Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jonathan Allen - AWS Enterprise Strategy
2018
The Future of Enterprise IT:
Lessons Learned
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Personal career timeline
System
Integrator
Energy
Sector
1996 1998 2000 2017
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compelling reasons to move Cloud
Agility/dev productivity
Digital
transformation
Data center consolidation
Cost
Reduction
Large scale compute intensive
workloads
Acquisitions
or divestitures
Colocation or outsourcing
contract changes
Facility or real-estate decisions
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
and move faster
What if you could devote more resources tothe things that matter
while being more secure?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Largest Number Of Enterprise Customers
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Modern Product Development
How Amazon achieves flow
How to transform your Enterprise IT
What we’ll cover:
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Methods and Pr inc ip les of
Modern Product Development
DevOpsInterface for getting
stuff built and released
Agile TeamingThe organizational glue
that keeps release cycle
moving continuously
Design ThinkingInterface to customer
and feedback loop
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Design Thinking is just…
User
Centered
Design
USER
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
1. First gain empathy
2. Then frame the problems
3. Now you can ideate
4. Run simple, fast, frugal tests
Bring the outside in
Pinpoint the pain point
Radical ideas, real impact
Build to learn
Practical Principles: Design Thinking
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
SCRUM
Continuously groomed backlog
No changes to work plan made during sprint
Product increment: must be completed, integrated and tested
Agile TeamingFocus: respond quickly to feedback
Agile Principle
Learning over
following a plan
Each Agile framework has a way of bringing feedback into its workstream
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
KANBAN
Finish task and pull forward next work item
Uses work-in-progress (WIP) limits and cycle-time to manage
flow of new development
Adapted from Toyota Production System
Agile TeamingFocus: respond quickly to feedback
Agile Principle
Learning over
following a plan
Each Agile framework has a way of bringing feedback into its workstream
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
XP – Extreme Programming
Emphasizes technical excellence as a way to remain agile
Pair programming and code reviews are common methods
Frequent checkpoints - Allows for constant feedback on
customer requirements
Agile TeamingFocus: respond quickly to feedback
Agile Principle
Learning over
following a plan
Each Agile framework has a way of bringing feedback into its workstream
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Practical Principles: Agile
1. Rip the Band-Aid off, but have mercy
2. Keeping it real…and small
3. Show something every sprint
4. Trap: Agile by the book
Use release maps
Two pizza team model
Power of the demo
Find your agile center
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
All of these reduce cycle time and allow builders to focus
on product, quickly deploying and collecting feedback
DevOpsFocus: promote and enable fast feedback
DevOps Principles
Automate all things
Eliminate handoffs
Establish guardrails
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
DevOpsAgile TeamingDesign Thinking
Putt ing the P ieces Together :
Finding Organizat ional F low
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Start with value hypothesis and growth hypothesis
Run small experiments to see if there is both value and demand
Bias towards many small tests vs. larger, extended ones
Persevere or pivot early based on results
MVPMinimum Viable Product: What is the smallest thing you can
test to prove the unproven parts of your idea
“One accurate measurement is worth more than a thousand expert opinions.”
-Admiral Grace Hopper
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Typical Release Testing
Most Tests
Occur Late
In Process
Concept Dev Deployment
Functional
Acceptance
Performance
Security/
Compliance
Production
Monitor
Respond to
Defects/Incidents
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Continuous Testing
Always
Be
Testing
Concept
Hypothesis
A/B
MVP
Development
Functional
Acceptance
Performance
Security/Compliance
Deployment
Functional
Acceptance
Performance
Security/Compliance
Canary
Production
Prod Testing
Chaos Engineering
User Testing Feedback
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Amazon Achieves F low
Working BackwardsFrom the customer
Two Pizza TeamsRun what you build
MicroservicesSpeed and agility
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Write the Press Release: Think big and focus on the customer need
Write the FAQ: Customer and internal stakeholder
Define the user interaction and write the manual
Working backwards
from the customer
PR
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Achieves Speed and Agility with Two-Pizza Teams
Small,
decentralized
teams are nimble
Own/run
what you
build
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Developers Monolithic Application Delivery Pipeline
Build Test Release
Monol i ths : S low and R ig id
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Microserv ices : Speed and Agi l i ty
Developers Microservices Delivery Pipelines
Build Test Release
Build Test Release
Build Test Release
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Microserv ices Pr inc ip les
Single Purpose
API-based
Highly-decoupled
http://
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Quickly Scaling
Winning Ideas
Rapid Adoption of
New Capabilities
Reducing Cost
of Failure
Impact of Cloud on
Product Development
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & ServicesCTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office SystemsCIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User ComputingVP IT Support
Encryption, Key Management,
Identity Management, Firewalls, IDS,
DDoS
Information SecurityCISO
Traditional Enterprise IT
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & ServicesCTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office SystemsCIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User ComputingVP IT Support
Encryption, Key Management,
Identity Management, Firewalls, IDS,
DDoS
Information SecurityCISO
Traditional Enterprise IT
Infrastructure/DeliveryVP Infrastructure
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & ServicesCTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office SystemsCIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User ComputingVP IT Support
Encryption, Key Management,
Identity Management, Firewalls, IDS,
DDoS
Information SecurityCISO
Traditional Enterprise IT
Infrastructure/DeliveryVP Infrastructure PMO Engineering Operations Design
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & ServicesCTO/VP Applications
Back Office SystemsCIO/VP Corp Systems
End User ComputingVP IT Support
Information Security
Future of Enterprise IT – Hybrid state
Infrastructure/DeliveryVP Infrastructure
Cloud CBO & CCoE
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“Declare a Bold Cloud Objective”
Single-threaded leader
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
2-pizza cloud business office
Procurement CISO CFO Head of
Infrastructure
Head of
Delivery
Engineering Risk Leader
Audit Leader
HRLegal
Single-Threaded Leader
!
