APPLICATION & PLATFORM MODERNISATION_ JON TOPPER | @jtopper | he/him/his

YOUR ARCHITECTURE IS OUT OF DATE_

No content

DID YOU DO A LIFT & SHIFT MIGRATION?_

DID YOU BUILD CLOUD NATIVE SOME YEARS AGO?_

MODERNISATION SIGNALS_ Lack of agility: Unable to react quickly to changing business and market demands. Lack of flexibility: Difficult to make necessary changes to applications. Lack of scalability: Cannot introduce new application features or extend existing features that involve new users or capacity. Performance issues: Applications don’t perform to desired standards and metrics.

MODERNISATION SIGNALS_ Lack of data insights: Too many data silos exist and slow digital innovation. Heightened security risks: Applications have gaps and vulnerabilities that don’t exist within newer application frameworks where security is built in and integrated throughout. Expensive to build new applications. Higher costs: Legacy applications and application frameworks often consume more resources, and often create more redundancies and inefficiencies than modernised applications.

FAILURE TO MODERNISE IS TECHNICAL DEBT_

Visible Invisible Value Chain Evolution Genesis Custom Product Commodity

Visible Invisible Value Chain Evolution Genesis Custom Product Commodity Power Customer MySQL Compute Storage Data Centre HA Scripts Monitoring Config Mgmt Networking

Visible Invisible Value Chain Evolution Genesis Custom Product Commodity Customer Amazon Aurora

NOTABLE AWS LAUNCHES_ Amazon DynamoDB (2012) Amazon Aurora (2014) AWS Lambda (2014) AWS Fargate (2017) Amazon EKS (2018) AWS Graviton (2018) AWS Control Tower (2019) Amazon OpenSearch (2021) Amazon Bedrock (2023)

STRATEGIC REASONS_ To support people, process & culture change To decouple services To provide self-service access to data To create a builder-friendly platform To free up developer hours to work on business value

BUSINESS RESULTS_ Move faster & iterate on new products quickly Save money on IT spend Improve customer SLA outcomes

HOW TO MODERNISE_

TWO CONSIDERATIONS_ Your AWS Estate Individual Workloads

AWS ESTATE MODERNISATION_

LANDING ZONE_ A well-architected, self-service multi-account AWS environment providing: Account & network structure Identity & access services Security baseline and guardrails Cost guardrails Centralised management Logging and monitoring Account/application blueprints

GOOD ARCHITECTURE. GOOD GOVERNANCE_

SECURITY CONCERNS_ Who can access which resources? Is public access locked down? What activity is logged? Who can read/write log data? Is encryption at rest enforced? Is encryption in transit enforced? Where are we storing confidential information?

COST CONCERNS_ Are we paying too much for our cloud resources? Are we generating waste, paying for unused resources? Can we avoid accidentally generating a large bill? Which department is responsible for which part of the bill? How do costs divide out across SaaS tenants?

PRODUCTIVITY CONCERNS_ How can we manage all this complexity, without slowing down? How can product teams maintain autonomy over their platform whilst conforming to local policy?

Workload OU Security OU Infrastructure OU Non-prod OU Prod OU Developer Sandbox OU logs flow network path Transitional OU Policy Staging OU Suspended OU Amazon Athena Backup vault Backup snapshots Management account Log Archive account Audit account Shared Services account Backups account Security Tooling account Bob's sandbox account Alice's sandbox account Test account Staging account Production account AWS Control Tower AWS Organizations AWS Config AWS IAM Identity Center Logs Baseline Baseline Baseline Baseline Baseline Baseline Baseline Baseline AWS Chatbot AWS Backup Amazon GuardDuty Admin AWS Budgets AWS Budgets VPC VPC Baseline VPC Baseline VPC

WORKLOAD MODERNISATION_

IDENTIFY A PRIORITY_ Security Operations Performance Reliability Cost Sustainability

MEASURE METRICS_ Security: Reduced high risk items Operations: Improved DORA metrics Performance: Improved performance Reliability: Improved uptime. Faster DR. Cost: Improved visibility. Reduced cost. Sustainability: Smaller footprint

NOW CHOOSE_ New project Existing workload Choose one with high impact

USE AWS SERVICES_ Reduced operational overhead Improved security Cost effective Higher pace of innovation Extremely reliable Highly scalable

EC2 Instance VMWare Cloud on AWS AWS Lambda Amazon Elastic Kubernetes Service (EKS) AWS Fargate BEFORE MODERNISATION AFTER MODERNISATION COMPUTE Server / VM workloads Containers or Serverless workloads

Database on EC2 Instance Amazon RDS BEFORE MODERNISATION AFTER MODERNISATION DATA Amazon Aurora Amazon DynamoDB Customer-managed databases AWS-managed data services

Elastic Block Store BEFORE MODERNISATION AFTER MODERNISATION FILES EFS (NFS) Amazon S3 Amazon FSx for Lustre POSIX filesystems Object storage

BEFORE MODERNISATION AFTER MODERNISATION CI/CD Jenkins on EC2 Instance(s) AWS CodeBuild AWS CodeDeploy AWS CodePipeline GitHub Actions DIY solution Managed service

BUILD BLUEPRINTS_ Design patterns Reusable Infrastructure-as-Code automation

WRAPPING UP_

MAIN TAKEAWAYS_ Get your AWS estate in order with a Landing Zone Choose an impactful new or existing workload to modernise Modernise by adopting managed services Use the approach as a blueprint for other workloads

HOW CAN WE HELP?_ Co-investment with AWS funding Free consultation

No content