The whitepapers section features a comprehensive list of technical AWS whitepapers, covering topics such as architecture, security and economics. These whitepapers have been authored by the AWS Team, independent analysts or the AWS Community (Customers or Partners). To read reports authored by industry analysts click here. This page will be regularly updated with new and updated whitepapers and reports. Check back regularly for new content.
AWS provides number of options for provisioning of infrastructure and deployment of applications. Each service has a unique approach for managing application deployments and offers various strategies for updating your application. This whitepaper is intended for anyone looking for information on different deployment options in AWS. It lays out common features available in deployment services (such as AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks and AWS CodeDeploy), articulates strategies for updating application stacks, and presents few examples of hybrid deployment models for complex workloads
This whitepaper discusses the steps required to set up and configure AWS resources such as Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Block Store (Amazon EBS) volumes to install a new SAP HANA database instance or to scale out your existing SAP HANA database instance. It also explains how to configure the SUSE Linux Enterprise Server (SLES) for your SAP HANA deployments. The guide complements the SAP HANA Quick Start to support additional customization scenarios.
This whitepaper provides technical guidance on deploying the MarkLogic NoSQL database on AWS. It also provides an overview of general best practices and examines important MarkLogic implementation characteristics such as performance, durability, and security. Additionally, we also outline key integrations and configurations that are unique to AWS to support scalability, high- availability, and fault-tolerance with MarkLogic deployments.
This whitepaper details how you could use AWS OpsWorks to manage complex multi-tiered applications, from designing a scalable and flexible architecture to continuously provisioning and deploying infrastructure and applications. We also highlight how monitoring and security play an important role in such deployments and how AWS OpsWorks enables you to easily manage these aspects.
In this whitepaper, we describe tools and techniques to provision new instances, configure the instances to meet your requirements, and deploy your application code. We also introduce strategies to ensure that your instances remain stateless, resulting in an architecture that is more scalable and fault tolerant. The techniques we describe allow you to scale your service from a single instance to thousands of instances while maintaining a consistent set of processes and tools to manage them.
The acquisition of cloud services is unlike most traditional technology acquisitions in the public sector, and procurement considerations should be a key element of the cloud acquisition process in order to reap the benefits of decreasing cloud costs, increasing performance through improved infrastructure, and enhanced functionality through system-wide innovation. This paper highlights the top ten public sector cloud procurement considerations and is intended to encourage deeper thinking around cloud procurement strategy and how old world procurement strategies do not easily fit with a cloud procurement.
This paper provides an overview of how public sector organizations are architecting for genomic data security and compliance in AWS and highlights unique public sector customer examples.
Enterprise backup, restore and recovery is still a challenge for many companies. In this whitepaper, learn how AWS can alleviate many of the pains and challenges associated with backup, restore and recovery, including different approaches, reference architectures, and 3rd party vendors that can help to integrate your on-premises storage environment with Amazon S3 and Glacier.
Moving from traditional datacenters to the AWS cloud presents a real opportunity for workload owners to select from over 200 different security features (Figure 1 - AWS Enterprise Security Reference ) that AWS provides. "What do I need to implement in order to build a secure and compliant system that can attain an ATO from my DAA?" is a common question that government customers ask. In many cases, organizations do not possess a workforce with the necessary real-world experience required to make decision makers feel comfortable with their move to the AWS cloud. This can make it seem challenging for customers to quickly transition to the cloud and start realizing the cost benefits, increased scalability, and improved availability that the AWS cloud can provide.
Amazon Web Services (AWS) is a flexible, cost-effective, easy-to-use cloud computing platform. The AWS Cloud delivers a comprehensive portfolio of secure and scalable cloud computing services in a self-service, pay-as-you-go model, with zero capital expense needed to handle your big data analytics workloads, such as real-time streaming analytics, data warehousing, NoSQL and relational databases, object storage, analytics tools, and data workflow services. This whitepaper provides an overview of the different big data options available in the AWS Cloud for architects, data scientists, and developers. For each of the big data analytics options, this paper describes the following: Ideal usage patterns, Performance, Durability and availability, Cost model, Scalability, Elasticity, Interfaces, and Anti-patterns. This paper describes two scenarios showcasing the analytics options in use and provides additional resources to get started with big data analytics on AWS.
