AWS Cloud Computing and Global Infrastructure

Cloud computing is on-demand delivery of compute power, database, storage, applications and other IT resources via internet with pay-as-you-go pricing.

Benefits of cloud computing

  • agility
  • elasticity
  • Cost savings
  • Deploy globally in minutes

AWS Cloud

  • A brand portfolio of global cloud-based products that are on-demand, available in seconds, with pay-as-you-go pricing

AWS Global Infrastructure

  • Regions
    • Completely isolated from each other
    • Certain resources tied to specific regions
    • Availability Zones are within regions
  • Availability Zones
    • Each AZ is isolated from other AZ’s within the region
    • All AZ are interconnected by fiber
  • Local Zones
    • Infrastructure deployment close to population centers
  • Wavelength Zones
    • Deploys on 5g services
    • Low laytency projects
  • Direct Connect Locations
    • Bypasses internet and connects directly to AWS
  • CloudFront
    • Edge Locations
    • Regional Edge Caches
Intro to Compute

Intro to AWS Compute

  • Allows to develop, deploy, run and scale workloads in the AWS Cloud

Compute Services

Benefits of Amazon EC2

  • Elasticity
  • Control
  • Flexible
  • Integrated
  • Reliable
  • Secure
  • Cost-effective
  • Easy

Instance Types

  • Wide selection of hardware and software configurations optimized to fit different use cases
    • General purpose
    • Compute optimized
    • Memory optimized
    • Accelerated computing
    • Storage optimized
  • Families within each type
    • Generations within each family

Amazon Machine Images

  • Initial software configuration of an instance
  • Can use AWS or marketplace or user community or custom AMIs

Why Scaling Matters

  • Launch new instances in advance of peak periods
  • Use monitoring to grammatically scale out
  • Automatically scale in
  • Pay for the resources needed, only when needed

Auto Scaling group

  • Automatically adjusts resource capacity
  • Define where Amazon EC2 Auto Scaling deploys resources
  • Specify the amazon VPC and subnets

Elastic load balancing

  • Automatically distribute traffic across multiple EC2 instances
    • Increases availability and fault tolerance
    • Configure health checks
    • Offlocat encryption and decryption
    • types
      • Application load balance (app layer)
      • Network load balance (network layer)
      • Gateway load balancer (third-party virtual appliances
Intro to Storage

Storage Services Storage Services

Elastic Block Storage (EBS)

  • Network-attached block storage for use with Amazon EC2 instances
  • Persist independently from instance
  • Used like a physical hard drive
  • Automatically replicated
  • Attached to any instance in the same AZ
  • One EBS volume to one EC2 instance
  • One instance to many EBS volumes
  • EBS volumes can retain at a after EC2 instance termination
  • Allow point-in-time snapshots to S3 GiB increments

Simple Storage Service (S3)

  • Infinite scalability, greater analysis, and faster data retrieval
  • 99.999999999 (11 9s) of durability
  • Common s3 use cases:
    • Data lakes
    • Backup and storage
    • Application hosting
    • Media hosting
    • Software delivery

S3

Databases

Database services

  • Purpose-built for specific application use cases
  • Offload time-consuming management tasks Database Services EC2-hosted vs. AWS Database Services Services vs AWS Instances
Networking Services

Networking Services

  • Isolate cloud infrastructure and scale request-handling capacity Networking Services

Virtual Private Cloud (VPC)

  • Networking layer for AWS resources
  • A virtual network dedicated to a customers AWS account Subnet
  • A range of IP addresses in a VPC

Securing a VPC

  • Network Access Control Lists
    • Control traffic at the subnet level
  • Security groups
    • control traffic at the instance level
  • Flow logs
    • Capture network flow information
  • Host-based firewalls
    • Operating system firewalls

Networking Example

Intro to Security

Cloud security on AWS

  • Inherit benefits from AWS data center and network architeture
  • Similar to on premises data centers, without maintaining facilities and hardware
  • Can be easily automated
  • Inherit all the best practices of AWS

Security, identity, and compliance services

  • One of the most important concepts to understand
  • AWS is designed to help build secure, high-performing, resilient, and efficient infrastructure for applications

AWS shared responsibility model AWS Shared Responsibility Model

Identity and Access Management (IAM)

  • Securely manage access to AWS services and resources
  • Fine-grained access control to AWS resources
  • Multifactor authentication
  • The ability to analyze access
  • Integration with corporate directories
Intro to Solution Design

