AWS Well Architected Framework

Similar documents
AWS Solution Architect Associate

Enroll Now to Take online Course Contact: Demo video By Chandra sir

Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India

Training on Amazon AWS Cloud Computing. Course Content

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content

ARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS

HPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack

Certificate of Registration

Introduction to Cloud Computing

Amazon Web Services Training. Training Topics:

Security Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance

AWS Well-Architected Framework. November 2016

High School Technology Services myhsts.org Certification Courses

AWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager

Cloud security 2.0: Joko nyt pilveen voi luottaa?

AWS 101. Patrick Pierson, IonChannel

Amazon Web Services (AWS) Training Course Content

The Orion Papers. AWS Solutions Architect (Associate) Exam Course Manual. Enter

At Course Completion Prepares you as per certification requirements for AWS Developer Associate.

LINUX, WINDOWS(MCSE),

Architecting for Greater Security in AWS

Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.

About Intellipaat. About the Course. Why Take This Course?

AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions

Microservices on AWS. Matthias Jung, Solutions Architect AWS

SAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions

ActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD

Cloud Computing. Amazon Web Services (AWS)

AWS Security. Stephen E. Schmidt, Directeur de la Sécurité

Getting Started with AWS Security

AWS Administration. Suggested Pre-requisites Basic IT Knowledge

Security & Compliance in the AWS Cloud. Amazon Web Services

Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web

Cloud Computing /AWS Course Content

BERLIN. 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

AWS Solutions Architect Exam Tips

Amazon AWS-Solution-Architect-Associate Exam

Designing Fault-Tolerant Applications

Serverless Computing. Redefining the Cloud. Roger S. Barga, Ph.D. General Manager Amazon Web Services

How can you implement this through a script that a scheduling daemon runs daily on the application servers?

Overview of AWS Security - Database Services

Better, Faster, Stronger web apps with Amazon Web Services. Senior Technology Evangelist, Amazon Web Services

Startups and Mobile Apps on AWS. Dave Schappell, Startup Business Development Manager, AWS September 11, 2013

Amazon Linux: Operating System of the Cloud

Microservices Architekturen aufbauen, aber wie?

Scaling on AWS. From 1 to 10 Million Users. Matthias Jung, Solutions Architect

AWS Security Overview. Bill Shinn Principal Security Solutions Architect

Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance

Getting started with AWS security

Best Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ

Lean & Mean on AWS: Cost-Effective Architectures. Constantin Gonzalez, Solutions Architect, AWS

CogniFit Technical Security Details

AWS Certified Solutions Architect - Associate 2018 (SAA-001)

Title: Planning AWS Platform Security Assessment?

Werden Sie ein Teil von Internet der Dinge auf AWS. AWS Enterprise Summit 2015 Dr. Markus Schmidberger -

AWS Course Syllabus. Linux Fundamentals. Installation and Initialization:

CLOUD AND AWS TECHNICAL ESSENTIALS PLUS

Cloud Security Strategy - Adapt to Changes with Security Automation -

CPM. Quick Start Guide V2.4.0

AWS Practioner Study Guide Content by Jeanne Boyarsky and Janeice DelVecchio

Oracle WebLogic Server 12c on AWS. December 2018

AWS Certifications. Columbus Amazon Web Services Meetup - February 2018

Security Camp 2016 Cloud Security. August 18, 2016

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

AWS_SOA-C00 Exam. Volume: 758 Questions

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Network Security & Access Control in AWS

Simple Security for Startups. Mark Bate, AWS Solutions Architect

Securing Microservices Containerized Security in AWS

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY


What to expect from the session Technical recap VMware Cloud on AWS {Sample} Integration use case Services introduction & solution designs Solution su

We are ready to serve Latest IT Trends, Are you ready to learn? New Batches Info

What s New at AWS? A selection of some new stuff. Constantin Gonzalez, Principal Solutions Architect, Amazon Web Services

Mid-Atlantic CIO Forum

Crypto-Options on AWS. Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH

What s New at AWS? looking at just a few new things for Enterprise. Philipp Behre, Enterprise Solutions Architect, Amazon Web Services

Splunk & Amazon Web Services

Energy Management with AWS

Introduction to cloud computing

Security: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration

How the Cloud is Enabling the Disruption of the Construction Industry. AWS Case Study Construction Industry. Abstract

Getting started with AWS security

Amazon AWS-DevOps-Engineer-Professional Exam

25 Best Practice Tips for architecting Amazon VPC

How to go serverless with AWS Lambda

Standardized Architecture for PCI DSS on the AWS Cloud

AWS Data Security Security Update

How to host and manage enterprise customers on AWS: TOYOTA, Nippon Television, UNIQLO use cases

#AWSSummit. Démarrer sur AWS. L élasticité et les outils de gestions

VMware Cloud on AWS The Next Generation Hybrid Cloud Architecture

Grischa Baelden AWS Public Sector Account Manager, DACH. Brendan Bouffler. Worldwide Research and Technical Computing Lead

Architecting Microsoft Azure Solutions (proposed exam 535)

NGF0502 AWS Student Slides

Cognixia LEARNING SOLUTIONS COMPANY. Cloud Computing with AWS Training

AWS Interview Questions and Answers

AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS

Using SQL Server on Amazon Web Services

AWS Solution Architecture Patterns

Transcription:

