Opening Keynote – Dr. Werner Vogels, Chief Technology Officer, Amazon.com and Customers
Pallanikumaran Selvan, Chief Infrastructure Consultant, Data.gov.sg (Infocomm Development Authority Singapore, Data Science Division)
Anju Patwardhan, Global Chief Innovation Officer at Standard Chartered Bank
Goragot Wongpaisarnsin, General Manager at Toyota Tsusho Electronics Thailand
Karthik Subramanian, Chief Technology Officer at Zalora
13. INNOVATION ACROSS VIRTUALLY EVERY INDUSTRY
98% REDUCTION IN TIME
FOR CLINICAL TRIALS
MILLIONS OF CONCURRENT
PLAYERS AT LAUNCH
PETABYTES OF REALTIME
DATA PER SEASON
REPLAY BILLIONS OF
TRADES INSTANTLY
21. 22
ZALORA AT A GLANCE
11MMOBILE APP
DOWNLOADS
4MCUSTOMERS
7MVISITS
WEEKLY
1.5MORDERS
SHIPPED
IN Q4 2015
6.5M
FACEBOOK
FANS
5MSUBSCRIBER
S
Zalora in numbers
Q4 2015
Record one-day sales achieved during 12-12
Online Fever (six times previous record)
Clocked 250% increase in mobile customers
2012
ZALORA Group
formed
Q2 2013
Launched 7-11 pick-ups
Launched iOS App
Launched in-house delivery fleet
Received our one millionth order
Q1 2013
Launched first fully
optimized mobile site
Received highest funding
ever for a start up
Q3 2013
Signed River Island
Launched ZALORA e-Magazine
Launched Android App
Q2 2014
Launched Marketplace
Q3 2014
Launched ZALORA label
Q4 2014
Launched same-day delivery
Opened first click-and-mortar store
Q1 2015
Celebrated 3rd anniversary
Q2 2015
Launched ZALORA Taiwan
Key milestones in the Zalora journey
22. ∙ Platform fully hosted in a physical DC in Hong Kong
∙ Average capacity utilisation of 10%
∙ Living dangerously during peaks
∙ Lead-time for adding peak capacity - 10 days!!
∙ Marketing estimates of traffic spikes usually not accurate
23
FROM LAUNCH THROUGH HYPER GROWTH
24. ∙ Early experiments and doubts (2014 onwards)
∙ Gradual traffic and infrastructure ramp-up
∙ Straddling the cloud/DC - LIVE traffic split
∙ Live migration in 30 days for all sites
∙ Average utilisation at 40%, costs down 40% vs DC
∙ Page speeds up 1-2s for ID/PH (slow countries) vs DC
25
TO INFINITY AND BEYOND
40. TWO NEW EBS VOLUME TYPES BUILT FOR THROUGHPUT
THROUGHPUT
OPTIMIZED HDD
(ST1)
UP TO 500MB/S
$0.045 PER GB/MONTH
COLD HDD
(SC1)
UP TO 250MB/S
$0.025 PER GB/MONTH
41. THE INDUSTRY’S BEST PRICE/PERFORMANCE
BLOCK STORAGE FOR BIG DATA WORKLOADS
PROCESSING
LOGS
STREAMING
DATA PROCESSING
DATA ANALYTICS
WITH MAP/REDUCE
DATA
WAREHOUSING
LESS FREQUENTLY
ACCESSED
45. BROADEST SET OF ACCREDITATIONS & CERTIFICATIONS
GLACIER VAULT LOCK
& SEC RULE 17A-4(F)
27018
46. BROADEST SERVICES TO SECURE APPLICATIONS
NETWORKING
VIRTUAL
PRIVATE
CLOUD
WEB
APPLICATION
FIREWALL
47. BROADEST SERVICES TO SECURE APPLICATIONS
NETWORKING
VIRTUAL
PRIVATE
CLOUD
