growth

FinancialManage

cost of ITEnable value

creation

Demonstrate

competitive

costs

Deliver quality IT

services

Promote culture

of innovation

Acquire skills in

enabling

technologies

Standardize

platforms and

architectures

Manage IT

service quality

Improve IT

productivity

Utilize

economies of

scale

Page 4: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Value

BenefitsDetriments

RiskCost

Reputation

Compliance

Disruption

Obsolescence

Capex

Opex

Growth

Upgradeability

SpeedAgility

Responsiveness

Effectiveness

Adaptability

Rapid Change

Time to delivery

Time to market

Work efficiency

Parallelism

Tactical Strategic

IT Innovation

IT-as-a-Service

Experimentation

VC Funding

Lower the bar to entry

Disruptive Innovation

New Business

Models

Unbundling

Long Tail

Multi-sided Platform

Open Business

Page 5: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Business

Perspective

Value

Management IT Strategy

Portfolio

Governance

Cost

Management

Risk

Management

Benefits

Management

Page 6: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Measured elastic IT resource that can be rapidly provisioned

on-demand, such as: Object storage service

Service

A technology collection that can be transparently

obtained from collection of available stencils, such as a

LAMP stackStack

An aggregated IT functionality performed by

collection of various IT stacks, such as: Managed

DesktopWorkload

An ability of IT to provide value to the

business through a collection IT workloads,

such as: Line of Business PlatformIT Capability

An IT component that includes pre-defined and configured cloud

services, such as Spot instances in auto-scaling group Template

Page 7: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Fo

un

da

tio

na

l S

erv

ices

Pla

tfo

rm S

erv

ices

Security Firewall Identity & Access Auditing Encryption

Storage Object Store File Store Archiving Backup/Recovery Storage Integration

Compute General Purpose Compute optimized Memory Optimized GPU Optimized Storage Optimized

Server OS Linux BSD Windows Other

Data Integration ETL/ELT Replication Queueing Data Load MDM

Ap

p S

erv

ices

Mobile App Store Push Analytics Identity

Composites Search Workflow Messaging Streaming TranscodingOrchestration

Protocols http REST SMTP IM/SMS SOAP/WS-* RDP/VNCSSH

Clients Browser Email Legacy App Mobile App TXTStore app Term

Data Analytics Data streaming Data Processing Data Mining Machine Learning Event Processing

Networking Cloud Isolation Connectivity Elasticity Name ResolutionContent Delivery

App Server Java PHP Python Ruby .NET Node.js SAP

Database Relational NoSQL In-memory DB Data Warehouse HANA

Page 8: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Platform

Perspective

Conceptual

ArchitectureLogical

ArchitectureImplementation

Architecture

Application

Migration

Patterns

Cloud design

principles and

patterns

Architecture

Optimization

Page 9: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Stimulating

Innovation

Engaging

new

customers

Traditional

Cost-

focused

Innovative

Quality-

driven

Growth-

obsessed

Leading

Page 10: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Analysis Design Transition Operations ImprovementStrategy

Strategy

Process

People

Value-based

StrategyCloud Capabilities Cloud Adoption

Evaluation of

BenefitsCost and Billing Cost Optimization

Planning ProcessDevelopment

ProcessDelivery Process

Engagement

ProcessITSM Process

Optimization

Process

Workforce PlanningRoles and

Responsibilities

Proficiency

ValidationSkills Assessment

People

PerformanceCloud ReadinessIT

Managem

ent

Governance

Risk

Compliance

Oversight of Cloud

Environments

Cloud Architecture

Review Points

Cloud Migration

OversightGRC Reporting

Separation of

Duties

Cloud Governance

Metrics

Technology Risk

Approach

Common Control

Architectures

GRC Transition

Project Oversight

Cloud Risk

Management Inputs

Cloud Control

Operations

Active Cloud Risk

Reduction

Cloud Compliance

Requirements

Cloud Architecture

Compliance

Hybrid Compliance

Controls

Key Compliance

Inputs

Cloud Compliance

Workflow

Cloud Compliance

Outcomes

GR

C

Applications

Information

Infrastructure

SW Architecture

Discipline

Development

Discipline

Dev/Test

EnvironmentsChange Traceability

Configuration

ManagementQuality Assurance

Information

ArchitectureCloud Database Cloud StorageData Classification Data Backup Data Insights

