SlideShare una empresa de Scribd logo

Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020

Descargar como PPTX, PDF
Mitoc Group
Mitoc Group

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Best practices include collaborative approach to infrastructure provisioning, use of version control systems and prevent manual changes, as well as efficient management of boundaries between different teams, roles, applications and deployment tiers. In this session we will walk you through our journey of helping customers set up AWS Landing Zone -- a secure, multi-account AWS environment based on AWS best practices. We will focus on lessons learned and best practices that goes above and beyond official documentation.

Tecnología
1 de 37
Hands-On Terraform Module for AWS Landing Zone registry.terraform.io/modules/MitocGroup/landing-zone
2018: AWS Landing Zone Secure Multi-Accounts Strategy AWS Landing Zone is a solution that helps customers more quickly set up a secure, multi-account AWS environment based on AWS best practices. https://aws.amazon.com/solutions/aws-landing-zone
AWS Landing Zone  AWS Control Tower
2019: AWS Control Tower “AWS Landing Zone” as a Service AWS Control Tower provides the easiest way to set up and govern a new, secure, multi-account AWS environment based on best practices established through AWS’ experience working with thousands of enterprises as they move to the cloud. https://aws.amazon.com/controltower
AWS Landing Zone  AWS Control Tower
Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. Customers Feedback (1/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
Customers Feedback (2/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. Customers Feedback (3/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
About Presenter Eugene ISTRATI @eistrati ▪ CTO, Tech Partner @ Mitoc Group ▪ Ex-AWS, ex-Hearst, ex-GrubHub ▪ Certified AWS Solutions Architect ▪ 20 Years in IT; 10 Years in Cloud Computing; 5 Years in Enterprise IT ▪ Focusing on: Automation, DevOps, Serverless
Terraform Module for AWS Landing Zone https://registry.terraform.io/modules/MitocGroup/landing-zone
1. ALZ Module’s Providers 2. ALZ Module’s Components 3. ALZ Module’s TFVARs 4. ALZ Module’s Terraform Backend 5. Light Demo: ALZ Module in Action
https://registry.terraform.io/modules/MitocGroup/landing-zone
https://registry.terraform.io/modules/MitocGroup/landing-zone
▪ Publicly available on TF Registry: https://registry.terraform.io CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (1/3)
▪ Publicly available on TF Registry: https://registry.terraform.io ▪ Expected input: list of providers and components CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (2/3)
▪ Publicly available on TF Registry: https://registry.terraform.io ▪ Expected input: list of providers and components ▪ Optional input: terraform backend CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (3/3)
ALZ Module’s Providers 1 Module’s Provider === 1 AWS Account + Region
▪ Required: default provider CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (1/5)
▪ Required: default provider – AWS account’s ID – Account’s default region CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (2/5)
▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (3/5)
▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider – AWS account’s ID – Account’s default region CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (4/5)
▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider – AWS account’s ID – Account’s default region ▪ Provider’s key name is used as prefix in landing zone variables CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (5/5)
ALZ Module’s Components Microservices Architecture + Immutable TF Configurations
▪ Immutable LZ components – shifted focus from TF to TFVAR CODE EDITOR landing_zone_components = { landing_zone_vpc = ”default.tfvars" landing_zone_subnet = ”default.tfvars” […] } Landing Zone Module’s Components (1/3)
▪ Immutable LZ components – shifted focus from TF to TFVAR ▪ Can be local or remote (on S3) CODE EDITOR landing_zone_components = { landing_zone_vpc = "s3://terraform-aws-landing- zone/components/landing_zone_vpc/default.tfvars" landing_zone_subnet = "default.tfvars” […] } Landing Zone Module’s Components (2/3)
▪ Immutable LZ components – shifted focus from TF to TFVAR ▪ Can be local or remote (on S3) ▪ Can be 1 TFVAR or multiple CODE EDITOR landing_zone_components = { landing_zone_vpc = "s3://terraform-aws-landing- zone/components/landing_zone_vpc/default.tfvars" landing_zone_subnet = "s3://terraform-aws-landing- zone/components/landing_zone_subnet/*.tfvars” […] } Landing Zone Module’s Components (3/3)
ALZ Module’s TFVARs
▪ List providers supported by current component CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (1/5)
▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (2/5)
▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (3/5)
▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` ▪ Define each resource as iteratable config: `config_0`, `config_1`, etc CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (4/5)
▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` ▪ Define each resource as iteratable config: `config_0`, `config_1`, etc ▪ Define resource specific key value pairs CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (5/5)
ALZ Module’s Terraform Backend (optional)
CODE EDITOR terraform_backend = { backend = "local" path = "/tmp/.terrahub/landing_zone" } Landing Zone Module’s Backend (1/2) CODE EDITOR terraform_backend = { backend = "s3" region = "us-east-1" bucket = "terraform-aws-landing-zone" key = "components" }
CODE EDITOR terraform_backend = { backend = "local" path = "/tmp/.terrahub/landing_zone" } Landing Zone Module’s Backend (2/2) CODE EDITOR terraform_backend = { backend = "s3" region = "us-east-1" bucket = "terraform-aws-landing-zone" key = "components" }
Light Demo: ALZ Module in Action
Calling Out Contributors: Thank You! https://registry.terraform.io/modules/MitocGroup/landing-zone eistrati euliancom vcalmic You &

