1 00:00:12,440 --> 00:00:18,930 Welcome back to Backspace Academy. In this lecture on cloud economics we'll 2 00:00:18,930 --> 00:00:24,330 look at all of the tools that are available to present a business case for 3 00:00:24,330 --> 00:00:31,349 using the AWS cloud. We'll start off by talking about the six advantages at AWS 4 00:00:31,349 --> 00:00:38,399 define of cloud computing. Then we'll talk about the AWS pricing calculator 5 00:00:38,399 --> 00:00:45,300 which allows you to estimate the cost on a monthly and yearly basis of using AWS 6 00:00:45,300 --> 00:00:51,600 services. Then we'll look at the total cost of ownership or TCO and the tools 7 00:00:51,600 --> 00:00:56,850 that are available to allow us to look further into other areas of cost such as 8 00:00:56,850 --> 00:01:02,059 overheads including labor, electricity and the like and they can help us to 9 00:01:02,059 --> 00:01:10,110 accurately assess the benefits of AWS, as opposed to using our own on-premises 10 00:01:10,110 --> 00:01:14,970 servers. We'll look at the Amazon Inspector which is an expert system 11 00:01:14,970 --> 00:01:19,380 which allows us to look into our existing infrastructure and identify 12 00:01:19,380 --> 00:01:25,950 areas of opportunity and areas of risk. Then we'll look at compliance and all of 13 00:01:25,950 --> 00:01:30,390 the tools and resources that are available to help our business to remain 14 00:01:30,390 --> 00:01:35,189 compliant with a number of different industry standards, and finally we'll 15 00:01:35,189 --> 00:01:39,990 look at all of the available support options for us when we're using the AWS 16 00:01:39,990 --> 00:01:42,320 cloud. 17 00:01:42,460 --> 00:01:49,070 AWS defines six advantages of cloud computing. The first one there is that 18 00:01:49,070 --> 00:01:54,950 we're going to be trading a capital expense for a variable expense. So in the 19 00:01:54,950 --> 00:01:59,630 past we would have had to put forward a capital expenditure request to 20 00:01:59,630 --> 00:02:03,950 management to purchase these servers, to have them installed, to have them maintained, 21 00:02:03,950 --> 00:02:08,110 all of that sort of thing, and then by the time have gone through that process, 22 00:02:08,110 --> 00:02:13,190 we may have to go back and redo that all again because we've run out of capacity 23 00:02:13,190 --> 00:02:18,470 already, and this way we're going to be swapping that for a variable expense 24 00:02:18,470 --> 00:02:25,130 that is going to be able to react according to our business needs. 25 00:02:25,130 --> 00:02:30,080 Next we're going to benefit from the massive economies of scale of using this 26 00:02:30,080 --> 00:02:36,590 enormous AWS cloud, and those costs that are associated with that AWS cloud are 27 00:02:36,590 --> 00:02:42,230 shared amongst millions of users, and so we're not going to be getting a big 28 00:02:42,230 --> 00:02:48,440 variation in these costs. It's going to be quite stable over the long term. 29 00:02:48,440 --> 00:02:54,290 Next we can stop guessing capacity. We are going to have an elastic infrastructure 30 00:02:54,290 --> 00:02:59,120 that can vary according to our needs. We don't need to guess our capacity to 31 00:02:59,120 --> 00:03:04,670 purchase fixed assets. We are going to be using a service that is going to be able 32 00:03:04,670 --> 00:03:10,639 to accommodate our needs into the future. Next we're going to be increasing our 33 00:03:10,639 --> 00:03:16,459 speed and agility to get our services and products to market quickly. We can 34 00:03:16,459 --> 00:03:22,730 launch an infrastructure on AWS within minutes and we can be up and running in 35 00:03:22,730 --> 00:03:27,829 a very short amount of time. Next we're going to stop spending money 36 00:03:27,829 --> 00:03:33,560 on running and maintaining our data centers on-premises. This is a big one 37 00:03:33,560 --> 00:03:38,150 because there are a lot of overhead costs that we may not take into 38 00:03:38,150 --> 00:03:43,190 consideration when