aws re:invent 2016: running, configuring, and securing windows workloads (arc405)
TRANSCRIPT
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Julien Lépine, Solutions Architect, AWS
Brian Lewis, Partner Solutions Architect, AWS
December 1, 2016
Running, Configuring and
Securing Windows Workloads
ARC405
Agenda of this session
BUILDING THE
FOUNDATIONS
ENSURING REPEATABLE
DEPLOYMENTS
ENABLING EFFICIENT
OPERATIONS
Platform identity
corporate data
center
ADDC
ADFS
AWS IAM
Amazon
S3
AWS
CloudTrail
AWS
Config
Logging and monitoring platform
Core network infrastructure
Availability Zone
Availability Zone
Internet
gateway
NAT
gateway
NAT
gateway
VPN
connection
corporate data
center
Amazon
S3
Logging and monitoring platform
Public subnet
Public subnet Private Subnet
Private Subnet
flow logs
Amazon
CloudWatch Logs
Availability Zone
Windows identity
Availability Zone
Availability Zone
Internet
gateway
NAT
gateway
Active
Directory Tier
AWS Directory
Service
NAT
gateway
VPN
connection
corporate data
center
AWS IAM
ADFS
ADDC
Creating repeatable architectures
IMAGE AUTOMATION BOOTSTRAPPING CONTAINERS AUTOMATED
DEPLOYMENTS
AWS
CloudFormationAmazon ECS
PowerShell
Sample platform
Availability Zone
Availability Zone
Internet
gateway
NAT
gateway
NAT
gateway
VPN
connection
corporate data
center
ADDC
ADFS
AWS IAM
users
Active
Directory Tier
Database
TierWeb Tier
ELB
IIS
Server
IIS
Server
Amazon
RDSAWS Directory
Service
Administration at scale
REMOTE DESKTOP
ACCESS
REMOTE SCRIPTING
RDGW Amazon
WorkSpaces
CLOUD CONTROL
CENTER
PowerShell
AWS Tools for
Windows
PowerShell
Amazon EC2
Run Command
Keeping the platform up to date
IMAGE HYGIENE
PowerShell
DSC Desired state
MONITORINGCONFIGURATION
MANAGEMENT
Amazon
CloudWatchAMI Automation
PATCHING
Patch
management
Next steps
HANDS-ON LABS ARCHITECTURE
CENTER
TRAINING AND
CERTIFICATION
AWS TOOLS FOR
WINDOWS
POWERSHELL