AWS Well Architected Framework

What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources

Main Pillars Security Reliability Performance Efficiency Cost Optimization Account Access Keys Network Services High Availability Load Balancing Backup and DR Auto Scaling Right-Sizing Benchmarking Load Testing Monitoring Managed- Services Cost Awareness Tagging

General Design Principles Secure from the Start Stop Guessing your Capacity Needs Test Systems at Production Scale Lower the Risk of Architecture Change Automate to make Architectural Experimentation Easier Allow for Evolutionary Architectures

Security Security Reliability Performance Efficiency Cost Optimization

Security The ability to protect information, systems and assets while delivering business value through risk assessments and mitigation strategies. Data Protection Privilege Management Infrastructure Protection Detective Controls

Customers Security: Shared Responsibility Customer applications & content Platform, Applications, Identity & Access Management Operating System, Network, and Firewall Configuration Client-side Data Encryption Server-side Data Encryption Network Traffic Protection AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Locations

Security: Credentials As soon as you Create a new AWS Account Enable MFA Use Identity and Access Management Service (IAM) to Create Users, even if its only 1 Protect all of your Credentials DO NOT place Access Keys in Code EVER! 'key' => '1111-2222-3333-4444-5555, 'secret' => 'aaaa-bbbb-cccc-dddd-eeee',

Security: EC2 Role 1: Create EC2 role Create role in IAM service with limited policy 2: Launch EC2 instance Launch instance with role Instance 3: App retrieves credentials Using AWS SDK application retrieves temporary credentials 4: App accesses AWS resource(s) Using AWS SDK application uses credentials to access resource(s)

Security: Network and Boundary Security Groups are Built-in Stateful Firewalls Divide Layers of the Stack into Subnets Use a Bastion Host for Access Implement Host Based Controls

Two Layers with Security Groups User WEB Server WEB Security Group Web Subnet A DB Security Group RDS DB Instance DB Subnet A Availability Zone A Availability Zone B

Security: Instance, Monitoring and Auditing Configure Encryption Everywhere Possible Configure CloudTrail Service Configure VPC Flow Logs Collect all Logs Centrally and Alert Virtual Private Cloud Identity & Access Manager Key Management Service CloudTrail AWS Config

Reliability Security Reliability Performance Efficiency Cost Optimization

Reliability The ability of a system to recover from infrastructure or service failures, dynamically acquire computing resources to meet demand and mitigate disruptions such as misconfigurations or transient network issues. Foundations Change Management Failure Management

Reliability: High Availability No Single Point of Failure Multiple Availability Zones Load Balancing Auto Scaling and Healing

Multi AZ, Load Balanced, Auto Scaled User Route 53 Elastic Load Balancing WEB Server WEB Server WEB Server Auto Scaling Group WEB Server WEB Server WEB Server S3 Web Subnet A Web Subnet B CloudWatch RDS DB Instance Active DB Subnet A RDS DB Instance Standby DB Subnet B Availability Zone A Availability Zone B

Reliability: Monitoring and Alerting Monitoring Notification Automated Response Review AWS Lambda CloudWatch CloudWatch Alarm CloudWatch Logs SNS

Reliability: Backup and DR Define Objectives Backup Strategy Periodic Recovery Testing Automated Recovery Periodic Reviews

Performance Efficiency Security Reliability Performance Efficiency Cost Optimization

Performance Efficiency The ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve. Compute Storage Database

Performance Efficiency: Right Sizing Reference Architecture Quick Start Reference Deployments Benchmarking Load Testing Cost / Budget Monitoring and Notification

Performance Efficiency: Proximity and Caching Content Delivery Network (CDN) CloudFront Database Caching Reduce Latency ElastiCache Pro-active Monitoring and Notification RDS DB instance read replica

Multi AZ, Load Balanced, Auto Scaled, Caching User Route 53 CloudFront AWS WAF Elastic Load Balancing WEB Server WEB Server WEB Server Auto Scaling Group WEB Server WEB Server WEB Server S3 Web Subnet A Web Subnet B CloudWatch RDS DB Instance Active RDS DB Instance Read Replica DB Subnet A ElastiCache RDS DB Instance Standby RDS DB Instance Read Replica DB Subnet B ElastiCache Availability Zone A Availability Zone B

Cost Optimization Security Reliability Performance Efficiency Cost Optimization

Cost Optimization The ability to avoid or eliminate unneeded cost or suboptimal resources. Matching Capacity and Demand Cost-effective Resources Expenditure Awareness Optimising Over Time

Cost Optimization: Capacity Matching Demand Based Queue Based Schedule Based Appropriately Provisioned Instance Matching Pro-active Monitoring and Action SQS SWF Optimized instance

Cost Optimization: Pricing Model On Demand Reserved Spot Automated Turn Off

Cost Optimization: Managed Services Analyze Available Services Appropriate Databases Consider Application Level Services Automation: CloudFormation, Elastic Beanstalk RDS DynamoDB Redshift ElastiCache AWS CloudFormation AWS Elastic Beanstalk Elastisearch Service

Cost Optimization: Manage Expenditure Tag Resources Track Project Lifecycle and Profile Applications Monitor Usage and Spend Cost Explorer Partner Tools

Trusted Advisor

Trusted Advisor

Enterprise-Level Support Offers resources for customers running business & missioncritical workloads on AWS, as well as any customers who: Focus on proactive management to increase efficiency and availability Build well-architected, well-operated solutions Leverage AWS expertise to support launches and migrations

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback