Amazon cloud solution seems to be to spin up a microservice for every aspect of cloud computing
This covers security, by enabling multi-account strategies, continuous monitoring, and control policies. It covers compliance, by automating checks, reporting, and remediation. It covers operations, by applying controls enterprise wide. It covers identity by centralizing identity and access management at scale. It covers cost, by facilitating usage reports and policy enforcement. And it covers resilience, by helping integrate assessments and testing into CI/CD pipelines for validation.
1. Overview of Cloud Governance:
Cloud governance involves:
- Defining requirements: Establishing policies, standards, and controls for how cloud resources are used.
- Deploying and operating systems: Managing the provisioning, configuration, and operation of resources in alignment with governance policies.
- Measuring and assessing performance: Monitoring the environment to ensure compliance, optimize performance, and improve resilience.
AWS provides a range of services that fall into three key categories:
- Built-in governance controls: Tools to define and enforce governance rules.
- Resource provisioning: Services that ensure resources are created in alignment with governance requirements.
- Operations tools: Tools to monitor, manage, and optimize cloud environments.
2. Key AWS Services in Cloud Governance:
Define Requirements:
- AWS Artifact:
- Provides access to AWS compliance reports and agreements.
- Helps organizations understand and meet their compliance obligations.
Deploy and Operate:
- AWS Control Tower:
- Enables the setup of a secure, multi-account AWS environment.
- Provides pre-configured best practices for account governance.
- AWS Organizations:
- Centralizes account management and applies policies across multiple AWS accounts.
- Helps group accounts logically and enforce governance policies.