This document provides an overview and introduction to using Windows workloads on Amazon EC2. It discusses AWS regions and availability zones, reference architectures including for SQL Server and Active Directory, developing on AWS for Windows using tools like AWS Toolkit for Visual Studio, licensing options like Dedicated Hosts that allow using existing Microsoft licenses, and demoing PowerShell for importing VMs. Technical resources are provided including quickstarts, whitepapers, videos and the upcoming re:Invent conference for the Windows track.

1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scott Zimmerman, Solutions Architect
August 11, 2016
Getting Started with Windows
Workloads on Amazon EC2

2. What will we cover today?
• Overview: AWS for Windows
• Reference architectures
• Developing on AWS for Windows
• Licensing and Dedicated Hosts
• Demo: PowerShell
• Technical resources
This is a Level 200
session. Assumes some
knowledge of AWS and
Microsoft technologies.

3. Overview: AWS for Windows

4. Regions & Availability Zones
AZ
AZ
AZ AZ AZ
Transit
Transit
13 Regions (2016: Ohio, India, UK, Canada)
35 Availability Zones
56 Edge Locations

5. Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer content
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Customers
Security: AWS Shared Responsibility Model
Customers are
responsible for
their security and
compliance IN
the Cloud
AWS is
responsible for
the security OF
the Cloud
AWS CloudTrail
AWS CloudHSM
AWS IAM
AWS KMS
AWS Config
Amazon Inspector

6. AWS for Windows
Microsoft workloads fully supported on AWS since 2008.
Dedicated team for Microsoft workloads provides:
• Amazon Machine Images, EC2Config service, drivers,
patching
• Getting Started guides, documentation
• Whitepapers, reference architectures, qwikLABS
• Microsoft FAQ, including licensing guidance
Our customers have successfully deployed every Microsoft
server application available.
Contact the team at:
microsoft@amazon.com
Find resources at:
http://aws.amazon.com/windows

7. Reference architectures

8. AWS Quick Starts
• Reference architectures for
high availability
• Extensive documentation
• Based on customer
deployments & AWS best
practices
• Fully functional with DevOps
• Included:
• SQL Server with WSFC
• SharePoint, Lync, Exchange
• Windows PowerShell DSC, RD Gateway
• Active Directory, ADFS, DirectAccess
http://aws.amazon.com/quickstart

9. AWS Directory Service
Simple AD
 Managed directory service powered by Samba
 User accounts, group memberships, domain-joining Amazon EC2
instances, and more
Microsoft AD
 Managed service powered by Microsoft Active Directory
 Supports trusts and integrates with Amazon RDS for SQL Server
 Up to 50,000 users
AD Connector
 Proxies directory requests to an on-premises environment
 Users can access AWS resources and applications with existing
corporate credentials

10. Active Directory
Common options:
• Host a resource domain in AWS
• Establish trust with an on-premises directory for SSO
• Extend AD into AWS
Specify your DNS servers to use in your VPC.

11. Corporate apps in AWS
Deploy highly available applications
BYOL or pay per use
Security in layers approach helps with
compliance
Leverage Multi-AZ architectures for
reliability & availability

12. Information Security
Corporate Applications End User ComputingBusiness Applications
Amazon EC2 for Windows
Server, Amazon RDS,
AWS CloudFormation,
Amazon CloudFront
Amazon EC2 for
Windows Server, AWS
Directory Service,
Amazon RDS,
AWS Marketplace
Amazon WorkSpaces,
Amazon AppStream,
AWS Marketplace,
AWS Mobile Services, SaaS
AWS Identity and Access Management (IAM),
AWS CloudHSM, AWS KMS,
security groups, AWS Marketplace
Amazon EC2, Amazon S3, Amazon RDS,
Amazon VPC, AWS Direct Connect,
AWS Directory Service, AWS IAM,
AWS Service Catalog
Infrastructure
AWS service offerings for Windows workloads
AWS Elastic Beanstalk,
AWS CodeDeploy,
AWS CloudFormation
DevOps

13. SQL Server on AWS
Amazon EC2 (full control), or
Amazon RDS (fully managed)
Enterprise-grade security
99.95% availability
Flexible and scalable

14. ■ Convenient Multi-AZ option for high-
availability
■ Native backup/restore for export/import
■ Automated backup
■ Point-in-time recovery
■ AD integrated
■ Automated patching
Amazon RDS for SQL Server
Amazon RDS

15. SQL Server High Availability (HA) on EC2
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica
Synchronous-commit Synchronous-commit
Primary: 10.0.2.100
WSFC: 10.0.2.101
AG Listener: 10.0.2.102
Primary: 10.0.3.100
WSFC: 10.0.3.101
AG Listener: 10.0.3.102
AG Listener:
ag.awslabs.net
Automatic Failover

16. SQL Server HA with Read Replica on EC2
Availability Zone 1
Private Subnet
Primary
Replica
Availability Zone 2
Private Subnet
Secondary
Replica 1
Synchronous-commit Synchronous-commit
AG Listener:
ag.awslabs.net
Automatic Failover
Asynchronous-commit
Secondary
Replica 2
(Readable)
Reporting
Application
File Server
Witness

