Innovative Solutions Signs Strategic Agreement with AWS

New agreement supports Innovative’s growth as cloud migration and management experts.

ROCHESTER, NY, January 3, 2023 – Innovative Solutions (Innovative), a leading provider of cloud services for growing businesses, announced today that it has entered into a multi-year strategic collaboration agreement (SCA) with Amazon Web Services, Inc. (AWS). As a result of this collaboration, Innovative Solutions and AWS will tightly align their sales, marketing, and delivery teams to effectively accelerate the adoption of cloud services in the small- and medium-sized business (SMB) and startup industry segments with a key focus on software, fintech, life sciences, and retail industries. Innovative will enhance their customer’s cloud journey experience through managed services offerings as well as the company’s ability to support customers through the full digital transformation lifecycle; migration, modernization, data strategy, and machine learning (ML).

Justin Copie

“We’re thrilled to work with AWS on this remarkable opportunity,” said Justin Copie, CEO of Innovative. “This SCA helps us achieve our vision of helping every SMB customer become a technology company. The size and scale of this agreement, and how it will help us accelerate, is without precedent.”

The agreement between Innovative and AWS drives key investments in several areas that address the growing demand for AWS products and services across Innovative’s base of 600+ SMB customers, as well as with new customers in US and Canada. Innovative will expand their migration and modernization practice, managed services offerings and build out new practices in data analytics and ML to support the advanced stages of its customers’ journey to the cloud. Innovative will also invest in the development and scale of its portfolio, listing the company’s solutions in AWS Marketplace to help SMB customers quickly procure and further accelerate migration to AWS.

Separate from the agreement, to meet growing demand for cloud expertise and helping businesses achieve their objectives with technology, Innovative expects to hire more than 200 additional employees in the next four years.

Jaime Eisenhauer

“Talent acquisition and growth is a central part of our strategy,” said Jaime Eisenhauer, Chief People Officer at Innovative. “We provide our customers with proven experts, so we have aligned both our recruiting and training programs to provide our services with the best talent in North America. It starts with a solid foundation, and every employee at Innovative – from administrative support to accounting to sales to the executive team – has earned an AWS certification.  From there, we go deep with AWS Solutions Architects, DevOps engineers, and specialties that match the needs of our customers.  Working at Innovative is like getting a graduate degree in the cloud.”

As an AWS Premier Tier Services Partner, Innovative has rapidly expanded by adding specialized services for businesses wishing to migrate their server infrastructure to AWS and managing a customer’s cloud operations thereafter. With this new agreement, Innovative Solutions plans to accelerate growth and customer satisfaction by creating four practice groups: Migrations, Modernization, Data Engagements, and Machine Learning. Each will serve as their own lines of business and be responsible for increasing the depth, scale, agility, and reach to provide the best customer experience to Innovative and AWS’s mutual customers at all stages in their digital transformation.

Kevin McGrath

“Innovative’s growth and strategic relationship with AWS is a testament to the quality of service they provide their customers,” said Kevin McGrath, vice president and general manager of Spot by NetApp. “NetApp is proud to be working with successful service providers like Innovative to together help our joint customers take full advantage of the power of AWS.”

Innovative’s growth plans include the expansion of its Managed Cloud Services (MCS) line of business. MCS customers are more confident when growing on the cloud because their infrastructure is managed for cost, security, and compliance with a combination of tools and services. One foundational capability included for all MCS customers, at no additional charge, is CloudCheckr, a cloud management product in Spot by NetApp’s portfolio for cloud operations. In concert with Innovative’s cloud experts, CloudCheckr provides visibility and intelligence to better manage costs, make infrastructure more secure and in compliance, and optimize resources in use.

Ruba Borno

“Over the last 24 months, we have seen a significant rise in demand and adoption of cloud solutions as small and medium size business businesses look to grow their digital offerings,” said Ruba Borno, vice president of Worldwide Channels & Alliances at AWS. “We are excited to expand our relationship with Innovative Solutions and help businesses broaden their customer base and bring new products to market and continue on their cloud migration journey.”

