AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

AWS GovCloud (US): How to Get Started

Keith Brooks

AWS GovCloud Business Development

©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

I want to deploy a workload in AWS GovCloud… how do I get started?

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Requirements for access to AWS GovCloud

Can handle export controlled data US Person US Entity

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Request access to AWS GovCloud

Information required to start the on-boarding process:

1. Full Legal Entity Name 3. Contact Email 5. Address

2. Contact Full Name 4. Contact Phone No. 6. AWS Account Number

Don’t have an account? Sign up at http://aws.amazon.com

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

AWS Business Representative

AWS GovCloud Contact Us Page

Where do I send information? Or…

https://aws.amazon.com/govcloud-us/contact/

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Sign the AWS GovCloud Amendment

Amends your AWS Customer Agreement

describes terms and conditions for use of AWS GovCloud

Security Restricted Access User responsibilities

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Complete the onboarding process

Receive encrypted credentials

Speak with AWS GovCloud Operations

Verify account credentials

Use GovCloud Console Onboard Tool

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Set up Management Console

Accessing the AWS Management Console for GovCloud instructions detail console setup

1. Run AWS Console Onboard Tool2. Create IAM Administrator user 3. Optionally create an account alias4. Download newly rotated keys5. Login to AWS GovCloud Console

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

AWS GovCloud Management Console

GovCloud has its own

Management Console

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Configure IAM groups, users and roles

Control user and application access to AWS GovCloud resources

Identity and Access Management

NOTE: A default Admin role is created during GovCloud Onboarding Tool setup

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Configure Virtual Private Cloud (VPC)

Isolation of services and workloads in AWS GovCloud

Private Subnets

PublicSubnets

Routers InternetGateway(s)

Virtual PrivateGateway(s)

Reference architectures are available to help customers get started

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Launch instances and services

Amazon EC2 Amazon VPC

Amazon S3 Amazon EBS

AWS Key Management

Service

Amazon Glacier

Amazon DynamoDB

Amazon RDS Amazon ElastiCach

e

Amazon Redshift

Amazon EMR

NOTE: Not all services available in AWS GovCloud Region are shown above

AWS CloudFormatio

n

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

1

1

1-to-1 relationship between standard AWS account and AWS GovCloud account

Standard AWS account and AWS GovCloud

Standard AWS Account

AWS GovCloud Account

*Standard account is granted access to the AWS GovCloud region

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

AWS GovCloud is another region on invoice

SAMPLE INVOICE

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Use a payer account to consolidate invoicesMultiple accounts can roll up to a single master AWS payer

account

Account 1 Account 2 Account 3 Account 4 Account 5

Consolidated Invoice

12345

Payer Account

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Get Support: AWS Support CenterCentrally view status of recent support cases, explore resources, and open GovCloud support cases

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Get Advice: AWS Trusted AdvisorFind opportunities to save money, improve performance and reliability, and close security gaps in AWS GovCloud

AWS Trusted Advisor

Use Case: Set up workloads, then use TA to tune prior to purchasing RIs

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Important things to remember

GovCloud is a physically and logically isolated regionSeparate AZs, console, IAM and authentication stack, and endpoints

GovCloud is not just for US GovernmentUsers span government, commercial entities, education and nonprofits

Remember the AWS Shared Responsibility ModelIAM users can be non US persons if adhering to shared responsibility

(e.g., development teams outside of the US w/o access to ITAR data)

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Questions?

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Learn more about AWS GovCloud

AWS GovCloud webpagehttps://aws.amazon.com/govcloud-us/

AWS GovCloud User Guidehttp://docs.aws.amazon.com/govcloud-us/latest/UserGuide/welcome.html

Keith BrooksAWS GovCloud Business

Developmentbrookskl@amazon.com

Karen ArangoAWS GovCloud Product Manager

karango@amazon.com

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Thank You.This presentation will be loaded to SlideShare the week following the Symposium.

http://www.slideshare.net/AmazonWebServices

AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015