SlideShare ist ein Scribd-Unternehmen logo

Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen - AWS Cloud Web Day für Mittelstand und Großunternehmen

AWS Germany
AWS Germany

Vortrag "Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen" von Philipp Behre beim AWS Cloud Web Day für Mittelstand und Großunternehmen. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1VUJZsT

Technologie
1 von 30
Downloaden Sie, um offline zu lesen
AWS Enterprise Web Day Automate control and transparency – put compliance checks for your cloud resources on autopilot Philipp Behre AWS Solutions Architect pbehre@amazon.de
The primary reason businesses are moving so quickly to AWS and the cloud #1: Agility
• A Culture of Innovation - Experiment Often & Fail Without Risk • From PoC to Production – create new business opportunities Project Teams Agility Self- service Time-to- market Agility can lead to …
A strong IT Services Team enables innovation IT Service Team Compliance Security Access Management Auditing and many more Change Management Cloud Operations Control Visibility Compliance
IT Service Team Project Teams Empower agile teams with standardized self-service Create custom services and grant access to developers Use a personalized portal to find & launch services
Standardize and automate with AWS CloudFormation creation order? how long do I pause? what errors can I recover from? Instruction Manual Instruction Manual Instruction Manual Provisioning Script(s) what environment config and utilities does my script depend on? can my script be faster? will this script work again? how do I learn all of the AWS APIs? Templatize Version Control Provision Replicate Update
An integrated approach to gain transparency change change publish Service Catalog notifies Monitor Change Monitors AWS & application initiates notifies MonitorAlert monitors Secures audit data Captures all API interaction Capture Audit Logs Durable Storage template Create/Update Validate provision Resource stack Select & provision
An integrated approach to gain transparency AWS ServiceCatalog publish AWS CloudTrail Amazon S3 monitors Secures audit data Captures all API interaction AWS CloudWatch alarm Monitors AWS & application initiates notifies AWS Config Catalog (resources & changes) notifies change change template Create/Update Validate provision Resource stack Select & provision
…but how do I stay compliant
“Agility in the cloud is awesome !!!” Time-to-market Lots of changes Lots of versions
Staying on top can be a challenge Lots of changes Compliance Security Access Management Auditing OK
Staying on top can be a challenge Lots of changes Compliance Security Access Management Auditing
Transparent changes Continuous ChangeRecording Continuously Changing Resources History Stream Snapshot (ex. 2015-20-03) AWS Config
Evidence for compliance aws config-service get-resource-config-history --resource-type AWS::EC2::VPC --resource-id vpc-47fa0322 --earlier-time 2015-10-01 ... • Many compliance audits require access to the state of your systems at arbitrary times (i.e., PCI, HIPAA) • A complete inventory of all resources and their configuration attributes is available for any point in time
Analyze your logs!
Change management integration: Option 1 AWS Account 1 Common S3 bucket Common SNS topic Adaptor is custom software to convert JSON into CMDB’s format BMC, HP, Custom CMDB Adaptor Data pipe into existing CMDB AWS Account 2 AWS Account 3
Change management integration: Option 2 AWS Config BMC HP API AdaptorAdaptor Adaptor is custom software needed to convert JSON into CMDB’s format Use in federated form AWS Account 1 AWS Account 2 AWS Account 3
A cloud-based technology company transforming clinical research for life sciences companies and patients who depend on them. Infrastructure Change Log Audits Regulatory Compliance Engine Changes
Why not automate again?
Why should I do this • Compliance: Helps knowing how things are configured… • “We audit our logs already!” Every minute? • “We don’t allow changes through IAM policies”: In all accounts/environments? • ”We use a CI/CD to push all changes” Awesome...I'll push the changes using someone else's user account!
Why…again Implement “Compliance Status” for easy overview • Use pre defined checks • Create extended custom checks • Fix the issue while checking Evaluate/remediate changes/events in your account • Doesn’t replace log analysis (consider Machine Learning FTW) • Protect against changes made by (un)authorized accounts • Automatic remediation for critical events • Do forensic on the fly Always Log and Alert!
Config Rules • Set up rules to check configuration changes recorded • Use pre-built rules provided by AWS • Author custom rules using AWS Lambda • Invoked automatically for continuous assessment • Use dashboard for visualizing compliance and identifying offending changes
AWS Lambda ? A compute service where you don’t have to think about: • Servers • Being over/under capacity • Deployments • Scaling and fault tolerance • OS or language updates • Metrics and logging …but where you can easily • Bring your own code… even native libraries • Run code in parallel • Create backends, event handlers, and data processing systems • Never pay for idle!
NormalizeRecordChanging Resources Deliver Stream Snapshot (ex. 2014-11-05) AWS Config APIs Store History Rules Transparent changes – Am I still in compliance?
NormalizeRecordChanging Resources Deliver Stream Snapshot (ex. 2014-11-05) AWS Config APIs Store History Rules Rule R1: TaggedEC2 Rule R3: CloudTrail enabled Rule R2: ProductionVolumesEncrypted Transparent changes – act on them!
An Example … I need to access this system now! It can be quick … I will use this user account we use for automation, to change the security group Instance security group Instance security group Tracks & monitors Rule ? Invoke alertrevise change Follow up
Risks • You can now automatically mess up your approved changes • No proper alerting and follow-up on automatic events • Over/under complicated scripts • No info on desired state • Race the hacker…automation wars!
Creating a blueprint helps (simplified example) Continuous / Event based Config Rules CloudWatch Events Is it region specific Will action risk breaking something Yes: Call human No: Lambda Will enable add cost Yes: Based on possible cost limit call human No/Minor: Set rules Is there a source of truth Config Rules: Check previous • Caution on multiple events CWE: Check tag/DDB • Have default value Action Revert change based on above Forensic Is it human (or unknown source) or machine (CI/CD) CI/CD: Create ticket (Jira etc) Human: Should we countermeasur e/prevent? Are they using MFA • No: Add MFA (external Lambda) Have they done this before (check DDB) • Yes: Disable account/Keys Alert High: SMS/Page Low: Email/tracking system Logging Is it sensitive Yes: Encrypt (KMS) No: Cleartext Always: Access control
Summary • AWS services support your organization to introduce, maintain, and continuously improve governance processes for AWS resources and their usage. • Used together they provide continuous transparency into changes, and allow auditing on changes and API interaction. • Combined with your organization’s existing best practices, processes, and tools you can centrally control and govern your cloud environment without sacrificing the agility and flexibility of the cloud. • Automate compliance checks to act on violating changes immediately and keep your infrastructure at a compliant state – always log, alert, and follow up with an appropriate process!!
Thank you!