Recomendados

Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysMitchell Pronschinske
 
Commodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudCommodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudMarko Bevc
 
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020Mitoc Group
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and ConsulMitchell Pronschinske
 
Rover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerRover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerSujay Pillai
 
Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMitchell Pronschinske
 
Smart networking with service meshes
Smart networking with service meshes Smart networking with service meshes
Smart networking with service meshes Mitchell Pronschinske
 
Extending HashiCorp Nomad with Plugins
Extending HashiCorp Nomad with PluginsExtending HashiCorp Nomad with Plugins
Extending HashiCorp Nomad with PluginsMitchell Pronschinske
 

Recomendados

Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysMitchell Pronschinske
 
Commodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudCommodified IaC using Terraform Cloud
Commodified IaC using Terraform CloudMarko Bevc
 
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020
Hands-on with the Terraform Module for AWS Landing Zone Indy Cloud Conf 2020Mitoc Group
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and ConsulMitchell Pronschinske
 
Rover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerRover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerSujay Pillai
 
Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMitchell Pronschinske
 
Smart networking with service meshes
Smart networking with service meshes Smart networking with service meshes
Smart networking with service meshes Mitchell Pronschinske
 
Extending HashiCorp Nomad with Plugins
Extending HashiCorp Nomad with PluginsExtending HashiCorp Nomad with Plugins
Extending HashiCorp Nomad with PluginsMitchell Pronschinske
 
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...Amazon Web Services
 
Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...Lucas Jellema
 
Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10Mitchell Pronschinske
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
Running Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudRunning Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudAmazon Web Services
 
Impact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology expertsImpact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology expertsAndreas Chatziantoniou
 
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...Amazon Web Services
 
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaSAWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaSRightScale
 
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivDevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivAmazon Web Services
 
Our Journey to Infrastructure as Code
Our Journey to Infrastructure as CodeOur Journey to Infrastructure as Code
Our Journey to Infrastructure as CodePaula Thrasher
 
Understanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octUnderstanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octNew Horizons Ireland
 
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...Amazon Web Services
 
Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7Malleswar Reddy
 
Hybrid cloud sample architectures
Hybrid cloud sample architecturesHybrid cloud sample architectures
Hybrid cloud sample architecturesJarek Sokolnicki
 
How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...Steffen Mazanek
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...Amazon Web Services
 
Deploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowDeploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowMatt Small
 
Informix into the future13 july2017
Informix into the future13 july2017Informix into the future13 july2017
Informix into the future13 july2017Shawn Moe
 
AWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney HaywoodAWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney HaywoodAmazon Web Services
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesAmazon Web Services
 
Best-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWSBest-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWSAmazon Web Services
 
AWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster RecoveryAWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster RecoveryAmazon Web Services
 

Más contenido relacionado

La actualidad más candente

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...Amazon Web Services
 
Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...Lucas Jellema
 
Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10Mitchell Pronschinske
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
Running Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudRunning Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudAmazon Web Services
 