we're implementing an on-premises solution, and that could be 39 00:03:43,190 --> 00:03:48,049 anything from insurance costs, to security costs as far as physical 40 00:03:48,049 --> 00:03:51,829 security, it could be electricity, a whole heap of 41 00:03:51,829 --> 00:03:54,960 things that go into maintaining and running 42 00:03:54,960 --> 00:04:01,230 a data center, and finally we can go global in minutes. The AWS cloud has data 43 00:04:01,230 --> 00:04:05,700 centers across the globe and we can launch within any part of the globe 44 00:04:05,700 --> 00:04:10,370 within a very short amount of time. 45 00:04:13,510 --> 00:04:19,430 The AWS pricing calculator allows us to estimate the monthly and 46 00:04:19,430 --> 00:04:24,950 annual costs of using individual AWS services. Now please note this was 47 00:04:24,950 --> 00:04:30,290 formerly called the simple monthly calculator, so any references to the 48 00:04:30,290 --> 00:04:35,630 simple monthly calculator, simply means the AWS pricing calculator. If you want 49 00:04:35,630 --> 00:04:39,620 to have a hands-on look at the AWS pricing calculator, and I recommend you 50 00:04:39,620 --> 00:04:46,940 do that, just go to calculator.AWS The first step after opening up the 51 00:04:46,940 --> 00:04:50,540 pricing calculator is that we need to select the service that we're going to 52 00:04:50,540 --> 00:04:54,650 be using, and there are a number of services there available, pretty well 53 00:04:54,650 --> 00:04:58,880 the vast range of services that you can get on AWS will be available here on the 54 00:04:58,880 --> 00:05:03,650 pricing calculator. After we've selected our service and we can see here we've 55 00:05:03,650 --> 00:05:09,710 got the ec2 service up, we can start to define what we're going to be using on 56 00:05:09,710 --> 00:05:14,030 that ec2 service. So we can define what the instance type is, what the operating 57 00:05:14,030 --> 00:05:18,200 system is and that sort of thing. We've also got the option there of an advanced 58 00:05:18,200 --> 00:05:21,650 estimate and that's going to allow us to put more information, for example there 59 00:05:21,650 --> 00:05:25,250 we can see that we can put in the workload. So it's going to be constant 60 00:05:25,250 --> 00:05:28,280 usage or whether we're going to have spikes in demand and that sort of thing 61 00:05:28,280 --> 00:05:33,110 and so we can base our estimate on a schedule or on a consistent usage 62 00:05:33,110 --> 00:05:38,930 whatever that may be, and once we've put in all of our information about that 63 00:05:38,930 --> 00:05:43,370 service we'll get our estimate, and we can see here we've got the first 12 64 00:05:43,370 --> 00:05:47,990 months is going to cost us $1,500. We're going to 65 00:05:47,990 --> 00:05:52,970 have a total upfront expenditure there and a monthly cost. So we can save that 66 00:05:52,970 --> 00:05:57,740 and we can share with other people. We can export it to Microsoft Excel as a 67 00:05:57,740 --> 00:06:04,010 CSV file if we like, and so that is a very quick and easy way if we know what 68 00:06:04,010 --> 00:06:07,850 services we're going to be using and how we're going to use them. It's a great way 69 00:06:07,850 --> 00:06:14,230 to get a good estimate of what our ongoing costs are going to be. 70 00:06:16,819 --> 00:06:24,990 The AWS total cost of ownership or TCO for short, the AWS TCO calculator allows 71 00:06:24,990 --> 00:06:29,249 us to compare the costs of running our applications in an on-premises 72 00:06:29,249 --> 00:06:34,889 environment or a colocation environment as opposed to running it on the AWS 73 00:06:34,889 --> 00:06:40,949 cloud, and it is very good at identifying those costs that are hidden within 74 00:06:40,949 --> 00:06:45,479 overheads, that are hidden within IT labor and all these sorts of costs that 75 00:06:45,479 --> 00:06:51,419 you may not be aware of. Now one thing that I need to make you aware of is that 76 00:06:51,419 --> 00:06:57,149 the TCO calculator has been around for many years and it hasn't changed much 77 00:06:57,149 --> 00:07:00,779 over those years, other than some user interface changes 78 00:07:00,779 --> 00:07:05,879 and it really doesn't do a lot different to what it did many years ago, and that is, 79 00:07:05,879 --> 00:07:13,949 it looks at the cost of on premises, as opposed to using the AWS ec2 service. 