SlideShare a Scribd company logo

Simplify & Standardise your migration to AWS with a Migration Landing Zone

Amazon Web Services
Amazon Web Services

Find out more about how to simplify & standardize your Migration to AWS with a Migration Landing zone

Software
1 of 51
Koen vd Biggelaar - Sr Mgr AWS Solutions Architecture Mahmoud ElZayet – Solutions Builder Tuesday 23rd May 2017 Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Planning a Migration? Key Questions to consider How do we configure our AWS environment What are best practices for Security and Compliance How do we build a Cloud Operating Model How do we develop a business case What types of migration will we use What is our application portfolio What are our key drivers Which partners are we going to use ?
People Perspective Process Perspective Security Perspective Maturity Perspective Platform Perspective Operations Perspective Business Perspective AWS Cloud Adoption Framework
People Perspective Process Perspective Security Perspective Maturity Perspective Operations Perspective Business Perspective Platform Perspective AWS Cloud Adoption Framework
Application Migration Create Landing Zone Migrate Apps Operate & Optimize H
What is an AWS Landing Zone? - A baseline secure multi-account AWS environment configured based on best practices - A starting point for your application migration journey - An environment that allows for iteration & extension over time H
What to Expect from the Session © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. H Understand Build Engage Operate
Landing Zone Journey Domains Direct Connect Start Accounts End User Interaction AutomationService Catalog Central Services Migrate Iterate Operate & Optimize Logging Config Access Identities Federation Network Security Identity & Access Cloud Users What’s Next ? Imaging
Infrastructure Request Current State Typical Enterprise Situation Governance & Service Management Central IT Lines of Business Provisioning Characteristics • Lead times ~days to weeks • Service catalogue of components • Often process-heavy service management
Agility versus Control How to choose? We want agility, so we can innovate in our business I need control, so I can protect our business Business & Business IT Central IT?
Monitor & Respond Landing Zone Templates Policy & Best Practices Landscape Management Current State Opportunity to achieve Agility and Control Automation Lines of Business Central IT Opportunities • Lead times in minutes • Service catalogue of landscapes • Automated service management
Security Guiding Principles Landscapes & Automation Cloud IT Consumers
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
Account Structure • Don’t overdo on Day One • Use separate accounts for: Security and Compliance Isolation (production non-prod, logging) Cost Allocation Resource Management and Ownership
Account Structure Payer Billing Reports Service Catalog Logging Audit Central Services Dev & Test Mobility IoT Serverless Internal business apps Digital Platforms Option: Per AWS Region Production Generic Production Critical Central Accounts Services Accounts
Manage Multiple Accounts AWS Organizations • Centrally manage multiple AWS accounts - Simplified creation of new AWS accounts - Logically group AWS accounts for management convenience - Apply organizational control policies (OCP) - Simplified billing • An AWS account can be a member of only one organization • Console, SDK, and CLI support for all management tasks
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
Network Key Considerations Non-overlapping IP range VPC Design Access Control Lists & Security Groups Logging and Monitoring AWS Direct Connect Subnet Design
Network Direct Connect for connecting on-prem and AWS environment Customer Gateway VPN backup Direct Connect Location Virtual Interface #1 Virtual Interface #2 Secondary Direct Connect Location ` ` Partner Network
Network Central services in a central VPC Central common/core services • Authentication/directory • Monitoring • Logging • Bastion host • Remote administration • Scanning • Internet proxy Production Generic Production Business-critical Central Services Non-production
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
Our Landing Zone needs to be safe and secure Insight is the first step • Who is accessing our Amazon accounts and what are they doing? • How will we know if anyone breaks our security policy? • What does the traffic on our infrastructure look like and are all of our resources isolated? • How can we easily analyze our logs?
