SlideShare ist ein Scribd-Unternehmen logo

Delivering infrastructure, security, and operations as code - DEM06 - Santa Clara AWS Summit

Amazon Web Services
Amazon Web Services

The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools you can use to first deploy the AWS infrastructure (as code), add the VM-Series to protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub findings (operations as code). We conclude with a brief demonstration.

1 von 14
Downloaden Sie, um offline zu lesen
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE, SECURITY AND OPERATIONS “AS CODE” Vinay Venkataraghavan Cloud Architect Palo Alto Networks D E M 0 6
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T CLOUD AUTOMATION DRIVERS Agility, DevSecOps, Multi-cloud Palo Alto Networks Automation Capabilities Cloud Security Automation Stack Applying Cloud Security Automation Composable Automation Eco-system Distributable Security Cloud Adoption and Benefits
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NEED FOR AUTOMATION • Rapidly deploy new applications: Dev →Test → Prod • Improve security, increase agility, reduce effort to achieve business goals • Inject security into DevOps → DevSecOps App Network Security Infrastructure as Code Security as Code Ansible AWS CloudFormation Templates Terraform Provider for AWS Terraform Provider for PAN-OS Infrastructure & Ongoing Configuration “as code” Key Stakeholder Involvement Accelerate Adoption Automation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T ACCELERATE SECURE CLOUD DEPLOYMENTS Quick Reproducible Repeatable Scalable Deploy in minutes app1 app2 app3 Region1 Region2
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T CLOUD SECURITY AUTOMATION STACK Infrastructure Build-Out Terraform Cloud Templates (Infrastructure as Code) Security Layer Terraform Provider (PAN-OS) (Security as Code) Operations Terraform Integration (Automated Incident Response) Repeatable, Consistent, Agile, and Secure Other public clouds
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE AS CODE: BUILD THE ENVIRONMENT Manual Process: slow, delayed and extended rollouts Infrastructure as Code: deployed in minutes, highly reproducible, agile Region 1 Region 2 Region 1 Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE AS CODE: FIREWALL HUB WITH ALB’S • Fully automated • Blueprint developed and pushed out company wide • Huge cost savings • VM-Series natively integrated with cloud capabilities • Next: Automate build out of LOB (Line of Business) applications Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T SECURITY AS CODE: INTEGRATE LOB WITH FIREWALL HUB • Automate the creation of private link tunnels • Automate deployment of NAT and Security policies • Seamless integration: App + Security = business objectives • We can do more! • Next: Feed threat intel to VM- Series to block attacks from new sources. VPN Connection PrivateLink PrivateLink Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Network Load Balancer Network Load Balancer VPN GW VPN Connection PrivateLink PrivateLink Network Load Balancer Network Load Balancer VPN GW
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T OPS AS CODE: AMAZON GUARDDUTY INTEGRATION 1) Amazon GuardDuty sends security alerts to AWS CloudWatch Malicious IP address 2) Amazon CloudWatch event triggers a Lambda function Policy: Drop Session 4) DAG’s used in security policy to drop matching sessions. Dynamic Address Group 3) Register the malicious IP to a Dynamic Address Group (DAG) using the XML API. Amazon CloudWatch Lambda Function Amazon GuardDuty Untrust Security group VPC Untrust Security group VPC
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T SUMMARY & KEY TAKEAWAYS • Framework developed with real world use case and workflows • Collaboration based on inputs from customers and cloud providers • Readily available templates • Easy to adopt and use • Highly composable • Well defined integration pointsPalo Alto Networks VM-Series Infrastructure Templates Composable Cloud Security Cloud Success with Security Cloud Native Templates Cloud Native Tunnels Automation with Terraform Security Provider devsecops Extensible Foundation Pillars Beams Cupola
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DEMO: CLOUD SECURITY AT THE SPEED OF DEVOPS Firewall admin (Sec Team) Developer (App Team) 1. Push new app 3. Commit app security policy 4. Poll and pull changes 5. Push VM-Series policy using PAN-OS Terraform provider AWS CodeDeploy Repeat / Refine / Update 2. Deploy app 0. Infrastructure as code using Terraform templates web app root volume data volume Availability zone 1 Security group Auto Scaling group Security group
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Speaker Name Contact information
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I TS U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Empfohlen

Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...
Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...
Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...Amazon Web Services
 
