The whitepapers section features a comprehensive list of technical AWS whitepapers, covering topics such as architecture, security and economics. These whitepapers have been authored by the AWS Team, independent analysts or the AWS Community (Customers or Partners). To read reports authored by industry analysts click here. This page will be regularly updated with new and updated whitepapers and reports. Check back regularly for new content.
The Internet of Things (IoT) is an exciting set of technologies, offering significant new capabilities to customers. Implementing an IoT strategy can be very complicated. This whitepaper outlines core tenets that should be considered when developing a strategy for IoT. It will help you to understand the benefits of the cloud in supporting an IoT solution, and provides an overview of AWS services that should be part of an overall IoT strategy.
Amazon Elastic Compute Cloud (EC2) Dedicated Hosts can help enterprises reduce costs by allowing the use of existing server-bound licenses. Many customers can also use Dedicated Hosts to address corporate compliance and regulatory requirements. Oftentimes, customers using Dedicated Hosts want to continuously record and evaluate changes to their infrastructure to stay compliant with license terms and regulatory requirements.This paper outlines the ways in which you can leverage AWS Config and AWS Config Rules to monitor license compliance on Amazon EC2 Dedicated Hosts.
Amazon Aurora is a MySQL-compatible, enterprise-class relational database engine designed and optimized for the cloud. In many ways, Amazon Aurora is a game changer and helps overcome the limitations of traditional relational database engines. This whitepaper covers Amazon Aurora architecture, scalability, performance, and migration paths from other databases. It will help you understand the benefits of Amazon Aurora and walk you through the steps required to create and connect to your first Amazon Aurora database.
Many leading enterprises have found that a well-planned “lift and shift” move to the cloud can result in an immediate business payoff. This whitepaper is intended for IT pros and business decision makers in IT organizations who are looking at modernizing existing business-critical applications built on Microsoft Windows Server and Microsoft SQL Server.
This whitepaper will help you understand how to effectively estimate the costs of running your specific project on AWS. It provides several examples that leverage the AWS Simple Monthly Calculator. For each example, this paper discusses its architecture, example usage of each service, cost breakdown for each service, and the total estimated monthly charge.
This whitepaper explains how to use the AWS Simple Monthly Calculator to estimate the cost of a scalable and highly available Microsoft SharePoint Server architecture on AWS. The techniques described can also be applied to other Windows workloads on AWS. The paper focuses on Amazon EC2 and AWS storage services that are common to most Microsoft infrastructure deployments, and also provides money-saving tips.
Data engineers, data analysts, and developers in enterprises across the globe are looking to migrate data warehousing to the cloud to increase performance and lower costs. This whitepaper discusses a modern approach to analytics and data warehousing architecture, outlines services available on AWS to implement this architecture, and provides common design patterns to build data warehousing solutions using these services.
Real Time Bidding or RTB is becoming increasingly important for Digital Advertising industry and has seen significant growth in recent years especially in mobile. This whitepaper helps architects, engineers, advertisers, and developers understand RTB and the services available in AWS that can be used for RTB. It will showcase the RTB platform reference architecture used by customers today, as well as provide additional resources to get started with building an RTB platform on AWS.
The focus of this paper is the Cost Optimization pillar of the Well-Architected Framework. It provides guidance to help customers apply best practices in the design, delivery, and maintenance of AWS environments.
This whitepaper paper provides prescriptive guidance to cloud architects so that they can build highly scalable and elastic applications optimized to run in AWS cloud. It discusses cloud concepts and highlights various design patterns and best practices.
This whitepaper covers the Maturity Perspective, which focuses on assessing an organization’s current state, identifying a future state, and creating roadmaps to achieve the future state of cloud adoption.
This paper covers the Process Perspective. The considerations in this perspective can help you ensure that all your enterprise processes are in place to plan, implement, and operate cloud-based IT capabilities.
This whitepaper provides an overview of the different big data options available in the AWS Cloud for architects, data scientists, and developers. For each of the big data analytics options, this paper describes the following: Ideal usage patterns, Performance, Durability and availability, Cost model, Scalability, Elasticity, Interfaces, and Anti-patterns. The paper concludes with scenarios that showcase the analytics options in use, as well as additional resources for getting started with big data analytics on AWS.
Services covered in this whitepaper include Amazon Kinesis Streams, AWS Lambda, Amazon ElasticMapReduce, Amazon Machine Learning, Amazon DynamoDB, Amazon Redshift, Amazon Elasticsearch Service, and Amazon QuickSight. In addition, the paper also touches on Amazon EC2 instances, available as an option for self-managed big data applications.
This whitepaper covers the Operations Perspective of the Amazon Web Services (AWS) Cloud Adoption Framework (CAF), which focuses on operating an AWS-enabled IT environment efficiently. The CAF provides best practices and prescriptive guidance to accelerate an organization's move to cloud computing. The CAF guidance is broken into a number of areas of focus that are relevant to implementing cloud-based IT systems. These focus areas are called perspectives. Each perspective is covered in a separate whitepaper.
This whitepaper covers the People Perspective, which focuses on effectively planning for and monitoring the impact of a cloud adoption initiative on the culture and people in the organization.
Increasingly, the mode of delivery for enterprise solutions is turning toward the software as a service (SaaS) model, but architecting a SaaS solution can be challenging. There are multiple aspects that need to be taken care of, and a variety of options for deploying SaaS solutions on AWS. This paper covers the different SaaS deployment models and the combination of AWS services and AWS Partner Network (APN) partner solutions that can be used to achieve a scalable, available, secure, performant, and cost-effective SaaS offering.
