Cloud Native in the US Federal Government

D9d7afe54eeb20e7443ad53b7286af99?s=47 Jez Humble
September 27, 2017

Cloud Native in the US Federal Government

Going cloud native in a highly regulated context presents challenges of its own. In this talk, Jez Humble will share with you the platform created by the cloud.gov team at 18F, and the benefits it brought to federal agencies seeking to use the cloud.

Video here: https://skillsmatter.com/skillscasts/10688-looking-forward-to-jez-humble-talk

D9d7afe54eeb20e7443ad53b7286af99?s=128

Jez Humble

September 27, 2017
Tweet

Transcript

  1. 2.
  2. 4.
  3. 8.

    Records Management Records Schedule Privacy Act Paperwork Reduction Act Section

    508 and Accessibility Standards Federal Acquisition Regulation Anti-deficiency Act Economy Act E-Government Act Computer Matching Act National Cyber Protection System Guidance for Agency Use of Third-Party Websites and Applications Social Media and Web-Based Interactive Technologies Office of Management Budget Circular A-130 Appendix 3 Federal Information Security and Management Act Federal Information Processing Standard (FIPS) 199 Federal Information Processing Standard (FIPS) 200 Federal Information Processing Standard (FIPS) 140-2 Special Publication 800-37 Special Publication 800-53 Revision 4 Special Publication 800-60 Volume 1 Special Publication 800-60 Volume 2
  4. 9.

    Special Publication 800-18 Special Publication 800-137 Special Publication 800-171 Special

    Publication 800-133 Special Publication 800-95 EINSTEIN Compliance FedRAMP OMB Guidance on third party websites and applications OMB Memo M-14-04 OMB Memo M-15-01 Trusted Internet Connection 2.o Reference Architecture Pages in total: 4006
  5. 10.

    My friend, you can clearly see the intention of FIPS

    140-2 Annex A was to deprecate SHA-1 on the lunar new year...
  6. 15.
  7. 18.
  8. 20.
  9. 21.
  10. 23.
  11. 24.
  12. 25.
  13. 27.

    push-button deployments teams can deploy into a production-like environment from

    day 1 architectural paradigm designed for distributed systems templates for all your compliance documentation most of the controls taken care of at the platform level what this gets you
  14. 32.

    IaaS “one account to rule them all” trade-offs • Hard

    to deal with multi-tenancy & provide a real cloud • Significantly higher ongoing maintenance costs • Hard to manage sprawl • One-size-fits-all platform solution
  15. 33.

    IaaS multiple accounts trade-offs • Can give teams direct control

    over each account • Potentially need to instantiate shared services in each account • Still some issues with multi-tenancy
  16. 34.

    PaaS trade-offs • You only need to ATO once •

    RBAC built-in - deals with multi-tenancy • Good practices baked in • Lower maintenance & operational costs • One-size-fits-all solution
  17. 35.

    use native cloud primitives everything must be self-service design your

    platform for multi-tenancy everything must be reproducible from version control principles for building a paas
  18. 37.

    use native cloud primitives everything must be self-service design your

    platform for multi-tenancy take care of compliance at the platform layer everything must be reproducible from version control principles for building a paas
  19. 40.

    thank you! © 2016-7 DevOps Research and Assessment LLC https://devops-research.com/

    To receive the following: • 30% off my new video course: creating high performance organizations • 50% off my CD video training, interviews with Eric Ries, and more • A copy of this presentation • A 100 page excerpt from Lean Enterprise • An excerpt from The DevOps Handbook • A 20m preview of my Continuous Delivery video workshop Just pick up your phone and send an email To: jezhumble@sendyourslides.com Subject: devops