This whitepaper gives system administrators guidance on getting started with WordPress on AWS and shows them how to improve the cost efficiency of the deployment as well as the end user experience. It also provides a reference architecture that addresses common scalability and high availability requirements.
This whitepaper demonstrates how to use AWS Elastic Beanstalk to implement a highly available and scalable deployment of WordPress. It includes the use of additional services such as Amazon Simple Storage Service (S3), Amazon CloudFront, and Amazon ElastiCache to improve the efficiency and performance of the installation.
AWS offers you the ability to run your Oracle Database in a hosted IaaS environment. Running Oracle Database on AWS is very similar to running Oracle Database in your data center. However, there are a number of AWS platform considerations relating to security, storage, compute configurations, management, and monitoring that will help you get the most out of your Oracle Database implementation on AWS. This whitepaper provides the best practices for achieving optimal performance, availability, and reliability, and lower total cost of ownership (TCO) while running Oracle Database on AWS. The target audience for this whitepaper includes database administrators, enterprise architects, systems administrators, and developers who would like to run Oracle Database on AWS.
AWS provides a comprehensive set of services and tools for deploying enterprise-grade solutions in a rapid, reliable, and cost-effective manner. Oracle Database is a widely used relational database management system that is deployed in enterprises of all sizes to manage various forms of data in many phases of business transactions. This whitepaper describes the preferred methods for migrating an Oracle Database to AWS, and helps you choose the method that is best for your business.
This whitepaper focuses on common issues raised by Amazon Web Services (AWS) customers about security best practices for human genomic data and controlled access datasets, such as those from National Institutes of Health (NIH) repositories like Database of Genotypes and Phenotypes (dbGaP) and genome-wide association studies (GWAS). Our intention is to provide you with helpful guidance that you can use to address common privacy and security requirements. However, we caution you not to rely on this whitepaper as legal advice for your specific use of AWS. We strongly encourage you to obtain appropriate compliance advice about your specific data privacy and security requirements, as well as applicable laws relevant to your human research projects and datasets.
Businesses must become increasingly agile as innovation accelerates and customer needs rapidly evolve. Time to market is key, so IT departments need to be agile to facilitate overall business goals. The evolution of DevOps helps provide and support this agility. This paper focuses on DevOps principles and practices supported on the AWS platform.
This whitepaper is an introduction to the AWS cloud computing platform. It discusses the advantages of cloud computing, the fundamentals of AWS and provides an overview of the AWS services.
AWS provides a comprehensive set of services and tools for deploying Oracle Database on the AWS cloud infrastructure. AWS offers the flexibility to run Oracle Database on Amazon Relational Database Service (Amazon RDS), the managed database service in the cloud, as well as on Amazon Elastic Compute Cloud (Amazon EC2). Oracle Database performance relies heavily on the performance of the storage subsystem, but storage performance always comes at a price. This whitepaper will help you determine the input/output operations per second (IOPS) needed by the storage system of your database for best performance at optimal cost.
AWS provides a comprehensive set of services and tools for deploying enterprise applications in a highly secure, reliable, available, and cost-effective manner. The AWS cloud is an excellent platform to run business-critical Oracle workloads in a very efficient way. In this whitepaper, we discuss the operating system choices that are best suited for running Oracle workloads on AWS. The target audience includes enterprise architects, database administrators, IT managers, and developers who want to migrate Oracle workloads to AWS.
This paper provides high-level concepts of how you can simplify your current backup and recovery environment in the enterprise. It provides details of how you can leverage the on-demand nature of the cloud and automate your backup and recovery processes so they are not only less complex and lightweight but also easy to manage and maintain.