This whitepaper provides an overview of Cassandra and its implementation on the AWS cloud platform. It also talks about best practices and implementation characteristics such as performance, durability, and security, and focuses on AWS features relevant to Cassandra that help ensure scalability, high availability, and disaster recovery in a cost-effective manner.
Local and regional governments around the world are using the cloud to transform services, improve their operations, and reach new horizons for citizen services. The Amazon Web Services (AWS) cloud enables data collection, analysis, and decision making for smarter cities. This whitepaper provides strategic considerations for local and regional governments to consider as they identify which IT systems and applications to move to the cloud. Real examples that show how cities can stop wasting money, move faster, and innovate.
This whitepaper is intended for architects and developers in the financial services sector who are looking to expand grid computation onto AWS. It outlines the best practices for managing large grids on the AWS cloud platform and offers a reference architecture to guide organizations in the delivery of these complex systems.
Cloud initiatives require more than just the right technology. They also must be supported by organizational changes, such as people and process changes. This paper is intended for IT service management (ITSM) professionals who are supporting a hybrid cloud environment that leverages AWS. It outlines best practices for asset and configuration management, a key area in the IT Infrastructure Library (ITIL), on the AWS cloud platform.
This whitepaper offers comprehensive architectural guidance for developing, deploying and managing static websites in the AWS cloud. You will learn how to achieve extreme scalability, elasticity and resiliency with minimal management and operating costs so low as to be insignificant.
This whitepaper is designed to help architects and developers understand the different storage services and features available in the AWS cloud. We provide an overview of each storage service or feature and describe usage patterns, performance, durability and availability, scalability and elasticity, security, interfaces, and the cost model.
To achieve full benefits of moving applications to the AWS platform, it is critical to design a cloud migration model that delivers optimal cost efficiency. This includes establishing a compelling business case, acquiring new skills within the IT organization, implementing new business processes, and defining the application migration methodology to transform your business model from a traditional on-premises computing platform to a cloud infrastructure.
This whitepaper covers the Platform Perspective of the Cloud Adoption Framework (CAF), which focuses on designing, implementing, and optimizing the architecture of the AWS technology that you use in your cloud adoption initiative.
This whitepaper shows you how innovations from Amazon Web Services (AWS) can change how you can design multi-tiered architectures for popular patterns such as microservices, mobile backends, and public websites. Architects and developers can now use an implementation pattern that includes Amazon API Gateway and AWS Lambda to reduce the development and operations cycles required to create and operationally manage multi-tiered applications.
This whitepaper provides an overview of the Amazon Web Services (AWS) Cloud Adoption Framework (CAF). The AWS CAF provides best practices and prescriptive guidance to accelerate an organization's move to cloud computing. The CAF guidance is broken into a number of areas of focus that are relevant to implementing cloud-based IT systems. These focus areas are called perspectives. The seven perspectives are business, platform, maturity, people, process, operations and security.
This whitepaper covers the Business Perspective of the Amazon Web Services (AWS) Cloud Adoption Framework (CAF), which focuses on aligning IT strategy to business strategy and evaluating the cost and value derived through AWS cloud adoption. The CAF provides best practices and prescriptive guidance to accelerate an organization's move to cloud computing. The CAF guidance is broken into a number of areas of focus that are relevant to implementing cloud-based IT systems. These focus areas are called perspectives. Each perspective is covered in a separate whitepaper.
This paper describes potential use cases and security technologies for running Windows Storage Spaces in AWS over the Server Message Block (SMB) and Internet Small Computer System Interface (iSCSI) protocols. To embrace the DevOps philosophy of “infrastructure as code,” Windows PowerShell scripts are provided to quickly deploy Storage Spaces in AWS. The paper is intended for Microsoft Windows IT professionals and developers who are interested in combining Windows Server 2012 R2 Storage Spaces with the Amazon Elastic Block Store (Amazon EBS) service.
This whitepaper describes the AWS Well-Architected Framework. The framework enables you to assess and improve your cloud-based architectures to better understand the business impact of your design decisions. This paper addresses general design principles, as well as specific best practices and guidance in four conceptual areas (security, reliability, performance efficiency, and cost optimization). These four areas are defined as the pillars of the Well-Architected Framework. The framework provides a set of questions that allow you to assess an existing, or proposed architecture, and also provides a set of AWS best practices for each pillar. Using this framework in your architecture will help you produce more stable and efficient systems.
This paper describes a range of high performance computing (HPC) applications that are running today on Amazon Web Services (AWS). You will learn best practices for cloud deployment, for cluster and job management, and for the management of third-party software. This whitepaper covers HPC use cases that include highly distributed, highly parallel grid computing applications, as well as more traditional cluster computing applications that require a high level of node-to-node communications. We also discuss HPC applications that require access to various types of high performance data storage.
Amazon Web Services (AWS) delivers a scalable cloud computing platform designed for high availability and dependability, providing the tools that enable you to run a wide range of applications. Helping to protect the confidentiality, integrity, and availability of your systems and data is of the utmost importance to AWS, as is maintaining your trust and confidence. This document is intended to provide an introduction to AWS’s approach to security, including the controls in the AWS environment and some of the products and features that AWS makes available to customers to meet your security objectives.
Many enterprises have successfully migrated some of their on-premises IT workloads to the cloud. An enterprise must also deploy an IT Service Management (ITSM) framework so it can efficiently and effectively operate those IT capabilities. This whitepaper outlines best practices for event management in a hybrid cloud environment using Amazon Web Services (AWS).
Businesses of all sizes maintain file server infrastructure for storage and sharing of corporate documents. Although many businesses have recovery plans in place, they are often rarely tested or rely on traditional backup solutions that may not always meet the recovery time objectives (RTO) or recovery point objectives (RPO), particularly for large file servers.
