Use your MSP to get and stay Well Architected

26/09/2019 Tom De Blende

In a world of hyperscalers that take away a lot of the undifferentiated heavy lifting (TM) from you, we are often asked what the added value of an MSP is. Isn’t the cloud managed by design? Why involve an MSP? Let me dig in a bit deeper here and use the Well Architected Framework as an example.

Cloudar is part of a select club of AWS partners globally, that is allowed to perform Well Architected Reviews. You can find more details on that here. After a free audit, we can perform a remediation of all findings for you, which will bring you one step closer to being Well Architected. But that is just a moment in time in an ever-changing cloud landscape. It’s like buying a new laptop. The moment you buy it, it’s almost outdated. I’d like to see being Well Architected more as a continuous process, and not as a onetime goal. So your AWS practice never gets outdated.

Of course, as a company, you can make sure you not only get Well Architected, but also stay Well Architected. It will take a considerable amount of effort though, keeping up to date with all changes on AWS is no easy feat. Our sole focus is AWS, and even for us it’s hard to keep up. Even AWS engineers have a hard time staying up to date. So, when running stuff on AWS is not your core business, you’ll need a friend.

That friend should be your MSP. He will be the one helping you to comply with the 5 pillars of a Well Architected environment.

Operational Excellence
Your MSP partner should have plenty experience in managing cloud environments. To make sure you pick a partner that can be trusted, you can select one that has been audited by AWS here. They can offer you services like 24*7 monitoring and alerting, backups, patching, CI/CD setups. And they will be the ones responsible for the operational wellbeing of your setup.

Reliability
An experienced AWS MSP can design your environments in ways that they are reliable and self-healing. By means of multi-AZ or multi-region deployments, your mission critical applications can get high levels of uptime. You can even agree on (application based) availability SLA’s with your MSP.

Security
At AWS, security is job zero. It should be the same at your MSP. Cloud environments are targeted by bad people because they know it is very straight forward to get started. All it takes is a credit card to get rolling. It’s remarkably easy to get something working when you put in some effort. However, the times we have analyzed environments where the principles of least privilege were not followed (give them admin, we’ll worry about that later) or where resources were living wide open to the internet while there was no reason… Be very careful with what you deploy in the cloud. And pick an MSP that makes use of all AWS features related to security like CloudTrail, Config, WAF,… and can also offer you third party solutions like Trend Micro Deep Security, Splunk and others.

Performance efficiency
There are a thousand ways to get a certain result in AWS. And I think if you really try hard, you’ll find a thousand more. But in the end, you want the biggest bang for your buck. An MSP has the knowledge on how to build environments with the most suitable resources. And he will follow up on all new AWS features and service updates to see if they can be applied to your environment to make it even more efficient. This is really key as you don’t want to be caught with an outdated laptop.

Cost Optimization
Slightly related to performance efficiency, but much more than that. Unused resources. Underutilized resources. Overprovisioned instances. The Science that is Reserved Instances. Suboptimal data flows that generate costs. You want these things to be monitored for you and handled. An MSP will do just that. And through Service Management you will get updated on all possible cost optimizations.

The focus of next generation MSP’s is not the same as the focus of a traditional MSP. If you are convinced of the value of the Well Architected Framework (you should be), working closely together with an MSP is a very good way to make sure your environments are Well Architected, and stay that way.

Share this AWSome post

Leave a Reply

Your email address will not be published. Required fields are marked *