Empfohlen

AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...Amazon Web Services
 
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)AWS re:Invent 2016: Cost Optimization at Scale (ENT209)
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)Amazon Web Services
 
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...Amazon Web Services
 
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...Amazon Web Services Korea
 
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...Amazon Web Services
 
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)Amazon Web Services
 
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...Amazon Web Services
 
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016Amazon Web Services
 

Empfohlen

AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...Amazon Web Services
 
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)AWS re:Invent 2016: Cost Optimization at Scale (ENT209)
AWS re:Invent 2016: Cost Optimization at Scale (ENT209)Amazon Web Services
 
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...
AWS re:Invent 2016: How to move 1,000 VMs and Biz Critical Apps to AWS in 6 m...Amazon Web Services
 
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...Amazon Web Services Korea
 
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...
AWS re:Invent 2016: Evolving an Enterprise-Level Compliance Framework with Am...Amazon Web Services
 
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)
AWS re:Invent 2016: Saving at Scale with Reserved Instances (ENT307)Amazon Web Services
 
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...
AWS re:Invent 2016: Setting the Stage for Instant Success: Getting the Most O...Amazon Web Services
 
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016
AWS Partner Presentation - Digicomp - AWSome Day Zurich 112016Amazon Web Services
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...Amazon Web Services
 
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...Amazon Web Services
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
 
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...Amazon Web Services
 
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)Amazon Web Services
 
SAP Workloads on AWS
SAP Workloads on AWSSAP Workloads on AWS
SAP Workloads on AWSAmazon Web Services
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessAmazon Web Services
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017Amazon Web Services
 
Application Migrations
Application MigrationsApplication Migrations
Application MigrationsAmazon Web Services
 
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)Amazon Web Services
 
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...Amazon Web Services
 
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...AWS Germany
 
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWSFrom On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWSAmazon Web Services
 
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...Amazon Web Services
 
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...Amazon Web Services
 
How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive Story How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive StoryAmazon Web Services
 
Agile BI - Pop-up Loft Tel Aviv
Agile BI - Pop-up Loft Tel AvivAgile BI - Pop-up Loft Tel Aviv
Agile BI - Pop-up Loft Tel AvivAmazon Web Services
 
Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Amazon Web Services
 
Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017Amazon Web Services
 
Application Migrations at Scale
Application Migrations at ScaleApplication Migrations at Scale
Application Migrations at ScaleAmazon Web Services
 
Reto 4
Reto 4Reto 4
Reto 4Ivan Andersen
 
Závěrečný úkol KPI
Závěrečný úkol KPIZávěrečný úkol KPI
Závěrečný úkol KPIPeDominika
 

Weitere ähnliche Inhalte

Was ist angesagt?

AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...Amazon Web Services
 
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...Amazon Web Services
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
 
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...Amazon Web Services
 
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)Amazon Web Services
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessAmazon Web Services
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017Amazon Web Services
 
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)Amazon Web Services
 
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...Amazon Web Services
 
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...AWS Germany
 
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWSFrom On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWSAmazon Web Services
 
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...Amazon Web Services
 
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...Amazon Web Services
 
How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive Story How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive StoryAmazon Web Services
 
Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Amazon Web Services
 
Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017Amazon Web Services
 

Was ist angesagt? (20)

AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
 
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
 
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
AWS re:Invent 2016: Extra, Extra! News UK Saves Money with Hourly Amazon Work...
 
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
AWS re:Invent 2016: Develop Your Migration Toolkit (ENT312)
 
SAP Workloads on AWS
SAP Workloads on AWSSAP Workloads on AWS
SAP Workloads on AWS
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - Business
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017
 
Application Migrations
Application MigrationsApplication Migrations
Application Migrations
 
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
AWS re:Invent 2016: What’s New with Amazon Redshift (BDA304)
 
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...
 
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
DevOps für mittlere Unternehmen und Großunternehmen - AWS Cloud Web Day für M...
 
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWSFrom On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
From On-Premises to Cloud: Modernize Data Protection with Druva Phoenix and AWS
 
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
AWS re:Invent 2016: How Pitney Bowes is transforming their business in the cl...
 
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
AWS as a Data Platform for Cloud and On-Premises Workloads | AWS Public Secto...
 
How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive Story How to Plan a Migration to AWS: The Cox Automotive Story
How to Plan a Migration to AWS: The Cox Automotive Story
 
Agile BI - Pop-up Loft Tel Aviv
Agile BI - Pop-up Loft Tel AvivAgile BI - Pop-up Loft Tel Aviv
Agile BI - Pop-up Loft Tel Aviv
 
Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Cloud Economics and calculating CTO - AWSome Day Zurich 112016
Cloud Economics and calculating CTO - AWSome Day Zurich 112016
 
Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017Easy Analytics with AWS - AWS Summit Bahrain 2017
Easy Analytics with AWS - AWS Summit Bahrain 2017
 
Application Migrations at Scale
Application Migrations at ScaleApplication Migrations at Scale
Application Migrations at Scale
 

Andere mochten auch

Závěrečný úkol KPI
Závěrečný úkol KPIZávěrečný úkol KPI
Závěrečný úkol KPIPeDominika
 
Oportunidade - Negocio Proprio
Oportunidade - Negocio ProprioOportunidade - Negocio Proprio
Oportunidade - Negocio Propriorogeriolopes
 
RuReal App Is Introduced As A User Friendly App to Stalk Images On Web
RuReal App Is Introduced As A User Friendly App to Stalk Images On WebRuReal App Is Introduced As A User Friendly App to Stalk Images On Web
RuReal App Is Introduced As A User Friendly App to Stalk Images On Webammuangel07
 
Rajesh Kumar_Resume - updated
Rajesh Kumar_Resume - updatedRajesh Kumar_Resume - updated
Rajesh Kumar_Resume - updatedRajesh Kumar
 
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksis
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksisReklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksis
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksisContent Marketing Norge
 
Transition to a Nuclear State
Transition to a Nuclear StateTransition to a Nuclear State
Transition to a Nuclear StatePatrick Carroll
 
Securing Serverless Architectures - AWS Serverless Web Day
Securing Serverless Architectures - AWS Serverless Web DaySecuring Serverless Architectures - AWS Serverless Web Day
Securing Serverless Architectures - AWS Serverless Web DayAWS Germany
 
Apresentação Belcorp (Para Líderes)
Apresentação Belcorp (Para Líderes)Apresentação Belcorp (Para Líderes)
Apresentação Belcorp (Para Líderes)Arthur Brasileiro
 