AWS CloudTrail records who is accessing APIs Store/archive Central logging account Troubleshoot Monitor & alarm AWS accounts make API call On a growing set of AWS services around the world.. CloudTrail is continuously recording API calls
AWS Config informs you of policy violations Compliance Guideline Non-compliance Action All storage volumes should be encrypted Automatically encrypt storage volumes Instances must not have unrestricted Internet access on Port 22 Remove Port 22 access from any Internet host Instances must be tagged with environment type Notify developer (email, page, SNS) Pre-configured rules: https://github.com/awslabs/aws-config-rules
VPC flow logs give you network insights • Agentless – AWS collects the logs on your behalf • Enable per network interface, per subnet, or per VPC • Logged to AWS CloudWatch Logs • Create CloudWatch metrics from log data • Alarm on those metrics AWS account Source IP Destination IP Source port Destination port Interface Protocol Packets Bytes Start/end time Accept or reject
Create alarms when metrics are breached Amazon CloudWatch
Log everything centrally for analysis The AWS centralized logging solution makes it easy for security teams to consolidate AWS logs and analyze them to detect incidents Amazon EC2 flow logs VPC subnet AWS CloudTrail Amazon S3 Amazon CloudWatch AWS Lambda Amazon Elasticsearch Service You can do this by simply using: • Amazon ElasticSearch Service • CloudTrail logs • VPC flow logs • EC2 server logs Log Transform Search https://aws.amazon.com/answers/ logging/centralized-logging
Launch instance EC2 AMI catalogue Running instance Your instance Hardening and configuration Audit and logging Vulnerability management Malware and IPS Whitelisting and integrity User administration Operating system Configure instance Configure your environment as you like You get to apply your existing security policy Two options to create or import your own ‘gold’ images 1. Import existing VMs to AWS 2. Procure partner AMI from AWS Marketplace 3. Create and save your own custom images On 3: choose how to build your standard host security environment Choose how to start your compute Private images or import your current ones CIS AMI: https://aws.amazon.com/marketplace/seller-profile?id=6b3b0dc2-c6f4-487b-8f29-9edba5f39eed
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
You get to control who can do what in your AWS environment when and from where Fine-grained control of your AWS cloud with multi-factor authentication Integrate with your existing corporate directory and provide SSO to your customers. Support for SAML 2.0 (like your existing Active Directory) and OpenID compatible Identity Providers (IdPs). You can use AWS managed policies, policies for typical job functions or customer-generated policies using the policy generator and test with the policy simulator AWS account owner Identity and Access Management Control access and segregate duties everywhere
Corporate Data Center Browser interface Identity Store Identity and Access Management Federation with on-prem directory AD Group Identity and authentication Mapping to specific IAM role with access policy Access to AWS
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
Customers want to: • Define the resources and landscapes where software and applications are deployed • ‘Approve once and deploy many’ • Enable self-service, deploy with confidence • Automate deployments Agility and Control What do customers tell us about asset management deployment?
Agility and Control AWS Service Catalog AWS Service Catalog allows organizations to create and manage catalogs of IT services. It enables users to quickly deploy approved IT services they need in a self-service manner. Administrator Users Control Standardization Governance Agility Self-service Time to market
Product = Template CloudFormation Running stack JSON formatted file Parameter definition Resource creation Configuration actions Configured AWS services Comprehensive service support Service event-aware Customizable Framework Stack creation Stack updates Error detection and rollback Administrator Interaction CloudFormation to create products
Creates portfolio and assigns product portfolio 1 Administrator Adds constraints, grants access and add tags 4 2 Creates product Authors template Administrator Interaction AWS Service Catalog: Managing products ProductX Versions Portfolio BPortfolio A • Users and roles • Constraints • Tags Service Catalog 3 Landscape Architect