This paper describes a step-by-step approach to implementing a proven and cost- effective disaster recovery solution for Windows-based file servers that can minimize data loss and provide fast, automatic recovery of file services running on the AWS cloud.
Whether on-premises or in the cloud, managing a large Microsoft Windows Server fleet can be challenging. Microsoft Active Directory addresses many of these challenges by centralizing credentials, enforcing server configurations, and more. AWS Directory Service lets you can connect your existing Active Directory domain to the AWS cloud using AD Connector or launch a new standalone domain in AWS using a Simple AD directory.
This white paper describes how AWS Directory Service and the Simple Systems Manager (SSM) features within the Amazon EC2 API can be used to manage your Windows Server fleet in the AWS cloud.
Lambda architecture is a data-processing design pattern to handle massive quantities of data and integrate batch and real-time processing within a single framework. This design pattern can be implemented on AWS.
This paper is intended for customers who want to improve resiliency of their applications running on Amazon Web Services (AWS) against Distributed Denial of Service attacks. The paper provides an overview of Distributed Denial of Service attacks, techniques that can help maintain availability, and reference architectures to provide architectural guidance with the goal of improving your resiliency.
Amazon Web Services (AWS) is a flexible, cost-effective, easy-to-use cloud computing platform. Relational database management systems, or RDBMS, are widely deployed within the Amazon cloud. In this whitepaper, we help you understand how to deploy SQL Server databases on AWS. You can run SQL Server databases on Amazon Relational Database Service (Amazon RDS) or Amazon Elastic Compute Cloud (Amazon EC2).
The goal of this whitepaper is to explain how you can run SQL Server databases on either Amazon RDS or Amazon EC2, and to give you an understanding of the advantages of each approach. We review in detail how to provision and monitor your SQL Server database, and how to manage scalability, performance, backup and recovery, high availability and security in both Amazon RDS and Amazon EC2. We also describe how you can set up a disaster recovery solution between an on-premise SQL Server environment and AWS, using native SQL Server features like log shipping, replication, and AlwaysOn Availability Groups. After reading this whitepaper you will be able to make an educated decision and choose the solution that best fits your needs.
In this whitepaper, you’ll see how you can use AWS to adapt to a changing interconnected market, and take advantage of global responsiveness and minimal barriers to innovation. AWS can help you create value for the business in addition to saving costs on infrastructure.
Considering the expense and complexity of maintaining a traditional data center, it’s no wonder that companies are turning to cloud computing as a way to reduce costs, increase efficiencies, and build their business. With cloud computing, companies have access to a scalable platform; low-cost storage; database technologies; and management, deployment, and development tools on which to build enterprise-level solutions.
In-memory caching improves application performance by storing frequently accessed data items in memory, so that they can be retrieved without access to the primary data store. Properly leveraging caching can result in an application that not only performs better, but also costs less at scale. Amazon ElastiCache is a managed service that reduces the administrative burden of deploying an in-memory cache in the cloud. Beyond caching, an in-memory data layer also enables advanced use cases, such as analytics and recommendation engines. This whitepaper lays out common ElastiCache design patterns, performance tuning tips, and important operational considerations to get the most out of an in-memory layer.
Covered entities subject to FERPA are turning to cloud computing as a highly efficient way to manage and secure vast amounts of education records and student data. Security is a core functional requirement of FERPA, requiring that mission-critical information be protected from accidental or deliberate theft, leakage, integrity compromise, and deletion. This Family Educational Rights and Privacy Act (FERPA) compliance whitepaper is designed to assist educational agencies and institutions that are considering the use of Amazon Web Services (AWS) for education data.
Network Attached Storage (NAS) software is commonly deployed to provide shared file services to users and applications. SoftNAS Cloud, a popular NAS solution that can be deployed from the Amazon Web Services (AWS) Marketplace, is designed to support a variety of market verticals, use cases, and workload types. Increasingly, SoftNAS is deployed on the AWS platform to enable block and file storage services through Common Internet File System (CIFS), NFS, and iSCSI. This paper addresses architectural considerations when deploying SoftNAS Cloud on AWS. It also provides best practice guidance for security, performance, high availability, and backup.
AWS Identity and Access Management (IAM) is a web service from Amazon Web Services (AWS) for managing users and user permissions in AWS. Outside the AWS cloud, administrators of corporate systems rely on the Lightweight Directory Access Protocol (LDAP) to manage identities. By using role-based access control (RBAC) and Security Assertion Markup Language (SAML) 2.0, corporate IT systems administrators can bridge the IAM and LDAP systems and simplify identity and permissions management across on-premises and cloud-based infrastructures.
Amazon DynamoDB is a fully managed, NoSQL database service. Many workloads implemented using a traditional Relational Database Management System (RDBMS) are good candidates for a NoSQL database such as DynamoDB. This whitepaper details the process for identifying these candidate workloads and planning and executing a migration to DynamoDB.
This paper describes an ASP.NET Model-View-Controller (MVC) web application written in C# that invokes C++ functions running on the GPU for matrix multiplication. Since matrix multiplication is of order N-cubed, multiplying two 1024 x 1024 matrixes requires over one billion multiplications, and is therefore an example of a compute-intensive operation that would be a good candidate for GPU programming. This paper shows how to use AWS Elastic Beanstalk and the AWS Toolkit for Visual Studio to launch a Microsoft Windows Server instance with an NVIDIA GPU in Amazon EC2 on AWS. It is intended for Windows developers who are interested in writing high-performance parallel code in AWS using the Microsoft C++ Accelerated Massive Parallelism (C++ AMP) library.
