© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Establishing a Scalable, Resilient Web Architecture

Todd M. Gagorik, Senior Manager, Solutions Architecture, AWS Web Services - WWPS

June 20, 2016

Let’s Start with a Demo....

AWS MissionEnable businesses and developers to use web

services* to build scalable, sophisticated applications.

*What people now call “the cloud”

Gartner Magic Quadrant for Cloud Infrastructure as a Service, Worldwide

Gartner “Magic Quadrant for Cloud Infrastructure as a Service, Worldwide,” Lydia Leong, Douglas Toombs, Bob Gill, May 18, 2015. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available at http://aws.amazon.com/resources/analyst-reports/. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

ON DEMAND}UNIFORMPAY AS YOU GO

AVAILABLE

ON DEMAND}UNIFORMPAY AS YOU GO

AVAILABLE

Compute

Storage

SecurityScaling

Database

NetworkingMonitoring

Messaging

Workflow

DNSLoad Balancing

BackupCDN}ON DEMANDUNIFORM

PAY AS YOU GOAVAILABLE

WEB SERVICE API

Physical SpaceCabling

PowerCooling

NetworkingRacks

ServersStorage

CertificationLabor

On-Premises

$0to Get Started

no long-term contracts

Cloud Computing

vs.

Services Overview

But first…

Architected for Government Security RequirementsCertifications and accreditations for workloads that matter

AWS CloudTrail and AWS Config Call logging and configuration management for governance & compliance

• Log, review, alarm on all user actions

• Browse and query database of current and previous state of cloud resources

Security Is a Shared ResponsibilityCustomers Refocus on Systems and Apps.Security experts are a scarce resource!Refocus your security professional on a subset of the problem.

Facilities

Physical security

Compute infrastructure

Storage infrastructure

Network infrastructure

Virtualization layer (Amazon EC2)

Hardened service endpoints

Rich AWS Identity and Access Management (IAM ) capabilities

+ =Network configuration

Security groups

OS firewalls

Operating systems

Application security

Proper service configuration

AuthN & account management

Authorization policies

Customers

More secure and compliant systems than any single entity could achieve on its own

Economies of Scale Apply to Security and Compliance

The customer community benefits from tough scrutiny, the world-class AWS security team, market-leading capabilities, and constant improvements.

Everyone’s Systems and Applications

Security Infrastructure

Security Infrastructure

Requirements Requirements Requirements

Nothing better for the entire community than a tough set of customers…

AWS Global Infrastructure

11 AWS Regions50+ AWS Edge Locations

AWS Global Infrastructure

Availability Zone A

Availability Zone B

Availability Zone C

EU (Ireland)

Availability Zone A

Availability Zone B

South America (Sao Paulo)

Availability Zone A

Availability Zone B

Asia Pacific (Sydney)

Availability Zone A

Availability Zone B

GovCloud (OR)

Availability Zone A

Availability Zone B

Availability Zone C

Availability Zone D

US East (VA)

Availability Zone A

Availability Zone B

US West (CA)

Availability Zone A

Availability Zone B

Asia Pacific (Singapore)

Availability Zone A

Availability Zone B

Availability Zone C

Asia Pacific (Tokyo)

Availability Zone A

Availability Zone B

Availability Zone C

US West (OR)

Customer Decides Where Applications and Data Reside

US REGIONS GLOBAL REGIONS

Note: Conceptual drawing only. The number of Availability Zones may vary.

Availability Zone A

Availability Zone B

EU (Frankfurt)

AWS Global Infrastructure

Application Services

Networking

Deployment & Administration

DatabaseStorageCompute

AWS S3

AWS SQS

AWS EC2

AWS Simple DB

AWS EBS

AWS CloudFront

Elastic Load

Balancing

Auto Scaling

AWS VPC

AWS RDS

AWS SNS

AWS IAM

AWS Route 53

AWS SES

AWS Elastic Beanstalk

AWS CloudFormation

AWS Elasticache

AWS Direct Connect

AWS GovCloud

AWS Storage Gateway

AWS DynamoDB

AWS CloudSearch

AWS SWF

AWS Glacier

AWS Redshift

AWS Data Pipeline

AWS Elastic Transcoder

AWS OpsWorks

AWS CloudHSM

AWS AppStream

AWS CloudTrail

AWS WorkSpaces

AWS Kinesis

AWS ECS

AWS Lambda

AWS Config

AWS CodeDeploy

AWS RDS for Aurora

AWS KMS

AWS Cognito

AWS WorkDocs

AWS Directory Service

AWS Mobile Analytics

2006 2007 2008 2009 2010 2011 2012 2013 2014 2015

AWS WorkMail

AWS’ History of InnovationAWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 40 services.

April 9, 2015

AWS EFS

AWS Machine Learning

Architect for High Availability

1. Use multiple Availability Zones.

2. Use Amazon RDS with replicas and standby.

3. Use Auto Scaling groups.

4. Use Elastic Load Balancing.

5. Use Amazon Route 53 to host DNS zones.

Three Services: Better Together

Utilization

Latency

Metrics

Amazon CloudWatch

Elastic Load Balancing

Auto Scaling

Use at regional levelCombined with Auto Scaling, ELB

will balance requests and resource capacity across

Availability Zones

Within Amazon VPCUse to load balance between

application tiers within an Availability Zone

Instance migrationsEasily move instances from dev

environments to test environments by moving between

elastic load balancers

Leverage SLAImprove application reliability with

Route 53’s SLA on requests served

Weighted routingPerform A/B analysis and staged application rollouts by moving a

portion of traffic to new infrastructure

Control TTLs and updatesTake absolute control of DNS

updates for more decisive system updates

Scale databases without admin overhead

Choose instance size for databases and scale up over time

Add high availability from management console

Create Multi-AZ deployments and Read Replicas. AWS takes care of the failover and recreation of a new standby in event of master

DB loss

Elastic Load Balancing Route 53 RDS

Dynamically scale resources & control costs

Provision only the resources that are required with scale up and cool down policies that match

demand

Auto Scaling

Architect to Use Cloud Strengths

So, How Did It Go?

AWS CloudFormation?

Simplified provisioning for the full breadth of AWS services.Create templates of the infrastructure and applications you want to run on AWS.CloudFormation automatically provisions the required AWS resources and their relationships from the templates.Easily version control, replicate, or update the infrastructure and applications.CloudFormation integrates with other development, CI/CD, and management tools.

Questions?