Next year, Innovative is on track to continue hiring and opening offices in both the United States and Canada while remaining headquartered in Rochester, New York, where it was founded. As part of its commitment to the regional economies of its offices, Innovative recently announced that the Rochester Red Wings will now play at Innovative Field, with more investments expected in the future in other regions as well.


Learn more about Innovative
Innovative believes that every company will become a technology company. Innovative uses its cloud expertise and technology to help businesses migrate to and manage their IT infrastructure in the cloud. With an army of experts and the Innovative Cloud Runbook utilizing the leading platforms and technologies, Innovative gives businesses of every size the confidence to grow in the cloud.

Written by:

Innovative Solutions

Innovative Solutions achieves the new AWS Networking Competency

Growing businesses throughout the United States and Canada look to Innovative Solutions as a trusted AWS Partner, and now Innovative Solutions is one of the first AWS Partners to achieve the new AWS Networking Competency.

ROCHESTER, NY — October 18, 2021 — Innovative Solutions, an Amazon Web Services (AWS) Premier Consulting Partner, announced today that they have earned their AWS Networking Competency. This designation showcases that Innovative Solutions has the technical knowledge and real-world experience to optimally implement and manage AWS networking technologies.

AWS networking services help customers securely connect to AWS from public or private clouds, group and distribute their applications across Amazon Elastic Compute Cloud (Amazon EC2) instances and additional AWS services and improve their digital experience by providing tools for network performance and monitoring.

The AWS Networking Competency was created to help customers easily and confidently engage highly specialized AWS Consulting Partners that can develop and implement solutions in the areas of network connectivity, network visibility, and hybrid networks. The AWS Networking Competency takes on the heavy lifting of identifying and validating industry leaders with proven customer success and technical proficiency.

Achieving the AWS Networking Competency differentiates Innovative Solutions as an AWS Premier Consulting Partner with deep domain expertise in solutions that:

  • Offers new ways of routing traffic through private backbones and cloud cores
  • Provides secure ingress to mitigate latency
  • Improves availability and enhances application experiences
  • Provides visibility and control in cloud networking

“In our 32 years of business we’ve architected, designed, and implemented literally thousands of networks supporting millions of devices,”
said Justin Copie, Owner and CEO at Innovative Solutions. “That 32 years of experience coupled with our team’s ability to help small to mid-size business customers leverage the power of the cloud, is exactly why we’re in such a unique position to deliver innovative networked solutions on AWS.”

Innovative Solutions AWS Networking Competency

Learn more about Innovative Solutions

Innovative believes that every company will become a technology company, and we’re here to help. With an army of cloud experts and the Innovative Cloud Runbook utilizing leading cloud technologies, Innovative gives businesses of every size the confidence to grow in the cloud with Well Architected reviews, cloud migrations, managed cloud services, application modernization, cloud-native software development, cloud cost optimization, cloud security monitoring, and virtual CIO and CISO consulting.

Written by:

Innovative Solutions

AWS Well-Architected Framework: What It Can Do For You

What Is The AWS Well-Architected Framework

If you’re thinking about building your company’s future in the AWS cloud, then you’ll want to make sure that your cloud resources and infrastructure are architected as safely, efficiently, and as cost effective as possible.

The good news for cloud architects is that there is no need to reinvent the wheel. Amazon has put together a series of best practices designed to provide objective guidance to those architecting on AWS.

The Well-Architected Framework contains five pillars which guide those building in AWS on how to ensure that their cloud is cost and performance optimized. The framework refers to a series of best practices that should be followed by experts when building their cloud environment.

Unlike many other AWS resources, it does not refer to a series of checks that can be initiated programmatically. Therefore, clients that wish to make sure that their workloads are architected in a manner compliant with the Framework (and which may not have the expertise to do this in-house) should engage the services of an external party (like Innovative’s Well Architected Review service).


Well-Architected Framework Pillars

The Well-Architected Framework contains five pillars. An AWS Premier Consulting Partner, like Innovative, follows an AWS Well-Architected Framework checklist to make sure that your cloud can be better aligned to best practices.