AWS is a natural complement to Linux containers because of the wide range of scalable infrastructure services upon which containers can be deployed. AWS Elastic Beanstalk includes integrated support for Docker containers and Amazon EC2 Container Service (Amazon ECS) was designed from the ground up to manage Docker containers at scale. Amazon ECS is built upon several key features, such as cluster management and support for multiple container schedulers, to facilitate and orchestrate large-scale deployments of containers across managed clusters of Amazon EC2 instances.
AWS provides number of options for provisioning of infrastructure and deployment of applications. Each service has a unique approach for managing application deployments and offers various strategies for updating your application. This whitepaper is intended for anyone looking for information on different deployment options in AWS. It lays out common features available in deployment services (such as AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks and AWS CodeDeploy), articulates strategies for updating application stacks, and presents few examples of hybrid deployment models for complex workloads
This whitepaper discusses the steps required to set up and configure AWS resources such as Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Block Store (Amazon EBS) volumes to install a new SAP HANA database instance or to scale out your existing SAP HANA database instance. It also explains how to configure the SUSE Linux Enterprise Server (SLES) for your SAP HANA deployments. The guide complements the SAP HANA Quick Start to support additional customization scenarios.
This whitepaper provides technical guidance on deploying the MarkLogic NoSQL database on AWS. It also provides an overview of general best practices and examines important MarkLogic implementation characteristics such as performance, durability, and security. Additionally, we also outline key integrations and configurations that are unique to AWS to support scalability, high- availability, and fault-tolerance with MarkLogic deployments.
This whitepaper details how you could use AWS OpsWorks to manage complex multi-tiered applications, from designing a scalable and flexible architecture to continuously provisioning and deploying infrastructure and applications. We also highlight how monitoring and security play an important role in such deployments and how AWS OpsWorks enables you to easily manage these aspects.
In this whitepaper, we describe tools and techniques to provision new instances, configure the instances to meet your requirements, and deploy your application code. We also introduce strategies to ensure that your instances remain stateless, resulting in an architecture that is more scalable and fault tolerant. The techniques we describe allow you to scale your service from a single instance to thousands of instances while maintaining a consistent set of processes and tools to manage them.
The acquisition of cloud services is unlike most traditional technology acquisitions in the public sector, and procurement considerations should be a key element of the cloud acquisition process in order to reap the benefits of decreasing cloud costs, increasing performance through improved infrastructure, and enhanced functionality through system-wide innovation. This paper highlights the top ten public sector cloud procurement considerations and is intended to encourage deeper thinking around cloud procurement strategy and how old world procurement strategies do not easily fit with a cloud procurement.
This paper provides an overview of how public sector organizations are architecting for genomic data security and compliance in AWS and highlights unique public sector customer examples.
Enterprise backup, restore and recovery is still a challenge for many companies. In this whitepaper, learn how AWS can alleviate many of the pains and challenges associated with backup, restore and recovery, including different approaches, reference architectures, and 3rd party vendors that can help to integrate your on-premises storage environment with Amazon S3 and Glacier.
This whitepaper gives system administrators guidance on getting started with WordPress on AWS and shows them how to improve the cost efficiency of the deployment as well as the end user experience. It also provides a reference architecture that addresses common scalability and high availability requirements.
This whitepaper demonstrates how to use AWS Elastic Beanstalk to implement a highly available and scalable deployment of WordPress. It includes the use of additional services such as Amazon Simple Storage Service (S3), Amazon CloudFront, and Amazon ElastiCache to improve the efficiency and performance of the installation.
AWS offers you the ability to run your Oracle Database in a hosted IaaS environment. Running Oracle Database on AWS is very similar to running Oracle Database in your data center. However, there are a number of AWS platform considerations relating to security, storage, compute configurations, management, and monitoring that will help you get the most out of your Oracle Database implementation on AWS. This whitepaper provides the best practices for achieving optimal performance, availability, and reliability, and lower total cost of ownership (TCO) while running Oracle Database on AWS. The target audience for this whitepaper includes database administrators, enterprise architects, systems administrators, and developers who would like to run Oracle Database on AWS.
AWS provides a comprehensive set of services and tools for deploying enterprise-grade solutions in a rapid, reliable, and cost-effective manner. Oracle Database is a widely used relational database management system that is deployed in enterprises of all sizes to manage various forms of data in many phases of business transactions. This whitepaper describes the preferred methods for migrating an Oracle Database to AWS, and helps you choose the method that is best for your business.
This whitepaper focuses on common issues raised by Amazon Web Services (AWS) customers about security best practices for human genomic data and controlled access datasets, such as those from National Institutes of Health (NIH) repositories like Database of Genotypes and Phenotypes (dbGaP) and genome-wide association studies (GWAS). Our intention is to provide you with helpful guidance that you can use to address common privacy and security requirements. However, we caution you not to rely on this whitepaper as legal advice for your specific use of AWS. We strongly encourage you to obtain appropriate compliance advice about your specific data privacy and security requirements, as well as applicable laws relevant to your human research projects and datasets.
Businesses must become increasingly agile as innovation accelerates and customer needs rapidly evolve. Time to market is key, so IT departments need to be agile to facilitate overall business goals. The evolution of DevOps helps provide and support this agility. This paper focuses on DevOps principles and practices supported on the AWS platform.
This whitepaper is an introduction to the AWS cloud computing platform. It discusses the advantages of cloud computing, the fundamentals of AWS and provides an overview of the AWS services.
AWS provides a comprehensive set of services and tools for deploying Oracle Database on the AWS cloud infrastructure. AWS offers the flexibility to run Oracle Database on Amazon Relational Database Service (Amazon RDS), the managed database service in the cloud, as well as on Amazon Elastic Compute Cloud (Amazon EC2). Oracle Database performance relies heavily on the performance of the storage subsystem, but storage performance always comes at a price. This whitepaper will help you determine the input/output operations per second (IOPS) needed by the storage system of your database for best performance at optimal cost.
