Presentation is loading. Please wait.

Presentation is loading. Please wait.

AWS BEST PRACTICES Module 1: Overview July 2017.

Published byElfreda McCoy Modified over 6 years ago

Similar presentations

Presentation on theme: "AWS BEST PRACTICES Module 1: Overview July 2017."— Presentation transcript:

1 AWS BEST PRACTICES Module 1: Overview July 2017

2 Performance Optimization
AWS Best Practices Training Program Basic Approaches Course overview Basic infrastructure requirements Reliability and Performance overview Costs optimization overview Monitoring tools overview Useful tools overview Costs Optimization The “Minimum Principle” and Auto Scaling Serverless architectures Container-based architectures Resources review and optimization Using Reserved Instances Using Spot Instances Security in AWS Basic security principles and tools Access management Data encryption and protection Network security Performance Optimization AWS Service Limits Components selection and review Backup Components failure withstanding

3 Basic Infrastructure Requirements
Controlled access Secure data at rest Secure data at transit Reasonable network topology Traffic control Secure Pay for what you use Use as little as possible Stable performance Failure withstanding Backups Effective resources usage Correct resources selection Correct services selection Service limits consideration Reliable Cost-Optimized

4 Check PM in UPSA/Telescope
Activating Your Project in AWS To start using Cloud, submit a project activation request on support.epam.com PM support.epam.com Leave request 1 BD Check PM in UPSA/Telescope ! Use project PMC code cloud.epam.com Sign In Any delays or issues? Address

5 AWS Service Limits AWS Service Limits provide the default limits for AWS services for an AWS account (linked account) Elastic Compute Cloud (EC2) Service Limits Resource Default Limit Elastic IP addresses for EC2-Classic 5 Security groups for EC2-Classic per instance 500 Rules per security group for EC2-Classic 100 Key pairs 5,000 Throttle on the s that can be sent from your Amazon EC2 account Throttle applied On-Demand Instances Limits vary depending on instance type. For more information, see How many instances can I run in Amazon EC2. Spot Instances Limits vary depending on instance type, region, and account. For more information, see Spot Instance Limits. Reserved Instances 20 Reserved Instances per Availability Zone, per month, plus 20 regional Reserved Instances. Dedicated Hosts Up to two Dedicated Hosts per instance family, per region can be allocated. AMI Copies Destination regions are limited to 50 concurrent AMI copies at a time, with no more than 25 of those coming from a single source region. Request increase

6 EPAM Orchestration Resource Quotas
Item Description Limit Type Volumes Number of storage volumes created 5 Daily Volume size Size of each storage volume 500 GB Total volume size Total size of each volume 2.5 TB Instances Number of instances created 20 Resource utilization The cost of the utilized infrastructure 300 USD Monthly PM can set approvals for VM Creation!

7 Unusual Activities Report
EPAM Orchestrator analyzes your AWS activities and informs you in case unusual activity is detected. When a daily resource creation quota in AWS is exceeded on your project within an hour, Project Coordinators and Delivery managers get a notification via SMS and a respective with the details on these activities, and two action buttons: Approve: verify that the enormous resource creation activities are expected Reject: all the resources listed in the report will be terminated, and the related accounts deleted If Approve or Reject button is not pressed by Project Coordinator or Delivery Manager within 15 minutes after the notification, EPAM Cloud Support team can take the responsibility to Reject resources creation and to take all the necessary hack-protection measures.

8 Accessing AWS Infrastructure

9 Ordering an Instance via EPAM Cloud Dashboard
You can run an AWS VM right from EPAM Cloud Dashboard

10 IAM Users Access: EPAM SSO
Role Name Permissions BasicReadOnly access to EC2, S3, RDS, DynamoDB, Lambda with read-only access. FullReadOnly access to all services with read-only access. BasicUser access to EC2, S3, RDS, DynamoDB, Lambda with full access but without permissions to create IAM users, manage IAM roles, manage security groups. AdminUser access to all services with full access without permissions to create IAM users, manage IAM roles, manage security groups. Using temporary access (or2awsmc) Requesting an IAM user for extra permissions