WEB
APPLICATION
FIREWALL
IDENTITY
IAM ACTIVE
DIRECTORY
INTEGRATION
SAML
FEDERATION
48. BROADEST SERVICES TO SECURE APPLICATIONS
NETWORKING
VIRTUAL
PRIVATE
CLOUD
WEB
APPLICATION
FIREWALL
ENCRYPTION
KEY
MANAGE-
MENT
SERVICE
CLOUDHSM SERVER-
SIDE
ENCRYPTION
ENCRYPTION
SDK
IDENTITY
IAM ACTIVE
DIRECTORY
INTEGRATION
SAML
FEDERATION
49. BROADEST SERVICES TO SECURE APPLICATIONS
COMPLIANCE
CONFIGCLOUD
TRAIL
SERVICE
CATALOG
CONFIG
RULES
INSPECTOR
NETWORKING
VIRTUAL
PRIVATE
CLOUD
WEB
APPLICATION
FIREWALL
ENCRYPTION
KEY
MANAGE-
MENT
SERVICE
CLOUDHSM SERVER-
SIDE
ENCRYPTION
ENCRYPTION
SDK
IDENTITY
IAM ACTIVE
DIRECTORY
INTEGRATION
SAML
FEDERATION
50. BROADEST SERVICES TO SECURE APPLICATIONS
AMAZON INSPECTOR: NOW GENERALLY AVAILABLE
COMPLIANCE
CONFIGCLOUD
TRAIL
SERVICE
CATALOG
CONFIG
RULES
INSPECTOR
NETWORKING
VIRTUAL
PRIVATE
CLOUD
WEB
APPLICATION
FIREWALL
ENCRYPTION
CLOUDHSM SERVER-
SIDE
ENCRYPTION
ENCRYPTION
SDK
IDENTITY
IAM ACTIVE
DIRECTORY
INTEGRATION
SAML
FEDERATION
KEY
MANAGE-
MENT
SERVICE
52. WHAT’S BEING
ASSESSED?
NETWORK, VMS, OS
& APPLICATION
CONFIGURATIONS
BUILT-IN
CONTENT LIBRARY
CHECK COMMON
SECURITY
STANDARDS &
VULNERABILITIES
DETECT & REMEDIATE SECURITY ISSUES EARLY & OFTEN
WITH AMAZON INSPECTOR
53. WHAT’S BEING
ASSESSED?
NETWORK, VMS, OS
& APPLICATION
CONFIGURATIONS
BUILT-IN
CONTENT LIBRARY
CHECK COMMON
SECURITY
STANDARDS &
VULNERABILITIES
DETAILED
LISTS
DETAILED
DASHBOARD
DETECT & REMEDIATE SECURITY ISSUES EARLY & OFTEN
WITH AMAZON INSPECTOR
54. WHAT’S BEING
ASSESSED?
NETWORK, VMS, OS
& APPLICATION
CONFIGURATIONS
BUILT-IN
CONTENT LIBRARY
CHECK COMMON
SECURITY
STANDARDS &
VULNERABILITIES
DETAILED
LISTS
DETAILED
DASHBOARD
FULL AUDIT
TRAILS
TRACK WHAT TESTS
WERE PERFORMED
WHEN AND THEIR
RESULTS
DETECT & REMEDIATE SECURITY ISSUES EARLY & OFTEN
WITH AMAZON INSPECTOR
83. END TO END CONTINUOUS DELIVERY WITH ELASTIC BEANSTALK
SPIN UP
ENVIRONMENT
QA
ENVIRONMENT
DEPLOY
APP
BUILD
APP
TEST
APP
QA
APP
84. APP
JAVA, .NET, PHP,
NODE.JS, PYTHON,
RUBY, GO
CONTAINER
DOCKER,
MULTI-
CONTAINER
COMPONENTS OF APPS & ELASTIC BEANSTALK
85. APP
JAVA, .NET, PHP,
NODE.JS, PYTHON,
RUBY, GO
CONTAINER
DOCKER,
MULTI-
CONTAINER
AMI,
APP SERVER,
WEB SERVER
PLATFORM
COMPONENTS OF APPS & ELASTIC BEANSTALK
86. APP
JAVA, .NET, PHP,
NODE.JS, PYTHON,
RUBY, GO
INSTANCES AUTO-
SCALING
CONTAINER
DOCKER,
MULTI-
CONTAINER
LOAD
BALANCING
AMI,
APP SERVER,
WEB SERVER
HEALTH
CHECKS
PLATFORM
COMPONENTS OF APPS & ELASTIC BEANSTALK
87. PLATFORM UPDATES: A SHARED RESPONSIBILITY
JAVA, .NET, PHP,
NODE.JS, PYTHON,
RUBY, GO
INSTANCES AUTO-
SCALING
CONTAINER
DOCKER,
MULTI-
CONTAINER
LOAD
BALANCING
AMI,
APP SERVER,
WEB SERVER
HEALTH
CHECKS
PLATFORMAPP
88. CAN WE REMOVE MORE OF THE
MAINTENANCE BURDEN FOR WEB APPS?