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...Amazon Web Services
 
Network visibility into the traffic traversing your AWS infrastructure - SVC2...
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Network visibility into the traffic traversing your AWS infrastructure - SVC2...
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Amazon Web Services
 
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Amazon Web Services
 
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
 
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...Amazon Web Services
 
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...Amazon Web Services
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitAmazon Web Services
 

Empfohlen

Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...
Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...
Mythical Mysfits - Monolith to microservices with Docker and Fargate - MAD305...Amazon Web Services
 
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...
Using AWS IoT & Amazon SageMaker to Improve Manufacturing Operations - SVC204...Amazon Web Services
 
Network visibility into the traffic traversing your AWS infrastructure - SVC2...
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Network visibility into the traffic traversing your AWS infrastructure - SVC2...
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Amazon Web Services
 
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Amazon Web Services
 
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
 
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...Amazon Web Services
 
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...
Deep dive on AWS Cloud storage offerings - What to use, where, and why - STG3...Amazon Web Services
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitAmazon Web Services
 
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSCobus Bernard
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
 
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...Amazon Web Services
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Amazon Web Services
 
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Amazon Web Services
 
Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...Amazon Web Services
 
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfPerforming real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfAmazon Web Services
 
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...Amazon Web Services
 
Developing Modern Applications in the Cloud
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the CloudCobus Bernard
 
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...Amazon Web Services
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitAmazon Web Services
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledAmazon Web Services
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
 
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...Amazon Web Services
 
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS SummitStudio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS SummitAmazon Web Services
 
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS SummitDeveloping Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS SummitAmazon Web Services
 
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
 
CICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdfCICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdfAmazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSCobus Bernard
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
 
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...Amazon Web Services
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Amazon Web Services
 
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Amazon Web Services
 
Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...Amazon Web Services
 
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfPerforming real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfAmazon Web Services
 
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...Amazon Web Services
 
Developing Modern Applications in the Cloud
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the CloudCobus Bernard
 
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...Amazon Web Services
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitAmazon Web Services
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledAmazon Web Services
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
 
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...Amazon Web Services
 
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS SummitStudio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS SummitAmazon Web Services
 
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS SummitDeveloping Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS SummitAmazon Web Services
 

Was ist angesagt? (20)

The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
 
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
Build a Next-Gen Meeting Room Experience Using Alexa for Business - SVC203 - ...
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
 
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...
 
Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...Building enterprise solutions with blockchain and ledger technology - SVC202 ...
Building enterprise solutions with blockchain and ledger technology - SVC202 ...
 
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdfPerforming real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
Performing real-time ETL into data lakes - ADB202 - Santa Clara AWS Summit.pdf
 
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
 
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
A Culture of Rapid Innovation with DevOps, Microservices, & Serverless - MAD2...
 
Developing Modern Applications in the Cloud
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the Cloud
 
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
Ambient Intelligence: Bringing ML & AI to the Connected Home - SVC302 - Anahe...
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS Summit
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths Dispelled
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
 
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
Machine learning at the IoT Edge with AWS IoT Greengrass - SVC203 - Atlanta A...
 
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS SummitStudio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
Studio in the Cloud: Producing Content on AWS - CMP202 - Anaheim AWS Summit
 
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS SummitDeveloping Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
Developing Intelligent Robots with AWS RoboMaker - SVC205 - Anaheim AWS Summit
 

Ähnlich wie Delivering infrastructure, security, and operations as code - DEM06 - Santa Clara AWS Summit

Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
 
CICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdfCICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdfAmazon Web Services
 
AWS Accra Meetup - Developing Modern Applications in the Cloud
AWS Accra Meetup - Developing Modern Applications in the CloudAWS Accra Meetup - Developing Modern Applications in the Cloud
AWS Accra Meetup - Developing Modern Applications in the CloudCobus Bernard
 
[CPT DevOps Meetup] Developing Modern Applications in the Cloud
[CPT DevOps Meetup] Developing Modern Applications in the Cloud[CPT DevOps Meetup] Developing Modern Applications in the Cloud
[CPT DevOps Meetup] Developing Modern Applications in the CloudCobus Bernard
 
AWS Jozi Meetup Developing Modern Applications in the Cloud
AWS Jozi Meetup Developing Modern Applications in the CloudAWS Jozi Meetup Developing Modern Applications in the Cloud
AWS Jozi Meetup Developing Modern Applications in the CloudCobus Bernard
 