Impact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology expertsImpact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology expertsAndreas Chatziantoniou
 
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...Amazon Web Services
 
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaSAWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaSRightScale
 
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivDevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivAmazon Web Services
 
Our Journey to Infrastructure as Code
Our Journey to Infrastructure as CodeOur Journey to Infrastructure as Code
Our Journey to Infrastructure as CodePaula Thrasher
 
Understanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octUnderstanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octNew Horizons Ireland
 
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...Amazon Web Services
 
Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7Malleswar Reddy
 
Hybrid cloud sample architectures
Hybrid cloud sample architecturesHybrid cloud sample architectures
Hybrid cloud sample architecturesJarek Sokolnicki
 
How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...Steffen Mazanek
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...Amazon Web Services
 
Deploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowDeploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowMatt Small
 
Informix into the future13 july2017
Informix into the future13 july2017Informix into the future13 july2017
Informix into the future13 july2017Shawn Moe
 
AWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney HaywoodAWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney HaywoodAmazon Web Services
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesAmazon Web Services
 

La actualidad más candente (20)

AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
AWS re:Invent 2016: Service Integration Delivery and Automation Using Amazon ...
 
Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...Cloud Native Application Development-build fast, low TCO, scalable & agile so...
Cloud Native Application Development-build fast, low TCO, scalable & agile so...
 
Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10Service Mesh With Consul Connect and Nomad 0.10
Service Mesh With Consul Connect and Nomad 0.10
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
Running Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudRunning Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS Cloud
 
Impact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology expertsImpact of cloud services on the work of oracle technology experts
Impact of cloud services on the work of oracle technology experts
 
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
A Well Architected SaaS - A Holistic Look at Cloud Architecture - Pop-up Loft...
 
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaSAWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
AWS vs. Azure vs. Google vs. SoftLayer: Network, Storage and DBaaS
 
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivDevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
 
Our Journey to Infrastructure as Code
Our Journey to Infrastructure as CodeOur Journey to Infrastructure as Code
Our Journey to Infrastructure as Code
 
Understanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octUnderstanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 oct
 
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
(ENT201) New Generation Hybrid Architectures with Suncorp, NetApp, and AWS | ...
 
Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7Azure realtime-interview questions - part 7
Azure realtime-interview questions - part 7
 
Hybrid cloud sample architectures
Hybrid cloud sample architecturesHybrid cloud sample architectures
Hybrid cloud sample architectures
 
How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
 
Deploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowDeploying in the Cloud: Why and How
Deploying in the Cloud: Why and How
 
Informix into the future13 july2017
Informix into the future13 july2017Informix into the future13 july2017
Informix into the future13 july2017
 
AWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney HaywoodAWS Innovation at Scale – Rodney Haywood
AWS Innovation at Scale – Rodney Haywood
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-Practices
 

Similar a Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020

Best-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWSBest-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWSAmazon Web Services
 
AWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster RecoveryAWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster RecoveryAmazon Web Services
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosWSO2
 
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdf
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdfAWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdf
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdfsairamnagarajan5
 
Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)IRJET Journal
 
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWS
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWSAWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWS
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWSAmazon Web Services
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
 
Kks sre book_ch10
Kks sre book_ch10Kks sre book_ch10
Kks sre book_ch10Chris Huang
 
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Amazon Web Services
 
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptx
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptxAWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptx
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptxsagar565136
 
Aws big picture_overview
Aws big picture_overviewAws big picture_overview
Aws big picture_overviewAjay Bidari
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019D.Rajesh Kumar
 
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...Jump-start your application migration to AWS with CloudEndure - STG305 - New ...
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...Amazon Web Services
 
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013Amazon Web Services
 
WSO2 Dep Sync for Artifact Synchronization of Cluster Nodes
WSO2 Dep Sync for Artifact Synchronization of Cluster NodesWSO2 Dep Sync for Artifact Synchronization of Cluster Nodes
WSO2 Dep Sync for Artifact Synchronization of Cluster NodesWSO2
 
