Cloud Governance

Cloud Governance – Cloud Governance is the process of defining and creating policies to control costs, minimize security risks, and improve efficiency. An ungoverned cloud environment can be plagued by high costs, security risks, and take excessive time to manage.

By definition, cloud governance covers many areas. There are many AWS services that cover various parts of cost control, security, and management efficiency. Although not inclusive, here are some of the primary services and a brief description of what they do.

Control Tower is a service designed to make managing multiple accounts within an organization more manageable and secure. It helps with account creation through landing zones and account factory. Control Tower serves as a centralized point to manage other related AWS services. AWS Organizations is tied closely to Control Tower.

SCPs establish preventative policy rules, called preventative guardrails. AWS manages many useful policies or you can create your own.

Config establishes detective policy rules, called detective guardrails. AWS manages many useful rules or you can create your own.

Iam Identity Center establishes access control to all of your accounts. It can tie in with your directory server.

CloudTrail provides a central log archive. Each API action can be logged.

Organizations allows you to manage and organize accounts with centralized billing.

SSM allows you to automate operational tasks such as OS patches across accounts.

Service Catalog provides resource level governance. Users can select from the catalog to provision resources.

CloudFormation allows you to automate resource provisioning. Control Tower makes extensive use of CloudFormation templates.

The AWS Well-Architected Framework is another key concept. AWS provides 6 pillars around governance. A Well-Architected review can serve as a good starting point to understand what processes need improvement.

Cloud Governance

Contact Us

Call us

Email us

Where to find us

Call us

Email us

Where to find us