Amazon EC2 instances are the most consumed compute instances in the cloud today. It takes about 15 steps to provision and continuously manage a compliant server. As customers scale up their EC2 consumption to tens and even thousands of instances, traditional provisioning methods can lead to cost overruns as well as compliance and security issues. In this blog Samrat Priyadarshi (Sam) – Sr. Cloud Solutions Architect at MontyCloud explains how you, as an IT administrator, can enable your users to deploy compliant Amazon EC2 instances on-demand through a self-service portal and automate routine management tasks at the time of deployment with DAY2.
– Sabrinath S. Rao
Amazon Elastic Compute Cloud instances (EC2) powers the majority of the applications and workloads on Amazon Web Services (AWS). However, spinning up a virtual machine (VM) that meets your applications’ needs, always conforms to your organizations’ compliance, security and cost policies and is easily manageable, involves at least ten steps. IT teams regularly have to enable their application teams to provision VMs on demand. For example, one of our customers has over 10,000 active servers in their server fleet. Some VMs are persistent and run for months while others such as dev/test VMs are temporary and run only for hours. How can cloud infrastructure IT teams ensure consistency and compliance while enabling their application teams to be agile?
On-demand provisioning and operations automation through deployment templates is the best way to scale. In this blog, I will share how MontyCloud enables IT teams to be responsive while also driving down costs and enforcing granular compliance through the DAY2 Amazon EC2 deployment templates.
Users and developers have the flexibility of multiple configuration choices while deploying a virtual machine. Let us look at the step’s users have to execute to deploy a compliant server.
These can be daunting for the users, a management challenge for the IT teams and unknown cost variables for the finance teams.
MontyCloud simplifies the process for deploying Amazon EC2 instances with well-architected blueprints. Central IT teams can enable their application teams and users to deploy compliant server fleets on-demand through a self-service portal with the DAY2 EC2 Blueprint.
As an IT administrator you can create multiple versions of the same configuration, with pre-approved accounts and regions. For example, you can have a pre-approved version for dev/test where only your users who have permissions to deploy in the dev/test account. They can use the blueprint and a version with the configuration setting such as VPC boundaries and user entitlements for production environment.
The EC2 Blueprint is built on AWS CloudFormation using AWS Well-Architected principles. The blueprint comes with built in task automations that you can execute immediately or schedule the action, against a single instance or an instance group. These include:
You can also upload your custom tasks as python scripts or AWS Automation Documents.
Now, central IT teams can preconfigure approved AWS Accounts, Regions, Instance Types and VPC boundaries. IT teams can also apply and enforce OS configuration and patch compliance, and cost policies. Central IT teams can create multiple configurations by user/department/application type and make these deployment options available on demand to their users through a self-service portal. Once a compute instance is deployed, DAY2 instantly discovers the instance and makes the instance manageable.
Consistent on-demand provisioning can improve productivity by 30% or more and build the pathway to run more secure and cost-efficient servers. It also sets you up for Well-Managed Server operations including autonomous desired server state configuration enforcement, patch management at scale, monitoring, alerting, compliance reporting, automation of routine tasks such as cost-saving scheduled shutdown operations, snapshot creation and remote session access and RDP access without the burden of SSH keys or bastion hosts. This blueprint is available through a DAY2 Well-Architected Cloud subscription.