Redefining Cloud Operations on AWS by being Cloud Native

Thousands of workloads along with plenty of business applications and services on Cloud with complex architectures poses challenges that are multi fold. To name a few, we have cloud sprawl, cost management, optimum performance, security and lack of proper governance structure. With these issues, customers are looking forward to striking a balance between faster innovation using cloud capabilities and governance control for an operationally efficient platform. There are multiple third party solutions available in the market today to provide such capability but each of them comes with substantial pricing burden for customers. For a better ROI to the customers, AWS provides a plethora of services for end-to-end lifecycle management to help them in running an automated, cost efficient, compliant and controlled environment. Now we will discuss how to use the right mix of services and map the cloud operational use cases to create a robust automated multi-account platform for the customers.

Agile Cloud operations have different stages right from designing the platform with necessary controls and guardrails, automated cloud foundation capability, provisioning using Infra as a Code templates to an audited, automated, integrated, centralized and optimized AI based operations framework. Focus is to create a workflow based architectural framework using critical services that AWS offers to implement each stage mentioned. Having this framework will help customers to place controls using financial, technology, security/compliance and service governance. We can leverage AWS cloud native capability using mix of services to provide a multi account workflow-based framework as below to achieve this goal in the most cost-effective way. 

Fig 1: - AWS Cloud Native architecture for Agile operations

This framework caters to major Cloud operations with appropriate governance by meeting the most critical use cases as below.

Automated cloud foundation using IaaC called AWS CFN, Systems Manager, AWS lambda

One click multi account provisioning and Self Service using AWS Service Catalogue through products/portfolios, AWS Organizations and launch configurations

Automated, secured and compliant run operations through AWS Lambda, system manager, Config, GuardDuty, Inspector, security hub, CloudWatch, CloudTrail

Effective cost management using trusted advisor, Cost explorer and budgets

Change management through Config and approval workflows using SNOW integrations

DevOps using AWS CICD pipeline

Analytics, Dashboarding and reporting using Quicksight, AMS for Grafana and Prometheus

We will look at a few agile cloud operations use cases as example and how those are constructed using well-architected framework through AWS native services and integrating them by customized scripts/Infra coding.  

1.      Automated cloud foundation - Infra as a Code - Single Click Automated Provisioning using AWS Service Catalogue & Cloud Formation

Fig 2: - Automated cloud foundation - Infra as a Code

·      Creation of Roles and corresponding policies

·      Infra Developer creating catalogue-based blueprints for Infra and App provisioning

·      Self service Provisioning by User 

2.      Agile Ops - through monitoring and observability. Hook automated monitoring and logging using pre-defined metrics and thresholds through AWS lambda functions and various services like cloudwatch, cloudtrail, s3 and Athena along with ServiceNow via API integrations for single source of truth. This will bring in Observability right from the initial stage of provisioning for greater visibility into cloud resources and user activities 

Fig 3: - Agile Ops through automated monitoring and Logging

3.      Faster time to market through automated DevOps provisioning - Automated App provisioning using AWS native CI/CD services like AWS Code Build, Code Pipeline, Code Commit & Code Deploy along with change Management to cover entire application life cycle management leveraging SNOW integration

Fig 4:- DevOps provisioning using AWS CI-CD and Change management

4.      Financial Governance using AWS native spend optimization - Customers can achieve potential savings on their cloud spend by leveraging AWS cost optimization tools like Trusted advisor, cost explorer, compute optimizer etc. The best approach is to classify resources under optimization themes and provide insights on savings potential of the resources under them. The high level approach and activities for the same is listed as below.

•      Identify the potential resources and dependencies

•      Understand the business impact and optimization plan

•      Right sizing and Resource Planning

•      Automation in reporting and chargebacks

Fig 5:- Spend Optimization Insights and Reporting Automation

This is also intended to help customers to embark on full-fledged cloud economics/FinOps exercise as a continuous process to achieve maximum outcome from their cloud infrastructure with optimal spend.

Hence, it is extremely critical for the customers to have agile automated cloud operations to meet the ever-increasing business demand with optimum performance. This will help achieve accelerated application delivery along with full control over cloud resource usage in a secured manner. AWS with its full-fledged native services around cloud management platform framework can help the customers to meet the requirements in scale with minimum cost and governance in place.