Browse products 4 3 2 1 Portfolio Cloud consumers Select version, Provision product, configure parametersDeploy Notifications and outputs Notifications and outputs 4 Administrator Cloud Consumer Interaction AWS Service Catalog
Agility and Control Opportunities to strengthen the handshake User-generated products to foster innovation Back-end microservices acting on the stacks Administrator products
End User Interaction Browse Products
End User Interaction Launch Product
End User Interaction Launched Products and Schedules
End User Interaction Cost Overview
Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
Application Migration Create Landing Zone Migrate apps Operate & optimize H
Managing to the Portfolio Value Portfolio Tier Requirements Operations Model Approx. % Portfolio* IT Spend Against Portfolio Differentiators High rate of change & innovation; Possibly business-critical, but not always DevOps 15% 60% - 70% Table Stakes Business-critical, but low rate of change. Needs high availability, maximum reliability, and durable DR Automated Efficiency 25% Commodity COTS & commodity, minimal risk, low change, standard downtime & reliability requirements Traditional Operations 60% 30% - 40% *estimated numbers Provided Under NDA
The Migration Journey Identify and categorize bulk candidates Analysts identify high-value candidates Pipeline team prepares candidates Applications are migrated based on patterns Patterns are created Greenfield Landing Zone created Existing Operations team manages Portfolios are prioritized Project initiated Innovation teams re-architect the application New operating levers are created Application is implemented on cloud Cloud-native components are patterned Core Landing Zone created Future Landing Zone Library of patterns Future operating model Brown Field Green Field Future State
Sprint 1 Executing Multi-Modal Migrations Program Brown Green Sprint 2 Sprint 3 Sprint 4 Sprint 5 Sprint 6 Sprint 7 Deploy Landing Zone Extend, Integrate and Manage Landing Zone Migration Business Case Discovery Prep Discovery Pipeline Generation Migration Patterns Creation Discovery Greenfield Migrations Innovation Re-Factor Re-Host Complex App (single sprint)
Increasing Levels of Effort with Increasing Levels of Return Mass migration Re-platform / Refactor Re-architectMaturity Maturity Running Multi-Modal Migrations Minimized Staffing Change Mass Migration Capex to Opex Cost Out Facilities Closure Consistent Operations Traditional Operations Operational Transition Cloud Capable Applications Capex to Opex Nascent Services Cloud COE Managed Services Hybrid Operations Cloud Aware Applications Serverless Compute Continuous Integration Disruptive Technolog y Maximum Efficiency Advanced Architecture Development and Operations
Multi-Modal Operations • Many adoptions are tightly coupled with agile delivery adoption. • Not all workloads require a DevOps investment. • Achieving business goals doesn’t always require automation. • Using traditional support models in the wrong places can dilute value. Mass migration Re-platform/ Refactor Re-architect • Data Center-Cloud Connectivity • Server/Storage Provisioning • Patching/Anti-virus • Monitoring • Server Maintenance/ Incident Response • Audit/Risk • Event Management • Web Server • DB Mgmt • Application Software • Development and Deployment Traditional • Data Center-Cloud Connectivity • Patching/Anti-virus • Monitoring • Audit/Risk • Standards/Policy • Stack Templates • Server Maintenance/ Incident Response • Stack Provisioning and Decom • Event Mgmt • Web Server • DB Mgmt • Application Software • Development and Deployment Automated Efficiency • Data Center-Cloud Connectivity • Patching/Anti-virus • Monitoring Lvl 1 • Monitoring Lvl 2 • Server Maintenance/ Incident Response • Stack Templates and Provisioning • Audit/Risk • Event Management • Web Server • DB Mgmt • Application Software • Development and Deployment DevOps Traditional Operations Distributed Responsibility
Key Take-Aways • Configuring your AWS environment matching your operations and migration needs, is a key step in your cloud journey • Maximize automation, including cost optimization (i.e. resize instances, on-off schedules) • Check aws.amazon.com/answers for guidance and packaged solutions helping you to build your own Landing Zone • Be agile for your Migrations, not everything can be planned upfront H
Thank you!

