Slide 1

Slide 1 text

Japan's Government Cloud Initiative and the Work of the Ministry CCoE KUMAGAI Yukiko from BTC Corporation part of Capgemini 1

Slide 2

Slide 2 text

About Me • Support for establishing Cloud CoEs in public and healthcare sectors • Educational support for improving cloud literacy among my company’s employees • Infrastructure development for AWS and Azure • AWS Top Engineer (2021 - present) • AWS Ambassador (2022 - present) • AWS Community Builder (2023 – present) • Mother of a one-year-old son 2

Slide 3

Slide 3 text

What is Japan's Government Cloud? IT infrastructure for cloud services that can be commonly used by Japanese central ministries and agencies and local governments. 3 CSPs used in the Government Cloud

Slide 4

Slide 4 text

4 Ministry A System Goals of Gov Cloud Data Ministry A System Data Ministry A Network Ministry B System Data Ministry C System Data Network Network Ministry A System Data Ministry A System Data Ministry B System Data Ministry C System Data integrated network Gov Cloud Consolidation of similar systems Common front UI design

Slide 5

Slide 5 text

Gov Cloud Infrastructure organized by Digital Agency 5 Master Account Amazon GuardDuty AWS Security Hub AWS Config Audit Account Log Account Amazon CloudWatch S3 AWS Organizations IAM IdC Google Cloud Google Cloud Identity SAML Security OU Infrastructure OU Shared NW Account AWS Transit Gateway Production OU Develop OU Staging OU Operation OU System A System A System A System A System A System A System A System A AWS Control Tower Ministry System A Ministry System A Ministry System A OU used only for local government systems The diagram created with reference to the following blog: https://guide.gcas.cloud.go.jp/aws/description-of-account-structure/

Slide 6

Slide 6 text

Shared responsibility model Japanese Gov Cloud version 6 https://pages.awscloud.com/rs/112-TZM-766/images/AWS-48_Pubsec_AWS_Summit_JP_2024.pdf Scope of responsibility for each ministry system Data Application Setup of Managed Service Middleware / OS Network Setting in System Security Measures and Operations Utilizing Cloud Security Features System Development and Operation Structure for Utilized Systems Governance Rules Reference Configuration baseline environment Control infrastructure with risk and governance implemented. Government cloud Development and operation system Cloud service environment Physical infrastructure in a cloud environment Risk, governance and security Cloud services Business support Government Cloud Digital Agency Cloud service providers AWS, etc.

Slide 7

Slide 7 text

Usage Fee of Gov Cloud 7 System A System B System C System A COST Budget System B COST Budget System C COST Budget Consolidated billing Ministry Employee

Slide 8

Slide 8 text

Fiscal Year 20XX 20XX + 1 20XX + 2 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1~Q2 Q3~Q4 7 8 9 10 11 12 1 2 3 Q1 4 5 6 7 8 9 10 11 12 1 2 3 4 5 6 4~9 10~3 Process for using Gov Cloud When you want to use the Gov Cloud services Month

Slide 9

Slide 9 text

Frequent turnover of public employees and system contractors From the perspective of fairness and improving competitiveness, the developers or SIers operating national systems may change each year through a competitive process. Fiscal Year 20XX 20XX + 1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 7 8 9 10 11 12 1 2 3 Q1 4 5 6 7 8 9 10 11 12 1 2 3 4 5 6 Month Competition Developers /SIers Public employees Job Rotation Year

Slide 10

Slide 10 text

Why CCoE? CCoE helps every stakeholder in Ministries. 10 It’s difficult to understand GovCloud. Ministry SIer / Developer System A PJMO Public Officials CCoE Ministry PMO Public Officials CCoE Contractor SIer / Developer System B PJMO Public Officials It’s difficult to understand GovCloud. Busy! Need Help!

Slide 11

Slide 11 text

What We Do as Ministry CCoE Prioritize support targets from among 100 information systems based on system status, configuration, interviews with responsible personnel, and their intentions 11 System1 Data System100 Data … July's target systems for assistance System5 System10 System15 August's target systems for assistance System30 System40 System50

Slide 12

Slide 12 text

What We Do as Ministry CCoE Audit the costs and security of systems operating in the Gov Cloud environment 12 Sample Budget Page (which is not my client’s) Sample SG Page (which is not my client’s)

Slide 13

Slide 13 text

What We Do as Ministry CCoE Conduct a two-hour seminar for 120 public servants. 13 Very beneficial Beneficial 95% Q. Was the content beneficial? Answered beneficial Yes, definitely Yes 90 % Q. Did your understanding of cloud deepen? Answered Yes Very clear Clear 100% Q. Was the explanation clear? Answered clear Sample Page ( Schedule of Gov Cloud Migration ) Feedback