Migration Strategies - Seven R’s

  • Rehost - Lift and shift
    • Rehost
    • Recreating the on-premises network, only hosted on AWS
    • Automating with tools such as AWS Application Migration Service
    • Easier to optimize and re-architect applications after migration
  • Relocate - hypervisor-level lift and shift
    • Relocate
    • Migration specific to VMware Cloud on AWS
    • Example:
      • Migrate hypervisor host Oracle database to VMware Cloud on AWS
  • Replatform - lift, tinker, and shift
    • Replatform
    • Retaining the core architecture
    • Making targeted AWS cloud optimizations
    • Examples:
      • Migrating databases to Amazon RDS
      • Migrating applications to Amazon Elastic Beanstalk
  • Refactor - modernize
    • Refactor
    • Re-imagining how the application is architected and developed
    • Using cloud-native features
  • Other strategies
    • Retire
      • Shutting off non-useful applications
      • Reducing spend, management, and security
    • Retain/Revist
      • Keep certain applications on-premises
    • Repurchase
      • Moving workflows to software as a service (SaaS)
Cloud Architecture Best Practices
  1. Design for failure and nothing fails
    • Avoid single points of failure
    • Multiple instances
    • Multiple availability zones
    • Sepearet single server into multiple tiered application
    • For Amazon RDS, use the multi-Az feature
  2. Build security in every layer
    • Encrypt Data at rest and in transit
    • Enforce principle of least privilege in IAM
    • Implement both Security Groups and Network Access Control Lists (NACL)
    • Consider advanced security features and services
  3. Leverage different storage options
    • Move static web assets to Amazon S2
    • Use amazon CloudFront to serve globally
    • Store session state in DynamoDB
    • Use ElastiCache between hosts and databases
  4. Implement elasticity
    • Implement Auto Scaling policies
    • Architect residency to reboot and relaunch
    • Leverage managed services like S3 and DynamoDB
  5. Think parallel
    • Scale horizontally, not vertically
    • Decouple compute from session/state
    • Use elastic load balancing
    • Right-size your infrastructure
  6. Loose coupling sets you free
    • Instead of single, ordered workflow, use multiple queues
    • Use amazon Simple Queue Service and Simple notification Service (SQS and SNS)
    • Leverage existing services
  7. Don’t fear constraints
    • Rethink traditional constraints
    • Need more RAM? Distribute across instances
    • Better IOPS for database? Scaling horizontally instead
    • Response to failure? Rip and replace, decommission and spin up replacement
Well-Architected Framework

Well-Architected Framework

  • A framework for ensuring infrastructures are:
    • secure
    • high-performing
    • resilient
    • efficient
    • sustainable
  • Practices developed through reviewing customers’ architectures on AWS
  • Systematic approach for evaluating and implementing architectures
  • Well-Architected Tool in the console

The Six Pillars

Cloud Adoption Framework and Perspectives

Cloud Adoption Framework

  • Migrating to the cloud is a process
  • Successful cloud migration requires expertise
  • Harness different perspectives
  • Ensure that you have the right talent
  • The AWS Professional Services created the AWS CAF
  • AWS CAF provides enables smooth transition through 6 perspectives
  • The Six Perspectives

6 perspectives

  1. Business perspective
    • Ensure IT aligns with business
    • Creates a strong business case for cloud adoption
    • Ensure business align with IT
    • Common roles include: Business managers, finance managers, budget owners, strategy stakeholders
  2. People perspective
    • Support change management strategy
    • Evaluate organizational structures and roles
    • Evaluate new skill and process requirements
    • Identify gas
    • Prioritize training
    • Common roles: Human Resources, staffing, people managers
  3. Governance perspective
    • Focus on skills and processes
    • Ensure the business values are maximized and risks are minimized
    • Update the staff skills and processes
    • Measure cloud investments to evaluate business outcomes
    • Common roles: Chief Information Officer, Program Managers, Enterprise Architects, Business analysts, and Portfolio Managers
  4. Platform perspective
    • Implement new solutions in the cloud
    • Migrate on-premises workloads to the cloud
    • Understand and communicate the structure of IT systems and their relationships
    • Describe the architecture of the target state environment in detail
    • Common roles: Chief Technology Officer (CTO), IT managers, and Solutions architects
  5. Security perspective
    • Meet security objectives for visibility, auditability, control, and agility
    • Structure the selection and implementation of security controls
    • Common roles: Chief Information security officer (CSIO), IT security managers, and IT security analysts
  6. Operations perspective
    • Enable, run, use, operate, and recover IT workloads
    • Define how business is conducted
    • Align with and support the business operations
    • Define current operating procedures
    • Common roles: IT operations managers and IT support managers

Action Plan

  • Uncover gaps in skills and processes
  • Use inputs as bassi for creating AWS CAF Action Plan
  • Guide an organizations change management
  • Keep on track toward achieving their desired outcomes

AWS Solutions - Vetted, technical reference implementations designed to help customers solve common problems and build faster

AWS Solution Space provides customers who need help deploying an AWS Solution by highlighting AWS Competency Partner Solutions

  • AWS Quick Starts - prebuilt solutions for specific use cases
Presenting AWS Solutions to Customers

Key Phases

Customer-facing discussions fall into three distinct categories, based upon typical milestones in the sales cycle.

