5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

Welcome to our global site! For a better experience and content speci c to your location, visit the United Kingdom
site.

VISIT UK SITE STAY HERE

BACK

Technology • Feb 23, 2021

AWS Governance Part 1: 3 Keys to

Starting Your AWS Governance Journey
JW Walton

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy

ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 1/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

Going to the cloud is supposed to be an enabler for innovation, deliver improved agility, and decrease time to
market so organizations can better respond to changing demands. However, empowering stakeholders to

develop their own systems and deploy assets with the click of a button in the cloud comes with its own set of

pitfalls. Organizations may no longer have to worry about capital costs, but operational costs can quickly get out

of hand without controls in place. A lack of controls not only creates challenges with costs and ef ciency but can
also raise security concerns when assets are deployed with poor access controls or con guration vulnerabilities.

The chaos and instability that goes with these pitfalls often robs organizations of the velocity and ef ciency

promised by the cloud.

Cloud governance encompasses the people, process, and technology associated with your cloud infrastructure,
security, and operations. Governance is a framework with a set of business-driven policies and standard

practices for promoting the well-architected principles of operational excellence, security, reliability,

performance ef ciency, and cost optimization. Governance ensures cloud-related spend aligns with business

objectives, promotes data integrity across the enterprise, encourages innovation, and mitigates the risk of data
loss or non-compliance with regulations.

In a nutshell, cloud governance is the map to get you to a well-architected state. Implementing and

operationalizing governance policies keep you there. This blog series will outline the fundamental elements for
establishing a governance map for AWS that is speci c to your organization and guide you on the journey to

developing governance that enables a well-architected cloud environment that evolves with your business to

innovate quickly without losing control of the environment.

Good AWS Governance Is a Journey

Somewhere along their journey working with the cloud, most organizations realize they don’t know how to

control all the things that are being created in their cloud environment. Just like cloud adoption is a journey,

establishing good governance is a journey of its own that will evolve as your business and the cloud continues to
change. The rst steps to take in establishing governance controls depend on where your organization is in its

journey on AWS. Are you preparing to create your rst AWS resources, or do you already have hundreds or

thousands of resources in AWS?

The keys to making the governance journey a success even as it continues to evolve are:

1. Establish clear goals that address your speci c control objectives

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
Clearly articulate
More2.information thein road
can be found map Policy
our Cookie to achieving those goals

3. Get upfront buy-in on the road map from both technical and business stakeholders
ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 2/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

Choosing Your AWS Governance Destination

Before you start any journey, you need to know where you are going. A journey in the cloud and in building good

governance will include identifying organizational objectives for leveraging AWS. For the larger cloud journey,

these should not just be IT objectives (i.e., we want to get out of the data center, or the development team wants
to be able to use Lambda) but rather strategic goals for the business (i.e., we need to be able to scale up quickly

to meet demand spikes but scale down to save cost in off periods, or we need to be able to add geo-speci c

resources quickly to accommodate clients in regions for our expansion plan). 

Likewise, your cloud governance goals should be enablers for meeting these business objectives while

controlling costs, ensuring the security and integrity of the cloud environment, and optimizing performance.

Some of the key themes we have seen with these goals are:

Segregating development and production environments with appropriate separation of duties/access

permissions

Allowing teams freedom to experiment within a budget

Conforming to security and/or compliance standards required for your business or industry

Ensuring all actions on AWS are logged and the audit trail can’t be altered

Enabling secure private network access to resources across accounts and regions as needed

Implementation of automation tooling for standardization and consistency of cloud resources

Reducing application downtime due to lack of understanding or insight into your AWS environment

These goals should tie back to your business objectives so you can secure buy-in from the whole executive

leadership team. Once your goals are established and agreed upon, they can serve as the compass for the
journey—but remember these goals should evolve and change if the larger business goals change. It can also be

helpful to set up clear driving statements for your goals that teams can use to help them when making decisions,

for example, if stability is your goal “Will doing X help drive stability?” or “Does doing A or B next help stability

more?”