SAP Testing with SolMan and SAP Quality Center
SAP Testing with SolMan and SAP Quality CenterSAP Testing with SolMan and SAP Quality Center
SAP Testing with SolMan and SAP Quality CenterLaxmi2121
 

Andere mochten auch (12)

Reto 4
Reto 4Reto 4
Reto 4
 
Závěrečný úkol KPI
Závěrečný úkol KPIZávěrečný úkol KPI
Závěrečný úkol KPI
 
Oportunidade - Negocio Proprio
Oportunidade - Negocio ProprioOportunidade - Negocio Proprio
Oportunidade - Negocio Proprio
 
RuReal App Is Introduced As A User Friendly App to Stalk Images On Web
RuReal App Is Introduced As A User Friendly App to Stalk Images On WebRuReal App Is Introduced As A User Friendly App to Stalk Images On Web
RuReal App Is Introduced As A User Friendly App to Stalk Images On Web
 
Rajesh Kumar_Resume - updated
Rajesh Kumar_Resume - updatedRajesh Kumar_Resume - updated
Rajesh Kumar_Resume - updated
 
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksis
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksisReklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksis
Reklame avbryter – innhold tiltrekker: Effektiv innholdsmarkedsføring i praksis
 
Transition to a Nuclear State
Transition to a Nuclear StateTransition to a Nuclear State
Transition to a Nuclear State
 
Securing Serverless Architectures - AWS Serverless Web Day
Securing Serverless Architectures - AWS Serverless Web DaySecuring Serverless Architectures - AWS Serverless Web Day
Securing Serverless Architectures - AWS Serverless Web Day
 
Project Presentation
Project PresentationProject Presentation
Project Presentation
 
Apresentação Belcorp (Para Líderes)
Apresentação Belcorp (Para Líderes)Apresentação Belcorp (Para Líderes)
Apresentação Belcorp (Para Líderes)
 
Towards Full Stack Security
Towards Full Stack Security Towards Full Stack Security
Towards Full Stack Security
 
SAP Testing with SolMan and SAP Quality Center
SAP Testing with SolMan and SAP Quality CenterSAP Testing with SolMan and SAP Quality Center
SAP Testing with SolMan and SAP Quality Center
 

Ähnlich wie Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen - AWS Cloud Web Day für Mittelstand und Großunternehmen

Best Practices for SecOps on AWS
Best Practices for SecOps on AWSBest Practices for SecOps on AWS
Best Practices for SecOps on AWSAmazon Web Services
 
Automated Governance of Your AWS Resources
Automated Governance of Your AWS ResourcesAutomated Governance of Your AWS Resources
Automated Governance of Your AWS ResourcesAmazon Web Services
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)Amazon Web Services
 
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Amazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Amazon Web Services
 
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...Amazon Web Services
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Amazon Web Services
 
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Amazon Web Services
 
5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWS5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWSChristian Beedgen
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAmazon Web Services
 
AWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAmazon Web Services
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
Automate Best Practices and Operational Health for your AWS resources
Automate Best Practices and Operational Health for your AWS resourcesAutomate Best Practices and Operational Health for your AWS resources
Automate Best Practices and Operational Health for your AWS resourcesAmazon Web Services
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneAmazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 

Ähnlich wie Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen - AWS Cloud Web Day für Mittelstand und Großunternehmen (20)

Best Practices for SecOps on AWS
Best Practices for SecOps on AWSBest Practices for SecOps on AWS
Best Practices for SecOps on AWS
 
Automated Governance of Your AWS Resources
Automated Governance of Your AWS ResourcesAutomated Governance of Your AWS Resources
Automated Governance of Your AWS Resources
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
 
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
 
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
 
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWS5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWS
 
Managing Your Cloud Assets
Managing Your Cloud AssetsManaging Your Cloud Assets
Managing Your Cloud Assets
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS Resources
 
AWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config Rules
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
Automate Best Practices and Operational Health for your AWS resources
Automate Best Practices and Operational Health for your AWS resourcesAutomate Best Practices and Operational Health for your AWS resources
Automate Best Practices and Operational Health for your AWS resources
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 

Mehr von AWS Germany

Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAnalytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAWS Germany
 
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...AWS Germany
 
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...AWS Germany
 
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...AWS Germany
 
Modern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSModern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSAWS Germany
 
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerModern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerAWS Germany
 
Building Smart Home skills for Alexa
Building Smart Home skills for AlexaBuilding Smart Home skills for Alexa
Building Smart Home skills for AlexaAWS Germany
 