AWS provides a comprehensive set of services and tools for deploying enterprise applications in a highly secure, reliable, available, and cost-effective manner. The AWS cloud is an excellent platform to run business-critical Oracle workloads in a very efficient way. In this whitepaper, we discuss the operating system choices that are best suited for running Oracle workloads on AWS. The target audience includes enterprise architects, database administrators, IT managers, and developers who want to migrate Oracle workloads to AWS.
This paper provides high-level concepts of how you can simplify your current backup and recovery environment in the enterprise. It provides details of how you can leverage the on-demand nature of the cloud and automate your backup and recovery processes so they are not only less complex and lightweight but also easy to manage and maintain.
AWS provides a comprehensive set of services and tools for deploying Oracle Database on the AWS cloud infrastructure. You can use the inherent qualities of the AWS cloud, such as its instant provisioning, scalability, elasticity, and geographic footprint, to architect a highly resilient and performant database environment for demanding business applications. This whitepaper provides information on how to build advanced Oracle Database architectures in the AWS cloud.
This document is intended to answer questions such as “How does AWS help me ensure my data are secure?” Specifically, AWS physical and operational security processes are described for network and infrastructure under AWS’ management, as well as service-specific security implementations.
Apache Storm developers can use Amazon Kinesis to quickly and cost effectively build real-time analytics dashboards and applications that can continuously process very high volumes of streaming data, such as clickstream log files and machine-generated data.
In the event of a disaster, you can quickly launch resources in Amazon Web Services (AWS) to ensure business continuity. The paper highlights relevant AWS features and services that you can leverage for your DR processes and shows example scenarios on how to recover from disaster. It further provides recommendations on how you can improve your DR plan and leverage the full potential of AWS for your Disaster Recovery processes.
Amazon VPC provides customers with several options for interconnecting their AWS virtual networks with other remote networks. This whitepaper describes several such common network connectivity options available to our customers. This includes connectivity options for integrating remote customer networks with Amazon VPC as well as interconnecting multiple Amazon VPCs into a contiguous virtual network.
One challenge that architects and developers face today is how to process large volumes of data in a timely, cost effective, and reliable manner. There are several NoSQL solutions in the market today, and choosing the right one for your use case can be difficult. This paper compares two popular NoSQL data stores, Amazon DynamoDB, a fully managed NoSQL cloud database service, and Apache HBase, an open-source, column-oriented, distributed big data store. Both Amazon DynamoDB and Apache HBase are available in the Amazon Web Services (AWS) cloud.
This document intends to provide information to assist AWS customers with integrating AWS into their existing control framework supporting their IT environment. This document includes a basic approach to evaluating AWS controls and provides information to assist customers with integrating control environments. This document also addresses AWS-specific information around general cloud computing compliance issues.
An often overlooked benefit of migrating workloads to AWS is the ability to achieve a higher level of security, at scale, by utilizing the many governance-enabling features offered. This paper describes how you can achieve a high level of governance over your IT resources by using AWS.
This paper provides an overview of common compliance requirements related to logging and how AWS CloudTrail can be used help satisfy these requirements. It is organized by general logging domains that you may find useful from a security and operational perspective.
This whitepaper provides an overview of the options for encrypting data at rest in AWS services. It describes these options in terms of where encryption keys are stored and how access to those keys is controlled. Both server-side and client-side encryption methods are discussed with examples of how each can be accomplished in various AWS services.
This whitepaper provides security best practices that will help you define your Information Security Management System (ISMS) and build a set of security policies and processes for your organization so you can protect your data and assets in the AWS Cloud. It also provides an overview of different security topics such as identifying, categorizing and protecting your assets on AWS, managing access to AWS resources using accounts, users and groups and suggesting ways you can secure your data, your operating systems and applications and overall infrastructure in the cloud.
This whitepaper helps you understand the primary data storage options available with the AWS cloud computing platform. We provide an overview of each storage option, describe ideal usage scenarios, and examine other important cloud-specific characteristics such as elasticity and scalability.
The companion paper presents several storage use cases that show how to use multiple AWS cloud storage options together.
This whitepaper provides an overview of how to create and manage multiuser environments in the AWS cloud so that professors and researchers can leverage AWS for student labs, training applications, individual IT environments, and cloud computing courses.
This whitepaper highlights the best practices of moving data to AWS, collecting, aggregating and compressing the data, and discusses common architectural patterns for setting up and configuring Amazon EMR clusters for faster processing. We also discuss several performance and cost optimization techniques so you can process and analyze massive amounts of data at high throughput and low cost in a reliable manner.
This paper is targeted at AWS customers’ internal compliance teams and their external auditors and who are evaluating or auditing the use of AWS for an internal review or external audit. It provides a checklist to help design and execute a security assessment of an organization’s use of AWS, which may be required by industry or regulatory standards. This paper builds on top of the Operational Checklist Whitepaper that provides operational and architectural guidance to help assess their application's operational readiness
This paper is targeted at developers and architects who are looking for operational and architectural guidance from AWS to help assess their application's operational readiness. It provides two checklists - Basic and Enterprise - so that you can evaluate your applications against a list of essential and recommended best practices and deploy them with confidence.
Customers may wish to migrate AWS Resources from one region to another for a variety of reasons. In particular, if a new region is available closer to their user base, they may wish to locate various services geographically closer to those users. This technical whitepaper is intended for experienced customers of AWS who would like to migrate existing resources to a new AWS region. The whitepaper provides technical guidance and best practices on migrating each AWS Resource such as AMI, keypairs etc. to another region.
This whitepaper describes how AWS adds value in the various phases of the software development cycle, with specific focus on development and test. The intended audiences for this paper are project managers, developers, testers, systems architects, or anyone involved in software production activities.