Operational Excellence

When migrating workloads to the cloud, it’s key to ensure that they are running efficiently. This means, for instance, avoiding duplication of resources. Or, if servers run at variable capacities, making sure that servers are configured with elastic resources, or take advantage of auto-scaling.

Additionally, those architecting in AWS should frequently refine their operations and build for failure, using practices such as regular game days to test workloads, ensuring that there are plans in place to failover key resources in a DR scenario, and ensuring that their organization culture supports a strong cloud presence.


AWS cloud environments should be architected to protect data, systems, and assets and to take advantage of cloud technologies to improve security.  Best security practices include:

  • Applying security at every layer of the cloud: this can include ensuring that the VPC, subnets, and related resources are configured correctly; ensuring that network access control (NACL) policies are appropriately set; and granting the least amount of permissions possible for every user to do their job.
  • Audit and traceability: making sure that appropriate audit and logs are configured in the cloud. Users should also centralize identity management and ensure that users are not encouraged to use static credentials over the long term.


This pillar calls for AWS cloud architects to ensure that their cloud is performing reliably and consistently.  Well-architected workloads should be able to:

  • Automatically recover from failure of components
  • Scale horizontally or vertically as needed.

Additionally, infrastructure changes should be handled by automation rather than being deployed manually.

Performance Efficiency

Performance efficiency means using cloud resources in a way that meets system requirements as efficiently as possible.

When an AWS Partner, like Innovative, applies this pillar of the Framework to clients’ cloud environments, they will:

  • Ensure that global resources are being used where reasonable. These reduce latency for end users resulting in faster performance.
  • Ensure that serverless architectures are being employed where possible. Serverless architectures means that architects do not need to manually provision infrastructure and can instead configure automation that provides capacity as workload requirements evolve.

Cost Optimization

Of course, users should also ensure that their cloud workloads are being run as cheaply as possible. Users should:

  • Measure the overall efficiency of their cloud.
  • Avoid paying for resources when they are not required.
  • Ensure that they are following cost optimization guidelines and aware of the components of the AWS cloud for tracking budget.


Why Get A Well-Architected Review?

The AWS cloud can save your organization time and money, all while boosting efficiency. While migrating from on-premises to a cloud-first environment will do the same, users might not be able to tap into the maximum advantages of the AWS cloud until they ensure that their architecture is compliant with the Well-Architected Framework.


Schedule a Well-Architected Review with Innovative

During Innovative’s Well-Architected Review, an AWS expert will review the client’s desired workload, assessing it against the Well-Architected Framework, and make recommendations.

As an AWS Premier Consulting Partner, Innovative’s team of experts can then take time providing hands-on optimizations to ensure that clients’ cloud infrastructure are in line with best practices.

Written by:

Sean Meadows

Innovative Solutions Launches Cutting Edge Managed Service Offerings for Amazon Web Services Customers

Best in class managed services align to the needs of growing cloud businesses.

ROCHESTER, NY, April 5, 2021 – Innovative Solutions, a leading Amazon Web Services Premier Consulting Partner, announced today the launch of three new AWS Managed Cloud Services offerings. Unlike alternatives, these offerings are focused on providing customers with choices that fit their business needs as they leverage cloud-based services. Backed by a team of 100% AWS certified cloud experts, small and medium-sized businesses can select the cloud support offering that aligns to their business needs.

Starting today, the three new offerings from Innovative Solutions are:

Innovative MCS Tier Offerings

The three managed service offerings include access to curated technology and tools that are fully integrated into AWS, including:

  • The Innovative iNOC for 24 x 7 x 365 support
  • New Relic, for application performance monitoring
  • CloudCheckr, for cost analytics, cost savings and optimization, security, and compliance
  • Cloud Storage Security, for cloud storage antivirus scanning
  • SecureCloudDB, for cloud database security monitoring
  • Skeddly, for cloud automation
  • PagerDuty, for alerting and escalations
  • Emergency cloud engineering support


Learn More
Innovative Solutions believes that every company is a technology company. As the fastest growing AWS Premier Partner, Innovative Solutions helps customers in more than 240 cities throughout North America. With an army of cloud experts leveraging the Innovative Cloud RunbookTM, Innovative Solutions gives businesses of every size the confidence to grow in the cloud.