89. PLATFORM UPDATES FOR ELASTIC BEANSTALK
SAFELY AND AUTOMATICALLY KEEP YOUR WEB APP PLATFORM UP TO DATE
90. KEEP YOUR APPLICATION PLATFORM UP-TO-DATE, AUTOMATICALLY
STAY IN CONTROL OF PLATFORM UPDATES
SAFELY PERFORM UPDATES WHILE MAINTAINING AVAILABILITY
MANAGED PLATFORM UPDATES FOR ELASTIC BEANSTALK
103. AWS LAMBDA: INTERNET-SCALE COMPUTE PLATFORM
DEPLOY YOUR CODE IN SECONDS
SUB-SECOND METERING
NO SERVERS TO PROCURE, PROVISION OR MANAGE
104. MOBILE
CHAT APP
AD DATA ANALYTICS
AND ROUTING
MOBILE APP
ANALYTICS
IMAGE CONTENT
FILTERING
REAL-TIME VIDEO
AD BIDDING
NEWS CONTENT
PROCESSING
GENE SEQUENCE
SEARCH
CLOUD
TELEPHONY
DATA
PROCESSING
WEB
APPLICATIONS
WEB APPLICATIONSTHREAT INTELLIGENCE
AND ANALYTICS
NEWS CONTENT
PROCESSING
GAME METRICS ANALYTICS
SERVERLESS WEB APPLICATIONS
106. NODE.JS
WEB APP
SERVER-SENT EVENT
STREAMING RESPONSE
QUER
Y
S
3
LAMBDA
CASCADE
FUNCTION N
LAMBDA
CASCADE
FUNCTION 0 LAMBDA
COUNTING
FUNCTION 0
USER
LAMBDA
COUNTING
FUNCTION 0
LAMBDA
COUNTING
FUNCTION 0
LAMBDA
COUNTING
FUNCTION 0
WEB UI CASCADE PROCESS
SERVERLESS WEB APPLICATIONS
111. OVER 200 MILLION USERSOVER 4 BILLION ITEMS STORED
MILLIONS OF ADS
PER MONTH
130+ MILLION NEW
USERS IN 1 YEAR
150+ MILLION
MESSAGES PER
MONTH
STATCAST USES BURST SCALABILITY
FOR MANY GAMES ON A SINGLE DAY
OVER 5 BILLION ITEMS OVER 200 MILLION MESSAGES
PROCESSED DAILY
COGNITIVE TRAINING 5+ MILLION
REGISTERED USERS
WEARABLE AND
IOT SOLUTIONS
170,000 CONCURRENT
PLAYERS
112. APIS EMAIL MESSAGING
NOTIFICATION MONITORING ENCRYPTION
SERVICES NOT SERVERS: A BROAD SERVERLESS PLATFORM
AMAZON S3
STORAGE
AWS LAMBDA
FUNCTIONS
AMAZON DYNAMODB
DATA STORE
115. CORE COMPONENTS FOR BIG DATA WORKLOADS
DATA STORE
OF RECORD
S3
HIGH PERFORMANCE
DATABASES
RDS
DYNAMODB
ANALYTICS
CLUSTERS
HADOOP ON EMR
SPARK ON EMR
PREDICTIVE
ANALYTICS
MACHINE LEARNINGELASTICSEARCH
SERVICE
ELASTICSEARCH DATA
WAREHOUSE
REDSHIFT
STREAMING
DATA
KINESIS STREAMS
119. KINESIS STREAMS
BUILD CUSTOM APPLICATIONS TO
COLLECT & ANALYZE STREAMING DATA
REAL TIME STREAMING DATA WITH AMAZON KINESIS
120. KINESIS STREAMS
BUILD CUSTOM APPLICATIONS TO
COLLECT & ANALYZE STREAMING DATA
KINESIS FIREHOSE
EASILY LOAD STREAMING
DATA INTO AWS
REAL TIME STREAMING DATA WITH AMAZON KINESIS
121. KINESIS STREAMS