AWS provides a comprehensive set of services and tools for deploying Oracle Database on the AWS cloud infrastructure. You can use the inherent qualities of the AWS cloud, such as its instant provisioning, scalability, elasticity, and geographic footprint, to architect a highly resilient and performant database environment for demanding business applications. This whitepaper provides information on how to build advanced Oracle Database architectures in the AWS cloud.
This document is intended to answer questions such as “How does AWS help me ensure my data are secure?” Specifically, AWS physical and operational security processes are described for network and infrastructure under AWS’ management, as well as service-specific security implementations.
Apache Storm developers can use Amazon Kinesis to quickly and cost effectively build real-time analytics dashboards and applications that can continuously process very high volumes of streaming data, such as clickstream log files and machine-generated data.
In the event of a disaster, you can quickly launch resources in Amazon Web Services (AWS) to ensure business continuity. The paper highlights relevant AWS features and services that you can leverage for your DR processes and shows example scenarios on how to recover from disaster. It further provides recommendations on how you can improve your DR plan and leverage the full potential of AWS for your Disaster Recovery processes.
Amazon VPC provides customers with several options for interconnecting their AWS virtual networks with other remote networks. This whitepaper describes several such common network connectivity options available to our customers. This includes connectivity options for integrating remote customer networks with Amazon VPC as well as interconnecting multiple Amazon VPCs into a contiguous virtual network.
This guide extends Scenario #1 described in the "Implementing Active Directory Domain Services in the AWS Cloud" white paper by adding Windows Active Directory Federation Services (ADFS), and automating the configuration of SAML 2.0 federation for web single sign-on (Web SSO) access to the Amazon Web Services Management Console. It provides links to automated AWS CloudFormation templates that you can leverage for your implementation or launch directly into your AWS account.
One challenge that architects and developers face today is how to process large volumes of data in a timely, cost effective, and reliable manner. There are several NoSQL solutions in the market today, and choosing the right one for your use case can be difficult. This paper compares two popular NoSQL data stores, Amazon DynamoDB, a fully managed NoSQL cloud database service, and Apache HBase, an open-source, column-oriented, distributed big data store. Both Amazon DynamoDB and Apache HBase are available in the Amazon Web Services (AWS) cloud.
This document intends to provide information to assist AWS customers with integrating AWS into their existing control framework supporting their IT environment. This document includes a basic approach to evaluating AWS controls and provides information to assist customers with integrating control environments. This document also addresses AWS-specific information around general cloud computing compliance issues.
An often overlooked benefit of migrating workloads to AWS is the ability to achieve a higher level of security, at scale, by utilizing the many governance-enabling features offered. This paper describes how you can achieve a high level of governance over your IT resources by using AWS.
This paper provides an overview of common compliance requirements related to logging and how AWS CloudTrail can be used help satisfy these requirements. It is organized by general logging domains that you may find useful from a security and operational perspective.
This whitepaper provides an overview of the options for encrypting data at rest in AWS services. It describes these options in terms of where encryption keys are stored and how access to those keys is controlled. Both server-side and client-side encryption methods are discussed with examples of how each can be accomplished in various AWS services.
This whitepaper provides security best practices that will help you define your Information Security Management System (ISMS) and build a set of security policies and processes for your organization so you can protect your data and assets in the AWS Cloud. It also provides an overview of different security topics such as identifying, categorizing and protecting your assets on AWS, managing access to AWS resources using accounts, users and groups and suggesting ways you can secure your data, your operating systems and applications and overall infrastructure in the cloud.
This whitepaper helps you understand the primary data storage options available with the AWS cloud computing platform. We provide an overview of each storage option, describe ideal usage scenarios, and examine other important cloud-specific characteristics such as elasticity and scalability.
The companion paper presents several storage use cases that show how to use multiple AWS cloud storage options together.
This whitepaper provides an overview of how to create and manage multiuser environments in the AWS cloud so that professors and researchers can leverage AWS for student labs, training applications, individual IT environments, and cloud computing courses.