17. Availability Zone
Private SubnetPublic Subnet
Availability Zone
Private SubnetPublic Subnet
Remote
Users
Sample
Microsoft
architecture
Virtual Private
Gateway
Corporate
Office
IIS
App
IIS
Web
IIS
App
IIS
Web
VPN
Direct
Connect
Internet
Gateway
RDGW
NAT
Gateway
RDGW
NAT
Gateway
Directory
Service
Directory
Service
MS
SQL
MS
SQL
Always On
Availability
Group
VPC Endpoint Amazon S3

18. Exchange
Server

19. Developing on AWS for Windows

20. Comprehensive and powerful tools
MonitoringConfiguration
Amazon CloudWatch AWS CloudTrailAWS Config
Amazon EC2
Run Command
AWS Tools for
Windows PowerShell
Develop and Deploy
AWS
OpsWorks
AWS Toolkit for
Visual Studio
.NET SDK AWS CodeDeploy
AWS
CloudFormation
AWS Elastic
Beanstalk

21. AWS SDK and tools for .NET architectureEXECUTION
PLATFORM
AWSSDK
LOW-
LEVEL
SERVICE
APIS
AWS
TOOLS
HIGHER-
LEVEL
UTILITY
APIS
.NET 3.5 .NET 4.5 PHONE STORE
SERVICE CLIENTS
AMAZON S3
TRANSFER UTILITY
AMAZON
DYNAMODB OBJECT
PERSISTENCE
VM IMPORT RESOURCE API
AWS TOOLS FOR
WINDOWS
POWERSHELL
AWS TOOLKIT FOR
VISUAL STUDIO
ASP.NET SESSION
PROVIDER
TRACE LISTENER
…
AWS ENDPOINTS: REST API

22. AWS Toolkit for Visual Studio
Full integration in Visual Studio

23. AWS Cloud Adoption Framework
Planning, creation, management,
and support for your cloud
environment.
Guidance for establishing,
developing, and running AWS
environments.
Structure where business and IT can
work together toward a common
strategy and vision.
People
Perspective
Process
Perspective
Security
Perspective
Maturity
Perspective
Platform
Perspective
Operations
Perspective
Business
Perspective
AWS Cloud Adoption Framework: https://d0.awsstatic.com/whitepapers/aws_cloud_adoption_framework.pdf

24. Migration options
• AWS VM Import/Export
• AWS Import/Export
Snowball
• AWS Database Migration
Tool
• AWS Management Portal
for vCenter
• AWS Systems Manager for
Microsoft System Center
VMM
• AWS Data Pipeline
Partner Tools

25. Windows Server 2003 migration options on AWS
• Import and stay with Windows Server 2003
• Import and upgrade in-place to a modern OS
• Rewrite the application
• Replace with AWS managed services
• Keep a replica of a legacy environment

26. EC2 Run Command
New: supports hybrid and cross-cloud management
Automate common tasks: automate common administrative tasks at scale
Delegated administration: IAM integration for full control of users and level of
access
Auditable: visibility and tracking of configuration changes with AWS CloudTrail
Customizable: create custom actions to automate common tasks

27. Licensing and Dedicated Hosts

28. Licensing continuum
AWS Provided AWS + BYOL Full BYOL
• Use Dedicated Hosts
• Import and use your own
MS software
• Software Assurance &
License Mobility not needed
• You manage all licensing
costs and compliance
• EC2 manages Windows Server
licensing and compliance
• PAYG or reserved pricing
• Reuse your own MS licenses &
CALs
• Requires Software Assurance &
License Mobility
• You manage licensing costs and
compliance for your software
• EC2 manages licensing
compliance & cost
• No CALs required
• PAYG or reserved pricing
• Save with right-sizing
• Save with variable workloads
• Save with efficiencies
Customers always retain responsibility for managing compliance with the terms of their licenses.

29. EC2 Dedicated Host
• A physical EC2 server dedicated to your use
• Specified in terms of physical processors and
cores
• Allocate and Release On-Demand
• Reserve capacity for a term

30. EC2 Dedicated Hosts
Benefits: licensing and compliance
Sockets = 2
Physical Cores = 20
• Use per-socket or per-core licenses
• AWS Config: data source for license reporting
• Tagging your instances helps
• Enable compliance through controlling instance
placement on hosts over time
• Enables BYOL Microsoft licenses without
Software Assurance

31. Demo: Use PowerShell to Import
VMware, BYOL, and launch a
Dedicated Host

32. Technical resources

33. AWS for Windows technical resources
• 30 qwikLABS
• 23 whitepapers and Quick Starts
• Videos on YouTube
https://aws.amazon.com/windows/resources/

34. AWS for Windows Learning Quests
https://aws.amazon.com/windows/resources/training/

35. AWS re:Invent is coming!
Attend the Windows track at re:Invent
• Breakout sessions
• Demos & hands-on labs
• Customer examples & best practices
Register now at:
 https://reinvent.awsevents.com/

36. Next steps
Learn more at
http://aws.amazon.com/windows/
Sign up for free at
http://aws.amazon.com/windows/getting-started/
Contact the Microsoft at AWS team: microsoft@amazon.com

37. Remember to complete
your evaluations!

38. Thank you!