80 00:07:13,949 --> 00:07:20,240 It does not take into consideration other opportunities such as serverless or 81 00:07:20,240 --> 00:07:26,459 using for example Cloudfront to front your infrastructure as well. It purely 82 00:07:26,459 --> 00:07:31,169 looks at the ec2 service and the costs involved in using that, as compared to 83 00:07:31,169 --> 00:07:35,669 using an on-premises environment, but that said you need to understand this 84 00:07:35,669 --> 00:07:41,999 whole concept of TCO and why it is important to not ignore those overhead 85 00:07:41,999 --> 00:07:47,580 costs and those IT labor costs that go into a solution on premises 86 00:07:47,580 --> 00:07:56,399 as opposed to on AWS. Okay so the total cost of ownership is made up 87 00:07:56,399 --> 00:08:02,610 of four main cost centers there being server, storage, network and IT labor costs. 88 00:08:02,610 --> 00:08:08,490 Now these server costs, that could consist of hardware such as a servers, 89 00:08:08,490 --> 00:08:12,629 racks all of that sort of thing and also the software that is running on that server. 90 00:08:12,629 --> 00:08:18,449 So we may require maintenance, it may require licensing and that sort of 91 00:08:18,449 --> 00:08:23,519 thing. We have storage there and not only do we have the hardware that is involved 92 00:08:23,519 --> 00:08:28,019 with that storage, but we also have administration of it. So that needs to be 93 00:08:28,019 --> 00:08:31,330 backed up. We may have compliance costs with 94 00:08:31,330 --> 00:08:35,890 that storage as well. The network costs again that's going to have LAN switches 95 00:08:35,890 --> 00:08:40,740 and load balancers and all of that sort of hardware, but it's also going to require 96 00:08:40,740 --> 00:08:45,190 administration costs as well, monitoring of that network and all of those 97 00:08:45,190 --> 00:08:51,190 associated costs, and then the fourth one there is the IT labor cost. So we need to 98 00:08:51,190 --> 00:08:56,140 have administration staff that are going to be looking after our service and they 99 00:08:56,140 --> 00:09:00,130 need to have training in virtualization and all of that sort of thing. We also 100 00:09:00,130 --> 00:09:05,620 need to have specific accounting resources as well to keep track of costs 101 00:09:05,620 --> 00:09:11,020 as well. Now within the first three there of server, storage and network, we 102 00:09:11,020 --> 00:09:15,790 also have overhead cost that we need to take into consideration. We have the 103 00:09:15,790 --> 00:09:21,790 space that is required to store this hardware and to make sure that that is 104 00:09:21,790 --> 00:09:25,030 clean and we're going to have costs involved in it, that's going to be rent, 105 00:09:25,030 --> 00:09:29,740 so that is a overhead cost that we need to take into consideration. There needs 106 00:09:29,740 --> 00:09:35,710 to be power to these servers and storage and there also needs to be cooling to 107 00:09:35,710 --> 00:09:40,420 keep this hardware cool as well. So all of those overhead costs need to be taken 108 00:09:40,420 --> 00:09:48,760 into consideration and not ignored. After we have entered in the details of our 109 00:09:48,760 --> 00:09:52,260 on-premise environment and that will include the number of virtual machines, 110 00:09:52,260 --> 00:09:58,210 the CPUs and that sort of thing and also the storage that we're going to be 111 00:09:58,210 --> 00:10:03,700 requiring. We can produce a report like this which will be a TCO report that 112 00:10:03,700 --> 00:10:08,980 will compare on-premises versus the AWS cloud and the cost savings of doing that 113 00:10:08,980 --> 00:10:15,060 and also look at the breakdown of those costs to get a more detailed assessment. 