aws govcloud (us) - an overview
TRANSCRIPT
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS GovCloud (US) - An Overview
Karen ArangoAWS GovCloud Product Manager
©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS Global Infrastructure
Over 1 million active customers across 190 countries
1,700 government agencies
4,500 educational institutions
AWS Infrastructure
11 regions
28 availability zones
53 edge locations
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS GovCloud (US) Region
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Data
Network
Machine
Isolated AWS Region
Separate AWS Identity & Access Management (IAM) stack
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
by
US Persons on US Soil
AWS Managed
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
History of Innovation
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Amazon VPC
Amazon EC2
Amazon EBS
2011
April 9, 2015
IAM
Amazon S3
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Auto Scaling
AWS Command Line Interface
2011 2012
April 9, 2015
Amazon RDS
Amazon SQS
Amazon SNS
IAM
Amazon S3
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Auto Scaling
AWS Command Line Interface
Amazon Elastic MapReduce
AWS Management Console
2011 2012 2013
April 9, 2015
Amazon RDS
Amazon SQS
Amazon SNS
IAM
Amazon S3Amazon SWF
Amazon DynamoDB
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Auto Scaling
AWS Command Line Interface
Amazon Elastic MapReduce
AWS Management Console
Second Generation Instance Types
Amazon Glacier
Amazon EC2 VM Import
Service Health Dashboard
2011 2012 2013 2014
April 9, 2015
Amazon RDS
Amazon SQS
Amazon SNS
IAM
Amazon S3Amazon SWF
Amazon DynamoDB
Amazon Redshift
AWS CloudTrail
Amazon VPC Peering
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Amazon VPC
Amazon EC2
Amazon EBS
Amazon CloudWatch
Elastic Load Balancing
Auto Scaling
AWS Command Line Interface
Amazon Elastic MapReduce
AWS Management Console
Second Generation Instance Types
Amazon Glacier
Amazon EC2 VM Import
Service Health Dashboard
2011 2012 2013 2014 2015 *to date
April 9, 2015
Amazon ElastiCache
Amazon S3 Lifecycle
Management
Amazon EC2 VM Export
AWS Key Management Service
Amazon RDS
Amazon SQS
Amazon SNS
IAM
Amazon S3Amazon SWF
Amazon DynamoDB
Amazon Redshift
Amazon CloudTrail
Amazon VPC Peering
Amazon EBS Encryption
Amazon RDS Encryption
Amazon Redshift Encryption
Amazon EMR Encryption
Amazon S3 Encryption
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Security & Compliance
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Addresses Regulatory & Compliance Requirements
Boundary Protection
Mandatory VPC
Auditing
CloudTrail-Enabled Accounts
Encryption
FIPS 140-2 Endpoints
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Encryption
AWS Key Management Service
EBS RDS S3 EMR Redshift
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Certifications & Accreditations
IAM EC2 EBSVPC S3
Levels1-2, 3-5
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Requirements for Access
Can handle export controlled data US Person US Entity
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Security is a Shared Responsibility
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Facilities
Physical security
Infrastructure
Virtualization layer
Service endpoints
Identity & Access Management
Security of the CloudAmazon Responsibility
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Network configuration
Security groups
OS firewalls
Operating systems
Application security
Account management
Authorization policies
Customer Responsibility
Security in the Cloud
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
HIPAA Whitepape
r
Compliance of the Cloud
FedRAMPSM Agency ATO
DoD CSM Levels 1-2, 3-
5
FISMA
DIACAP
CJIS Workbook
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Compliance Documentation
Compliance in the Cloud
System Security Plan
Architecture Documentati
on
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Controlled Unclassified Information
Export ControlledITAR
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Mars Science Laboratory Data AnalyticsUsing Elastic Search and HDFS
Phillip Southam - Senior Software Systems ArchitectDan Isla – IT Data Scientist
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Mars Science Laboratory Engineering Operations Team
The Mission
Engineering Operations completes rover engineering health assessment & analysis in support operations of the
MSL spacecraft.
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
The Problem
Gold Source of Data
MySQL database with 10B records
Only current interface is DB query
Limited flexibility of interfaces
ITAR compliance of all data sources
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
The Solution
Elastic Search as front and back end data store to query and visualize spacecraft channel data
HDFS as data store for custom dashboards, plotting applications, and scripts
REST APIs to allow for platform independent data consumption
Tool suite to simplify cluster operation
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
The Architecture
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Controlled Unclassified Information
Nuclear
AgricultureCopyright
Critical InfrastructureIntelligence
PatentLaw Enforcement
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Controlled Unclassified Information
Financial
PrivacyProprietary (IP)
Statistical (Census)Tax
Transportation
Healthcare
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Evolution of Workloads
Websites Backup & Recovery Archiving Disaster Recovery
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Evolution of Workloads
Dev & Test Big Data High Performance Computing
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Evolution of Workloads
Business Applications Enterprise IT
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS GovCloud Adoption273% average YoY growth since
launch
(Q4 2011 to Q4 2014)
2011 2012 2013 2014
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Government
Federal State Local
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Not Just for Government!
Educational Institutions
Research Organization
s
Private Industry
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS Partners
Consulting Partners
Technology Partners
SaaS Providers
Resellers
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
How do I get access?
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Questions?
Keith BrooksAWS GovCloud Business
Karen ArangoAWS GovCloud Product Manager
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
AWS GovCloud Resources
Website: http://aws.amazon.com/govcloud-us
User Guide: http://docs.aws.amazon.com/govcloud-us/latest/UserGuide/welcome.html
Console: https://console.amazonaws-us-gov.com/console
Service Health Dashboard: http://status.aws.amazon.com/govcloud
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Thank You.This presentation will be loaded to SlideShare the week following the Symposium.
http://www.slideshare.net/AmazonWebServices
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015