AWS DevDay Cologne - CI/CD for modern applications
AWS DevDay Cologne - CI/CD for modern applicationsAWS DevDay Cologne - CI/CD for modern applications
AWS DevDay Cologne - CI/CD for modern applicationsCobus Bernard
 
CI/CD for Containers: A Way Forward for Your DevOps Pipeline
CI/CD for Containers: A Way Forward for Your DevOps PipelineCI/CD for Containers: A Way Forward for Your DevOps Pipeline
CI/CD for Containers: A Way Forward for Your DevOps PipelineAmazon Web Services
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
 
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...Amazon Web Services
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...Amazon Web Services
 
Integrating network and API security into your application lifecycle - DEM07 ...
Integrating network and API security into your application lifecycle - DEM07 ...Integrating network and API security into your application lifecycle - DEM07 ...
Integrating network and API security into your application lifecycle - DEM07 ...Amazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
 
DevSecOps: Key Controls for Modern Security Success
DevSecOps: Key Controls for Modern Security SuccessDevSecOps: Key Controls for Modern Security Success
DevSecOps: Key Controls for Modern Security SuccessPuma Security, LLC
 
CICDforModernApplications-Oslo.pdf
CICDforModernApplications-Oslo.pdfCICDforModernApplications-Oslo.pdf
CICDforModernApplications-Oslo.pdfAmazon Web Services
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
 
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...Amazon Web Services
 
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...Amazon Web Services
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...Amazon Web Services
 
VMware Cloud on AWS - The Next-Generation Hybrid Cloud
VMware Cloud on AWS - The Next-Generation Hybrid CloudVMware Cloud on AWS - The Next-Generation Hybrid Cloud
VMware Cloud on AWS - The Next-Generation Hybrid CloudAmazon Web Services
 

Ähnlich wie Delivering infrastructure, security, and operations as code - DEM06 - Santa Clara AWS Summit (20)

Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
 
CICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdfCICDforModernApplications_Stockholm.pdf
CICDforModernApplications_Stockholm.pdf
 
CI/CD for Modern Applications
CI/CD for Modern ApplicationsCI/CD for Modern Applications
CI/CD for Modern Applications
 
AWS Accra Meetup - Developing Modern Applications in the Cloud
AWS Accra Meetup - Developing Modern Applications in the CloudAWS Accra Meetup - Developing Modern Applications in the Cloud
AWS Accra Meetup - Developing Modern Applications in the Cloud
 
[CPT DevOps Meetup] Developing Modern Applications in the Cloud
[CPT DevOps Meetup] Developing Modern Applications in the Cloud[CPT DevOps Meetup] Developing Modern Applications in the Cloud
[CPT DevOps Meetup] Developing Modern Applications in the Cloud
 
AWS Jozi Meetup Developing Modern Applications in the Cloud
AWS Jozi Meetup Developing Modern Applications in the CloudAWS Jozi Meetup Developing Modern Applications in the Cloud
AWS Jozi Meetup Developing Modern Applications in the Cloud
 
AWS DevDay Cologne - CI/CD for modern applications
AWS DevDay Cologne - CI/CD for modern applicationsAWS DevDay Cologne - CI/CD for modern applications
AWS DevDay Cologne - CI/CD for modern applications
 
CI/CD for Containers: A Way Forward for Your DevOps Pipeline
CI/CD for Containers: A Way Forward for Your DevOps PipelineCI/CD for Containers: A Way Forward for Your DevOps Pipeline
CI/CD for Containers: A Way Forward for Your DevOps Pipeline
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
 
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...
CI/CD best practices for building modern applications - MAD304 - Chicago AWS ...
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...
 
Integrating network and API security into your application lifecycle - DEM07 ...
Integrating network and API security into your application lifecycle - DEM07 ...Integrating network and API security into your application lifecycle - DEM07 ...
Integrating network and API security into your application lifecycle - DEM07 ...
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
 
DevSecOps: Key Controls for Modern Security Success
DevSecOps: Key Controls for Modern Security SuccessDevSecOps: Key Controls for Modern Security Success
DevSecOps: Key Controls for Modern Security Success
 
CICDforModernApplications-Oslo.pdf
CICDforModernApplications-Oslo.pdfCICDforModernApplications-Oslo.pdf
CICDforModernApplications-Oslo.pdf
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
 
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...
 
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM07...
 
VMware Cloud on AWS - The Next-Generation Hybrid Cloud
VMware Cloud on AWS - The Next-Generation Hybrid CloudVMware Cloud on AWS - The Next-Generation Hybrid Cloud
VMware Cloud on AWS - The Next-Generation Hybrid Cloud
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Delivering infrastructure, security, and operations as code - DEM06 - Santa Clara AWS Summit

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE, SECURITY AND OPERATIONS “AS CODE” Vinay Venkataraghavan Cloud Architect Palo Alto Networks D E M 0 6
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T CLOUD AUTOMATION DRIVERS Agility, DevSecOps, Multi-cloud Palo Alto Networks Automation Capabilities Cloud Security Automation Stack Applying Cloud Security Automation Composable Automation Eco-system Distributable Security Cloud Adoption and Benefits
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NEED FOR AUTOMATION • Rapidly deploy new applications: Dev →Test → Prod • Improve security, increase agility, reduce effort to achieve business goals • Inject security into DevOps → DevSecOps App Network Security Infrastructure as Code Security as Code Ansible AWS CloudFormation Templates Terraform Provider for AWS Terraform Provider for PAN-OS Infrastructure & Ongoing Configuration “as code” Key Stakeholder Involvement Accelerate Adoption Automation
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T ACCELERATE SECURE CLOUD DEPLOYMENTS Quick Reproducible Repeatable Scalable Deploy in minutes app1 app2 app3 Region1 Region2
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T CLOUD SECURITY AUTOMATION STACK Infrastructure Build-Out Terraform Cloud Templates (Infrastructure as Code) Security Layer Terraform Provider (PAN-OS) (Security as Code) Operations Terraform Integration (Automated Incident Response) Repeatable, Consistent, Agile, and Secure Other public clouds
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE AS CODE: BUILD THE ENVIRONMENT Manual Process: slow, delayed and extended rollouts Infrastructure as Code: deployed in minutes, highly reproducible, agile Region 1 Region 2 Region 1 Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC Untrust Security group VPC Untrust Security group VPC Trust Security group VPC Trust Security group VPC
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T INFRASTRUCTURE AS CODE: FIREWALL HUB WITH ALB’S • Fully automated • Blueprint developed and pushed out company wide • Huge cost savings • VM-Series natively integrated with cloud capabilities • Next: Automate build out of LOB (Line of Business) applications Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T SECURITY AS CODE: INTEGRATE LOB WITH FIREWALL HUB • Automate the creation of private link tunnels • Automate deployment of NAT and Security policies • Seamless integration: App + Security = business objectives • We can do more! • Next: Feed threat intel to VM- Series to block attacks from new sources. VPN Connection PrivateLink PrivateLink Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Application Load Balancer Ingress Ingress Ingress Ingress Ingress Application Load Balancer Network Load Balancer Network Load Balancer VPN GW VPN Connection PrivateLink PrivateLink Network Load Balancer Network Load Balancer VPN GW
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T OPS AS CODE: AMAZON GUARDDUTY INTEGRATION 1) Amazon GuardDuty sends security alerts to AWS CloudWatch Malicious IP address 2) Amazon CloudWatch event triggers a Lambda function Policy: Drop Session 4) DAG’s used in security policy to drop matching sessions. Dynamic Address Group 3) Register the malicious IP to a Dynamic Address Group (DAG) using the XML API. Amazon CloudWatch Lambda Function Amazon GuardDuty Untrust Security group VPC Untrust Security group VPC
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T SUMMARY & KEY TAKEAWAYS • Framework developed with real world use case and workflows • Collaboration based on inputs from customers and cloud providers • Readily available templates • Easy to adopt and use • Highly composable • Well defined integration pointsPalo Alto Networks VM-Series Infrastructure Templates Composable Cloud Security Cloud Success with Security Cloud Native Templates Cloud Native Tunnels Automation with Terraform Security Provider devsecops Extensible Foundation Pillars Beams Cupola
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DEMO: CLOUD SECURITY AT THE SPEED OF DEVOPS Firewall admin (Sec Team) Developer (App Team) 1. Push new app 3. Commit app security policy 4. Poll and pull changes 5. Push VM-Series policy using PAN-OS Terraform provider AWS CodeDeploy Repeat / Refine / Update 2. Deploy app 0. Infrastructure as code using Terraform templates web app root volume data volume Availability zone 1 Security group Auto Scaling group Security group
  • 12.
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Speaker Name Contact information
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I TS U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.