Slide 1

Slide 1 text

Digital Transformation Office AWS in government: Risks, myths, and misconceptions Lindsay Holmwood Head of Development @auxesis dto.gov.au

Slide 2

Slide 2 text

dto.gov.au Digital Transformation Office

Slide 3

Slide 3 text

dto.gov.au We're here to make government services simpler, clearer and faster for everyone

Slide 4

Slide 4 text

dto.gov.au 1/ We collaborate with agencies to transform services so that they meet user needs

Slide 5

Slide 5 text

dto.gov.au 2/ We create whole-of-government platforms to support service transformation

Slide 6

Slide 6 text

dto.gov.au 3/ We develop policies and standards to help government transform services consistently

Slide 7

Slide 7 text

dto.gov.au We run EVERYTHING on AWS

Slide 8

Slide 8 text

dto.gov.au Dev & Staging & QA & Production

Slide 9

Slide 9 text

dto.gov.au Myths

Slide 10

Slide 10 text

dto.gov.au “We can’t store data securely”

Slide 11

Slide 11 text

dto.gov.au On ASD’s CCSL

Slide 12

Slide 12 text

dto.gov.au EBS + EC2 + S3 + VPC You can run a lot of workloads on this.

Slide 13

Slide 13 text

dto.gov.au ASD acknowledges risks of in-house systems

Slide 14

Slide 14 text

dto.gov.au “Organisations need to perform a risk assessment and implement associated mitigations before using cloud services.” – Cloud Computer Security For Tenants, ASD

Slide 15

Slide 15 text

dto.gov.au “Risks vary depending on factors such as the sensitivity and criticality of data to be stored or processed, how the cloud service is implemented and managed, how the organisation intends to use the cloud service, and challenges associated with the organisation performing timely incident detection and response.” – Cloud Computer Security For Tenants, ASD

Slide 16

Slide 16 text

dto.gov.au “Organisations need to compare these risks against an objective risk assessment of using in-house computer systems which might: be poorly secured; have inadequate availability; or, be unable to meet modern business requirements.”” – Cloud Computer Security For Tenants, ASD

Slide 17

Slide 17 text

dto.gov.au Please read: Cloud Computing Security for Tenants http://www.asd.gov.au/publications/protect/Cloud_Computing_Security_for_Tenants.pdf

Slide 18

Slide 18 text

dto.gov.au There are strategies for making data available on AWS

Slide 19

Slide 19 text

dto.gov.au id name email medicare Protected row ❌ Can’t store this on AWS

Slide 20

Slide 20 text

dto.gov.au id name email medicare Unclassified columns ✅ Can store this on AWS

Slide 21

Slide 21 text

dto.gov.au

Slide 22

Slide 22 text

dto.gov.au Misconceptions

Slide 23

Slide 23 text

dto.gov.au “We’ll run it like physical infrastructure”

Slide 24

Slide 24 text

dto.gov.au *buy RIs for 3 years*

Slide 25

Slide 25 text

dto.gov.au Yes, you’ll get a cost saving

Slide 26

Slide 26 text

dto.gov.au BUT

Slide 27

Slide 27 text

dto.gov.au Value of AWS is not low cost compute

Slide 28

Slide 28 text

dto.gov.au Value of AWS is on-tap capacity

Slide 29

Slide 29 text

dto.gov.au We can’t extract this value unless we build and run services like AWS recommends

Slide 30

Slide 30 text

dto.gov.au We have to think differently about our architecture

Slide 31

Slide 31 text

dto.gov.au Buying RIs is a risk if you don’t know your workloads

Slide 32

Slide 32 text

dto.gov.au You don’t know what your workloads are going to be 3 years from now

Slide 33

Slide 33 text

dto.gov.au You might: Optimise your code to run in parallel, across many cheaper instances

Slide 34

Slide 34 text

dto.gov.au You might: Shift your workloads to spot instances, for on-demand calculations

Slide 35

Slide 35 text

dto.gov.au How to control spend:

Slide 36

Slide 36 text

dto.gov.au How to control spend: Start with on-demand instances

Slide 37

Slide 37 text

dto.gov.au How to control spend: Track your spend over multiple months, identify instance types that are constantly used

Slide 38

Slide 38 text

dto.gov.au How to control spend: Then buy RIs for a year

Slide 39

Slide 39 text

dto.gov.au How to control spend: If you’re really keen, go for 3 years

Slide 40

Slide 40 text

dto.gov.au You don’t know what your workloads are going to be 3 years from now

Slide 41

Slide 41 text

dto.gov.au How to control spend: Sell unused RIs on the marketplace

Slide 42

Slide 42 text

dto.gov.au Risks

Slide 43

Slide 43 text

dto.gov.au “Our spend is getting out of control!”

