DevOps on AWS Radio: Automating AWS Organizations (Episode 13)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news and speak with Eric Kascic from Stelligent about AWS Organizations and enforcing compliance on sub-accounts.

Here are the show notes:

DevOps on AWS News

• Tutorial: Continuous Deployment with AWS CodePipeline
• Next-Gen MSPs on AWS: Freedom with Governance
• AWS PrivateLink for AWS Services
• Pipeline Dashboard
  • Serverless Application Repository
  • CodePipeline Dashboard Blog Post
• AWS re:Invent 2017 DevOps re:Cap Webinar & Resources
• AWS re:Invent 2017 DevOps re:Cap
• Integrating AWS CloudFormation with AWS Systems Manager Parameter Store

• AWS VPC Networking Mode for Containers to Support Full Networking Capabilities

• EC2 Instance Recover Mode
• Analyze Database Audit Logs for Security and Compliance Using Amazon Redshift Spectrum

Episode Topics

1. Can you describe AWS organizations? What is it and why would we use it?
2. Can you describe what type of AWS account structures you should put in place? What type of accounts should be managed by AWS Organizations?
3. What type of compliance controls can you enforce on your accounts?
4. How do you automate the creation of an AWS Organization?
5. Are there issues with shutting down an account, recovering the root password, fake email addresses etc. using the + convention
6. How do you consolidating cloud trail, s3 access logs in a control account? and cross-account permission issues for those resources
7. What is missing with AWS organizations that you’d like to see?

About DevOps on AWS Radio

On DevOps on AWS Radio, we cover topics around applying DevOps principles and practices such as Continuous Delivery on the Amazon Web Services cloud. This is what we do at Stelligent for our customers. We’ll bring listeners into our roundtables and speak with engineers who’ve recently published on our blog and we’ll also be reaching out to the wider DevOps on AWS community to get their thoughts and insights.
The overall vision of this podcast is to describe how listeners can create a one-click (or “no click”) implementation of their software systems and infrastructure in the Amazon Web Services cloud so that teams can deliver software to users whenever there’s a business need to do so. The podcast will delve into the cultural, process, tooling, and organizational changes that can make this possible including:

• Automation of
  • Networks (e.g. VPC)
  • Compute (EC2, Containers, Serverless, etc.)
  • Storage (e.g. S3, EBS, etc.)
  • Database and Data (RDS, DynamoDB, etc.)
• Organizational and Team Structures and Practices
• Team and Organization Communication and Collaboration
• Cultural Indicators
• Version control systems and processes
• Deployment Pipelines
  • Orchestration of software delivery workflows
  • Execution of these workflows
• Application/service Architectures – e.g. Microservices
• Automation of Build and deployment processes
• Automation of testing and other verification approaches, tools and systems
• Automation of security practices and approaches
• Continuous Feedback systems
• Many other Topics…

Stelligent Amazon Pollycast