AWS re:Invent – Day 1

I’ve arrived in Las Vegas in Friday and had a couple of days vacation prior to registering for the conference at the MGM Grand.

I don’t think I’d truly realised how big an event this year it was going to be as the MGM Conference Centre is huge but it’s dwarfed in size in comparison to The Sands Expo down at the Venetian (and that’s just two of the venues).

Today started with Breakfast over at the Mirage where all the training and certifications are being conducted. I spent breakfast chatting with a guy from Arizona State University who was sitting his SysOps exam later that morning and another guy who had only just flown in from Denmark who was feeling the effects of jet lag.

After walking over to The Sands Expo to catch the shuttle bus back up to the MGM for my first breakout session I was in awe of the whole setup. Continue reading “AWS re:Invent – Day 1”

VPC Architectural Options


In this post I’m going to go into further detail regarding the varying Amazon VPC Architectural Options.  When first deploying VPC it seems similar to a traditional Data Centre, however there are a variety of reasons to consider a multi-VPC strategy. These reasons include:

  • Security
    • Provide security configuration appropriate to VPC, improving overall security posture.
    • De-risk changes by minimizing the blast radius, accelerate deployment of changes.
  • Supportability
    • VPC specific configurations, rather than multiple configurations within a single VPC.
    • Simplifies operational viewpoint based on the segregation.
  • Networking
    • Provides granular network control and integration, only connecct to relevant networks.
    • Leverage multiple VPC constructs effectively, route tables, subnets, NACLs, Peering, DNS.
  • Automation
    • Supports automated deployment of resources into segregated VPCs.
    • VPC can become part of the automation fabric, removing Data Centre mindset.
  • Limits
    • Mitigates limits for very large VPCs, e.g. maximum practical security groups and rule limits.
    • Reduce risk of VPCs constraints, e.g. network, subnet size is fixed at creation time.

Continue reading “VPC Architectural Options”

Amazon VPC Constructs

VPC Construct Banner

Amazon Virtual Private Cloud

  • Amazon Virtual Private Cloud (VPC) is a virtual network that resembles a traditional network that you would operate in your own Data Centre, with the benefits of using the scalable infrastructure of AWS.
  • Although it ‘resembles’ does not mean it is identical. Amazon VPC is a software defined network which provides familiar constructs that implements controls and rules in the EC2 hypervisor for network traffic.
  • It enables network, workload or environmental isolation for application deployment, management and operations.

VPC Constructs

Continue reading “Amazon VPC Constructs”

AWS Account Structures

In this post I’m going to go into one of the sections that is an important consideration for any enterprise that is looking to migrate into AWS which is Account Structures.

AWS offers a variety of services and features that allow for flexible control of the account(s) managing your cloud computing resources. Implementing the most appropriate account structure for your use case can help to ensure proper cost allocation, agility and security.

Key Design Considerations include the following:

  • Don’t over engineer your initial account structure.
    • Use an iterative approach to creating and structuring your accounts.
  • Use seperate AWS account for things that are clearly separate.
  • Use group e-mail addresses as your account e-mail addresses.
  • Standardize your e-mail aliases and your AWS Account names.

From my own perspective this has been something that I’ve been working on lately and have utilised the below as a starting point.

Continue reading “AWS Account Structures”

Planning for AWS re:Invent 2017


Given that it’s now just under 5 weeks until I fly to Las Vegas not just for re:Invent but also for a much needed vacation – I’ve now planned out my sessions for the conference.  I appear to have been one of the lucky people that was actually able to login to the Web App for the reserved seating as I’ve pretty much been able to reserve a seat in the majority of sessions I wanted to attend.

Unfortunately if you’ve been following #reinvent on twitter over the last 24 hours it’s become apparent that there were significant issues with people receiving a variety of errors and either not being able to reserve a seat or once they had managed to login the seating had become full on the sessions that those people were hoping to attend.

Continue reading “Planning for AWS re:Invent 2017”