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“If you can't feed a team with two pizzas,
the team is too large.” - Jeff Bezos
Step 1: Build a two-pizza Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Product Manager
Cloud Adoption Framework – People Perspective
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lead Architect
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure Engineers
Leadership
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Engineers
LeadershipInfrastructure
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Operations Engineers
LeadershipInfrastructure Security
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Application Engineers
LeadershipInfrastructure Security
Operations
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
LeadershipInfrastructure Security
Operations
Applications
Step 2: Staff your Cloud Tiger Team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security
objectives
Availability
objectives
Cost
objectives
AGREEMENT
Get clear on your objectives
Feature & TTM
objectives
Compliance
objectives
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectivesCost
21%
1%
2%
42%
26%
8%
Facility (lease/power/maint)
Facility Improvements
Connectivity
Hardware - Refresh/Growth
Hardware - Buildout
Software
84%
16%
Cloud
Software
On-Premise AWS
5-Year On-Premise vs. Cloud Costs = (GAAP) savings of 68.9%
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Customer
AWS
AWS is responsible for
security of the cloud
Customer is responsible for
security in the cloud
Customer data
Platform, applications, identity, & access management
Operating system, network, & firewall configuration
Client-side data encryption &
data integrity authentication
Server-side encryption
(file system &/or data)
Network traffic protection
(encryption/integrity/identity)
Compute Storage Database Networking
Edge
locations
Regions
Availability Zones
AWS Global
Infrastructure
Get clear on your objectivesSecurity
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
AWS has a deep set of security tooling
Virtual Private Cloud
Isolated cloud resources
Web Application Firewall
Filter malicious web traffic
Shield
DDoS protection
Certificate Manager
Provision, manage, and
deploy SSL/TSL certificates
Networking
Key Management Service
Manage creation
and control of
encryption keys
CloudHSM
Hardware-based
key storage
Server-Side Encryption
Flexible data
encryption options
Encryption
IAM
Manage user access
and encryption keys
SAML Federation
SAML 2.0 support
to allow on-premises
identity integration
Directory Service
Host and manage Microsoft
Active Directory
Organizations
Manage settings for
multiple accounts
Identity & management
Service Catalog
Create and use standardized
products
Config
Track resource inventory
and changes
CloudTrail
Track user activity and
API usage
CloudWatch
Monitor resources
and applications
Inspector
Analyze application security
Compliance
Macie
Discover, classify & protect data
Security
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Certifications & attestations Laws, regulations, and privacy Alignments & frameworksCloud Computing Compliance Controls
Catalogue (C5)🇩🇪 ✔ Argentina Data Privacy ✔ CIS (Center for Internet Security) 🌐 ✔
Cyber Essentials Plus 🇬🇧 ✔ CISPE 🇪🇺 ✔ CJIS (US FBI) 🇺🇸 ✔
DoD SRG 🇺🇸 ✔ FERPA 🇺🇸 ✔ CSA (Cloud Security Alliance) 🌐 ✔
ENS High🇪🇸
GDPR 🇪🇺 ✔ EU-US Privacy Shield 🇪🇺 ✔
FedRAMP 🇺🇸 ✔ GLBA 🇺🇸 ✔ FFIEC ✔
FIPS 🇺🇸 ✔ HIPAA 🇺🇸 ✔ FISC 🇯🇵 ✔
IRAP 🇦🇺 ✔ HITECH 🌐 ✔ FISMA 🇺🇸 ✔
ISO 9001 🌐 ✔ IRS 1075 🇺🇸 ✔ G-Cloud 🇬🇧 ✔
ISO 27001 🌐 ✔ ITAR 🇺🇸 ✔ GxP (US FDA CFR 21 Part 11) 🇺🇸 ✔
ISO 27017 🌐 ✔ My Number Act 🇯🇵 ✔ ICREA 🌐 ✔
ISO 27018 🌐 ✔ Data Protection Act–1988 🇬🇧 ✔ IT Grundschutz 🇩🇪 ✔
K-ISMS (Korea) ✔ VPAT/Section 508 🇺🇸 ✔ MITA 3.0 (US Medicaid) 🇺🇸 ✔
MLPS Level 3 🇨🇳 ✔ Privacy Act [Australia] 🇦🇺 MPAA 🇺🇸 ✔
MTCS 🇸🇬 ✔ Privacy Act [New Zealand] 🇳🇿 ✔ NIST 🇺🇸 ✔
PCI DSS Level 1 💳 ✔ PDPA—2010 [Malaysia] 🇲🇾 ✔ Uptime Institute Tiers 🌐 ✔
SEC Rule 17-a-4(f) 🇺🇸 ✔ PDPA—2012 [Singapore] 🇸🇬 ✔ Cloud Security Principles 🇬🇧 ✔
SOC 1, SOC 2, SOC 3 🌐 PIPEDA [Canada] 🇨🇦 ✔
🌐 = industry or global standard Spanish DPA Authorization 🇪🇸 ✔ ✔
Get clear on your objectivesCompliance
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Availability Downtime per year Categories
95% (1-nine) 18 days 6 hoursBatch processing, data extraction,
