Professional Documents
Culture Documents
Welcome to our global site! For a better experience and content speci c to your location, visit the United Kingdom
site.
BACK
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
ACCEPT DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 1/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
Going to the cloud is supposed to be an enabler for innovation, deliver improved agility, and decrease time to
market so organizations can better respond to changing demands. However, empowering stakeholders to
develop their own systems and deploy assets with the click of a button in the cloud comes with its own set of
pitfalls. Organizations may no longer have to worry about capital costs, but operational costs can quickly get out
of hand without controls in place. A lack of controls not only creates challenges with costs and ef ciency but can
also raise security concerns when assets are deployed with poor access controls or con guration vulnerabilities.
The chaos and instability that goes with these pitfalls often robs organizations of the velocity and ef ciency
Cloud governance encompasses the people, process, and technology associated with your cloud infrastructure,
security, and operations. Governance is a framework with a set of business-driven policies and standard
practices for promoting the well-architected principles of operational excellence, security, reliability,
performance ef ciency, and cost optimization. Governance ensures cloud-related spend aligns with business
objectives, promotes data integrity across the enterprise, encourages innovation, and mitigates the risk of data
loss or non-compliance with regulations.
In a nutshell, cloud governance is the map to get you to a well-architected state. Implementing and
operationalizing governance policies keep you there. This blog series will outline the fundamental elements for
establishing a governance map for AWS that is speci c to your organization and guide you on the journey to
developing governance that enables a well-architected cloud environment that evolves with your business to
Somewhere along their journey working with the cloud, most organizations realize they don’t know how to
control all the things that are being created in their cloud environment. Just like cloud adoption is a journey,
establishing good governance is a journey of its own that will evolve as your business and the cloud continues to
change. The rst steps to take in establishing governance controls depend on where your organization is in its
journey on AWS. Are you preparing to create your rst AWS resources, or do you already have hundreds or
The keys to making the governance journey a success even as it continues to evolve are:
3. Get upfront buy-in on the road map from both technical and business stakeholders
ACCEPT DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 2/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
Before you start any journey, you need to know where you are going. A journey in the cloud and in building good
governance will include identifying organizational objectives for leveraging AWS. For the larger cloud journey,
these should not just be IT objectives (i.e., we want to get out of the data center, or the development team wants
to be able to use Lambda) but rather strategic goals for the business (i.e., we need to be able to scale up quickly
to meet demand spikes but scale down to save cost in off periods, or we need to be able to add geo-speci c
Likewise, your cloud governance goals should be enablers for meeting these business objectives while
controlling costs, ensuring the security and integrity of the cloud environment, and optimizing performance.
Some of the key themes we have seen with these goals are:
permissions
Conforming to security and/or compliance standards required for your business or industry
Ensuring all actions on AWS are logged and the audit trail can’t be altered
Enabling secure private network access to resources across accounts and regions as needed
These goals should tie back to your business objectives so you can secure buy-in from the whole executive
leadership team. Once your goals are established and agreed upon, they can serve as the compass for the
journey—but remember these goals should evolve and change if the larger business goals change. It can also be
helpful to set up clear driving statements for your goals that teams can use to help them when making decisions,
for example, if stability is your goal “Will doing X help drive stability?” or “Does doing A or B next help stability
more?”
With speci c governance goals for your organization, you can now map out what a well-architected cloud
destination on the journey needs to look like with a clear case for the business objectives and value.
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
AWS has tried to help organizations achieve a well-architected environment by establishing the Well-
Architected Framework and
ACCEPT review process, where an AWS partner such as Credera can analyze a workload in
DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 3/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
AWS with a standard set of questions to determine the opportunities for improving the workload. This can be a
great tool for creating the map of your governance journey if you are already running some portions of your
application on AWS, because it allows the organization exibility to limit the scope under review and to t the
overall goals of the organization. It also gives you concrete next steps to keep the organization moving forward
If you are at the beginning of your cloud journey and don’t yet have workloads in the cloud, then you have the
opportunity to build and implement your governance controls before users start creating resources. To be able
to leverage this opportunity, you need to quickly identify the key controls that need to be in place from the start
and those you can add later in the journey. The Well-Architected Framework can help point you to the key
controls that your organization needs to start with. This will allow users to start leveraging AWS as soon as
AWS also has a whitepaper, AWS Governance at Scale, which can help organizations plan their governance
road map. The whitepaper focuses on three key areas: account management, budget and cost management, and
security and compliance automation, that tie back closely to the Well-Architected Framework. We will dig into
the considerations and details of each of these areas in the remainder of blog posts in this series.
Once you are ready to start your governance journey on AWS, it is important to get everyone on board in order
to make the journey a success. More and more teams and knowledge workers have started to place increasing
importance on understanding how their job can make an impact on the business and making their internal
Helping everyone make the connection between what can sometimes be mundane daily tasks needed for good
governance and the larger objectives can be the hardest part of the governance journey. This can be especially
true for agile technology teams who have operated with autonomy in the cloud when starting to talk about
“adding governance.” This is largely due to the legacy perception of governance as a set of prescriptive dictates
that might or might not apply to the work the team is focused on.
The key to selling your governance goals is to keep reminding all the teams involved of the larger goals, while
also articulating immediate bene ts of adopting smaller elements of good cloud governance. Some of the goals
might easily tie directly to technical objectives, i.e., ensuring end-to-end encryption for PCI or HIPAA data, while
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
a goal
More of “reducing
information application
can be found downtime
in our Cookie Policy due to lack of understanding of your environment” might be not as
clearly tie back to “making sure every resource on AWS has a set of tags.” For theseDECLINE
ACCEPT goals it is important to help
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 4/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
teams understand that these rules are not there to control them but to empower and inform them. For example,
ensuring every resource has an “owner” tag means that updates or changes to any resource involve the right
people so that downtime can be reduced while maintaining security and exibility.
You should also encourage push back from your teams, especially on how the technical solutions to meet your
governance goals are architected. It is important to remember to trust the feedback from those closest to the
problem, while still reinforcing directional guidance and maintaining a clear link between each small decision
and the overarching goals.
The rest of this blog series will dig into the speci cs of establishing good governance to meet your goals and
objectives. We will also try to help guide you in determining what you should do rst, focusing on quick wins—
improving access and accountability patterns that set you up for further success on your organization’s
governance journey.
SERVICES INDUSTRIES OUR FIRM CAREERS INSIGHTS CONTACT US
Need a Guide?
Credera’s unique expertise in corporate strategy, innovation, and application development enables us to bring a
holistic approach to governance across people, process, and technology. We have experience in a variety of
industries and deep multi-cloud expertise. This enables us to offer a relevant point of view and an approach
tailor-made to our clients' needs. If you’re interested in starting a conversation, reach out to us at
ndoutmore@credera.com.
AWS Governance Governance & Compliance Well architected Cloud Strategy Strategy
Have a Question?
First Name*
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information
Last Name* can be found in our Cookie Policy
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 5/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
Email Address*
Phone
Company
Title
SUBMIT
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
ACCEPT DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 6/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
ACCEPT DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 7/8
5/22/2021 AWS Governance Part 1: 3 Keys to Starting Your AWS Governance Journey | Credera
TM
PARTNERSHIPS
PRIVACY POLICY (GENERAL) COOKIE POLICY © 2021 Credera Enterprises Company, LLC. All rights reserved.
Credera uses cookies to improve functionality and performance of this site. By continuing to browse this site, you consent to the use of cookies.
More information can be found in our Cookie Policy
ACCEPT DECLINE
https://www.credera.com/insights/aws-governance-part-1-3-keys-to-starting-your-aws-governance-journey 8/8