What is AWS Managed Services?
At the heart of AWS managed services is the provision of services that facilitate AWS cloud adoption, by assisting customers to move from on-premises hardware and software to cloud based infrastructure.
AWS managed services provide ongoing management and maintenance of your cloud infrastructure, so that you are free to concentrate on your business applications.
The AWS managed services team takes responsibility for the end-to-end operations of all AWS supported services for your business and provides access via consoles and API so you can request new resources and capacity levels like scaling out or scaling in compute resources or make other changes. You can also report issues with the services that AWS are managing for you. With AWS managing your infrastructure components, your team are freed up to concentrate on developing or running your business applications.
The first phase in cloud adoption is assessing the proposed operations model and planning the cloud migration process. The AWS managed services team understands their infrastructure and how available services work together so can recommend the best match for your use case and can diagnose and resolve any issues that crop up. This means you can be running applications hundreds or even thousands of servers and not have to worry about the underlying IT infrastructure.
To manage the many potential services through the service design, service transition, service operation and continual service improvement cycles, AWS managed services are contained in and integrate with ITIL frameworks. ITIL Information Technology Infrastructure Library is designed to standardise the lifecycle of IT services across organisations. AWS Managed services have an ITIL-based control and operational structures designed to drop into your ITIL framework.
The five ITIL stages of service strategy, design, transition, operation and improvement are recognised by AWS managed services as they come with guidance and automation as well as provide standardised APIs and processes for provisioning and managing the infrastructure that your applications will run on.
What does AWS Managed Services do for you.
Most organisations typically don’t have enough people with the appropriate cloud skills to set up infrastructure and migrate from on-prem IT infrstructure. So when the decision to move to the cloud is made, the actual transition can be subject to lengthy delays while staff are either trained up or hired, which in itself is a challenge due to the high demand for such skills.
The other alternative is to outsource to cloud consultants which can be expensive, involve lengthy contracts and comes with its own set of new problems.
AWS managed services were designed to solve this problem by engaging the experienced AWS managed services team to start on the migration process thus removing the delays
The AWS Managed Services team will:
Build and Configure : Create your managed account and VPC and the AWS configuration to get you up and running.
Set Up Stacks : Allow you to request popular application and software stacks via the provisioning API
Provide Self-Service Deployment : Enables the ability for you to request the deployment of tech stacks 24/7 and to roll these out in minutes.
Manage Changes : The AWS Managed Services team will coordinate and manage scheduled approvals and changes to production environments.
Maintenance : Monitor for updates and apply patches to running application stacks, maintain anti-virus software and monitor and advise on network intrusions.
Incident Response : The AWS Managed Services team will respond to detected and reported incidents and unexpected events
Reporting : A dedicated Cloud Service Delivery Manager (CSDM) will provide end of month reporting and well as access to CloudWatch and CloudTrail data and will coordinate operations and maintenance so the activity on your account is always accessible and transparent.
Cloud Operations Management
The team looking after your managed services include AWS engineers and management staff to ensure your infrastructure is kept secure, monitored and up to date. They respond to issues and improvement requests and provide a number of functions and capabilities, including:
24x7 Service Desk : You can log a service request via web portal, CLI or API calls 24x7x365 which are handled by support teams in Sydney, Seattle and Dublin.
Access Management : You are provided with various log in options with the preferred being Active Directory federated with established SSO or existing corporate login methods.
Automation : Various tasks and processes take advantage of automation to provide faster turnaround times when change requests, onboarding tasks, stack provisioning and other tasks are requested.
Capacity Management : AWS will typically use native scaling to allow your environment to scale in response to demand. Your monthly reporting can be used to evaluate capacity including in static deployments and AWS can provide optimization guidance.
Change Management : AWS will manage and perform changes to managed environments in response to requests for change (RFC) that you can submit via console, CLI or API. Changes follow a change management process with many likely to be automated.
Configuration Management : Establish and maintain environment consistency.
Backups : AWS managed services will ensure EBS and RDS database service snapshots are created and maintained to ensure business continuity in the event of a failure.
Event, Incident and Service Request Management : The AWS managed monitoring system handles the process of highlighting and monitoring notable events.
Host Security : Security elements that protect individual hosts within the managed environment. A single tenant per account is deployed with shared service subnets in which a client agent looks after all the instances in the subnet.
