This document discusses best practices for enterprises deploying applications on AWS. It outlines some common pitfalls such as using master credentials and not automating infrastructure. The best practices recommended are to use IAM users instead of shared credentials, apply tags to resources to track usage, and automate deployments with CloudFormation. The 2nd Watch products 2W Atlas and 2W Insight are also introduced, which help visualize AWS environments, estimate costs, and provide chargeback reporting for enterprises.
2. Agenda
•
•
•
•
•
Intro / Problem statement
Pitfalls deploying Enterprise applications in AWS
Best Practices deploying Enterprise applications in AWS
2nd Watch Product – 2W Atlas Enterprise
Q&A
3. A global leader in building and deploying Amazon Web Services (AWS)-based IT operations for the enterprise
Systems Integrator for AWS
20 Global Certified SAs
39 AWS Technical Accreditation
52 Business Accreditation
100K+ instances managed
Over 300+ projects on AWS
Deep knowledge of AWS Services
Software focused on Enterprise
2W Insight
Provides transparency of AWS costs
Business/department level reporting
Produce Chargeback reports
2W Atlas
Visualize AWS Cloud
Easy to deploy approved cloud architectures
Estimate and monitor cloud costs
4. Enterprise and AWS Cloud
• IT departments today are being asked to deploy cloud
infrastructures as quickly and cost effectively as
possible.
• Lack of in-house expertise to build and manage a
cloud deployment, let alone do it fast and on budget.
• Further complication are cloud deployments need to be
compliant with enterprise governance standards; and
proper cost allocation across business
units/departments.
6. Pitfalls – Master Credentials
Share Master Credentials
Solution: Create IAM Users
•
•
•
AWS Identity and Access Management (IAM)
Full access to account
Difficult to revoke access
Risk to existing cloud
infrastructure
•
•
•
Restrict user access
Easy to revoke
Limit ability to modify existing
resources
7. Pitfalls – Infrastructure Issues
Waste time troubleshooting
Solution: Dynamic Infrastructure
•
•
•
•
•
•
Traditional resources difficult to
change
Could not duplicate environments
Scale achieved vertically
Cloud resources can be disposable
Easily snapshot environments
Scale achieved horizontally
8. Pitfalls – Waterfall Design
Hesitate to start
Solution: Deploy a sandbox now
•
•
•
Old procurement process forced
organizations to plan extensively
before deploying a new
environment.
Incorrectly over/under provisioning
would destroy schedules and
balloon budgets
•
Inverse is true on AWS, your test
environment will inform you about
provisioning for production
Low cost and disposable
infrastructure makes it easy to find
the correct size
10. IAM users
• Start with a single IAM user with full admin rights
• Assign IAM to departments, projects and users
• Track and manage activity
11. Utilize AWS tags
• Use AWS tags everywhere
• Sprawl is inevitable, avoid it by tracking objects
back to department, projects and users
• Name tags intelligently
12. Automate via CloudFormation
• Use CloudFormation to create repeatable,
rubber stamped environments to achieve
uniformity and reduce redundant work efforts
• Use tools to manage approved environments
– Sharepoint / Wiki
– Source control
– 2W Atlas Enterprise (details later)
13. Path Ahead
• As 2013 comes to a close, Enterprise IT has to decide between
investing more in data centers or moving applications to cloud
infrastructure.
• The information technology industry is undergoing a global
transformation not seen since the personal computer changed
business computing.
• Soon, the only cloud uncertainty enterprises
will have left to overcome will be what to do
with the money they save.
15.
Visualize CloudFormation Templates – inventory of
deployed AWS cloud architectures that simplifies the
management of deployments, ensures proper IT
governance and audit capabilities of individual resources.
Build and Deploy Quickly – organize resources and
costs by business unit, project or end user. This ensures
that cloud architectures are compliant with IT policies
and standards, enables programmatic and repeatable
deployments, and facilitates quicker and lower cost
deployment of systems and applications.
Control and Allocate Costs – integration with 2nd
Watch’s leading cloud billing and management software,
2W Insight to simplify the costing of AWS resources by
providing running cost estimation prior to deployment,
resource allocations and charge backs by project,
business unit and/or user.
2W Atlas Enterprise
16. Live Demo
What are you going to see
• Designed for Enterprise use
• Visualize CloudFormation Script
• Estimating Costs
• Monitor Cloud Architecture
Deployment
• Security Group Change Alert
•
Integration with AWS
CloudTrail