Infrastructure

ArchitectureConnectivity Design

Infrastructure

AutomationSystems Placement

Infrastructure

Configuration

Management

Operational HeathTech &

Arc

h

Page 11: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Maturity

Perspective

Cloud

Readiness

Assessment

Cloud Maturity

Heat-map Assessment

Target Platform

Capabilities

Application

Portfolio

Analysis

Roadmap

sequencing

IT Management

Assessment

Page 12: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Organizational

Goals

Manage cost

of IT

Delivery Quality

IT Services

Improve

IT Capabilities

Empower and

Support End Users

Capabilities Activities Skills

Job Descriptions

Roles

Accountabilities

Assignments

Page 13: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

People

Perspective

Organizational

Structures

Roles and

Job

Descriptions

Training

Certification

Readiness

Manage

Staffing

Organizational

Change

Management

Skills

and

Competencies

Page 14: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

- Effective ongoing service

management

- Governance and monitoring

- Initiation of new activities

- Feedback loop and

Optimization

- Creating/building/coding IT services

that meet/exceed defined expectations

- Testing/validating IT services against

testing plan and acceptance criteria

- Transition/deployment of IT services

into operations

- Assessing and analyzing the current

state

- Defining strategic vision and direction

- Setting financial, GCR and

organizational structure

- Validation before delivery begins

Iterative

Development

Strategy Analysis Design Transition Operations Improvement

Value-based

Planning

Automated

Operations

Page 15: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Process

Perspective

Portfolio

Management

Service

Delivery

Management

Program &

Project

Management

Continuous Integration/ Continuous

Delivery

Process

Automation

Quality

Management

Page 16: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

NetworkAWS Internet

Security

Elastic Load

Balancing

SSL

Security

Groups

VPC VPN

GatewayVPC Subnets

VPC NACLsVPC Routing

Tables

AWS Direct

Connect

Geographic

Diversity

Amazon Route

53 Health

Checks

Mo

nit

or

Log,

Audit,

& A

naly

ze

Monitor

& A

lert

Amazon

CloudWatch

Amazon SNS

Notifications

AWS Abuse

Notifications

Trusted Advisor

Amazon EMR

Amazon Kinesis

S3, CloudFront

Access Logs

Application Logs

Database Logs

Operating System

Logs

AWS CloudTrail

Amazon Redshift

PlatformSecurity

Operations

Center

AWS Service

Level

Agreements

HIPAA SOC 1 / 2 / 3PCI DSS

Level 1ISO 27001 FedRAMP

DIACAP and

FISMAITAR FIPS 140-2 CSA MPAA

AWS Assurance Programs

Man

ag

eA

uth

enticate

& A

uth

orize

Org

aniz

e,

Deplo

y, &

Opera

te

Access Policy

Language

Access Policy

Simulator

IAM Users,

Groups & Roles

IAM MFA

IAM STS

Federation

IAM Password

Policy

IAM SAML 2.0

IAM Web

Identities

SSL API, CLI,

Console

AWS CloudHSM

Resource

Tagging

Snapshots &

Replication

AWS

CloudFormation

Desig

nW

hitepapers

Pla

n,

Learn

Overview of

Security

Processes

Logging in AWS

Governance for

AWS

AWS Webinars &

Videos

AWS Security

Best Practices

AWS Security

Test Drive Labs

Operational

Checklists for

AWS

Security for

Microsoft Apps on

AWS

AWS Simple

Monthly

Calculator

AWS Reference

Architectures

AWS Risk and

Compliance

AWS Auditing

Security Checklist

Customer &

Partner

Whitepapers

DatabaseOracle

Transparent Data

Encryption

MS-SQL SSLOracle NNE

Amazon Redshfit

Cluster Encryption

Amazon RDS

Auto Minor

Patching

MS-SQL

Transparent Data

Encryption

DynamoDB SSL

Amazon EMR Job

Flow Roles

MySQL SSL PostgreSQL SSL

SimpleDB SSL

Amazon Redshift