Justin Copie

Justin Copie, CEO

“Managing a cloud environment is complicated. Our entire business is designed to lessen the burden on the business owner’s shoulders and help them recognize the power of the cloud. Managed Cloud Services are the number one enabler to achieving this goal. More businesses have selected AWS than any other cloud provider, and hundreds of small and medium-sized businesses are selecting Innovative Solutions as their partner of choice to help them buy, optimize, and secure their AWS environments in the cloud.”

Written by:

Innovative Solutions

Top 6 Ways to Reposition Your IT Systems

In most companies, corporate strategies are owned by the business, along with the necessary funding to fulfill that strategy. Business owns the associated requirement definitions that will execute the strategy. Corporate IT departments are there to implement solutions that satisfy those business requirements. Typically however, business stakeholders lack IT knowledge; they ‘own’ the requirements and the data those requirements produce, but it is IT that provides the solutions that leverage technology that creates that data; the business doesn’t always know what to ask IT for as they don’t understand the possibilities. Very often, these two groups do not necessarily work well together with IT feeling that they are simply ‘order takers’; not being seen as true partners of the business. Therefore, it is imperative for the fulfillment of any corporate strategy in a fiscally efficient way for these two groups to work very closely together to completely understand how leveraging technology can drive strategies forward.

Migrate your infrastructure to a cloud platform

Legacy IT departments create on-premise infrastructure solutions to support all of their IT needs. These solutions may be implemented across multiple physical locations and require very large investments in hardware and software to support a wide area network. This configuration can create many potential issues around backing up data, replicating data, security, etc. With very sophisticated cloud platforms (i.e. AWS) today, companies are migrating their on-premise solutions to the cloud and seeing immediate savings in their TCO (Total Cost of Ownership) expenditures, just by stabilizing their existing systems on a new cloud-based platform. Additionally, cloud migrations are highly-secure and offer tremendous flexibility in storage requirements that provide immediate scalability as companies grow and expand their offerings and geographies.

Use of Data

Business applications typically produce massive amounts of data, based on their requirements. The data is not ‘owned’ by IT, but rather by the requirement owners: the business stakeholders. The ability for Business stakeholders to understand this data and what it tells them is absolutely key to leveraging technology, creating scalability and driving meaningful business strategies that enhance customer experience and improve profitability. Understanding their data can lead to more effective change management, delivering solution improvements more quickly and saving on costs overall. Many business stakeholders do not understand the data that they are producing and lack user-friendly, efficient tools to help them analyze this data effectively. It is imperative that the business uses the necessary time and resources to accomplish this, as it will directly lead to long-term improvements and cost savings for the enterprise as a whole.

Use of the ‘Right’ Metrics – Key Performance Indicators (KPIs)

Understanding their data allows business stakeholders to determine what are the leading indicators that drive their business. Many businesses look at their data to determine how they have performed over a recent historical period. This data is considered to be ‘Lag’ data in that it only shows what has already happened, and by itself, is not predictive of future results. Companies that understand their data quickly start focusing in on those data elements that are predictive or are ‘Leading’ indicators of future results. Those metrics allow companies to see well in advance how they are performing and if they are going to achieve their goals. In this way, they may have the ability to make adjustments along they way, possibly ensuring a better result.

Business Process Improvements

Many companies stifle their ability to scale and grow by not addressing ever-green improvements to their business processes. As an example, companies will continue to add employees to handle increased workloads of emails and phone calls, both internal and external facing, based on siloed business processes. It may be very advantageous for them to look at their business processes end to end to see if a Case Management solution could drastically decrease the number of necessary communications. The resulting Return on Investment (ROI) could be very substantial. Leveraging technology to satisfy business process requirements should be periodically evaluated, as new and more efficient technologies are appearing more frequently, each having potentially large ROI.

Have a Digital Strategy Roadmap

Any business to business or business to consumer strategy today should be moving toward digitalization. Having easy to access and use web-based solutions that allow for maximum self-service capability is essential for continued growth. Reducing more traditional methods of interacting with all customers (i.e. email, paper, phone, etc.) should be a priority in all technical and business roadmap strategies. The resulting improvements in revenue growth and customer satisfaction far exceed the cost of implementing a digital strategy.