Log Management : Log aggregation and processing from logs generated from EC2, customer applications and other AWS components.
Monitoring : The AWS managed services team will use CloudWatch and OpsWorks to notify them when something is suboptimal and to respond when engineer engagement is required.
Patching : Ongoing upkeep of operating system level packages within supported AWS operating systems by either updating AMIs within application stacks or agent based deployment of monthly patching.
Provisioning : This service allows you to create and deploy new resources within your managed environment.
Reporting : Your CSDM provides a monthly report detailing incidents, capacity, security and financial information.
Service Knowledge Management : Makes available all AWS Managed services data including deployments, stack templates and updates of deployed resources.
How is AWS Managed Services Set Up?
When you make the decision to engage AWS managed services, a systems integration partner will collect information about your current network access and application requirements. Using this information, the AWS team will create a managed account containing the required VPCs and resources. From there you can start work with the AWS team or integration partners to start to deploy your applications and migrate to the cloud account.
When you want to make changes to the managed account, you will need to raise an RFC (request for change) via the console, API or CLI. This method can also be used to raise requests for the AWS team to respond to incidents or unexpected events.
Typically you will order a new application stack from a pre-configured list of templates that are provisioned into specific managed AWS VPCs to become managed application stacks. The stack is subsequently managed be the AWS team in response to RFCs or events.
An application stack is typically a cloudformation template defying a group of AWS services that are managed as a single unit. When an RFC is received to deploy a new stack, the AWS Managed Services team will deploy the template and then registers it with config management, endpoint security, backup and monitoring services. At this point the new deployment becomes a managed application stack and the responsibility of the managed services team.
AWS Managed Services Team Roles
When you engage with AWS Managed Services you are likely to pass through three levels of AWS staff roles that are specific to the managed services phases.
The first are the business development managers (BDMs)
A BDM works with you to understand your requirements, validate your interest, discuss pricing models, negotiate terms and secure your commitment via a signed contract.
The second tier are Technical Delivery Managers (TDMs)
Once a contract is in place a TDM will take over and coordinate onboarding migration and application transition. The TDM will typically orchestrate system integration partners, AWS engineers and training up customer staff and partners. The TDM will review existing workloads and operational models and validate pilot app migration. They will also conduct on site discovery workshops to scope and plan the movement of application workloads to the managed application stacks.
And thirdly are the Cloud Service Delivery Managers (CSDMs)
Once your first application workloads are migrated to the managed account, you will receive a personal CSDM to looks after you and your relationship with AWS.
Your CDSM manages the service delivery to ensure your AWS services are performing as expected.
To assist with achieving the best outcomes, your CSDM will advise on AWS best practice to ensure the performance, availability and security of your AWS workloads.
A large part of the CSDM’s role is to review and monitor your managed account resources and report back to you every month.
If anything does go wrong or does not perform as expected, your CSDM acts as an escalation point to help resolve the issue as quickly as possible.
Getting Started with AWS Managed Services.
As we’ve already discussed, there is a lot to consider when deciding if AWS Managed services are appropriate for your business. There is usually a lengthy process in reviewing your workloads and existing applications to determine if the service is a good fit for your business, which is why there is no online order or provisioning mechanism for AWS Managed Services.
You need to contact AWS via their managed services page to express an interest so that a BDM can contact you and start the conversation.
What is the benefit of using AWS Managed Services?
Undoubtedly the AWS Managed service team isn’t cheap, however when compared to the engineers and hardware you would require to deploy and manage applications in house, having AWS deploy and manage your infrastructure may work out more cost effective in the longer term.
Getting AWS Managed services to look after your AWS account, you can focus on application development or running your business instead of managing a network and all the associated resources, software patching, backups and maintenance involved.
You can of course keep an eye on the infrastructure being deployed in your account and monitor the changes by connecting the managed AWS account to Hava. Hava will auto generate infrastructure diagrams that you can use to inspect the VPCs and the resources they contain.
Because Hava continuously polls your AWS configuration and generates a new set of diagrams when changes are detected, you will be able to compare the current network to superseded versions that are retained.
You can read more about Hava at https://www.hava.io and take a free 14 day trial. Explore the supplied demo data or connect to an existing AWS, GCP or Azure account to see what you have running where.
Originally published at https://www.hava.io.