Please enable JavaScript.
Coggle requires JavaScript to display documents.
Seek and Multi Accounts (Tooling (Account Creation (AWS Organisations…
Seek and Multi Accounts
Current State
Accounts
160
Challenges
Networking
Transit Gateway
Transit VPC
Cisco?
Shared VPC
Potential new way to go
DNS
Outage
Peering
CIDR range maintenance
Latency
DOS Seek
Micro-service hell
seekprod.local
Security
Guard Duty
Enforcing CloudTrail
IAM
USers not roles
S3
Public access
several instances
Costs
Cost Structure
Unblended
Amortised
Lists
Blended
Impacts
Discount confusion
Tagging
Needs to be better
Finance restructure
Asia
Wants to be in AWS
Poor security and fraud culture
Lack of skills
Immature management processes
Origin
Accounts
5
Why
Modeled on the DC
Deemed easier for pilot teams to understand
Tagging would not be a big effort
Challenges
Tagging not well-enforced
Untagged costs got very large
Cost splitting upset bigger teams
Progression
Finance
CAPEX/OPEX split
Multi-accounts based on cost centres
Reliability
Blast Radius containment
Redundancy
Not done well
Only very critical services
Mostly perception
SPOF's still exist
Tooling
Cloudability
Excel for invoice reconcilliation
Account Creation
Fully automated
AWS Organisations helps
CSP's
Accounts API
S3 Bucket
OKTA Fronted
DataDog
Splunk
Old
Janitor Monkey
Cloud Customdian
CloudCheckr
EDDA
Networking
PHP IPAM
outfra.xyz
Discounting
Reserved Instancing
Cost obfuscation
Enterprise Discount Program
Savings
$500KUSD
Culture
Speed
Original Driver
Get it to market fast
Not necessarily get it done well
Team accountability
Good for Ops
Not so much for tech health
Not enough leads across changes
Cost Management
Blowouts
2016
2018/19
AWS knowledge
Dedlivery Leads
Poor
Not motivated to care
Security
Ramped up in 2017
Increased threats
PageUp
Taken for granted
Security
Networking
For development teams
Move to Engineering Led
Leads need tech backgrounds
Product and tech in a peered relationship
Delivery Management adds overheads