leveraging AWS

Leveraging the AWS Cloud Adopti­on Framework and Readiness Tool

What is the AWS Cloud Adopti­on Framework and Readiness Tool?

The AWS Cloud Adoption Framework (AWS CAF) was created based on the experiences of the AWS Professional Services team as they assisted organizations in achieving successful cloud adoptions.  The CAF helps companies to employ a holistic approach to cloud computing and to realize measurable business benefits from cloud adoption faster and with less risk.

CAF Perspectives, Plans, & Tools

The AWS CAF is organized into focus areas, or perspectives, with guidance split across six areas of responsibility:

AWS CAF Business Perspectives

  • Business – Value Realization
  • People – Roles and Readiness
  • Governance – Prioritization and Control

AWS CAF Technical Perspectives

  • Platform – Applications and Infrastructure
  • Security – Risk and Compliance
  • Operations – Manage and Scale

AWS Cloud Adoption Framework

Further details about each of these perspectives, and their related capabilities, can be found in the AWS white paper – An Overview of the AWS Cloud Adoption Framework.

As a key part of the CAF, creating an action plan to prepare for the transition to cloud is recommended.  The plan builds on the same six AWS CAF perspectives, and provides templates to create work streams and to uncover gaps in your existing skills and processes.

AWS Cloud Adoption Framework Completed Action Plan

Another method for assessing your organization’s cloud migration readiness, the AWS Cloud Adoption Readiness Tool (CART) uses a 16-question online survey to assess your readiness across the same six perspectives as the AWS CAF (although the term ‘Process’ is used in place of ‘Governance’). After completing the CART survey, you will have access to a downloadable CART report that includes:

  • Cloud Adoption Readiness Assessment Summary – responses and scores across the six perspectives
  • Cloud Readiness Heatmap – assessment scores compared in a heatmap
  • Cloud Readiness Radar Chart – visualization of strengths and weaknesses as a radar chart

AWS Cloud Readiness

Guidance offered by the AWS CAF can be used across your organization to gain a better understanding of how to adapt existing processes and update skills during your cloud journey.

The Cloud Adoption Framework in Action

Want to dive a little deeper into the Cloud Adoption Framework?  Below are some examples of how OpsCompass helps you execute on your CAF Action Plan around Governance (Process), Security, and Operations.

In the Governance (Process) section, the first CART question highlights the importance of tracking and managing your cloud inventory.

Application & Infrastructure Portfolio Management

Is there a system or mechanism to track inventory and manage your portfolio of applications and infrastructure (e.g. a configuration management database)?

  • Yes
  • No

The Governance Perspective in the CAF emphasizes Prioritization and Control, which include “capabilities that support governance processes for cloud adoption and ongoing operations”.  It highlights the need for your program and project management to become increasingly agile in order to keep up with the changes.

Through control plane APIs and event streams, OpsCompass continuously monitors resources in your cloud environment, notifying you of both security misconfiguration and configuration drift within moments of any change in your cloud environment. This provides valuable insight and control, and allows you to keep track of the exact changes in an organized and scalable fashion.

OpsCompass Continuously Monitoring Cloud Accounts

In the Operations section, a key CART question, shown below, asks about ownership and responsibility, not with a simple Yes / No question, but as levels of maturity.  This highlights how operations isn’t just a single team, but rather a matrix of different people and the concerns for which they are responsible.

Operations & Responsibilities Alignment

Has your organization decided who will own operations of cloud based applications and systems (e.g. operational models for deployments and updates)?

  1. No operational ownership has been formally established to date
  2. We have started building a responsibility matrix to define operations and owners
  3. A draft responsibilities matrix with assigned owners has been created
  4. A formal responsibilities matrix has been presented to leadership and approved
  5. A formal responsibilities matrix has been approved and presented to all assigned stakeholders

The Operations Perspective in the AWS CAF emphasizes Manage and Scale and includes capabilities around resource inventory, change management, and compliance reporting.  However, an automated process is required to fulfill these responsibilities at scale.

As soon as a change is reported in a cloud environment, OpsCompass evaluates the new or updated configuration for the resource. OpsCompass has the ability to classify the impacts of the resource changes with something known as Concerns. Concerns can be assigned to Teams, so the relevant resource changes are tagged and brought to the attention of the right people within your responsibilities matrix. These people can then take the needed action for their assigned changes.

OpsCompass classifies the impacts of the resource changes as Concerns

OpsCompass Teams

In the Security section, an important CART question ties security to operations, and is again looking for an answer based on the maturity of your organization.  This maturity includes both an understanding of secure operations as well experience with a shared responsibility model.

Operational Cloud Security

Does the organization have a strong understanding of operating securely in the cloud?

  1. Minimal understanding and experience
  2. Some understanding, but limited experience
  3. Some experience and understanding
  4. Strong understanding and experience
  5. Fully trained and experienced, with a shared responsibility model

The Security Perspective in the AWS CAF emphasizes Risk and Compliance, which “helps you structure the selection and implementation of security controls” for your organization.  Keep in mind that security often requires additional skills, as well as a transformation of your organizational culture.

Researching and understanding the various security configurations and compliance frameworks is time consuming.  But, with OpsCompass, you can automatically map your cloud resource security configurations to various industry and regulatory frameworks. OpsCompass provides a detailed analysis of the current state of your resource configurations and focuses your operations team on the resources with the highest level of risk exposure.

OpsCompass automatically maps cloud resource security configurations to industry and regulatory frameworks

Summary

The AWS Cloud Adoption Framework helps companies to employ a holistic approach to cloud computing and to realize measurable business benefits from cloud adoption faster and with less risk.

AWS also has an ecosystem where partners offer services to help organizations utilize the CAF and meet the Governance (Process), Security, and Operations objectives of their CAF action plan.  OpsCompass is one of those partners, so contact us to experience how OpsCompass can help you put the AWS CAF into action today.

Know Your Cloud Posture Score in Minutes. Schedule Demo

Share the Post: