Compliance - Amazon Web Servicesaws-de-media.s3. ¢© 2018, Amazon Web Services, Inc. or its affiliates

  • View
    0

  • Download
    0

Embed Size (px)

Text of Compliance - Amazon Web Servicesaws-de-media.s3. ¢© 2018, Amazon Web Services, Inc. or its...

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Dimitrij Zub

    Lead of Partner Solutions Architecture, Amazon Web Services

    Rodrigue Vitini

    Director of Solution Architecture, T-Systems Digital Division

    Compliance | Amelia

    Programmed Governance and how to deliver secure and compliant accounts

    with a click.

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 1 An MSP journey

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    “I need help migrating, running, and optimizing my AWS workloads.”

    Plan & design

    Build & migrate

    Run & operate Optimize

    The AWS Next Gen MSP experience

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Business health & management

    Solution design

    Infrastructure & application migration

    Security managementBilling & cost management

    Process & cost optimization

    Customer obsession

    Service desk & customer support DevOps & automation

    SLAs & reporting

    Fit for customer requirements

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 2 Preparation

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Cloud Adoption Framework

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Cloud Center of Excellence

    Build a cloud practice based on nourishing a learning appetite

    § Training Center for AWS Certified Solution Architect § Regular know-how exchange webinars § Sandbox for internal tests and labs § Regular Architecture Board Review

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 3 Mode 1 versus Mode 2

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Where to start?

    § Outsourcing mentality § Inherited from ITSM § All implemented in Ops § Governance > Business § Say no first… § …then open a ticket

    Mode 1 § Cloud native mentality § Developers driven § DevOps model § Business > Governance § All rights granted… § …then you’re on your own

    Mode 2

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Where to go?

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    How to get there, following AWS Well-Architected?

    source: https://aws.amazon.com/de/architecture/well-architected/

    Operational Excellence

    Security

    Reliability

    Performance Efficiency

    Cost Optimisation

    https://aws.amazon.com/de/architecture/well-architected/

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 4 Getting Started

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Scope of Work and Guidelines

    § Use AWS native tools § Infrastructure as a Code § Automate all you can § Security as a script § Encrypt everything § Loosely coupled

    systems § Deliver in 5 minutes

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Challenges to integrate a Public Cloud

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Security as a Code - by Design and by Default

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Shifting to Mode 2

    § Who are the customers ? § Benefits of admin rights ? § How to protect our

    configuration ? § Why should tickets be opened ? § What is meaningful to automate

    ?

    CheckAct

    Plan Do

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 5 Delivery time

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Automated Provisioning Engine

    CloudFormation

    AWS CloudTrail

    Lambda functions

    IAM

    AWS KMS

    Amazon CloudWatch

    AWS Config

    flow logs

    Step Functions

    Amazon SNS

    Amazon S3

    AWS Lambda

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Security as a Code Proactive and Reactive Control

    Automated Policy Injection

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Billing and Cost Management Transparency and cost control

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Demo Page Project “Cheyenne Shepherd”

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Chapter 6 Conclusion

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    Lessons Learned From working with AWS People and Technology

    § Write 6 pagers, all the time § Log on every day § Start small, think big § Test with friendly customers § Fail fast, keep learning § Have fun, be inspired!

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

    AWS Lead of Partners Solution Architecture

    Dimitrij Zub T-Systems Director of Solution Architecture Email: r.vitini@t-systems.com

    Rodrigue Vitini

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

  • © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.