11 Infrastructure Review

12 Monitoring: EPAM Cloud Tools
The Monitoring page provides information on various infrastructure and resources performance metrics Service usage VM Lifetime Optimization Financial KPI CloudWatch

13 Monitoring: CloudWatch
Use CloudWatch to track metrics, logs, set alarms and auto reaction Monitor AWS EC2 Monitor other AWS resources Monitor custom metrics Monitor and store logs View graphs and stats Set alarms and react

14 Monitoring: Cloud Trail
Cloud Trail can be used as a basic monitoring tool

15 Using AWS Trusted Advisor
AWS Trusted Advisor provides you with real-time services usage status and optimization statistics.

16 AWS CosTS Optimization

17 AWS COSTS ELEMENTS OVERVIEW
EC2 Instance (Compute) EBS Volumes EBS IOPS AWS VM Price Date Transfer Elastic IP Elastic LB Mind Other Services!

18 EPAM Orchestrator Monthly Quotas: Overview
Monthly quotas specify the desired limit for Cloud Expenses within the month. In case several quota rules are specified, the narrowest (with smallest limit) is applied. ALL - the quota is applied cumulatively to all regions in which the project is activated. All AWS(EPAM/GCP/Azure) – the quota is applied cumulatively to all regions of an external provider, in which the project is activated. EACH - the quota is applied to each region in which the project is activated. EACH AWS(EPAM/GCP/Azure) – the quota is applied in each region of an external provider, in which the project is activated. Region by name – Specify a quota for a specific region

19 EPAM Orchestrator Quotas: Management
Review quota settings Update quota limits Specify quota depletion actions

20 Using Schedules Running VM CRON Stopped VM
The Idea Running VM CRON Stopped VM <show live schedules> Automate infrastructure management Minimize human factor Set up any convenient schedule Automatic check of schedules execution

21 Cuts ONLY compute price!
Using Schedules Profit Start VMs when you need to use them, and stop when they are not needed <show live schedules> Cuts ONLY compute price!

22 Using Schedules <show live schedules> Get an notification, if an issue with your schedule occurs!

23 AWS COSTS OPTIMIZATION: SHORT OVERVIEW
Project costs is one of the crucial challenges managers face. Uncontrolled and unreasonable usage of virtual resources on AWS can lead to unexpected expenses, that can be easily omitted by keeping in mind several simple rules: Use the “Minimum” principle: order the resources with the minimum capacity, necessary for your needs. You can always expand, when necessary. Select proper resources: the correct resource selection can provide you with the necessary results without extra expenses. Utilize resources reasonably: monitor low utilized resources and adjust their usage. Stopped resources cost up to 70% less than running ones Use schedules: automate the start/stop processes Set up Quotas: to track and control monthly expenses

24 Next Steps

25 Security Education: Online Course
Get a free course on AWS APN portal ( Pass an APN Course or a Certification Submit a Certificate Get a badge Get to the pro-list for further courses + Investigate our Web Site ( + Watch the Video Portal (

26 Issues Resolving Flow Please also feel free to address EPAM Cloud Consulting team

27 AWS Enterprise Support Access
24/7 customer support with less than 1 hour response time Response to critical events less than 15 minutes Support by Senior Cloud Support Engineers via , chat and phone in case of critical events Unlimited number of cases Dedicated technical Account Manager and Concierge Agent Free Infrastructure Event Management Service Access to AWS Trusted Advisor and Support API functions Regular communication including AWS resource usage reporting, monitoring, recommendations on infrastructure optimization and improvement Access to Amazon documentation

28 Home Work Get a free course on AWS APN portal ( Pass AWS Business Professional Course Pass AWS Technical Professional Course

29 Documentation Hybrid Cloud Guide Terms and Conditions
Cloud Security Policy The guide providing the details on integration with AWS and Azure. EPAM Cloud terms and conditions: terms definitions, parties responsibilities EPAM Cloud Security policies and approaches FAQ Cloud Glossary Cloud Consulting What’s New Release Notes Video Overview Address us if you have any questions! EPAM Cloud frequently asked questions See the whole documentation set on