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...Kasun Gajasinghe
 
WSO2 Stratos 2 - Your all in one Cloud Platform
WSO2 Stratos 2 - Your all in one Cloud PlatformWSO2 Stratos 2 - Your all in one Cloud Platform
WSO2 Stratos 2 - Your all in one Cloud PlatformWSO2
 
Migrating Enterprise Applications to AWS
Migrating Enterprise Applications to AWSMigrating Enterprise Applications to AWS
Migrating Enterprise Applications to AWSTom Laszewski
 

Similar a Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020 (20)

Best-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWSBest-Practices-for-Running-Windows-Workloads-on-AWS
Best-Practices-for-Running-Windows-Workloads-on-AWS
 
AWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster RecoveryAWS Office Hours: Disaster Recovery
AWS Office Hours: Disaster Recovery
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 Stratos
 
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdf
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdfAWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdf
AWS_Certified_Solutions_Architect_Associate_SAA-C03_Slides_Tutorials_Dojo.pdf
 
Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)
 
Azure diario de abordo
Azure diario de abordoAzure diario de abordo
Azure diario de abordo
 
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWS
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWSAWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWS
AWS Summit Stockholm 2014 – B2 – Migrating enterprise applications to AWS
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
 
Kks sre book_ch10
Kks sre book_ch10Kks sre book_ch10
Kks sre book_ch10
 
AWS-services.pdf
AWS-services.pdfAWS-services.pdf
AWS-services.pdf
 
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
 
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptx
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptxAWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptx
AWS-LZA-CommunityDay_Aotearoa_ppt_v1.pptx
 
Aws big picture_overview
Aws big picture_overviewAws big picture_overview
Aws big picture_overview
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...Jump-start your application migration to AWS with CloudEndure - STG305 - New ...
Jump-start your application migration to AWS with CloudEndure - STG305 - New ...
 
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013
Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013
 
WSO2 Dep Sync for Artifact Synchronization of Cluster Nodes
WSO2 Dep Sync for Artifact Synchronization of Cluster NodesWSO2 Dep Sync for Artifact Synchronization of Cluster Nodes
WSO2 Dep Sync for Artifact Synchronization of Cluster Nodes
 
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...
[WSO2] Deployment Synchronizer for Deployment Artifact Synchronization Betwee...
 
WSO2 Stratos 2 - Your all in one Cloud Platform
WSO2 Stratos 2 - Your all in one Cloud PlatformWSO2 Stratos 2 - Your all in one Cloud Platform
WSO2 Stratos 2 - Your all in one Cloud Platform
 
Migrating Enterprise Applications to AWS
Migrating Enterprise Applications to AWSMigrating Enterprise Applications to AWS
Migrating Enterprise Applications to AWS
 

Más de Mitoc Group

Terraform for Serverless - Best Practices
Terraform for Serverless - Best PracticesTerraform for Serverless - Best Practices
Terraform for Serverless - Best PracticesMitoc Group
 
The Ultimate Publisher's Need-to-Know Guide to Ad Blockers
The Ultimate Publisher's Need-to-Know Guide to Ad BlockersThe Ultimate Publisher's Need-to-Know Guide to Ad Blockers
The Ultimate Publisher's Need-to-Know Guide to Ad BlockersMitoc Group
 
How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment Mitoc Group
 
How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment Mitoc Group
 
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...Serverless Microservices - Real life story of a Web App that uses AngularJS, ...
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...Mitoc Group
 
Building Scalable Web Applications using Microservices Architecture and Serve...
Building Scalable Web Applications using Microservices Architecture and Serve...Building Scalable Web Applications using Microservices Architecture and Serve...
Building Scalable Web Applications using Microservices Architecture and Serve...Mitoc Group
 
Building Scalable Web Applications using Microservices Architecture and NodeJ...
Building Scalable Web Applications using Microservices Architecture and NodeJ...Building Scalable Web Applications using Microservices Architecture and NodeJ...
Building Scalable Web Applications using Microservices Architecture and NodeJ...Mitoc Group
 
Serverless Microservices - Real life story of a Web App that uses AWS Lambda
Serverless Microservices - Real life story of a Web App that uses AWS LambdaServerless Microservices - Real life story of a Web App that uses AWS Lambda
Serverless Microservices - Real life story of a Web App that uses AWS LambdaMitoc Group
 
Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Mitoc Group
 
Microservices Architecture for Web Applications using Serverless Computing wi...
Microservices Architecture for Web Applications using Serverless Computing wi...Microservices Architecture for Web Applications using Serverless Computing wi...
Microservices Architecture for Web Applications using Serverless Computing wi...Mitoc Group
 
Microservices Architecture for Web Applications using AWS Lambda and more
Microservices Architecture for Web Applications using AWS Lambda and moreMicroservices Architecture for Web Applications using AWS Lambda and more
Microservices Architecture for Web Applications using AWS Lambda and moreMitoc Group
 
Microservices Architecture for Web Applications using Amazon AWS Cloud
Microservices Architecture for Web Applications using Amazon AWS CloudMicroservices Architecture for Web Applications using Amazon AWS Cloud
Microservices Architecture for Web Applications using Amazon AWS CloudMitoc Group
 
Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Mitoc Group
 
Microservices Architecture for Digital Platforms using Serverless AWS
Microservices Architecture for Digital Platforms using Serverless AWSMicroservices Architecture for Digital Platforms using Serverless AWS
Microservices Architecture for Digital Platforms using Serverless AWSMitoc Group
 
Microservices Architecture for MEAN Applications using Serverless AWS
Microservices Architecture for MEAN Applications using Serverless AWSMicroservices Architecture for MEAN Applications using Serverless AWS
Microservices Architecture for MEAN Applications using Serverless AWSMitoc Group
 
Build Web Applications using Microservices on Node.js and Serverless AWS
Build Web Applications using Microservices on Node.js and Serverless AWSBuild Web Applications using Microservices on Node.js and Serverless AWS
Build Web Applications using Microservices on Node.js and Serverless AWSMitoc Group
 
ARC201 Microservices Architecture @ AWS re:Invent 2015
ARC201 Microservices Architecture @ AWS re:Invent 2015ARC201 Microservices Architecture @ AWS re:Invent 2015
ARC201 Microservices Architecture @ AWS re:Invent 2015Mitoc Group
 

Más de Mitoc Group (17)

Terraform for Serverless - Best Practices
Terraform for Serverless - Best PracticesTerraform for Serverless - Best Practices
Terraform for Serverless - Best Practices
 
The Ultimate Publisher's Need-to-Know Guide to Ad Blockers
The Ultimate Publisher's Need-to-Know Guide to Ad BlockersThe Ultimate Publisher's Need-to-Know Guide to Ad Blockers
The Ultimate Publisher's Need-to-Know Guide to Ad Blockers
 
How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment
 
How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment How Serverless Computing Enables Microservices and Micropayment
How Serverless Computing Enables Microservices and Micropayment
 
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...Serverless Microservices - Real life story of a Web App that uses AngularJS, ...
Serverless Microservices - Real life story of a Web App that uses AngularJS, ...
 
Building Scalable Web Applications using Microservices Architecture and Serve...
Building Scalable Web Applications using Microservices Architecture and Serve...Building Scalable Web Applications using Microservices Architecture and Serve...
Building Scalable Web Applications using Microservices Architecture and Serve...
 
Building Scalable Web Applications using Microservices Architecture and NodeJ...
Building Scalable Web Applications using Microservices Architecture and NodeJ...Building Scalable Web Applications using Microservices Architecture and NodeJ...
Building Scalable Web Applications using Microservices Architecture and NodeJ...
 
Serverless Microservices - Real life story of a Web App that uses AWS Lambda
Serverless Microservices - Real life story of a Web App that uses AWS LambdaServerless Microservices - Real life story of a Web App that uses AWS Lambda
Serverless Microservices - Real life story of a Web App that uses AWS Lambda
 
Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...
 
Microservices Architecture for Web Applications using Serverless Computing wi...
Microservices Architecture for Web Applications using Serverless Computing wi...Microservices Architecture for Web Applications using Serverless Computing wi...
Microservices Architecture for Web Applications using Serverless Computing wi...
 
