How to use AWS practices
to provide the enterprise architecture in the cloud
The first, important stage before the implementation of enterprise architecture in the cloud is to set the goals that this architecture is to serve and what it is supposed to implement. Setting permanent assumptions is necessary for introducing architecture in the cloud, because it allows for decisive control and precise selection of tools that we have at our disposal. There are many reasons why you should think about solutions related to architecture in the cloud. One of the most popular that guides organizations, and which have also been cited by AWS are:
- profit maximization
- the principle of work continuity
- agility and flexibility
- security
An important issue that arises in connection with EA is the domains that the company has at its disposal. Properly embedding them in the cloud architecture allows the implementation of the strategy and meeting the expectations of internal and external clients. Architects should focus on how they interact with each other and influence the overall company strategy. This allows you to locate and determine which assets have changed – the scheme below illustrates this process.
Scheme 1: “Four domains of corporate architecture”
Source: Amazon Web Services
The next step is the proper selection of tools and services that we have at our disposal in the rich AWS catalog and which effectively support activities in the corporate architecture. These include:
- AWS Organizations
- AWS Identity & Access Management (IAM)
- AWS Service Catalog
- AWS CloudTrail
- Amazon CloudWatch
- and other
Let’s focus on the two selected ones; organizational model (AWS Organizations) and service management and control (AWS CloudTrail & Amazon CloudWatch).
In the organizational model, first of all, it is important to determine the structure of the enterprise and its most realistic mapping in the computing cloud. In this case, organizational units are used that allow you to recreate the schema in the cloud environment. They support autonomous management of created accounts with a global approach, management of the cloud environment and control of expenses and proper administration of accounts.
This short film shows the possibilities offered by management based on multiple AWS accounts
LCloud during the implementation of e.g. the automation or deployment service accurately assesses the capabilities of the existing customer structure. During the audit of the existing environment, depending on the data migration capabilities and their form, sometimes it is necessary to use container technology (Docker), which allows for more efficient and faster storage and servering them in the cloud. An important aspect is also finances and maintaining the IT structure by enterprises – using the possibilities of shaping your own landscape in the cloud can significantly reduce expenses that absorb a large part of budgets. Thanks to AWS solutions and the competences of our engineers, you can create an environment that meets your needs in an operational way.
Bearing in mind security and auditing of infrastructure, it is worth considering a service that allows monitoring user activity and API. Such possibilities are associated with AWS CloudTrail or Amazon CloudWatch. They allow you to automate the process of caring for security as well as detecting and verifying potential threats.
Schemat nr 2: Schemat usługi AWS CloudTrail
źródło: Amazon Web Services
Regarding to the landscape environment, it is also important to monitor it. Caring for the reliability of services provided and a quick response to alerts related to attempts to break security is also one of the possibilities offered by LCloud. In addition, by creating an environment for the client, we focus on the AWS Security Best Practices, which allows us to increase its effectiveness.
Implementation of a well-thought-out corporate structure in the cloud allows you to create and meet all customer requirements. This allows not only to reduce financial outlays, but also to improve work. In conjunction with AWS services, an optimized environment can be created, and with the use of configuration, tagging or groups of AWS resources – this allows for the early detection of shadow applications or rogue servers in the production landscape.
For more go to What we offer.