Recommended

AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAmazon Web Services
 
Migrating to the Cloud
Migrating to the CloudMigrating to the Cloud
Migrating to the CloudAmazon Web Services
 
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...Amazon Web Services
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Timothy McAliley
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure OverviewDavid J Rosenthal
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 

Recommended

AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAmazon Web Services
 
Migrating to the Cloud
Migrating to the CloudMigrating to the Cloud
Migrating to the CloudAmazon Web Services
 
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...
Architecting Security & Governance across Your AWS Landing Zone - SEC301 - An...Amazon Web Services
 
CAF presentation 09 16-2020
CAF presentation 09 16-2020CAF presentation 09 16-2020
CAF presentation 09 16-2020Michael Nichols
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Timothy McAliley
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure OverviewDavid J Rosenthal
 
Setting Up a Landing Zone
Setting Up a Landing ZoneSetting Up a Landing Zone
Setting Up a Landing ZoneAmazon Web Services
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
AWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence PillarAWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence PillarJonathan LaCour
 
Cloud Migration: A How-To Guide
Cloud Migration: A How-To GuideCloud Migration: A How-To Guide
Cloud Migration: A How-To GuideAmazon Web Services
 
IT Transformation in the Public Sector
IT Transformation in the Public SectorIT Transformation in the Public Sector
IT Transformation in the Public SectorAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Cloud migration strategies
Cloud migration strategiesCloud migration strategies
Cloud migration strategiesSogetiLabs
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...Edureka!
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Cloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The CloudCloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The CloudNew Relic
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
Migration Planning
Migration PlanningMigration Planning
Migration PlanningAmazon Web Services
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAmazon Web Services
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyAmazon Web Services
 
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate ResultsAmazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud StrategyAmazon Web Services
 
Understand AWS Pricing
Understand AWS PricingUnderstand AWS Pricing
Understand AWS PricingLynn Langit
 
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud ComputingAmazon Web Services
 

More Related Content

What's hot

Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Amazon Web Services
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
AWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence PillarAWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence PillarJonathan LaCour
 
IT Transformation in the Public Sector
IT Transformation in the Public SectorIT Transformation in the Public Sector
IT Transformation in the Public SectorAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Cloud migration strategies
Cloud migration strategiesCloud migration strategies
Cloud migration strategiesSogetiLabs
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...Edureka!
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS OrganizationsAmazon Web Services
 
Cloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The CloudCloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The CloudNew Relic
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAmazon Web Services
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyAmazon Web Services
 
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate ResultsAmazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
Understand AWS Pricing
Understand AWS PricingUnderstand AWS Pricing
Understand AWS PricingLynn Langit
 

What's hot (20)

Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
 
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
Automated Solution for Deploying AWS Landing Zone (GPSWS407) - AWS re:Invent ...
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
 
AWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence PillarAWS Well-Architected Framework: Operational Excellence Pillar
AWS Well-Architected Framework: Operational Excellence Pillar
 
Cloud Migration: A How-To Guide
Cloud Migration: A How-To GuideCloud Migration: A How-To Guide
Cloud Migration: A How-To Guide
 
IT Transformation in the Public Sector
IT Transformation in the Public SectorIT Transformation in the Public Sector
IT Transformation in the Public Sector
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
 
Cloud migration strategies
Cloud migration strategiesCloud migration strategies
Cloud migration strategies
 
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos...
 
Introduction to AWS Organizations
Introduction to AWS OrganizationsIntroduction to AWS Organizations
Introduction to AWS Organizations
 
Cloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The CloudCloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
Cloud Migration Cookbook: A Guide To Moving Your Apps To The Cloud
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWS
 
Migration Planning
Migration PlanningMigration Planning
Migration Planning
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own Company
 
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results(ISM305) Framework: Create Cloud Strategy & Accelerate Results
(ISM305) Framework: Create Cloud Strategy & Accelerate Results
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control Tower
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud Strategy
 
Understand AWS Pricing
Understand AWS PricingUnderstand AWS Pricing
Understand AWS Pricing
 

Similar to Simplify & Standardise your migration to AWS with a Migration Landing Zone

AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rsAmazon Web Services
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxAWS Chicago
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - TorontoAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
Running Hybrid Cloud Patterns on AWS
Running Hybrid Cloud Patterns on AWSRunning Hybrid Cloud Patterns on AWS
Running Hybrid Cloud Patterns on AWSShiva Narayanaswamy
 