This whitepaper discusses Web application hosting solution in detail, including how each of the services can be used to create a highly available, scalable Web application.
Do you know the true cost of running your web applications on your existing infrastructure? This whitepaper will help you understand the different cost factors involved when you deploy and manage a scalable web application in an on-premises environment and compare the total cost to a variety of different AWS purchasing options. Our analysis shows that AWS offers significant cost savings, up to 80%, compared to the equivalent on-premises deployments.
This paper briefly outlines how companies can use Amazon Web Services to power HIPAA-compliant information processing systems.
This whitepaper will help you understand many of the best practices involved in creating and sending high quality email from a strategy and management perspective. It identifies characteristics of high value and high quality email, it talks about the parties involved in the email sending process, and it discusses best practices for optimizing and increasing email quality.
This whitepaper will help you understand the different cost factors involved in deploying and managing a scalable NoSQL database solution. You will learn about the TCO savings of using a NoSQL (non-relational) database cloud service such as Amazon DynamoDB over equivalent NoSQL database software that is deployed on-premises or hosted in the cloud.
This set of whitepapers are targeted at architects and technical decision makers of enterprises looking to build a cloud migration strategy. The main whitepaper discusses a phase-driven step-by-step strategy for migrating applications to the cloud and three scenarios illustrate the step-by-step strategy for common use cases.
This whitepaper discusses scenarios for Amazon VPC.
This whitepaper is ideal for those who would like to understand how to build fault-tolerant application on AWS.
This document provides step-by-step instructions for creating a test lab demonstrating identity federation between an on-premise Windows Server Active Directory domain and an ASP.NET web application hosted on EC2 service, using Microsoft’s Active Directory Federation Services (AD FS) technology.
This document presents a discussion of the costs of Amazon Web Services vs. traditional IT infrastructure alternatives, including comparative analysis of direct costs of ownership such as hardware costs and asset utilization, data redundancy and security, supply chain management, power and cooling efficiency, and personnel costs.
This paper illustrates the style of building applications using services available in the Internet cloud.
This Quick Start reference deployment automates the deployment of Ansible Tower on the AWS cloud. Ansible is an IT DevOps tool that handles cloud provisioning, configuration management, application deployment, intra-service orchestration, continuous delivery, and many other IT processes. Ansible Tower is a web-based user interface for Ansible.
This Quick Start deploys Ansible Tower on AWS from scratch, using AWS CloudFormation templates. Separate templates are provided for CentOS and RHEL.
The Quick Start deployment guide provides step-by-step instructions for preparing your AWS account, deploying the software, configuring the deployment, and using Ansible Tower to manage your Amazon EC2 instances on AWS.
This Quick Start reference deployment automates the deployment of Puppet on the AWS cloud. Puppet is a declarative, model-based configuration management solution from Puppet Labs that lets you define the state of your IT infrastructure, and automatically enforces that desired state on your systems. This Quick Start automates the deployment of a Puppet master and Puppet agents from scratch, using AWS CloudFormation templates.
The Quick Start deployment guide discusses the implementation in detail and provides step-by-step instructions for preparing your AWS account, deploying the software, configuring the Puppet agents, and testing your Puppet setup on AWS.
This Quick Start reference deployment builds a standardized architecture that helps support compliance requirements for National Institute of Standards and Technology (NIST) 800-53 / Risk Management Framework (RMF).
The Quick Start is first in a set of AWS Enterprise Accelerator - Compliance solutions, which help streamline, automate, and implement secure baselines in AWS. The Quick Start includes a detailed deployment guide, AWS CloudFormation templates that automate the deployment, and a Security Controls Matrix (SCM) that maps security controls to components of the reference architecture.
EC2 Simple Systems Manager (SSM) is a feature that facilitates the automatic configuration of EC2 instances running Microsoft Windows. SSM currently supports these scenarios: joining instances to a Microsoft Active Directory domain, installing MSI Packages or PowerShell Modules, and delivering log file data to Amazon CloudWatch.
This Quick Start reference deployment automates the implementation of Chef Server on AWS. Chef Server is the foundation of the Chef DevOps platform. You can use Chef Server to create and manage dynamic infrastructure that runs on the AWS cloud, or manage the servers in your on-premises data center. The Quick Start includes an AWS CloudFormation template that automates the deployment, and a guide with step-by-step instructions for deploying Chef Server on AWS and configuring a Chef workstation, creating and uploading a cookbook, and bootstrapping an EC2 instance with Chef command-line tools.
This guide discusses how an AWS customer or partner can use AWS services, native SAP HANA tools, and third-party software to achieve high availability and disaster recovery (HA/DR) for SAP HANA systems on the AWS platform. It presents six options that leverage different AWS management features and SAP HANA tools, and discusses the pros, cons, and related costs of each option.
Updated: November 2015
This update provides best practices for operating SAP HANA systems that have been deployed on AWS. It provides guidance on common administrative tasks such as starting, stopping, and cloning systems, discusses backup and recovery options, and provides support and security-related information.
Sitecore is a popular content management and multichannel marketing automation system for enterprises. This Quick Start automates the deployment of Sitecore in a highly available, fault-tolerant architecture on the AWS cloud, using AWS services such as Amazon EC2, Amazon VPC, and Elastic Load Balancing. You can also take advantage of Amazon RDS for enhanced database features, Amazon CloudFront to improve your site loading speed, and AWS WAF to help protect your Sitecore deployment from common web exploits. The Quick Start includes AWS CloudFormation templates that automate the deployment, and a guide that describes planning, configuration, and deployment steps.
