The term "cloud computing" refers to the on demand delivery of IT resources via the Internet with pay as you go pricing. Amazon Web Services (AWS) provides a complete set of cloud computing services that enable you to build sophisticated, scalable applications. Join us for this Introduction to AWS Services and discover how government customers in Australia have adopted the AWS platform. We will cover all fundamentals of the AWS platform and provide the information you need to understand Security, Policy and Procurement.
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Government Customers
1. AWS Government, Education, &
Nonprofits Symposium
Canberra, Australia | May 20, 2014
Getting Started with AWS for Government Customers
John Hildebrandt
Solutions Architect
Amazon Web Services
3. There are many reasons to move to the
Cloud
#1: Agility
#2: Platform
Breadth
#3: Continual Iteration and
Innovation
#4: Cost Savings and
Flexibility
Our 42nd Price Reduction
ü
5. #1 Agility: Increase Innovation - Experiment
Fast & Low cost
On-Premises
Experiment Infrequently
Failure is expensive
Less Innovation
Experiment Often
Iterate quickly at low cost
More Innovation
$ Millions Nearly $0
6. Support
Certification
Training
Professional Services
Technology Partners
Consulting Partners
AWS Marketplace
Ecosystem
Elastic Beanstalk for Java, Node.js,
Python, Ruby, PHP and .Net
OpsWorks
CloudFormation
Containers & Deployment (PaaS)
Management &
Administration
IAM
CloudWatch
CloudTrail
APIs and SDKs
Management Console
Cloud HSM
Command Line Interface
Direct Connect
Route 53
VPC
Networking
Analytics
Data Pipeline
Redshift
EMR
Kinesis
SWF
SNS
SQS
CloudSearch
SES
AppStream
CloudFront
Application Services
WorkSpaces
Regions
Availability Zones
Content Delivery POPs
Storage Gateway
S3
EBS
Glacier
Import/Export
DynamoDB
ElastiCache
Storage
Compute
Databases
RDS
MySQL, PostgreSQL
Oracle, SQL Server
Elastic Load Balancer
EC2
Auto Scaling
#2 Breadth of Services
7. Region
US-WEST (N. California)
EU-WEST (Ireland)
ASIA PAC
(Tokyo)
ASIA PAC
(Singapore)
US-WEST (Oregon)
SOUTH AMERICA (Sao
Paulo)
US-EAST (Virginia)
GOV CLOUD
ASIA PAC
(Sydney)
AWS Global Infrastructure
10 Regions
25 Availability Zones
Continuous Expansion
8. • $7B retail business
• A whole lot of servers
Every day, AWS adds enough
server capacity to power that
whole $7B enterprise
9. Availability
AWS has multiple "availability
zones" (AZs) within regions.
AWS's services are designed to make it
easier to run applications across multiple
AZs;
10. Magic Quadrant for Cloud IaaS
Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” Lydia Leong, Douglas Toombs, Bob Gill, Gregor Petri, Tiny Haynes, August 19, 2013. This Magic Quadrant graphic was published by Gartner, Inc. as part of a
larger research note and should be evaluated in the context of the entire report.. The Gartner report is available upon request from Steven Armstrong (asteven@amazon.com). Gartner does not endorse any vendor, product or
service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization
and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
11. 4X More Reliable & 1/4 the Cost of On-Premises Infrastructure
In early 2012, AWS commissioned IDC to interview 11 organizations that deployed applications on AWS.
12. You Don’t Need to Guess Capacity
Self
Hosting
Waste
Customer
Dissatisfaction
Actual demand
Predicted Demand
Rigid Elastic
Actual demand
AWS
13. Security & Compliance Resources
• Security & Compliance Center: http://
aws.amazon.com/security
• Security Overview & Best Practices
• AWS Risk & Compliance Whitepaper
• Creating HIPAA Compliant Applications
Hardware, Software & Network
• Systematic change management
• Phased updates deployment
• Safe storage decommission
• Automated monitoring and self-audit
• Advanced network protection systems
Certifications and Accreditations
• ISO 27001
• SSAE 16 / ISAE 3402 / SOC1 (formerly
U.S. standard SAS-70 Type II)
• FISMA Moderate Controls; ITAR region
• HIPAA applications certified on AWS
• Payment Card Industry (PCI) Data
Security Standard (DSS) Level 1
• FedRAMP
Physical
• Datacenters in nondescript facilities
• Physical access strictly controlled
• Must pass two-factor authentication at
least twice for floor access
• Physical access logged and audited
Built to Enterprise & Gov’t Security Requirements
14. #3: A Rapid Pace of Innovation
24
48
61
82
159
280
2014: 80 New Features and Services Since January
16. AWS CloudTrail: AWS API Call Logging for Governance & Compliance
Stores data in S3, or archive to
Glacier
Log and review user activity
Available in Asia Pacific (Sydney) now
Now available to all
17. Trade Capex for
variable expense
1
Pricing model
choice to support
variable & stable
workloads
On-demand
Reserved
Spot
3
Save more
money as you
grow bigger
Tiered pricing
Volume discounts
Custom pricing
4
Economies-of-scale
provide lower costs
than companies can
do on their own
2