This whitepaper highlights the best practices of moving data to AWS, collecting, aggregating and compressing the data, and discusses common architectural patterns for setting up and configuring Amazon EMR clusters for faster processing. We also discuss several performance and cost optimization techniques so you can process and analyze massive amounts of data at high throughput and low cost in a reliable manner.
This paper is targeted at AWS customers’ internal compliance teams and their external auditors and who are evaluating or auditing the use of AWS for an internal review or external audit. It provides a checklist to help design and execute a security assessment of an organization’s use of AWS, which may be required by industry or regulatory standards. This paper builds on top of the Operational Checklist Whitepaper that provides operational and architectural guidance to help assess their application's operational readiness
This paper is targeted at developers and architects who are looking for operational and architectural guidance from AWS to help assess their application's operational readiness. It provides two checklists - Basic and Enterprise - so that you can evaluate your applications against a list of essential and recommended best practices and deploy them with confidence.
This whitepaper is intended for architects and developers in the financial services sector who are looking to expand grid computation onto AWS. It outlines the best practices for managing large grids on the AWS cloud platform and offers a reference architecture to guide organizations in the delivery of these complex systems.
Customers may wish to migrate AWS Resources from one region to another for a variety of reasons. In particular, if a new region is available closer to their user base, they may wish to locate various services geographically closer to those users. This technical whitepaper is intended for experienced customers of AWS who would like to migrate existing resources to a new AWS region. The whitepaper provides technical guidance and best practices on migrating each AWS Resource such as AMI, keypairs etc. to another region.
This whitepaper describes how AWS adds value in the various phases of the software development cycle, with specific focus on development and test. The intended audiences for this paper are project managers, developers, testers, systems architects, or anyone involved in software production activities.
This whitepaper discusses Web application hosting solution in detail, including how each of the services can be used to create a highly available, scalable Web application.
Do you know the true cost of running your web applications on your existing infrastructure? This whitepaper will help you understand the different cost factors involved when you deploy and manage a scalable web application in an on-premises environment and compare the total cost to a variety of different AWS purchasing options. Our analysis shows that AWS offers significant cost savings, up to 80%, compared to the equivalent on-premises deployments.
This paper briefly outlines how companies can use Amazon Web Services to power HIPAA-compliant information processing systems.
This whitepaper will help you understand many of the best practices involved in creating and sending high quality email from a strategy and management perspective. It identifies characteristics of high value and high quality email, it talks about the parties involved in the email sending process, and it discusses best practices for optimizing and increasing email quality.
This whitepaper will help you understand how to effectively estimate the costs of running your specific project on AWS. It provides several examples that leverage the AWS Simple Monthly Calculator. For each example, this paper discusses its architecture, example usage of each service, cost breakdown for each service, and the total estimated monthly charge.
This whitepaper will help you understand the different cost factors involved in deploying and managing a scalable NoSQL database solution. You will learn about the TCO savings of using a NoSQL (non-relational) database cloud service such as Amazon DynamoDB over equivalent NoSQL database software that is deployed on-premises or hosted in the cloud.
This set of whitepapers are targeted at architects and technical decision makers of enterprises looking to build a cloud migration strategy. The main whitepaper discusses a phase-driven step-by-step strategy for migrating applications to the cloud and three scenarios illustrate the step-by-step strategy for common use cases.
This whitepaper discusses scenarios for Amazon VPC.
This whitepaper is ideal for those who would like to understand how to build fault-tolerant application on AWS.
This whitepaper paper provides prescriptive guidance to cloud architects so that they can build highly scalable and elastic applications optimized to run in AWS cloud. It discusses cloud concepts and highlights various design patterns and best practices.
This document provides step-by-step instructions for creating a test lab demonstrating identity federation between an on-premise Windows Server Active Directory domain and an ASP.NET web application hosted on EC2 service, using Microsoft’s Active Directory Federation Services (AD FS) technology.