Magento is an open-source content management system for e-commerce websites. This Quick Start automates the deployment of Magento on the AWS cloud. You can optionally install sample data to experiment with custom themes and view the web store. The Quick Start includes AWS CloudFormation templates that automate the deployment, supporting both end-to-end deployment and deployment into an existing AWS infrastructure. The Quick Start also includes a deployment guide that describes the architecture for implementing Magento on AWS, provides step-by-step instructions for deploying and configuring the software, and discusses design, performance, and customization. See the deployment guide to get started.
Web Application Proxy and Active Directory Federation Services (AD FS) are components of Microsoft Windows Server 2012 R2 that provide identity federation, single sign-on (SSO), reverse proxy, and pre-authentication services for publishing your web applications in AWS. This Quick Start includes a deployment guide that describes the architecture for implementing Web Application Proxy and AD FS on AWS, and AWS CloudFormation templates that automate the deployment. The Quick Start supports both end-to-end deployment and deployment into an existing AWS infrastructure.
Companies of all sizes can take advantage of the many benefits provided by AWS to achieve business agility, cost savings, and high availability by running their SAP environments on the AWS cloud.
This overview provides information for SAP customers and partners who want to learn about the benefits and options for running SAP solutions on AWS, or who want to know how to implement and operate their SAP environment effectively on AWS.
AWS SAP sizing is the process of translating business needs into AWS service requirements. This means that resources required by SAP—such as number of data records, users with various roles, and usage of SAP modules—need to be mapped into the appropriate AWS computer, storage, and network resources.
This whitepaper provides information to help AWS partners size SAP systems for the AWS platform. It describes SAP sizing resources and recommendations, and discusses the AWS-specific capacity planning guidelines for SAP systems.
For SAP customers and partners who are new to AWS, the process of estimating the monthly AWS bill may seem a bit overwhelming at first. This guide helps you understand how to estimate the cost of running your SAP environment on AWS. It provides two SAP on AWS pricing examples (SAP ERP on AWS and SAP HANA on AWS) using the AWS Simple Monthly Calculator. For each example, the guide includes a review of the architecture on AWS, example usage of each service, cost breakdown for each service, and total estimated monthly charge.
Tableau Server provides business intelligence that is accessible through a browser or a mobile device, and supports sharing and collaborating on interactive data visualizations.
This whitepaper provides technical guidance on how to deploy and configure Tableau Server on AWS. Additionally, it outlines key integrations and configurations unique to AWS products that enable you to use Tableau Server to best meet your needs.
Trend Micro Deep Security is a host-based security product that provides intrusion detection and prevention, anti-malware, host firewall, file and system integrity monitoring, and log inspection modules in a single agent running in the guest operating system. This Quick Start reference deployment automates the deployment of Trend Micro Deep Security into a new or existing AWS environment, using AWS services and best practices for high availability and security. The Quick Start also includes sample code to show how you can use the Amazon EC2 API and the Deep Security API to ensure that every instance running within your AWS environment is being protected.
Microsoft Lync Server 2013 is a communications software platform that offers instant messaging (IM), presence, conferencing, and telephony solutions for small, medium, and large businesses. This Quick Start reference deployment guide helps you deploy a small or medium-sized Lync Server environment on the AWS cloud. The Quick Start includes an automated AWS CloudFormation template that deploys paired Lync Server 2013 Standard Edition pools across two Availability Zones to provide high availability and disaster recovery. The Quick Start deployment guide also provides sizing guidance and considerations for larger deployments with Lync Server Enterprise Edition.
This paper provides best practices for achieving optimal performance, availability, and reliability, and lower total cost of ownership (TCO) while running SAP solutions on AWS. The target audience consists of SAP Basis and NetWeaver administrators who have experience running SAP systems on traditional infrastructure and would like to run their SAP systems on AWS.
Creating a high-performance storage solution can be challenging. Making the solution scale and be cost-effective adds even more challenge. Intel Cloud Edition for Lustre* software provides a high-performance Lustre file system on AWS. This whitepaper provides detailed information about using Intel cloud Edition for Lustre* and AWS.
Updated: April 2016
This whitepaper provides an overview of MongoDB and its implementation on the AWS cloud platform. It also discusses best practices and implementation characteristics such as performance, durability, and security, and focuses on AWS features relevant to MongoDB that help ensure scalability, high availability, and disaster recovery.
This Quick Start enables you to automatically deploy SAP Business One, version for SAP HANA, in the AWS cloud, using AWS services and best practices. You can select the configuration of your choice, and deploy the SAP Business One solution into a new or existing Amazon VPC in your AWS account. AWS CloudFormation templates automate the deployment, and the deployment guide discusses architectural considerations, configuration, and implementation steps in detail. For additional reference deployments, see AWS Quick Starts.
MongoDB is an open source, NoSQL database that provides support for JSON-styled, document-oriented storage systems. This new Quick Start shows you how to rapidly deploy a multi-node MongoDB cluster in the AWS cloud, following AWS best practices. You can use your existing AWS account, select the configuration of your choice, and deploy in approximately 15 minutes. The Quick Start includes an automated AWS CloudFormation template that sets up the infrastructure required to run MongoDB in a flexible, scalable, and cost-effective way, in a new or existing Amazon VPC in your AWS account. The deployment guide provides implementation details so that you can deploy the automated solution or customize the template to meet your own requirements. For additional reference deployments, see AWS Quick Starts.