Starting to Map out Your AWS Governance Journey

With speci c governance goals for your organization, you can now map out what a well-architected cloud

destination on the journey needs to look like with a clear case for the business objectives and value.
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
AWS has tried to help organizations achieve a well-architected environment by establishing the Well-
Architected Framework and
ACCEPT review process, where an AWS partner such as Credera can analyze a workload in
DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 3/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

AWS with a standard set of questions to determine the opportunities for improving the workload. This can be a

great tool for creating the map of your governance journey if you are already running some portions of your
application on AWS, because it allows the organization exibility to limit the scope under review and to t the
overall goals of the organization. It also gives you concrete next steps to keep the organization moving forward

on its governance journey while considering ongoing operational constraints.

If you are at the beginning of your cloud journey and don’t yet have workloads in the cloud, then you have the
opportunity to build and implement your governance controls before users start creating resources. To be able
to leverage this opportunity, you need to quickly identify the key controls that need to be in place from the start

and those you can add later in the journey. The Well-Architected Framework can help point you to the key
controls that your organization needs to start with. This will allow users to start leveraging AWS as soon as

possible while minimizing rework later.

AWS also has a whitepaper, AWS Governance at Scale, which can help organizations plan their governance

road map. The whitepaper focuses on three key areas: account management, budget and cost management, and
security and compliance automation, that tie back closely to the Well-Architected Framework. We will dig into

the considerations and details of each of these areas in the remainder of blog posts in this series.

Getting Everyone on Board

Once you are ready to start your governance journey on AWS, it is important to get everyone on board in order
to make the journey a success. More and more teams and knowledge workers have started to place increasing
importance on understanding how their job can make an impact on the business and making their internal

and/or external customers’ lives better.

Helping everyone make the connection between what can sometimes be mundane daily tasks needed for good
governance and the larger objectives can be the hardest part of the governance journey. This can be especially

true for agile technology teams who have operated with autonomy in the cloud when starting to talk about
“adding governance.” This is largely due to the legacy perception of governance as a set of prescriptive dictates
that might or might not apply to the work the team is focused on.

The key to selling your governance goals is to keep reminding all the teams involved of the larger goals, while

also articulating immediate bene ts of adopting smaller elements of good cloud governance.  Some of the goals
might easily tie directly to technical objectives, i.e., ensuring end-to-end encryption for PCI or HIPAA data, while
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
a goal
More of “reducing
information application
can be found downtime
in our Cookie Policy due to lack of understanding of your environment” might be not as

clearly tie back to “making sure every resource on AWS has a set of tags.” For theseDECLINE
ACCEPT goals it is important to help

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 4/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

teams understand that these rules are not there to control them but to empower and inform them. For example,
ensuring every resource has an “owner” tag means that updates or changes to any resource involve the right
people so that downtime can be reduced while maintaining security and exibility.

You should also encourage push back from your teams, especially on how the technical solutions to meet your

governance goals are architected. It is important to remember to trust the feedback from those closest to the
problem, while still reinforcing directional guidance and maintaining a clear link between each small decision
and the overarching goals.

Next Steps on Your AWS Governance Journey

The rest of this blog series will dig into the speci cs of establishing good governance to meet your goals and

objectives. We will also try to help guide you in determining what you should do rst, focusing on quick wins—
improving access and accountability patterns that set you up for further success on your organization’s

governance journey.
SERVICES INDUSTRIES OUR FIRM CAREERS INSIGHTS CONTACT US

Need a Guide?

Credera’s unique expertise in corporate strategy, innovation, and application development enables us to bring a
holistic approach to governance across people, process, and technology. We have experience in a variety of
industries and deep multi-cloud expertise. This enables us to offer a relevant point of view and an approach

tailor-made to our clients' needs. If you’re interested in starting a conversation, reach out to us at
ndoutmore@credera.com.

AWS Governance Governance & Compliance Well architected Cloud Strategy Strategy

Cloud Cloud Security Cloud Technologies Security

Have a Question?
First Name*

Enter rst name

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information
Last Name* can be found in our Cookie Policy

Enter last name ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 5/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

Email Address*

Enter email address

Phone

Enter phone number

Company

Enter company name

Title

Enter job title

How can we help you?

Write your comment here

I'm not a robot

reCAPTCHA
Privacy - Terms

SUBMIT

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy

ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 6/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy

ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 7/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera

TM

SERVICES OUR FIRM INSIGHTS

INDUSTRIES OUR OFFICES CAREERS

PARTNERSHIPS

PRIVACY POLICY (GENERAL) COOKIE POLICY © 2021 Credera Enterprises Company, LLC. All rights reserved.

Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy

ACCEPT DECLINE

https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 8/8