This document presents a discussion of the costs of Amazon Web Services vs. traditional IT infrastructure alternatives, including comparative analysis of direct costs of ownership such as hardware costs and asset utilization, data redundancy and security, supply chain management, power and cooling efficiency, and personnel costs.
This paper illustrates the style of building applications using services available in the Internet cloud.
AWS Parter Network (APN) partners contributed the following whitepapers about Windows Server 2003 end of support and deployment of Microsoft technologies on AWS:
- Windows Server 2003 End of Support Application Migration (by Neudesic)
- Windows Server 2003 End of Support: A Forcing Function for the Cloud (by AppZero)
- Data Center Migration to the Cloud: Approach & Key Considerations (by Nimbo)
- RemoteApp Publishing on AWS (by CorpInfo)
- Augment On-Premises SharePoint with AWS (by Summit7)
- Microsoft Dynamics CRM 2013 on AWS (by SMS)
This Quick Start reference deployment guide includes architectural considerations and configuration steps for deploying Microsoft Exchange Server 2013 in a highly available architecture on the AWS cloud, following AWS best practices. You can deploy the automated solution, provided by AWS CloudFormation templates, or customize the templates to meet your own requirements. For additional reference deployments, see AWS Quick Starts.
This whitepaper demonstrates using various services on AWS to deploy Microsoft Windows Server 2012 R2 as a Network Address Translation (NAT) device and deploy the Microsoft DirectAccess Windows Server role. Tools such as AWS Toolkit for Microsoft Visual Studio and AWS Toolkit for Windows PowerShell are used to automate the deployments. The target audience is IT infrastructure administrators and developer operations personnel.
Windows Server and SQL Server provide built-in capabilities to run highly available solutions. This updated guide covers failover clusters and the AlwaysOn Availability Groups feature in SQL 2012 and 2014, including configuration steps and testing instructions, as well as an AWS CloudFormation template to automate deployment. The template can also be launched directly from the AWS Quick Start page.
This whitepaper provides specific technical guidance on how to deploy and configure NGINX Plus on AWS. Additionally, we outline key integrations and configurations that are unique to AWS products and allow flexibility around using the NGINX Plus product to best meet your needs.
This Quick Start Reference Deployment guide includes architectural considerations and configuration steps for deploying Cloudera Enterprise Data Hub (EDH) on the Amazon Web Services (AWS) cloud. This reference deployment will assist you in building an EDH cluster on AWS by integrating Cloudera Director with an automated deployment initiated by an AWS CloudFormation template, or you can launch the deployment directly from the AWS Quick Start page.
This new whitepaper outlines deployment of a PowerShell DSC pull server environment using AWS resources. PowerShell Desired State Configuration provides a configuration management platform in Windows Server, which enables you to express the desired state of your systems using declarative language syntax instead of complex imperative scripts. The guide shows how to use AWS CloudFormation to bootstrap your servers and applications from scratch and make sure instances are resilient to configuration drift once the application stack has been deployed.
This reference deployment guide shows how to build a Microsoft SharePoint Server 2013 environment on the AWS Cloud, using services such as Amazon EC2 and Amazon VPC. It includes an AWS CloudFormation template designed to help you deploy the highly available infrastructure predictably and repeatedly. The template can also be launched directly from the AWS Quick Start page. To learn more about SharePoint on AWS, click here.
Learn how to deploy Remote Desktop Gateway on AWS, including best practices for securely accessing your Windows-based instances using the Remote Desktop Protocol (RDP) for remote administration. Also provided are AWS CloudFormation templates to help automate deployment.
This reference implementation guide includes architectural considerations and configuration steps for deploying highly available AD solutions in the AWS Cloud. Two scenarios are covered, one all cloud and one hybrid. Included are AWS CloudFormation templates to help automate deployment. Active Directory Domain Services (AD DS) and Domain Name Server (DNS) are core Windows services that provide the foundation for many enterprise class solutions including Microsoft SharePoint, Microsoft Exchange, and .NET applications.