114 00:10:15,060 --> 00:10:19,210 What we can do is, we can modify those assumptions that are made by AWS. 115 00:10:19,210 --> 00:10:24,670 So AWS will have a standard set of labor costs, electricity costs, 116 00:10:24,670 --> 00:10:28,330 network costs and all that sort of thing. We can go in there and we can modify 117 00:10:28,330 --> 00:10:33,400 those to specifically what our on-premises costs are, and we can get an 118 00:10:33,400 --> 00:10:37,630 even more accurate model. So again take that into consideration. Don't just use 119 00:10:37,630 --> 00:10:45,100 the AWS metrics. Use your own labor costs and network costs 120 00:10:45,100 --> 00:10:49,199 and that sort of thing as well to make it more accurate. 121 00:10:52,829 --> 00:10:58,809 Another great way of reducing those costs of IT labor and resources is to 122 00:10:58,809 --> 00:11:04,389 use an expert system such as the Amazon inspector and what that is it's an 123 00:11:04,389 --> 00:11:09,970 automated security assessment service. So instead of having a team of people going 124 00:11:09,970 --> 00:11:14,730 through your AWS infrastructure and identifying any weaknesses or 125 00:11:14,730 --> 00:11:20,049 opportunities within that, the Amazon Inspector can do that automatically for 126 00:11:20,049 --> 00:11:25,319 you and that allows you to reduce the costs and increases the efficiency of 127 00:11:25,319 --> 00:11:30,249 conducting security assessments and maintaining compliance with any 128 00:11:30,249 --> 00:11:36,699 third-party compliance programs. The pricing starts at 30 cents per agent 129 00:11:36,699 --> 00:11:41,649 assessment per month, but if you're using it quite a bit, you can take advantage of 130 00:11:41,649 --> 00:11:46,420 volume discounting, and that will allow you to achieve as low as five cents per 131 00:11:46,420 --> 00:11:51,249 agent assessment per month. So the Amazon Inspector a great service to really 132 00:11:51,249 --> 00:11:56,920 identify any critical areas within your infrastructure and also any areas of 133 00:11:56,920 --> 00:12:02,999 opportunity not only in security but also in performance as well. 134 00:12:06,000 --> 00:12:12,640 The AWS compliance program covers a very broad range of certifications, laws and 135 00:12:12,640 --> 00:12:18,490 regulations and frameworks that AWS is compliance with or can help you to 136 00:12:18,490 --> 00:12:24,220 become compliant with. For example there, we've got ISO 9000, we've got the payment 137 00:12:24,220 --> 00:12:29,560 card industry data security standard as well that AWS is compliant with. We've 138 00:12:29,560 --> 00:12:33,070 got the HIPAA out of there that AWS can help you to become compliant with as 139 00:12:33,070 --> 00:12:35,310 well. 140 00:12:40,120 --> 00:12:44,930 One thing that you need to understand is that AWS may be compliant with a 141 00:12:44,930 --> 00:12:50,090 standard or it may be providing a compliance enabling service that can 142 00:12:50,090 --> 00:12:55,130 enable you to be compliant with a standard. A good example of that for a 143 00:12:55,130 --> 00:13:01,040 compliance service would be PCI DSS level 1. AWS is compliant with that 144 00:13:01,040 --> 00:13:08,020 standard. ISO 9001 again AWS is fully compliant with that standard as well. 145 00:13:08,020 --> 00:13:14,450 Another compliance and enabling service that AWS provides is for the HIPAA 146 00:13:14,450 --> 00:13:19,970 standard, and the reason that AWS cannot provide you with a HIPAA certification 147 00:13:19,970 --> 00:13:26,840 as such, is because the HIPAA standard goes into much more than just your 148 00:13:26,840 --> 00:13:31,640 back-end services. For example you may have a HIPAA application, some software 149 00:13:31,640 --> 00:13:36,230 that you have developed, and that is running on AWS, and the AWS side of 150 00:13:36,230 --> 00:13:42,440 things is completely compliant but your actual software may have issues and it 151 00:13:42,440 --> 00:13:47,540 may not be compliant, and so from that perspective AWS has provided everything 152 00:13:47,540 --> 00:13:52,520 that they can for you to enable compliance, but you still need to do your 153 00:13:52,520 --> 00:14:02,240 end of it to to get that HIPAA certification. AWS Artifact is a central 154 00:14:02,240 --> 00:14:08,300 resource for compliance related information on AWS. It provides on-demand 155 00:14:08,300 --> 00:14:14,150 access to AWS's security and compliance reports and also selected online 156 00:14:14,150 --> 00:14:19,970 agreements. Some of the reports that you can download include SOC or PCI reports, 157 00:14:19,970 --> 00:14:24,970 and those are accessed quite simply by going to the AWS management console and 158 00:14:24,970 --> 00:14:28,700 selecting the report that you want, or searching for that report, and then 159 00:14:28,700 --> 00:14:35,450 selecting it and then downloading that report. Ok so when you go to the 160 00:14:35,450 --> 00:14:39,440 management console and select AWS Artifact, you can go to the report 161 00:14:39,440 --> 00:14:44,480 section, you can search for a report, and so here we are searching for 162 00:14:44,480 --> 00:14:50,030 the PCI reports, and we can see there that we've got one, a PCI attestation of 163 00:14:50,030 --> 00:14:54,530 compliance or AOC report. We simply select that and we 164 00:14:54,530 --> 00:15:01,010 download that report. When we click on download report it will actually not 165 00:15:01,010 --> 00:15:06,410 download the report itself, but it will download the non-disclosure agreement 166 00:15:06,410 --> 00:15:12,350 for AWS Artifact and attached to that, if you open it in Adobe Acrobat, and you 167 00:15:12,350 --> 00:15:16,520 click on the the paper clip, you can see that attached to that will be the 168 00:15:16,520 --> 00:15:20,780 reports that you want, and by clicking on those links you will be able to see 169 00:15:20,780 --> 00:15:24,170 those reports and download those or print them out or do whatever you 170 00:15:24,170 --> 00:15:32,600 want with those. It is one thing to be compliant with a standard at a point in 171 00:15:32,600 --> 00:15:37,670 time and it's another thing to be able to maintain compliance with that 172 00:15:37,670 --> 00:15:41,750 standard when your infrastructure is changing and your software is being 173 00:15:41,750 --> 00:15:46,690 updated, and so that's where AWS Config comes in, and what it is it's a 174 00:15:46,690 --> 00:15:53,600 configuration management service running on AWS, and allows you to assess, audit 175 00:15:53,600 --> 00:16:01,190 and evaluate the configurations of your AWS resources. It acjieves this by continuously 176 00:16:01,190 --> 00:16:08,440 monitoring and recording any changes in your configuration on AWS, based on 177 00:16:08,440 --> 00:16:14,420 pre-built rules. Now those rules are supplied by AWS but you can modify those 178 00:16:14,420 --> 00:16:21,370 to suit you as well. Those rules can be applied to both network and software 179 00:16:21,370 --> 00:16:26,990 configurations. So if you do an update to software and that change is something to 180 00:16:26,990 --> 00:16:31,490 do with compliance, based on those rules, then you will be alerted to 181 00:16:31,490 --> 00:16:36,920 that change. Multiple rules can be organized into a conformance pack to 182 00:16:36,920 --> 00:16:42,980 better organize these rules, and any changes that appear can be identified 183 00:16:42,980 --> 00:16:47,630 quickly by simply going to the AWS management console and going to the 184 00:16:47,630 --> 00:16:53,300 cloud governance dashboard and seeing those changes. It has multi account and 185 00:16:53,300 --> 00:17:00,110 multi region data integration, and so you can apply this across multiple accounts 186 00:17:00,110 --> 00:17:04,819 across multiple regions. It is integrated with AWS organization, 187 00:17:04,819 --> 00:17:10,160 so you can set up a conformance a pack and apply that to all of your accounts 188 00:17:10,160 --> 00:17:13,870 within your organization. 