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureHotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureAWS Germany
 
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopWild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopAWS Germany
 
Log Analytics with AWS
Log Analytics with AWSLog Analytics with AWS
Log Analytics with AWSAWS Germany
 
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS AWS Germany
 
AWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Germany
 
Microservices and Data Design
Microservices and Data DesignMicroservices and Data Design
Microservices and Data DesignAWS Germany
 
Serverless vs. Developers – the real crash
Serverless vs. Developers – the real crashServerless vs. Developers – the real crash
Serverless vs. Developers – the real crashAWS Germany
 
Query your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceQuery your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceAWS Germany
 
Secret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultSecret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultAWS Germany
 
Scale to Infinity with ECS
Scale to Infinity with ECSScale to Infinity with ECS
Scale to Infinity with ECSAWS Germany
 
Containers on AWS - State of the Union
Containers on AWS - State of the UnionContainers on AWS - State of the Union
Containers on AWS - State of the UnionAWS Germany
 
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailDeploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailAWS Germany
 

Mehr von AWS Germany (20)

Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAnalytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
 
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
 
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
 
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
 
Modern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSModern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWS
 
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerModern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
 
Building Smart Home skills for Alexa
Building Smart Home skills for AlexaBuilding Smart Home skills for Alexa
Building Smart Home skills for Alexa
 
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureHotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
 
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopWild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
 
Log Analytics with AWS
Log Analytics with AWSLog Analytics with AWS
Log Analytics with AWS
 
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
 
AWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Programme für Nonprofits
AWS Programme für Nonprofits
 
Microservices and Data Design
Microservices and Data DesignMicroservices and Data Design
Microservices and Data Design
 
Serverless vs. Developers – the real crash
Serverless vs. Developers – the real crashServerless vs. Developers – the real crash
Serverless vs. Developers – the real crash
 
Query your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceQuery your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performance
 
Secret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultSecret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s Vault
 
EKS Workshop
EKS Workshop EKS Workshop
EKS Workshop
 
Scale to Infinity with ECS
Scale to Infinity with ECSScale to Infinity with ECS
Scale to Infinity with ECS
 
Containers on AWS - State of the Union
Containers on AWS - State of the UnionContainers on AWS - State of the Union
Containers on AWS - State of the Union
 
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailDeploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
 

Kürzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen - AWS Cloud Web Day für Mittelstand und Großunternehmen