BUILD CUSTOM APPLICATIONS TO
COLLECT & ANALYZE STREAMING DATA
KINESIS FIREHOSE
EASILY LOAD STREAMING
DATA INTO AWS
ELASTICSEARCH INTEGRATION
REAL TIME STREAMING DATA WITH AMAZON KINESIS
122. KINESIS ANALYTICS
RUN STANDARD SQL QUERIES
OVER STREAMING DATA
KINESIS STREAMS
BUILD CUSTOM APPLICATIONS TO
COLLECT & ANALYZE STREAMING DATA
REAL TIME STREAMING DATA WITH AMAZON KINESIS
KINESIS FIREHOSE
EASILY LOAD STREAMING
DATA INTO AWS
ELASTICSEARCH INTEGRATION
125. TSQUARE : Connected Mobility Solution
Connected
Content
Embedded
SW
Device
Traffic Info GPS Data Heat Map Anomaly Flood
126. CHALLENGE ON AWS
mobile client
(over 1M downloaded)
Elastic Load
Balancing
EC2
instances
Auto Scaling group
Amazon
S3
MySQL DB
instance
security group
Singapore Region
GPS Vehicle
Probes (over 60,000 Probes)
127. CHALLENGING ON AWS
• Reduce Time to Market
• Increase Business Chances
• Stabilize Quality of Service
• DevOpt Team Building
Business
Ideation
Production Development
Release
& Deployment
Prototyping
Incubation
Business
DeveloperOperation
128. BENEFITS ON AWS
• Max. 35% Cost Optimization
• Simple to reconfigure system
• x 2,500 Performance Up
• Powerful for prototyping idea
6000
3900
2014 2015
Cost
(USD/month)
695
2,000,000
Previous System New System
IoT Gateway Performance
(TPS)
151. S3DYNAMODB
MOBILE ANALYT ICS
SNS
AMAZON COGNIT O
API GAT EW AY
LAMBDA
LAMBDA
LAMBDA NOTIFICATIONS
MOBILE DEVICE MOBILE BACKEND
RDS
DATA AND
CONTENT
ANALYTICS
THE DUALITY OF DEVICES
152. S T O R E & S Y N C
D A T A
S A F E G U A R D
A W S C R E D E N T I A L S
G U E S T
A C C E S S
S O C I A L I D E N T I T Y
& L O G I N
AMAZON COGNITO: A HIDDEN GEM
153. Y O U R I D E N T I T Y
P O O L
S T O R E & S Y N C
D A T A
S A F E G U A R D
A W S C R E D E N T I A L S
G U E S T
A C C E S S
S O C I A L I D E N T I T Y &
L O G I N
AMAZON COGNITO: A HIDDEN GEM
154. EASY USER MANAGEMENT
LAMBDA DRIVEN WORKFLOWS
MULTI-FACTOR AUTHENTICATION
EMAIL AND PHONE NUMBER VERIFICATION
FULLY MANAGED IDENTITY POOLS WITH AMAZON COGNITO
157. Extract value from
device data
Augment devices’
constrained onboard
resources
Augment devices’
constrained
environments
compute
storage
Big Data
Shadow
State
Apps
offline
WHY CONNECT DEVICES TO THE CLOUD?
