Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013
-
Upload
amazon-web-services -
Category
Technology
-
view
1.393 -
download
0
description
Transcript of Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013
![Page 1: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/1.jpg)
© 2013 California Institute of Technology. Government sponsorship acknowledged.
Bringing Governance to an Existing Cloud at
NASA’s Jet Propulsion Laboratory
Jonathan Chiang, Matt Derenski – NASA/JPL
November 12–15
![Page 2: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/2.jpg)
Introductions
• Jonathan Chiang – IT Chief Engineer
• Matthew Derenski – Cyber Security Engineer
![Page 3: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/3.jpg)
Agenda
• Provide a brief background of JPL
• Detail why JPL uses AWS
• Understand JPL use cases for AWS
• Describe JPL’s early engagement with AWS
• Review JPL’s implementation of its governance plan
• Utilizing governance to achieve organizational efficiency
• Measuring the value
![Page 4: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/4.jpg)
What is JPL?
• We are a Federally Funded Research and Development Center (FFRDC) managed by Caltech
• We have 21 spacecraft and 9 instruments conducting active missions
• We manage NASA’s Deep Space Network (DSN)
• We “dare mighty things”
![Page 5: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/5.jpg)
Why JPL use AWS?
• Quick and easy to provision/de-provision
• Reduce CapEx and large initial investments
• Pay as you go, only for what you use
• Automation and reusability
![Page 6: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/6.jpg)
How JPL uses AWS HPC/Data Processing
![Page 7: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/7.jpg)
How JPL Uses AWS
Mars Exploration Program
Mars.jpl.nasa.gov
Eyes on the Solar System
Eyes.jpl.nasa.gov
Night Sky Network
Nightsky.jpl.nasa.gov
Public Outreach
![Page 8: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/8.jpg)
How JPL Uses AWS Storage, Backup, and Disaster Recovery
Mars Exploration Rovers Station Fires
![Page 9: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/9.jpg)
How JPL Uses AWS Collaboration
Rapid Development
Enterprise Applications
![Page 10: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/10.jpg)
Early AWS Engagement
• Issued 60+ root level AWS accounts to various
project teams
• Added all accounts to consolidated billing
• Associated a single project/task number for
chargeback and bill back
![Page 11: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/11.jpg)
The Problem
![Page 12: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/12.jpg)
Key Principles of JPL’s Governance Model
Understand your users and their use cases
Apply policy and accountability
Provide auditing and traceability
Leverage an iterative implementation
![Page 13: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/13.jpg)
Account Management
Resources
IAM Accounts
AWS Root – MFA, Managed By IT Sec
Consolidated Billing Consolidated
Billing
(No Users or Resources)
MSL Account
IAM User 01
Auditing
IAM User 02
MSL Developer
AMI 1 AMI 2
MER Account
IAM User 02
MER Developer
AMI 1 AMI 2
Hosting Account
IAM User 01
Auditing
IAM User Hosting
Provisioning
AMI 1 AMI 2
+50 More
![Page 14: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/14.jpg)
Organizational Efficiency (DevOps)
•Automated Configuration
Management
•Monitoring, Notification,
Escalation
•Networking and Security
Operations
Development
Quality Assurance
Operations
Dev
Ops
![Page 15: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/15.jpg)
Measure the Value
• Calculate the cost of implementing governance
along with the cost of cloud resources
• Consider the benefits of organizational
efficiencies gained by cloud and governance
• Compare agility and speed to market vs.
adoption of governance
![Page 16: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/16.jpg)
Summary
![Page 17: Bringing Governance to an Existing Cloud at NASA's JPL (ENT201) | AWS re:Invent 2013](https://reader034.fdocuments.in/reader034/viewer/2022042601/54b3a93f4a79594e198b464c/html5/thumbnails/17.jpg)
We are eager to hear your feedback
on this presentation and on re:Invent.
ENT201
Please fill out an evaluation form when
you have a chance.