Encrypted S3

Backups

DynamoDB Fine

Grained Access

Storage & ContentAmazon S3 ACLs,

Bucket Policies

Amazon S3

Server-Side

Encryption

Amazon S3 MFA

DeleteLifecycle Rules

Client-Side

EncryptionAmazon S3 SSL

Amazon S3

Object Metadata

AWS Storage

Gateway SSL

AWS CloudFront

Signed URLs

Amazon S3

Object Versioning

Amazon S3

Object ETags

Amazon Glacier

SSL

AWS CloudFront

SSL

Amazon Glacier

Server-Side

Encryption

PeopleAWS SAs &

ProServe

AWS Sales,

Support, TAM

AWS Forums &

Documentation

AWS Training &

Certification

AWS System

Integration

Partners

AWS Compliance

Forum

Instance

Auto ScalingSSH Keys

Bastion Host

Bootstrapping

Amazon Machine

Images (AMIs)

AWS CloudFront

Load Distribution

Penetration

Testing Process

Elastic Beanstalk

Rolling Patching

AWS Marketplace

Offerings

Server

Certificates

Resource-Level

Permissions

Dedicated

Instances

Page 17: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Security

Perspective

Security

Strategy

Security

Reference

Architecture

Governance,

Risk and

Compliance

Lifecycle

Security

Capabilities

DevSecOps

Principles

Security

Operations

Playbook

Page 18: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Operating

Perspective

Cloud Service

ManagementSLA/OLA

Strategy

Business

Continuity

Planning

Incident &

Problem

Mgmt

Change and

Configuration

Management

Performance

&

Operational

Health

Page 19: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

The AWS CAF organizes and

describes the perspectives in planning,

creating, managing, and supporting a

modern IT service.

Offers practical guidance and

comprehensive guidelines for

establishing, developing and running

AWS cloud-enabled environments.

It provides a structure where business

and IT can work together towards

common strategy and vision, supported

by modern IT automation and process

optimization.

Whitepaper: http://bit.ly/AWSCAF

People

PerspectiveProcess

Perspective

Security

Perspective

Maturity

Perspective

Platform

Perspective

Operating

Perspective

Business

Perspective

Page 20: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Cost Mgmt

BCP

Org

Structure

Architecture

Optimization

Security

Review

Capability

Review

Process

Automation

People

Perspective

Process

Perspective

Security

Perspective

Maturity

Perspective

Platform

Perspective

Operating

Perspective

Business

Perspective

Page 21: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Application

Portfolio

Assessment

Operational

Integration

Application

Migration

Factory

Page 22: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Discovery

Workshop

Cloud Business

Case

Define

Security

Requirements

Define

Network

Environment

Organizational

Structure

Operational

Integration

Security

Operations

Playbook

Cloud

Environment

Optimization

Application

Portfolio

Analysis

Cost and

Billing

Analysis

Skills and

Competencies

Define Cloud

Environments

Define EA

Policies and

Practices

Continuous

Integration &

Delivery

Page 23: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Strategy Analysis Design Transition Operations Improvement

Page 24: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

Business Perspective – AmtrakBill Duncan - Director, ESM Technology Services

Platform Perspective – Notre DameSharif Nijim – Enterprise Application Architect

Page 25: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

http://bit.ly/AWSCAF

People

Perspective

Process

Perspective

Security

Perspective

Maturity

Perspective

Platform

Perspective

Operating

Perspective

Business

Perspective

Page 26: (ENT305) Develop an Enterprise-wide Cloud Adoption Strategy | AWS re:Invent 2014

http://bit.ly/awsevals