30 NEXT: Costs Optimization Performance Optimization
AWS Best Practices Training Program Basic Approaches Course overview Basic infrastructure requirements Reliability and Performance overview Costs optimization overview Monitoring tools overview Useful tools overview NEXT: Costs Optimization The “Minimum Principle” and Auto Scaling Serverless architectures Container-based architectures Resources review and optimization Using Reserved Instances Using Spot Instances Security in AWS Basic security principles and tools Access management Data encryption and protection Network security Performance Optimization AWS Service Limits Components selection and review Backup Components failure withstanding

31 Thank you for attention!
Cloud in Yammer: EPAM Cloud Consulting team

Download ppt "AWS BEST PRACTICES Module 1: Overview July 2017."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)

Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)
EPAM Private Cloud Integration with AWS February, 2015.

EPAM Private Cloud Integration with AWS February, 2015.
B. Ramamurthy 4/17/20151. Overview of EC2 Components (fig. 2.1) 10..* 1 1 1 1 4/17/20152.

B. Ramamurthy 4/17/ Overview of EC2 Components (fig. 2.1) 10..* /17/20152.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES IT Services Storage And Backup Low Cost Central Storage (LCCS) January 9, 2009 1.

STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES IT Services Storage And Backup Low Cost Central Storage (LCCS) January 9,
DEVELOPER DAY BEFORE WE START, PLEASE VISIT WWW.PAYNOW.CO.ZW AND SIGN UPWWW.PAYNOW.CO.ZW.

DEVELOPER DAY BEFORE WE START, PLEASE VISIT AND SIGN UPWWW.PAYNOW.CO.ZW.
1 NETE4631 Cloud deployment models and migration Lecture Notes #4.

1 NETE4631 Cloud deployment models and migration Lecture Notes #4.
Nikolay Tomitov Technical Trainer SoftAcad.bg.  What are Amazon Web services (AWS) ?  What’s cool when developing with AWS ?  Architecture of AWS 

Nikolay Tomitov Technical Trainer SoftAcad.bg.  What are Amazon Web services (AWS) ?  What’s cool when developing with AWS ?  Architecture of AWS 
EPAM Private Cloud For Project Managers and Coordinators June, 2015 Basic Concepts.

EPAM Private Cloud For Project Managers and Coordinators June, 2015 Basic Concepts.
EPAM Private Cloud Management tools on UI June, 2015.

EPAM Private Cloud Management tools on UI June, 2015.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Introduction to Amazon Web Services (AWS)

Introduction to Amazon Web Services (AWS)
Solution Overview for NIPDEC- CDAP July 15, 2005.

Solution Overview for NIPDEC- CDAP July 15, 2005.
EPAM Private Cloud Five Hints to Optimize Costs June, 2015.

EPAM Private Cloud Five Hints to Optimize Costs June, 2015.
Promoting Open Source Software Through Cloud Deployment: Library à la Carte, Heroku, and OSU Michael B. Klein Digital Applications Librarian

Promoting Open Source Software Through Cloud Deployment: Library à la Carte, Heroku, and OSU Michael B. Klein Digital Applications Librarian
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
EPAM Private Cloud Integration with AWS February, 2015.

EPAM Private Cloud Integration with AWS February, 2015.
How AWS Pricing Works Jinesh Varia Technology Evangelist.

How AWS Pricing Works Jinesh Varia Technology Evangelist.
Licensed under Creative Commons Attribution-Share Alike 3.0 Unported License Cloud Hosting Practices Lessons DuraSpace has learned Bill Branan Open Repositories.

Licensed under Creative Commons Attribution-Share Alike 3.0 Unported License Cloud Hosting Practices Lessons DuraSpace has learned Bill Branan Open Repositories.
AWS Usage Tips SCS APAC MAR-2010. Agenda About Amazon Web Service Sign up the AWS account AWS Management Oracle Apps AMI – Siebel CRM 8.1.1 – EBS R12.1.2.

AWS Usage Tips SCS APAC MAR Agenda About Amazon Web Service Sign up the AWS account AWS Management Oracle Apps AMI – Siebel CRM – EBS R

Similar presentations

Ads by Google