This whitepaper discusses how you can run Oracle Database on both Amazon RDS and Amazon EC2, and will give you an understanding of the advantages of each approach. We review in detail how to provision and monitor your Oracle database, and how to manage scalability, performance, backup and recovery, high availability and security in both Amazon RDS and Amazon EC2.
The companion document, Oracle Database 11g on Amazon EC2: Implementation Guide provides an overview of four reference architecture scenarios and provides detailed guidance on how to customize and launch Oracle database on Amazon EC2 using AWS CloudFormation templates so you can deploy any architecture scenario easily and reliably on AWS.
This whitepaper provides IT infrastructure decision-makers and system administrators with specific technical guidance on how to configure, deploy, and run an Alfresco server cluster on AWS.
It includes an implementation guide and an AWS CloudFormation template that you can use to easily and quickly create a working Alfresco cluster in AWS.
This whitepaper provides an overview of general best practices that apply to all major NoSQL systems and highlights one of popular NoSQL systems - Couchbase - and discusses how to best run it on the AWS cloud. It further examines different Couchbase configurations so you can optimize it for performance, durability, and security.
Written with Microsoft Exchange Server IT infrastructure administrators and deployment engineers in mind, the guide discusses the process for planning and deploying a Microsoft Exchange Server 2010 based messaging service in the AWS cloud using tools that they are already familiar with. It also provides a small deployment scenario (along with AWS CloudFormation templates) so you can launch a fully-configured site-resilient Exchange Server in AWS.
This whitepaper provides an overview of one of emerging Open Source NoSQL Distributed Database systems - Riak - and discusses how to best run it on the AWS cloud. It starts with how to launch a 3-node Riak cluster using the AWS Marketplace and discusses different architectural and operational Riak characteristics so you can optimize it for performance, durability, and security.
This whitepaper provides general best practices of running one of the most popular open source RDBMS - PostgreSQL - in the AWS cloud. It examines important PostgreSQL characteristics such as performance, durability, and security in the context of the AWS environment and provides basic architectural and performance guidance so you can run PostgreSQL on AWS at scale.
This paper is authored by Trend Micro and discusses what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices are that can help create a secure AWS cloud environment.
This whitepaper provides an overview of general best practices that apply to all major NoSQL systems and highlights one of popular NoSQL systems - MongoDB - and discusses how to best run it on the AWS cloud. It further examines different MongoDB configurations so you can optimize it for performance, durability, and security.
This paper provides Esri ArcGIS users with the necessary information to get started with publishing and analyzing geographic information systems (GIS) imagery data (such as satellite imagery, or aerial imagery), as well as, creating tile cached map services in Amazon Web Services (AWS). The paper focuses on imagery, because that has been the most challenging data type to manage in the cloud, but the approaches discussed are general enough to apply to any type of data.
This paper provides guidance on how to secure your Microsoft applications on AWS. It outlines the principles for protecting the runtime environment of your Microsoft Windows applications with a focus on risk assessment, reducing attack surface, adhering to the principle of least privilege, and protecting your data.
This white paper discusses general concepts regarding how to run SharePoint on AWS and provides detailed technical guidance on how to configure, deploy, and run a SharePoint Server farm on AWS. It illustrates common reference architecture for SharePoint Server deployment scenarios and discusses their network, security, and deployment configurations so you can run SharePoint Server workloads in the cloud with confidence.
It includes an implementation guide and an AWS CloudFormation template that you can use to easily and quickly create a working SharePoint 2010 environment in AWS.
You can run Microsoft SQL Server on the AWS Cloud. This whitepaper reveals how to best run Microsoft SQL Server 2008 on EC2 and discusses implementation choices to optimize for performance, durability, and security. It clearly enumerates how to take advantage of native Microsoft SQL Server features that provide scalability, high-availability, and fault-tolerance in the AWS Cloud environment.
This is an overview paper written by a vendor and co-sponsored by AWS and Microsoft.