189 00:17:16,470 --> 00:17:21,819 There are a number of different support plans available from AWS to help you out 190 00:17:21,819 --> 00:17:26,769 when you get into trouble. That consists of a basic, developer, business and the 191 00:17:26,769 --> 00:17:32,409 top line there is enterprise, and they vary from free, and that is purely and 192 00:17:32,409 --> 00:17:36,399 simply customer service only. There's no technical service. So if you've got a 193 00:17:36,399 --> 00:17:41,490 problem with your billing for example then you can get free support on that, 194 00:17:41,490 --> 00:17:45,279 but if you want to get technical support then you're going to have to pay for 195 00:17:45,279 --> 00:17:50,620 that, and so developer is the the base of that support plan for paid plans and 196 00:17:50,620 --> 00:17:55,659 that's going to give you up to 12 hours response to critical failures. Working up 197 00:17:55,659 --> 00:18:00,970 to enterprise which is 24/7 technical support from a senior 198 00:18:00,970 --> 00:18:06,519 engineer and that will have response to less than 15 minutes to any critical 199 00:18:06,519 --> 00:18:14,440 failures. From my experience personally with AWS support, is that these response 200 00:18:14,440 --> 00:18:20,409 times that they quote for the most part they do deliver on, but quite often they 201 00:18:20,409 --> 00:18:25,120 don't deliver on. So again if you've got an enterprise there and it's saying less 202 00:18:25,120 --> 00:18:29,080 than 15 minutes response, it may take them a lot longer than 15 minutes to 203 00:18:29,080 --> 00:18:34,000 actually sort out your problem, but it is a very good service to pay for and 204 00:18:34,000 --> 00:18:38,460 certainly if you're part of a large organization you certainly should have 205 00:18:38,460 --> 00:18:43,000 at the very least a business support plan. If you want to get more details 206 00:18:43,000 --> 00:18:49,360 about these support plans go to the AWS website/premiumsupport/ 207 00:18:49,360 --> 00:18:53,309 compare - plans 208 00:18:53,730 --> 00:19:01,480 If you have a difficult application that you're trying to deploy on AWS, you may 209 00:19:01,480 --> 00:19:05,650 want to consider using the AWS professional service, and they are a 210 00:19:05,650 --> 00:19:12,940 global team of AWS experts. They work as a collaboration between the client and 211 00:19:12,940 --> 00:19:19,330 an AWS partner network or an APN partner, and the AWS professional 212 00:19:19,330 --> 00:19:23,170 services team. So if you've got this large application that you want to 213 00:19:23,170 --> 00:19:29,560 deploy then you would engage an APN partner, and then the APN partner would 214 00:19:29,560 --> 00:19:33,460 work with the AWS professional services team to sort out all of those 215 00:19:33,460 --> 00:19:40,120 issues for you. The professional services use a number of different offerings that 216 00:19:40,120 --> 00:19:45,790 use a unique methodology based on Amazon's internal best practices and 217 00:19:45,790 --> 00:19:52,870 they help you to complete your projects faster and more reliably. 218 00:19:52,870 --> 00:19:58,780 The professional services can provide experts in a specific area of AWS and 219 00:19:58,780 --> 00:20:05,680 they have global specialty practices that can support your efforts in focused 220 00:20:05,680 --> 00:20:11,260 areas of the enterprise cloud computing. For example you might want to obtain the 221 00:20:11,260 --> 00:20:16,480 services of a machine learning expert or an Internet of Things or a specific 222 00:20:16,480 --> 00:20:23,610 database expert. An AWS professional services can make that happen for you. 223 00:20:23,610 --> 00:20:28,720 Okay so that brings us to the end of our discussion on cloud economics and how to 224 00:20:28,720 --> 00:20:33,880 present a business case for moving over to AWS. I hope you've got a lot out of it 225 00:20:33,880 --> 00:20:38,250 and I look forward to seeing you in the next one.