Microservices Architecture for Web Applications using AWS Lambda and more
Microservices Architecture for Web Applications using AWS Lambda and moreMicroservices Architecture for Web Applications using AWS Lambda and more
Microservices Architecture for Web Applications using AWS Lambda and more
 
Microservices Architecture for Web Applications using Amazon AWS Cloud
Microservices Architecture for Web Applications using Amazon AWS CloudMicroservices Architecture for Web Applications using Amazon AWS Cloud
Microservices Architecture for Web Applications using Amazon AWS Cloud
 
Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...Microservices Architecture for Content Management Systems using AWS Lambda an...
Microservices Architecture for Content Management Systems using AWS Lambda an...
 
Microservices Architecture for Digital Platforms using Serverless AWS
Microservices Architecture for Digital Platforms using Serverless AWSMicroservices Architecture for Digital Platforms using Serverless AWS
Microservices Architecture for Digital Platforms using Serverless AWS
 
Microservices Architecture for MEAN Applications using Serverless AWS
Microservices Architecture for MEAN Applications using Serverless AWSMicroservices Architecture for MEAN Applications using Serverless AWS
Microservices Architecture for MEAN Applications using Serverless AWS
 
Build Web Applications using Microservices on Node.js and Serverless AWS
Build Web Applications using Microservices on Node.js and Serverless AWSBuild Web Applications using Microservices on Node.js and Serverless AWS
Build Web Applications using Microservices on Node.js and Serverless AWS
 
ARC201 Microservices Architecture @ AWS re:Invent 2015
ARC201 Microservices Architecture @ AWS re:Invent 2015ARC201 Microservices Architecture @ AWS re:Invent 2015
ARC201 Microservices Architecture @ AWS re:Invent 2015
 