42 price reductions
since 2006
#4: Cost Savings and Flexibility
18. Our 42nd Price Reduction
Effective April 1, 2014
51% reduction
on average
Tier prices decrease
from 36% to 65%
S3
EMR
27% to 61%
reduction
Average reduction
of 28%
RDS
ElastiCache
Average reduction
of 34%
38% reduction
for M3
30% reduction
for C3
EC2
10% to 40% reduction
for M1, M2, C1 and CC2
19. • Digital, websites, intranets
• High-volume downloads
• Dev & Test
• Storage & Archiving
• Apps, mobile apps
• Re-platforming databases
• Big data, data warehousing
• Enterprise apps
Typical Government Workloads
20. There are many ways to move to the Cloud
#1: Development and Test #2: New Workloads #3 Supplement existing workloads
#4: Integrate Cloud Workloads with
Existing On-premises systems #5: Migrate Existing Applications #6 DC Migrations and All-In
21. • Australian Government agencies will:
– consider cloud services for new ICT procurements. Agencies will choose cloud
services where the cloud service represents the best value for money and adequate
management of risk compared to other available options;
– commence procurement of public cloud services for their testing and
development needs, as appropriate where the service represents the best value
for money and is fit for purpose;
– transition public facing websites to public cloud hosting at natural ICT
refreshment points, where those cloud services demonstrate best value for money
and is fit for purpose; and
– establish information sharing initiatives to facilitate continual improvement
based on a repository of case studies, better practices risk approaches and
practical lessons to enable agencies to learn from each other.
Government Guidance
22. • Virtual Private Cloud
– You control virtual networking environment, your own IP address range,
creation of subnets, route tables and network gateways.
• Direct Connect - Private Connectivity to your Amazon VPC
Test and Development
23. • Web / App servers
(EC2)
• Disk (EBS)
• Auto Scaling Group
• Load Balancer (ELB)
• Database (EC2 or
RDS)
• DNS (Route 53)
• S3 (Static content,
logs)
• Security Groups
• NACL
Web Applications
25. • Founded in 2008, HubWorks! provides a
web portal for childcare in Australia used
by 800 public and private organizations
• The infrastructure was unable to scale
reliably during peak usage hours, leading
to portal crashes
• With AWS, Hubworks! can automatically
scale up during peak periods to meet
demand and then scale down
HubWorks! Uses AWS to Improve Portal Response Times
and Save Money
26. Education
• University of WA – Class2Go
– Professor Glance. “Using AWS, Class2Go cost about $200 for
the first month and our current operating costs are only about
$1,500 a month.”
• Open Universities Australia – Open2Study
(MOOC)
– “We can have technologies in development within a day and add
them to our production environment within two weeks instead of
waiting until all work is completed before going live,”
27. Research
• International Centre for Radio Astronomy
Research (ICRAR)
– “The scalability of AWS has been enormously helpful,” says
Associate Professor Vinsen. “I can add more capacity as I need
it with minimal fuss. Using AWS allows us to process upwards of
150 GB of sky images and store more than 400 GB of imaging
data every month.”
29. Active Directory
VM Images
Network Configuration
Your Data
Your On-Premises Apps
Your Data Centers
Users & Access Rules
VM Import/Export
Your Private Network
Our Storage
Your Cloud Apps
Direct Connect
VPC
IAM
Storage Gateway
Our “Hybrid” Focus: Tools to Support Hybrid IT
Architectures
30. • Government advice
– Despite common perceptions, cloud computing has the potential to
enhance privacy safeguards used to protect personal information held by
Government agencies.
– Irrespective of choosing traditional methods of provisioning ICT
requirements or cloud computing services, agencies need to be aware of
their privacy and security obligations, conduct a risk-based analysis of their
information, and ensure that the contractual arrangements they enter into
with ICT providers adequately address their privacy obligations.
– It is important to note that the Privacy Act 1988 (Privacy Act) does not
prohibit the use of cloud computing and an agency, having conducted
appropriate due diligence, may contract for cloud computing services and
comply with its Privacy Act obligations, as with current ICT contractual
practice.
Privacy
31. • AWS customers retain control and ownership of
their data.
• Aust. Privacy
whitepaper
Shared Responsibility Model
32. • Easy to get started:
– Online sign up, click through agreement
– Low costs, No lock in
– Contact Account manager to move to invoicing.
• Government advice available
– Discusses transitioning CAPEX -> OPEX
Procurement
34. THANK YOU
Please give us your feedback by filling out the Feedback Forms
AWS Government, Education, &
Nonprofits Symposium
Canberra, Australia | May 20, 2014