AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Scott Ward, Solutions Architect – AWS

November 29, 2016

Tips for Passing

APN Technical Validations

ISV Technical Track: GPSISV2

Why Should I Care?

Why Do We Do Technical Validations?

Reduce risk for joint customers

Verify alignment with a competency track

Build AWS confidence in the product or solution

Benefits of Technical Validation

Deeper AWS relationship

Finely-tuned architecture

Cost-effective architecture

New service visibility

A new perspective on your architecture

Competency inclusion or achieve advanced partner status

What Is a Technical Validation?

Validation that you, as a partner, know how to build

solid solutions using AWS best practices

This is not an audit!

What Is a Technical Validation?

This is all under NDA

Results are confidential

What are we looking for in a technical

validation?

Use of AWS best practices

Well Architected pillars

• Security

• Reliability

• Performance Efficiency

• Cost Optimization

• Operational Excellence

aws.amazon.com/archicture/well-architected

What Are We Looking For in a Technical

Validation?

Industry-specific requirements

How are you aligning to the specific technical requirements for your

industry/competency?

Do the solutions help customers in a specific area?


Validation?


Example #1:

Healthcare and life sciences

A reusable HIPAA pattern. You understand health care

specific requirements and you are not putting patient data

at risk.


Validation?


Example #2:

Security competency

Demonstrated understanding of AWS security best

practices. Use of AWS security services to help customers

have confidence in the AWS platform.

Tips for a Successful

Validation

Tips for a Successful Validation

Have a 15 minute kickoff talk with the SA and the PDM

Review what is going to happen in the validation

Discuss who should be involved in the validation

Ask clarifying questions


Detailed architecture diagram

More than this


Detailed architecture diagram

A little better


Detailed architecture diagram – Maybe something like this


People

Identify all the right technical resources for the

discussion

One or many people

Someone who can talk in-depth on the architecture

Have the right technical resources present


Be prepared to go deep

Our reference questions are just a starting point

We will be looking to go deeper based on “trigger words”


Understand what AWS services you use


Be prepared to speak to why you made the decisions

that you did


Budget time before, during, and after

Prep call (15-30 minutes)

Work to gather information (???)

Review call (3-4 hours, maybe more)

Follow up work and discussion (???)

Issues We See Regularly


Security

Not as much flexibility in this area

Can be the longest part of the review process

Be open and honest in your responses


Security

Protection of the root account

Too much IAM access

Everything in one account

Collection of access keys

Not enough log analysis


Reliability

Relying on manual processes

Workload profiling

DR planning and testing


Performance & Cost

Not keeping up with new services or enhancements

Not meeting with your account team (know new features,

program changes, etc.)

Cloud Service Management and Security

Security, cost, and asset management for public cloud users. Enterprises need a

web-based software application that allows them to view, understand, and secure their cloud environments.

CloudCheckr Architecture Review

• 4 hour technical review with Scott Ward

• Also sat through reviews for enterprise customers

• Covered everything from arch, security, reviewing access

from 3rd parties

• 10 pages of notes, 5 action items, 8 follow up items

• Pushing topics like retiring IAM access keys, cross AZ

What did we do?

CloudCheckr Architecture Review

• Approach review from positive perspective

• Unique experience to learn from insiders

• We needed to update the services we used in AWS

• Got some insights you don’t see “in the wild”

What did we learn?

Outcomes

Outcomes

What you don’t get

Official certification for the validation

A new design or architecture

Outcomes

Follow up questions

Full write up of your notes

Blockers

Suggested improvements

Confidence in your infrastructure

Mutually agreed-upon solution

Remember to complete

your evaluations!

Thank you!

Questions?

AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)

Technology

Transcript of AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)