Three stages to Managing and Governing with AWS:
- Enable :- Automate set-up of a baseline environment for running secure and scalable workloads in AWS based on best practices using AWS Control Tower. We can set up granular control over AWS accounts using AWS organization. Key Services are
- Provision :- Automate resource provisioning using AWS cloud formation’s infrastructure-as-code templates. Key Services are
- AWS CloudFormation
- AWS Service Catalog
- AWS OpsWorks
- AWS Marketplace
- Operate :- We can use AWS services for end to end IT lifecycle management. First, improve visibility into resources using Amazon CloudWatch to monitor AWS resources, applications and services. Second, improve compliance auditing and security analysis using AWS CloudTrail to record user activity. Third, we can evaluate and monitor the compliance posture of your AWS resource configurations, as well as remediate noncompliant resources, using AWS Config. Additionally, when it comes to managing operational tasks, instead of using different toolsets in hybrid cloud environments, we can use AWS Systems Manager to centralize tasks in an “operations cockpit” using a common toolset. Finally, It is recommended to use AWS Trusted Advisor for recommendations to reduce underutilized resources and save costs, as well as improve environment’s security and fault tolerance. Key Services are:
- AWS CloudWatch
- AWS CloudTrail
- AWS Config
- AWS System Manager
- AWS Trust Advisor
- AWS Cost and Usage report
- AWS Cost Explorer