  • 1. AWS Enterprise Web Day Automate control and transparency – put compliance checks for your cloud resources on autopilot Philipp Behre AWS Solutions Architect pbehre@amazon.de
  • 2. The primary reason businesses are moving so quickly to AWS and the cloud #1: Agility
  • 3. • A Culture of Innovation - Experiment Often & Fail Without Risk • From PoC to Production – create new business opportunities Project Teams Agility Self- service Time-to- market Agility can lead to …
  • 4. A strong IT Services Team enables innovation IT Service Team Compliance Security Access Management Auditing and many more Change Management Cloud Operations Control Visibility Compliance
  • 5. IT Service Team Project Teams Empower agile teams with standardized self-service Create custom services and grant access to developers Use a personalized portal to find & launch services
  • 6. Standardize and automate with AWS CloudFormation creation order? how long do I pause? what errors can I recover from? Instruction Manual Instruction Manual Instruction Manual Provisioning Script(s) what environment config and utilities does my script depend on? can my script be faster? will this script work again? how do I learn all of the AWS APIs? Templatize Version Control Provision Replicate Update
  • 7. An integrated approach to gain transparency change change publish Service Catalog notifies Monitor Change Monitors AWS & application initiates notifies MonitorAlert monitors Secures audit data Captures all API interaction Capture Audit Logs Durable Storage template Create/Update Validate provision Resource stack Select & provision
  • 8. An integrated approach to gain transparency AWS ServiceCatalog publish AWS CloudTrail Amazon S3 monitors Secures audit data Captures all API interaction AWS CloudWatch alarm Monitors AWS & application initiates notifies AWS Config Catalog (resources & changes) notifies change change template Create/Update Validate provision Resource stack Select & provision
  • 9. …but how do I stay compliant
  • 10. “Agility in the cloud is awesome !!!” Time-to-market Lots of changes Lots of versions
  • 11. Staying on top can be a challenge Lots of changes Compliance Security Access Management Auditing OK
  • 12. Staying on top can be a challenge Lots of changes Compliance Security Access Management Auditing
  • 14. Evidence for compliance aws config-service get-resource-config-history --resource-type AWS::EC2::VPC --resource-id vpc-47fa0322 --earlier-time 2015-10-01 ... • Many compliance audits require access to the state of your systems at arbitrary times (i.e., PCI, HIPAA) • A complete inventory of all resources and their configuration attributes is available for any point in time
  • 16. Change management integration: Option 1 AWS Account 1 Common S3 bucket Common SNS topic Adaptor is custom software to convert JSON into CMDB’s format BMC, HP, Custom CMDB Adaptor Data pipe into existing CMDB AWS Account 2 AWS Account 3
  • 17. Change management integration: Option 2 AWS Config BMC HP API AdaptorAdaptor Adaptor is custom software needed to convert JSON into CMDB’s format Use in federated form AWS Account 1 AWS Account 2 AWS Account 3
  • 18. A cloud-based technology company transforming clinical research for life sciences companies and patients who depend on them. Infrastructure Change Log Audits Regulatory Compliance Engine Changes
  • 20. Why should I do this • Compliance: Helps knowing how things are configured… • “We audit our logs already!” Every minute? • “We don’t allow changes through IAM policies”: In all accounts/environments? • ”We use a CI/CD to push all changes” Awesome...I'll push the changes using someone else's user account!
  • 21. Why…again Implement “Compliance Status” for easy overview • Use pre defined checks • Create extended custom checks • Fix the issue while checking Evaluate/remediate changes/events in your account • Doesn’t replace log analysis (consider Machine Learning FTW) • Protect against changes made by (un)authorized accounts • Automatic remediation for critical events • Do forensic on the fly Always Log and Alert!
  • 22. Config Rules • Set up rules to check configuration changes recorded • Use pre-built rules provided by AWS • Author custom rules using AWS Lambda • Invoked automatically for continuous assessment • Use dashboard for visualizing compliance and identifying offending changes
  • 23. AWS Lambda ? A compute service where you don’t have to think about: • Servers • Being over/under capacity • Deployments • Scaling and fault tolerance • OS or language updates • Metrics and logging …but where you can easily • Bring your own code… even native libraries • Run code in parallel • Create backends, event handlers, and data processing systems • Never pay for idle!
  • 24. NormalizeRecordChanging Resources Deliver Stream Snapshot (ex. 2014-11-05) AWS Config APIs Store History Rules Transparent changes – Am I still in compliance?
  • 25. NormalizeRecordChanging Resources Deliver Stream Snapshot (ex. 2014-11-05) AWS Config APIs Store History Rules Rule R1: TaggedEC2 Rule R3: CloudTrail enabled Rule R2: ProductionVolumesEncrypted Transparent changes – act on them!
  • 26. An Example … I need to access this system now! It can be quick … I will use this user account we use for automation, to change the security group Instance security group Instance security group Tracks & monitors Rule ? Invoke alertrevise change Follow up
  • 27. Risks • You can now automatically mess up your approved changes • No proper alerting and follow-up on automatic events • Over/under complicated scripts • No info on desired state • Race the hacker…automation wars!
  • 28. Creating a blueprint helps (simplified example) Continuous / Event based Config Rules CloudWatch Events Is it region specific Will action risk breaking something Yes: Call human No: Lambda Will enable add cost Yes: Based on possible cost limit call human No/Minor: Set rules Is there a source of truth Config Rules: Check previous • Caution on multiple events CWE: Check tag/DDB • Have default value Action Revert change based on above Forensic Is it human (or unknown source) or machine (CI/CD) CI/CD: Create ticket (Jira etc) Human: Should we countermeasur e/prevent? Are they using MFA • No: Add MFA (external Lambda) Have they done this before (check DDB) • Yes: Disable account/Keys Alert High: SMS/Page Low: Email/tracking system Logging Is it sensitive Yes: Encrypt (KMS) No: Cleartext Always: Access control
  • 29. Summary • AWS services support your organization to introduce, maintain, and continuously improve governance processes for AWS resources and their usage. • Used together they provide continuous transparency into changes, and allow auditing on changes and API interaction. • Combined with your organization’s existing best practices, processes, and tools you can centrally control and govern your cloud environment without sacrificing the agility and flexibility of the cloud. • Automate compliance checks to act on violating changes immediately and keep your infrastructure at a compliant state – always log, alert, and follow up with an appropriate process!!