Governance and Management Services Flashcards
what do governance and management services do?
help you maintain control
over cost, compliance, and security across your AWS accounts.
organizations
allow you to centrally manage multiple AWS accounts under one umbrella - group all your accounts together for volume discounts - one bill - automate account addition and creation - allocate resources - apply policies across accounts - share Reserved Instances
service control policies (SCPs)
enforce permissions you want everyone in the org to follow
Control Tower
allows you to govern your multi-account environment by enabling cross-account security audits or preventing or detecting security issues through mandatory or optional guardrails.
Systems Manager
lets you group your resources and deploy patches or other updates on all of them at once, or based on a schedule
Trusted Advisor
provides real-time guidance to help you
provision your resources following AWS best practices
free Trusted Advisor checks
- checks for unrestricted access on EC2 ports
- checks S3 bucket permissions
- checks for MFA on root
- checks for RDS public snapshots
paid account Trusted Advisor checks
- checks IAM password policy
- checks for service usage greater than 80% over service limit
- checks for exposed access keys
- checks for CloudFront CDN optimization
Managed Services
staff aug that reduces operational overhead, increasing operational efficiency
Professional Services
Consulting that helps Enterprise customers move from on-prem to the cloud
AWS Partner Network (APN)
a global community of approved partners that
offer software solutions and consulting services for AWS.
Marketplace
a digital catalog of prebuilt solutions
you can purchase or license. You may also sell your own
solutions to others via Marketplace.