AWS Parter Network (APN) partners contributed the following whitepapers about Windows Server 2003 end of support and deployment of Microsoft technologies on AWS:
- Windows Server 2003 End of Support Application Migration (by Neudesic)
- Windows Server 2003 End of Support: A Forcing Function for the Cloud (by AppZero)
- Data Center Migration to the Cloud: Approach & Key Considerations (by Nimbo)
- RemoteApp Publishing on AWS (by CorpInfo)
- Augment On-Premises SharePoint with AWS (by Summit7)
- Microsoft Dynamics CRM 2013 on AWS (by SMS)
This Quick Start reference deployment guide includes architectural considerations and configuration steps for deploying Microsoft Exchange Server 2013 in a highly available architecture on the AWS cloud, following AWS best practices. You can deploy the automated solution, provided by AWS CloudFormation templates, or customize the templates to meet your own requirements. For additional reference deployments, see AWS Quick Starts.
This whitepaper demonstrates using various services on AWS to deploy Microsoft Windows Server 2012 R2 as a Network Address Translation (NAT) device and deploy the Microsoft DirectAccess Windows Server role. Tools such as AWS Toolkit for Microsoft Visual Studio and AWS Toolkit for Windows PowerShell are used to automate the deployments. The target audience is IT infrastructure administrators and developer operations personnel.
Windows Server and SQL Server provide built-in capabilities to run highly available solutions. This updated guide covers failover clusters and the AlwaysOn Availability Groups feature in SQL 2012 and 2014, including configuration steps and testing instructions, as well as an AWS CloudFormation template to automate deployment. The template can also be launched directly from the AWS Quick Start page.
This whitepaper provides specific technical guidance on how to deploy and configure NGINX Plus on AWS. Additionally, we outline key integrations and configurations that are unique to AWS products and allow flexibility around using the NGINX Plus product to best meet your needs.
This Quick Start Reference Deployment guide includes architectural considerations and configuration steps for deploying Cloudera Enterprise Data Hub (EDH) on the Amazon Web Services (AWS) cloud. This reference deployment will assist you in building an EDH cluster on AWS by integrating Cloudera Director with an automated deployment initiated by an AWS CloudFormation template, or you can launch the deployment directly from the AWS Quick Start page.
This new whitepaper outlines deployment of a PowerShell DSC pull server environment using AWS resources. PowerShell Desired State Configuration provides a configuration management platform in Windows Server, which enables you to express the desired state of your systems using declarative language syntax instead of complex imperative scripts. The guide shows how to use AWS CloudFormation to bootstrap your servers and applications from scratch and make sure instances are resilient to configuration drift once the application stack has been deployed.
This reference deployment guide shows how to build a Microsoft SharePoint Server 2013 environment on the AWS Cloud, using services such as Amazon EC2 and Amazon VPC. It includes an AWS CloudFormation template designed to help you deploy the highly available infrastructure predictably and repeatedly. The template can also be launched directly from the AWS Quick Start page.
Learn how to deploy Remote Desktop Gateway on AWS, including best practices for securely accessing your Windows-based instances using the Remote Desktop Protocol (RDP) for remote administration. Also provided are AWS CloudFormation templates to help automate deployment.
This reference implementation guide includes architectural considerations and configuration steps for deploying highly available AD solutions in the AWS Cloud. Two scenarios are covered, one all cloud and one hybrid. Included are AWS CloudFormation templates to help automate deployment. Active Directory Domain Services (AD DS) and Domain Name Server (DNS) are core Windows services that provide the foundation for many enterprise class solutions including Microsoft SharePoint, Microsoft Exchange, and .NET applications.
This whitepaper discusses how you can run Oracle Database on both Amazon RDS and Amazon EC2, and will give you an understanding of the advantages of each approach. We review in detail how to provision and monitor your Oracle database, and how to manage scalability, performance, backup and recovery, high availability and security in both Amazon RDS and Amazon EC2.
This whitepaper provides IT infrastructure decision-makers and system administrators with specific technical guidance on how to configure, deploy, and run an Alfresco server cluster on AWS.
It includes an implementation guide and an AWS CloudFormation template that you can use to easily and quickly create a working Alfresco cluster in AWS.
This whitepaper provides an overview of general best practices that apply to all major NoSQL systems and highlights one of popular NoSQL systems - Couchbase - and discusses how to best run it on the AWS cloud. It further examines different Couchbase configurations so you can optimize it for performance, durability, and security.
This whitepaper provides an overview of one of emerging Open Source NoSQL Distributed Database systems - Riak - and discusses how to best run it on the AWS cloud. It starts with how to launch a 3-node Riak cluster using the AWS Marketplace and discusses different architectural and operational Riak characteristics so you can optimize it for performance, durability, and security.
This whitepaper provides general best practices of running one of the most popular open source RDBMS - PostgreSQL - in the AWS cloud. It examines important PostgreSQL characteristics such as performance, durability, and security in the context of the AWS environment and provides basic architectural and performance guidance so you can run PostgreSQL on AWS at scale.
This paper is authored by Trend Micro and discusses what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices are that can help create a secure AWS cloud environment.
This paper provides Esri ArcGIS users with the necessary information to get started with publishing and analyzing geographic information systems (GIS) imagery data (such as satellite imagery, or aerial imagery), as well as, creating tile cached map services in Amazon Web Services (AWS). The paper focuses on imagery, because that has been the most challenging data type to manage in the cloud, but the approaches discussed are general enough to apply to any type of data.
This paper provides guidance on how to secure your Microsoft applications on AWS. It outlines the principles for protecting the runtime environment of your Microsoft Windows applications with a focus on risk assessment, reducing attack surface, adhering to the principle of least privilege, and protecting your data.
You can run Microsoft SQL Server on the AWS Cloud. This whitepaper reveals how to best run Microsoft SQL Server 2008 on EC2 and discusses implementation choices to optimize for performance, durability, and security. It clearly enumerates how to take advantage of native Microsoft SQL Server features that provide scalability, high-availability, and fault-tolerance in the AWS Cloud environment.
This is an overview paper written by a vendor and co-sponsored by AWS and Microsoft.