load jobs
99% (2-nines) 3 days 15 hours Internal tools, project tracking
99.9% (3-nines) 8 hours 45 minutes Online commerce
99.99% (4-nines) 52 minutes Video delivery, broadcast systems
99.999% (5-nines) 5 minutes Telecom industry (ATM Transactions)
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Part X Part Y
A = AX AY
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Y 99.99% (4-nines) 52 minutes
X and Y Combined 98.99% 3 days 16 hours 33 minutes
…availability in series
Availability
Part X Part Y
A = AX AY
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
A = 1 – (1 – AX)2
Part X
Part X
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Two X in parallel 99.99% (4-nines) 52 minutes
Three X in parallel 99.9999% (6-nines) 31 seconds
A = 1 – (1 – AX)2
Part X
Part X
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Availability Zone A Availability Zone B Availability Zone C
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Region
Availability Zone A Availability Zone B Availability Zone C
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Multi-AZ—well-architected
Availability Zone A Availability Zone B Availability Zone C
APPLICATION
Availability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
CORE SERVICES
Integrated Networking
Rules Engine
Device Shadows
Device SDKs
Device Gateway
Registry
Local Compute
Custom Model
Training & Hosting
Conversational Chatbots
Virtual Desktops
App Streaming
Schema Conversion
Image & Scene
Recognition Sharing & CollaborationExabyte-Scale
Data Migration
Text to Speech
Corporate Email Application Migration
Database Migration
Regions
Availability Zones
Points of Presence
Data Warehousing
Business Intelligence
Elasticsearch
Hadoop/Spark
Data Pipelines
Streaming Data
Collection
ETLStreaming Data
Analysis
Interactive SQL
Queries
Queuing & Notifications
Workflow
Transcoding
Deep Learning
(Apache MXNet,
TensorFlow, & others)
Server MigrationCommunications
MARKETPLACE
Business Apps Business Intelligence DevOps Tools Security Networking StorageDatabases
API Gateway
Single Integrated Console
Identity
Sync
Mobile Analytics
Mobile App Testing
Targeted Push
Notifications
One-click App
Deployment
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource Templates
Build & Test
Analyze & Debug
Identity Management
Key Management
& Storage
Monitoring
& Logs
Configuration
Compliance
Web Application FirewallAssessment
& Reporting
Resource & Usage
Auditing
Access Control
Account
Grouping
DDOS
Protection
TECHNICAL & BUSINESS SUPPORT
SupportProfessional
Services
Optimization
Guidance
Partner
EcosystemTraining & Certification Solutions Management Account Management Security & Billing Reports
Personalized
Dashboard
Monitoring
Manage
Resources
Data Integration
Integrated Identity &
Access
Integrated Resource &
Deployment Management
Integrated Devices
& Edge Systems
Resource Templates
Configuration
Tracking
Server
Management
Service
Catalogue
Search
MIGRATIONHYBRID ARCHITECTUREENTERPRISE APPSMACHINE LEARNINGIoTMOBILE SERVICESDEV OPSANALYTICS
APP SERVICES
INFRASTRUCTURE SECURITY & COMPLIANCE MANAGEMENT TOOLS
ComputeVMs, Auto-scaling, Load Balancing,
Containers, Virtual Private Servers,
Batch Computing, Cloud Functions,
Elastic GPUs, Edge Computing
StorageObject, Blocks, File, Archivals,
Import/Export, Exabyte-scale data transfer
CDN
DatabasesRelational, NoSQL, Caching,
Migration, PostgreSQL compatible
NetworkingVPC, DX, DNS
Facial Recognition
& Analysis
Facial Search
Patching
Contact Center
100+ Services…
Feature
& TTM
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
On-Boarding
Finance
Enterprise
Architecture
Change Mgmt
Communications
Governance
LeadershipInfrastructure SecurityOperationsApplications
Engineering teams will specialize in an area, but will have a
common set of skills shared across all product teams
Operations
Engineering
Infrastructure
Engineering
Security
Engineering
Cloud Business Office
(Leader)
Cloud Engineering
(Leader)
Scale beyond the “two-pizza” team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trust, but verify
Trust
Security
objectives
Availability
objectives
Cost
objectives
Feature & TTM
objectives
Compliance
objectives
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trust, but verify
Verify
Capital One
Cloud Custodian