  1. Discovery is the information-gathering meeting to help you understand your customers challenges
  2. After all the necessary information is collected that identifies the customer’s goals and pain points, you will meet with the customer again to present your findings and propose one or more AWS solutions. This may actually end up being several meetings, depending on whether tweaks to the solution are needed.
  3. After the customer agrees to a potential solutions, you will ask them if they would like to move forward with a proof of concept (POC), where they evaluate the solution in their own environment

Discovery Best Practices

Preparing for discovery

  • Research customer’s business
  • Determine market segment
  • Identify industry trends
  • Identify customer’s competitors
  • Research recent news
  • Research customer relationship to AWS

Encourage detailed conversation

  • Ask targeted questions
  • Ask open-ended questions

Five Why’s

  • Dive deeper
  • Uncover the real desired outcomes

Whiteboarding

  • Keep track of the conversation
  • Illustrate workflows and ideation
Customer Meeting Best Practices

Handling Objections Best Practices

  • Data-driven approach
  • Use case studies
  • Dive deep
  • Have backbone
  • Keep the momentum going

Common objection response

  • Security
    • Security at AWS is our top priority
    • Higher security posture than in legacy environments
    • Customers inherit all the benefits of our experience
    • Validated against the strictest of third-parts assurance frameworks
  • Cost or cost savings
    • Reduce total cost of ownership (TCO)
    • Achieve continuously optimized and predicable spend
    • No longer over provision infrastructure for peak demand
    • GE Oil and Gas decreased TCO by 52%
  • Scalability and Response
    • Build Cloud Foundation Team
    • Create guardrails around security, availability, reliability and compliance
    • AWS Control Tower gives maximum control—without sacrificing speed and agility

Keys to consistent results

  • prepare
  • anticipate
  • differentiate
  • Stay on message

DO NOT

  • Use words like definitely, never, or guaranteed
  • Use acronyms or technical jargon
  • Focus on technology
  • Focus on the short/mid-term
  • Read the slides
Delivering a Proof of Concept

POC Fundamentals POC Fundamentals

Building a POC

  • Customer agrees to move forward with POC
  • Determine what success looks like
  • Include any modifications
  • Consult as necessary
  • Collect the following information
    • Networking and security
    • Application code
    • databases
    • Data Skills & Resources

POC resources APN - partner portal has training for POC

AWS Quick Starts

  • Rapidly deploy architectures based upon best practices
  • Launch, configure, and run AWS services required to deploy a specific workload on AWS
  • Reduce manual procedures into few steps
  • Check back frequently for updates POA Program
Migration Considerations

The Migration Process The Migration Process

Minimum Viable Product (MVP)

  • Avoid building a solution where you only discover if there is success at the end
  • Instead start with something basic and gather feedback as you get more complex

MVP and delivering results

MVP

Migration Strategies

Going to Production

Best practices

  • Involve AWS account team (Solutions Architect or Technical Account Manager)
  • Customer-specific regulatory requirements
  • AWS support level

Well Architected Review

  • Architectural guidance
  • Continuous review
  • Improved architectures
Modernization

Modernize to drive growth

  • Retire expensive legacy solutions
  • Reduce TCO, improve cost optimization
  • Gain agility through automation
  • Free up resources to drive innovation

Modernization of architectures

  • Containers
  • serverless
  • Data lakes and analytics

Containers

  • Package code, configurations, and dependencies into a single object
  • Share an operating system
  • Run as resource- isolated processes
  • AWS offers resources and orchestration services

Containers use cases

  • microservices
  • Batch processing
  • Machine learning
  • Hybrid applications
  • Application migration to the cloud
  • Platform as a service

Serverless Serverless

Serverless benefits

  • No provisioning, maintaining, and administering servers
  • AWS handles fault tolerance and availability
  • Focus on product innovation

Data Lakes and Analytics

  • Data in different silos can be difficult to access and analyze
  • Store data in a “data lake"
  • Easy to read data and obtain insights
Intro to AWS Organizations

Organization

AWS Organizations

Security

  • Control access with AWS Identity and Access Management (IAM).
  • IAM policies enable you to allow or deny access to AWS services for users, groups, and roles
  • Service control policies enable you to allow or deny access to AWS services for individuals or group accounts in an OU.

Security

Accessing Organizations

  • Management Console
  • CLI (command line tools)
  • SDKs
  • HTTPS Query API