Slide 44

Slide 44 text

dto.gov.au Use sub accounts to segment and control spend

Slide 45

Slide 45 text

dto.gov.au Logically separate services you’re delivering across accounts

Slide 46

Slide 46 text

dto.gov.au See costs in one place

Slide 47

Slide 47 text

dto.gov.au Reduce your cost by buying RIs and using blended rates

Slide 48

Slide 48 text

dto.gov.au Handy when the service is mogged

Slide 49

Slide 49 text

dto.gov.au Automatically shut down environments every night

Slide 50

Slide 50 text

dto.gov.au Encourages a culture of technical resilience

Slide 51

Slide 51 text

dto.gov.au Better security posture through short lived environments

Slide 52

Slide 52 text

dto.gov.au *attackers are getting faster

Slide 53

Slide 53 text

dto.gov.au “Our stuff is getting hacked!”

Slide 54

Slide 54 text

dto.gov.au We can’t extract value from AWS unless we build and run services like AWS recommends

Slide 55

Slide 55 text

dto.gov.au Extract maximum value by giving your developers AWS access

Slide 56

Slide 56 text

dto.gov.au Give them the power to create & update & destroy their own environments

Slide 57

Slide 57 text

dto.gov.au Encourages a culture of technical resilience

Slide 58

Slide 58 text

dto.gov.au Heavily use IAM users, roles, and groups

Slide 59

Slide 59 text

dto.gov.au BUT

Slide 60

Slide 60 text

dto.gov.au Services and data can be accidentally exposed to the world

Slide 61

Slide 61 text

No content

Slide 62

Slide 62 text

dto.gov.au Regularly & automatically audit exposed services

Slide 63

Slide 63 text

dto.gov.au “We aren’t getting the reliability benefits!”

Slide 64

Slide 64 text

dto.gov.au We can’t extract this value unless we build and run services like AWS recommends

Slide 65

Slide 65 text

dto.gov.au Build highly reliable systems from unreliable components

Slide 66

Slide 66 text

dto.gov.au Use autoscaling groups heavily

Slide 67

Slide 67 text

dto.gov.au Pre-bake your applications into images

Slide 68

Slide 68 text

dto.gov.au

Slide 69

Slide 69 text

dto.gov.au Build a strong continuous delivery capability

Slide 70

Slide 70 text

deploy to production acceptance tests integrate unit tests code done Traditional delivery Manual Manual Manual Auto

Slide 71

Slide 71 text

deploy to production acceptance tests integrate unit tests code done Continuous Delivery Manual Auto Auto Auto

Slide 72

Slide 72 text

deploy to production acceptance tests integrate unit tests code done Continuous Deployment Auto Auto Auto Auto

Slide 73

Slide 73 text

dto.gov.au Everything goes to production through the pipeline

Slide 74

Slide 74 text

30 60 90 120 2015-10-29 2015-11-08 2015-11-16 2015-11-25 GOV.AU deploys over time

Slide 75

Slide 75 text

dto.gov.au Releases are a non-event

Slide 76

Slide 76 text

smoke tests acceptance tests integrate code done environment change deploy to production build images

Slide 77

Slide 77 text

dto.gov.au Satisfy regulatory requirements more easily

Slide 78

Slide 78 text

dto.gov.au Get scalability for free

Slide 79

Slide 79 text

ASG environment application image instance instance instance instance instance ELB

Slide 80

Slide 80 text

dto.gov.au Heavily restrict automation’s access with IAM

Slide 81

Slide 81 text

dto.gov.au Ship all logs off site

Slide 82

Slide 82 text

dto.gov.au Check out Packer & Terraform

Slide 83

Slide 83 text

dto.gov.au Case study cloud.gov.au outage

Slide 84

Slide 84 text

dto.gov.au

Slide 85

Slide 85 text

dto.gov.au Time to detection: 4 minutes

Slide 86

Slide 86 text

dto.gov.au Time to recovery: 12 minutes

Slide 87

Slide 87 text

dto.gov.au Human intervention: 0

Slide 88

Slide 88 text

dto.gov.au The system self-healed

Slide 89

Slide 89 text

dto.gov.au Took longer than if we were using pure-AWS

Slide 90

Slide 90 text

dto.gov.au It’s a tradeoff we’re willing to accept for multi-cloud capability

Slide 91

Slide 91 text

dto.gov.au Principles are the same

Slide 92

Slide 92 text

dto.gov.au The opportunity is immense

Slide 93

Slide 93 text

dto.gov.au IaaS helps make doing the right thing easy

Slide 94

Slide 94 text

dto.gov.au Technology is cheap, people are dear

Slide 95

Slide 95 text

dto.gov.au IaaS eliminates classes of problems

Slide 96

Slide 96 text

dto.gov.au IaaS frees up your teams to focus on the bigger picture

Slide 97

Slide 97 text

dto.gov.au Free people up to help org learn

Slide 98

Slide 98 text

dto.gov.au Australia can become the best in the world at delivering clearer, simpler, faster government services.

Slide 99

Slide 99 text

dto.gov.au Thank you! ❤ the talk? Let @auxesis & @DTO know!