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Amazon Web Services
 
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlay
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayPragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlay
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayAmazon Web Services
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtHelen Rogers
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Getting started with AWS Security
Getting started with AWS SecurityGetting started with AWS Security
Getting started with AWS SecurityAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 

Similar to Simplify & Standardise your migration to AWS with a Migration Landing Zone (20)

AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
 
Application Migrations
Application MigrationsApplication Migrations
Application Migrations
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rs
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Running Hybrid Cloud Patterns on AWS
Running Hybrid Cloud Patterns on AWSRunning Hybrid Cloud Patterns on AWS
Running Hybrid Cloud Patterns on AWS
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
 
Security & Compliance
Security & Compliance Security & Compliance
Security & Compliance
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlay
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayPragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlay
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlay
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Getting started with AWS Security
Getting started with AWS SecurityGetting started with AWS Security
Getting started with AWS Security
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 

Recently uploaded (20)

英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 

Simplify & Standardise your migration to AWS with a Migration Landing Zone

  • 1. Koen vd Biggelaar - Sr Mgr AWS Solutions Architecture Mahmoud ElZayet – Solutions Builder Tuesday 23rd May 2017 Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
  • 2. Planning a Migration? Key Questions to consider How do we configure our AWS environment What are best practices for Security and Compliance How do we build a Cloud Operating Model How do we develop a business case What types of migration will we use What is our application portfolio What are our key drivers Which partners are we going to use ?
  • 5. Application Migration Create Landing Zone Migrate Apps Operate & Optimize H
  • 6. What is an AWS Landing Zone? - A baseline secure multi-account AWS environment configured based on best practices - A starting point for your application migration journey - An environment that allows for iteration & extension over time H
  • 7. What to Expect from the Session © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. H Understand Build Engage Operate
  • 8. Landing Zone Journey Domains Direct Connect Start Accounts End User Interaction AutomationService Catalog Central Services Migrate Iterate Operate & Optimize Logging Config Access Identities Federation Network Security Identity & Access Cloud Users What’s Next ? Imaging
  • 9. Infrastructure Request Current State Typical Enterprise Situation Governance & Service Management Central IT Lines of Business Provisioning Characteristics • Lead times ~days to weeks • Service catalogue of components • Often process-heavy service management
  • 10. Agility versus Control How to choose? We want agility, so we can innovate in our business I need control, so I can protect our business Business & Business IT Central IT?
  • 11. Monitor & Respond Landing Zone Templates Policy & Best Practices Landscape Management Current State Opportunity to achieve Agility and Control Automation Lines of Business Central IT Opportunities • Lead times in minutes • Service catalogue of landscapes • Automated service management
  • 13. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 14. Account Structure • Don’t overdo on Day One • Use separate accounts for: Security and Compliance Isolation (production non-prod, logging) Cost Allocation Resource Management and Ownership
  • 15. Account Structure Payer Billing Reports Service Catalog Logging Audit Central Services Dev & Test Mobility IoT Serverless Internal business apps Digital Platforms Option: Per AWS Region Production Generic Production Critical Central Accounts Services Accounts
  • 16. Manage Multiple Accounts AWS Organizations • Centrally manage multiple AWS accounts - Simplified creation of new AWS accounts - Logically group AWS accounts for management convenience - Apply organizational control policies (OCP) - Simplified billing • An AWS account can be a member of only one organization • Console, SDK, and CLI support for all management tasks