158. Run code in the cloud,
and update it without
deploying firmware
updates
Run code in the cloud, and
take action in physical space
through one or more devices
Secure device data, even
when the device operates
in unsecured physical
space.
bidirectional
policy
WHY CONNECT DEVICES TO THE CLOUD?
159. Many SDKs &
Tools
Alternate Protocols Scalability Security &
Management
Integration with Cloud and
Mobile Applications
CONNECTING DEVICES TO CLOUD APPLICATIONS REQUIRES
UNDIFFERENTIATED HEAVY LIFTING.
160. AWS IOT
Securely connect one or one-billion devices to AWS, so they can
interact with applications and other devices
161. AWS IOT
DEVICE SDK
Set of client libraries to
connect, authenticate and
exchange messages
DEVICE GATEWAY
Communicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATION
Secure with mutual
authentication and encryption
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
DEVICE SHADOW
Persistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
DEVICE REGISTRY
Identity and Management of
your things
163. Statcast Personal Finances
Healthcare
Digital
Web E-commerce
App Platform
Digital Content
Media Web SitesWeb CRM
Digital Media
Digital Services
Education Analytics
FROM EXPERIMENTS TO DIGITAL TRANSFORMATION
166. THE JOURNEY TO AWS IS A WELL TRODDEN PATH
DEVELOPMENT
& TEST
ALL TOGETHER NEW
APPLICATIONS
DIGITAL
ANALYTICS
MOBILE
DC MIGRATION
MISSION
CRITICAL APPS
ALL IN
1 2 3 4
168. HYBRID AS A STEPPING STONE
Integrated networking
Hybrid app deployments
Integrated networking
Hybrid app deployment
Integrated DevOps Management
Integrated DevOps Management
Realtime data integration
integrated resource management
Integrated networking
Integrated DevOps Management
Integrated networking
Data integration
Hybrid app deployment Integrated networkingIntegrated networking
Integrated security
data integration
Integrated Networking
Automated and integrated back-ups
169. ON-
PREMISES
AWS
BROAD SERVICES FOR HYBRID APPLICATIONS
Single-Tenant
Compute
Bring Your Own
Image/License
Simultaneous, Self-Service
Provisioning of Many VMs
Integration with Existing
Management Tools
Massive Scale
Import / Export
Isolated Network
Across Regions
Fully Isolated
Network Posture
DNS-Based Global
Load Balancing
Network Forensic
Tools
Web Application
Firewall
Isolated Network
within Region
Private Connections from
Your DC to AWS
Network
Performance Tiers
Global Content
Delivery Network
Security Info & Event
Management (SIEM) Integration
Provider-Enabled
Encryption Services
Centralized Key
Management
Automated Security
Assessment
Rich, Role-Based
Access Controls
Hardware Security
Module (HSM) Support
Active Directory (AD)
Integration / AD-aaS
Track Resource
Inventory and Changes
Bulk Object Delete and
Data Lifecycle Mgmt Policies
Customer Ownership
Of Data
Many Scalable
Database Engines
Data
Archival
Simple Import of
Massive Data Amounts
Customer Control
Over Data Locale
Elastic File
System
Database Migration
and Conversion Tools
Gateway – Cached
Volumes
Create and Standardize
on Best Practices
Automate Operations
Management
Release Software
Using Continuous Delivery
Monitor Resources
And Applications
Centralize and Simplify
Software Deployments
Build, Publish
and Manage APIs
Managed Source
Control
Integration with Existing
Management Tools
Data
Warehouse
Integrated
Compute
Integrated
Networking
Integrated
Security & Access
Data Integration &
Lifecycle Mgmt
Resource and
Deployment Mgmt
170. A STRATEGIC,
PHASED MIGRATION
2014 2015 2016
E.G. INNOVATION LABS, MOBILE APP PILOTS, HACKATHONS
E.G. ONLINE BANKING, STREAM DATA PROCESSING
E.G. MOBILE BANKING APP
EXPERIMENTATION
DEVELOP & TEST
PRODUCTION