| Security |
Followed up on priorities from security self-assessment, including database, password, and web server security. |
2017-2018 |
| New AWS Services |
Continued weekly study group to learn AWS services, including CloudSearch, CloudFront, WAF, Organizations, API Gateway, ECS, Elastic Beanstalk. Participated in the preview of Neptune. |
2017-2018 |
| Splunk Implementation |
Completed in-house training, built Splunk server, implemented CDL reports and dashboards. |
2017-2018 |
| Cost Savings |
Implemented on-demand infrastructure. Reviewed/renewed RDS reserved instances. Reviewed performance metrics to right-size resources. |
2016-2017 |
| Security |
Conducted a security self-assessment. |
2016-2017 |
| Disaster Recovery |
Copied snapshots to alternate AWS region(s) and account(s). Completed disaster recovery planning. Conducted a disaster recovery test. |
2016-2017 |
| Log Consolidation |
Set requirements, evaluated, and implemented a cost effective, efficient third party application to replace current IAS log monitoring, analysis, and reporting for the CDL AWS environment. |
2016-2017 |
| New AWS Services |
Implemented new AWS services to support the next generation of CDL applications. |
2016-2017 |
| Infrastructure Upgrades |
Upgraded RDS database instances to MySQL 5.7. Upgraded infrastructure applications for automation and monitoring. |
2016-2017 |
| AWS Migration |
Learned AWS services, designed the CDL environment, migrated computing infrastructure to Amazon EC2, MySQL database infrastructure to Amazon RDS, using other AWS services as appropriate. |
2015-2016 |
| Decommission Physical Infrastructure |
Decommissioned physical infrastructure in the UCB and UCOP Data Centers on completion of AWS migration. |
2015-2016 |
| CloudWatch Metrics for Application Owners |
Provided CDL application owners a secure method to review performance metrics for their EC2 and RDS instances running in AWS. |
2015-2016 |
| Change Control for Production Environment |
With the AWS migration, CDL took on management of the production environment. Implement robust change control practices. |
2015-2016 |
| Redesign LDAP for High Availability |
Redesigned OpenLDAP infrastructure to take advantage of AWS services for high availability. Implemented a multi-master configuration, with instances in multiple availability zones behind internal load balancers. |
2015-2016 |
| Move to AWS Reserved Instances |
Reviewed potential cost savings for AWS reserved instances. Evaluated alternative models for development/stage instances. Purchased RDS reserved instances. |
2015-2016 |
| Evaluate CloudTrail Monitoring Tools |
Evaluated tools for monitoring and auditing the AWS environment. |
2015-2016 |
| Configure CDL Domains in Route 53 |
Consolidated domain name registrations. Migrated management of DNS to AWS Route 53. |
2015-2016 |