  • 17. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 18. Network Key Considerations Non-overlapping IP range VPC Design Access Control Lists & Security Groups Logging and Monitoring AWS Direct Connect Subnet Design
  • 19. Network Direct Connect for connecting on-prem and AWS environment Customer Gateway VPN backup Direct Connect Location Virtual Interface #1 Virtual Interface #2 Secondary Direct Connect Location ` ` Partner Network
  • 20. Network Central services in a central VPC Central common/core services • Authentication/directory • Monitoring • Logging • Bastion host • Remote administration • Scanning • Internet proxy Production Generic Production Business-critical Central Services Non-production
  • 21. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 22. Our Landing Zone needs to be safe and secure Insight is the first step • Who is accessing our Amazon accounts and what are they doing? • How will we know if anyone breaks our security policy? • What does the traffic on our infrastructure look like and are all of our resources isolated? • How can we easily analyze our logs?
  • 23. AWS CloudTrail records who is accessing APIs Store/archive Central logging account Troubleshoot Monitor & alarm AWS accounts make API call On a growing set of AWS services around the world.. CloudTrail is continuously recording API calls
  • 24. AWS Config informs you of policy violations Compliance Guideline Non-compliance Action All storage volumes should be encrypted Automatically encrypt storage volumes Instances must not have unrestricted Internet access on Port 22 Remove Port 22 access from any Internet host Instances must be tagged with environment type Notify developer (email, page, SNS) Pre-configured rules: https://github.com/awslabs/aws-config-rules
  • 25. VPC flow logs give you network insights • Agentless – AWS collects the logs on your behalf • Enable per network interface, per subnet, or per VPC • Logged to AWS CloudWatch Logs • Create CloudWatch metrics from log data • Alarm on those metrics AWS account Source IP Destination IP Source port Destination port Interface Protocol Packets Bytes Start/end time Accept or reject
  • 26. Create alarms when metrics are breached Amazon CloudWatch
  • 27. Log everything centrally for analysis The AWS centralized logging solution makes it easy for security teams to consolidate AWS logs and analyze them to detect incidents Amazon EC2 flow logs VPC subnet AWS CloudTrail Amazon S3 Amazon CloudWatch AWS Lambda Amazon Elasticsearch Service You can do this by simply using: • Amazon ElasticSearch Service • CloudTrail logs • VPC flow logs • EC2 server logs Log Transform Search https://aws.amazon.com/answers/ logging/centralized-logging
  • 28. Launch instance EC2 AMI catalogue Running instance Your instance Hardening and configuration Audit and logging Vulnerability management Malware and IPS Whitelisting and integrity User administration Operating system Configure instance Configure your environment as you like You get to apply your existing security policy Two options to create or import your own ‘gold’ images 1. Import existing VMs to AWS 2. Procure partner AMI from AWS Marketplace 3. Create and save your own custom images On 3: choose how to build your standard host security environment Choose how to start your compute Private images or import your current ones CIS AMI: https://aws.amazon.com/marketplace/seller-profile?id=6b3b0dc2-c6f4-487b-8f29-9edba5f39eed
  • 29. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 30. You get to control who can do what in your AWS environment when and from where Fine-grained control of your AWS cloud with multi-factor authentication Integrate with your existing corporate directory and provide SSO to your customers. Support for SAML 2.0 (like your existing Active Directory) and OpenID compatible Identity Providers (IdPs). You can use AWS managed policies, policies for typical job functions or customer-generated policies using the policy generator and test with the policy simulator AWS account owner Identity and Access Management Control access and segregate duties everywhere
  • 31. Corporate Data Center Browser interface Identity Store Identity and Access Management Federation with on-prem directory AD Group Identity and authentication Mapping to specific IAM role with access policy Access to AWS
  • 32. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 33. Customers want to: • Define the resources and landscapes where software and applications are deployed • ‘Approve once and deploy many’ • Enable self-service, deploy with confidence • Automate deployments Agility and Control What do customers tell us about asset management deployment?
  • 34. Agility and Control AWS Service Catalog AWS Service Catalog allows organizations to create and manage catalogs of IT services. It enables users to quickly deploy approved IT services they need in a self-service manner. Administrator Users Control Standardization Governance Agility Self-service Time to market