Último

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 

Último (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 

Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020

  • 1. Hands-On Terraform Module for AWS Landing Zone registry.terraform.io/modules/MitocGroup/landing-zone
  • 2. 2018: AWS Landing Zone Secure Multi-Accounts Strategy AWS Landing Zone is a solution that helps customers more quickly set up a secure, multi-account AWS environment based on AWS best practices. https://aws.amazon.com/solutions/aws-landing-zone
  • 3. AWS Landing Zone  AWS Control Tower
  • 4. 2019: AWS Control Tower “AWS Landing Zone” as a Service AWS Control Tower provides the easiest way to set up and govern a new, secure, multi-account AWS environment based on best practices established through AWS’ experience working with thousands of enterprises as they move to the cloud. https://aws.amazon.com/controltower
  • 5. AWS Landing Zone  AWS Control Tower
  • 6. Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. Customers Feedback (1/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
  • 7. Customers Feedback (2/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
  • 8. Existing Resources Although CloudFormation added recently the ability to import existing resources, current ALZ implementation still doesn’t support an easy and flexible process to reuse existing AWS environments. Customers Feedback (3/3) Below are 3 key issues identified by enterprise customers working hands-on with our professional services organization. AWS Single Sign-On Although AWS SSO is an amazing service, most of our customers would not replace their existing SSO solutions. Current ALZ implementation doesn’t allow switching it with something like Azure AD, Okta or PingIdentity. CloudFormation Enterprise customers who are already using Terraform as their default infrastructure-as- code solution often avoid CloudFormation based implementations, justifying as out of scope.
  • 9. About Presenter Eugene ISTRATI @eistrati ▪ CTO, Tech Partner @ Mitoc Group ▪ Ex-AWS, ex-Hearst, ex-GrubHub ▪ Certified AWS Solutions Architect ▪ 20 Years in IT; 10 Years in Cloud Computing; 5 Years in Enterprise IT ▪ Focusing on: Automation, DevOps, Serverless
  • 10. Terraform Module for AWS Landing Zone https://registry.terraform.io/modules/MitocGroup/landing-zone
  • 11. 1. ALZ Module’s Providers 2. ALZ Module’s Components 3. ALZ Module’s TFVARs 4. ALZ Module’s Terraform Backend 5. Light Demo: ALZ Module in Action
  • 14. ▪ Publicly available on TF Registry: https://registry.terraform.io CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (1/3)
  • 15. ▪ Publicly available on TF Registry: https://registry.terraform.io ▪ Expected input: list of providers and components CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (2/3)
  • 16. ▪ Publicly available on TF Registry: https://registry.terraform.io ▪ Expected input: list of providers and components ▪ Optional input: terraform backend CODE EDITOR module "landing_zone" { source = "MitocGroup/landing-zone/aws" version = "0.2.4" landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components terraform_backend = var.terraform_backend } Landing Zone Module’s Anatomy (3/3)
  • 17. ALZ Module’s Providers 1 Module’s Provider === 1 AWS Account + Region
  • 18. ▪ Required: default provider CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (1/5)
  • 19. ▪ Required: default provider – AWS account’s ID – Account’s default region CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (2/5)
  • 20. ▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (3/5)
  • 21. ▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider – AWS account’s ID – Account’s default region CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (4/5)
  • 22. ▪ Required: default provider – AWS account’s ID – Account’s default region ▪ Required: another provider – AWS account’s ID – Account’s default region ▪ Provider’s key name is used as prefix in landing zone variables CODE EDITOR landing_zone_providers = { default = { account_id = "123456789012" region = "us-east-1" }, security_account = { account_id = ”987654321098" region = "us-west-2" } [...] } Landing Zone Module’s Providers (5/5)
  • 23. ALZ Module’s Components Microservices Architecture + Immutable TF Configurations
  • 24. ▪ Immutable LZ components – shifted focus from TF to TFVAR CODE EDITOR landing_zone_components = { landing_zone_vpc = ”default.tfvars" landing_zone_subnet = ”default.tfvars” […] } Landing Zone Module’s Components (1/3)
  • 25. ▪ Immutable LZ components – shifted focus from TF to TFVAR ▪ Can be local or remote (on S3) CODE EDITOR landing_zone_components = { landing_zone_vpc = "s3://terraform-aws-landing- zone/components/landing_zone_vpc/default.tfvars" landing_zone_subnet = "default.tfvars” […] } Landing Zone Module’s Components (2/3)
  • 26. ▪ Immutable LZ components – shifted focus from TF to TFVAR ▪ Can be local or remote (on S3) ▪ Can be 1 TFVAR or multiple CODE EDITOR landing_zone_components = { landing_zone_vpc = "s3://terraform-aws-landing- zone/components/landing_zone_vpc/default.tfvars" landing_zone_subnet = "s3://terraform-aws-landing- zone/components/landing_zone_subnet/*.tfvars” […] } Landing Zone Module’s Components (3/3)
  • 28. ▪ List providers supported by current component CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (1/5)
  • 29. ▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (2/5)
  • 30. ▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (3/5)
  • 31. ▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` ▪ Define each resource as iteratable config: `config_0`, `config_1`, etc CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (4/5)
  • 32. ▪ List providers supported by current component ▪ Define provider’s values as `[provider_key_name]_provider` ▪ Define component’s values as `[component_key_name]_resource` ▪ Define each resource as iteratable config: `config_0`, `config_1`, etc ▪ Define resource specific key value pairs CODE EDITOR landing_zone_providers = ["default"] default_provider = { landing_zone_vpc_resource = { config_0 = { cidr_block = "172.16.0.0/16" instance_tenancy = "default" enable_dns_support = "true" enable_classiclink = "false" enable_dns_hostnames = "false" enable_classiclink_dns_support = "false" } } } Landing Zone Module’s TFVARs (5/5)
  • 34. CODE EDITOR terraform_backend = { backend = "local" path = "/tmp/.terrahub/landing_zone" } Landing Zone Module’s Backend (1/2) CODE EDITOR terraform_backend = { backend = "s3" region = "us-east-1" bucket = "terraform-aws-landing-zone" key = "components" }
  • 35. CODE EDITOR terraform_backend = { backend = "local" path = "/tmp/.terrahub/landing_zone" } Landing Zone Module’s Backend (2/2) CODE EDITOR terraform_backend = { backend = "s3" region = "us-east-1" bucket = "terraform-aws-landing-zone" key = "components" }
  • 37. Calling Out Contributors: Thank You! https://registry.terraform.io/modules/MitocGroup/landing-zone eistrati euliancom vcalmic You &