  • 35. Product = Template CloudFormation Running stack JSON formatted file Parameter definition Resource creation Configuration actions Configured AWS services Comprehensive service support Service event-aware Customizable Framework Stack creation Stack updates Error detection and rollback Administrator Interaction CloudFormation to create products
  • 36. Creates portfolio and assigns product portfolio 1 Administrator Adds constraints, grants access and add tags 4 2 Creates product Authors template Administrator Interaction AWS Service Catalog: Managing products ProductX Versions Portfolio BPortfolio A • Users and roles • Constraints • Tags Service Catalog 3 Landscape Architect
  • 38. Agility and Control Opportunities to strengthen the handshake User-generated products to foster innovation Back-end microservices acting on the stacks Administrator products
  • 41. End User Interaction Launched Products and Schedules
  • 43. Start Accounts Network Security Identity & Access Cloud Users What’s Next ?
  • 44. Application Migration Create Landing Zone Migrate apps Operate & optimize H
  • 45. Managing to the Portfolio Value Portfolio Tier Requirements Operations Model Approx. % Portfolio* IT Spend Against Portfolio Differentiators High rate of change & innovation; Possibly business-critical, but not always DevOps 15% 60% - 70% Table Stakes Business-critical, but low rate of change. Needs high availability, maximum reliability, and durable DR Automated Efficiency 25% Commodity COTS & commodity, minimal risk, low change, standard downtime & reliability requirements Traditional Operations 60% 30% - 40% *estimated numbers Provided Under NDA
  • 46. The Migration Journey Identify and categorize bulk candidates Analysts identify high-value candidates Pipeline team prepares candidates Applications are migrated based on patterns Patterns are created Greenfield Landing Zone created Existing Operations team manages Portfolios are prioritized Project initiated Innovation teams re-architect the application New operating levers are created Application is implemented on cloud Cloud-native components are patterned Core Landing Zone created Future Landing Zone Library of patterns Future operating model Brown Field Green Field Future State
  • 47. Sprint 1 Executing Multi-Modal Migrations Program Brown Green Sprint 2 Sprint 3 Sprint 4 Sprint 5 Sprint 6 Sprint 7 Deploy Landing Zone Extend, Integrate and Manage Landing Zone Migration Business Case Discovery Prep Discovery Pipeline Generation Migration Patterns Creation Discovery Greenfield Migrations Innovation Re-Factor Re-Host Complex App (single sprint)
  • 48. Increasing Levels of Effort with Increasing Levels of Return Mass migration Re-platform / Refactor Re-architectMaturity Maturity Running Multi-Modal Migrations Minimized Staffing Change Mass Migration Capex to Opex Cost Out Facilities Closure Consistent Operations Traditional Operations Operational Transition Cloud Capable Applications Capex to Opex Nascent Services Cloud COE Managed Services Hybrid Operations Cloud Aware Applications Serverless Compute Continuous Integration Disruptive Technolog y Maximum Efficiency Advanced Architecture Development and Operations
  • 49. Multi-Modal Operations • Many adoptions are tightly coupled with agile delivery adoption. • Not all workloads require a DevOps investment. • Achieving business goals doesn’t always require automation. • Using traditional support models in the wrong places can dilute value. Mass migration Re-platform/ Refactor Re-architect • Data Center-Cloud Connectivity • Server/Storage Provisioning • Patching/Anti-virus • Monitoring • Server Maintenance/ Incident Response • Audit/Risk • Event Management • Web Server • DB Mgmt • Application Software • Development and Deployment Traditional • Data Center-Cloud Connectivity • Patching/Anti-virus • Monitoring • Audit/Risk • Standards/Policy • Stack Templates • Server Maintenance/ Incident Response • Stack Provisioning and Decom • Event Mgmt • Web Server • DB Mgmt • Application Software • Development and Deployment Automated Efficiency • Data Center-Cloud Connectivity • Patching/Anti-virus • Monitoring Lvl 1 • Monitoring Lvl 2 • Server Maintenance/ Incident Response • Stack Templates and Provisioning • Audit/Risk • Event Management • Web Server • DB Mgmt • Application Software • Development and Deployment DevOps Traditional Operations Distributed Responsibility
  • 50. Key Take-Aways • Configuring your AWS environment matching your operations and migration needs, is a key step in your cloud journey • Maximize automation, including cost optimization (i.e. resize instances, on-off schedules) • Check aws.amazon.com/answers for guidance and packaged solutions helping you to build your own Landing Zone • Be agile for your Migrations, not everything can be planned upfront H