Strategy Roadmap

Most important to repositioning IT platforms is to maintain alignment with corporate long-term strategies as closely as possible. Most large scale enterprise solutions require very long Discoveries in months and potentially another year to implement. Not understanding the over-arching corporate direction and timings can make the leveraging of technology to support them almost impossible. IT organizations should be at the corporate strategy table, providing possible solutions and time tables for the most important strategy implementations. Solutions should not be implemented that do not directly support and further the corporate strategy.


Not sure where to get started?

Start building your strategy roadmap with Innovative today by booking a NO CHARGE 2-hour consulting engagement with one of our Certified Cloud Solution Architects.

Written by:

Innovative Solutions

Is an AWS Well-Architected Review right for you?

Do you ever wonder if you’re realizing the full benefits of your IT Infrastructure? Is your current infrastructure built in a way that will help to achieve your business and technical outcomes? The AWS  Well-Architected Framework can help your company create a more efficient and effective IT infrastructure, even if it’s not in an AWS environment.

The best way to ensure your workload is meeting best practices and understand the business impact of your architecture is through a Well-Architected Review (WAR). A WAR uses the Well-Architected Framework as a guideline to ensure you are building a secure, high-performing, resilient, and efficient infrastructure for your applications, so you can focus on scaling your business while your infrastructure scales with it.

You may be wondering, “Is it even worth it to perform a Well-Architected Review on my architecture?” You could easily spend countless business hours trying to understand if the WAR is right for you, but we will simplify this process by breaking down the four most common scenarios that we have seen while conducting WAR’s for our customers. This way you can make this valuable decision sooner rather than later.

Is an AWS Well-Architected Review Right For You?

Choosing to do an AWS Well-Architected Review boils down to two factors. The intricacy of your workload and the depth of your AWS knowledge and expertise are two factors that create four common situations that your company may fall into. Each situation has its own outlook on whether you should follow through with a WAR.

Relatively Simple Workload, Little to Zero AWS Knowledge

In this category, customers may be using some of the most common AWS Services (i.e. EC2, Amazon S3, Amazon RDS, etc.), have a lower AWS spend, and have very few complexities to meet their infrastructure needs. If you have a simple workload and do not spend a substantial amount of your IT budget on your AWS workload, it’s not the end of the world if you don’t go through a WAR. Nonetheless, if you have plans to scale your infrastructure soon or do not know if your architecture is set up to optimize costs, you may still see a benefit from a WAR.

Relatively Simple Workload, Deep AWS Expertise

Businesses with relatively simple workloads and a higher knowledge of AWS do not necessarily need to consider a WAR. Although WAR’s provide substantial benefits, your internal team may have the expertise needed to conduct one yourself using the free documentation that AWS provides to the public. There is always an opportunity to find value in a WAR, but if you have confidence in your own cloud experts and your company’s cloud practice, you might want to keep this work internal.

Highly Complicated Workload, Deep AWS Expertise

In this scenario, your company may have a highly complex workload, but you have an experienced cloud team already in place to manage your infrastructure. In this case, a WAR would be optional. However, receiving a WAR from a WAR-certified AWS Partner Network (APN) partner can provide an extra set of eyes that will help to provide feedback on the architecture your experts have built. Ultimately, if you fall into this bucket, you may decide that your team has everything under control, or you may decide that a second look wouldn’t be such a bad idea after all.

Highly Complicated Workload, Little to Zero AWS Knowledge

Managing a complex infrastructure can be a strenuous process, especially if you don’t have the resources or skillset to handle it. If your company has a complicated workload and you don’t feel you have the know-how to ensure your infrastructure is running efficiently, you would greatly benefit from a WAR. AWS customers in this category commonly struggle to optimize their AWS costs and do not see the full potential of their AWS workload. After helping these customers through a WAR, we often identify other opportunities for our customers to utilize AWS and see additional business value. We recommend these types of customers to take advantage of a WAR, and the findings may be worth their weight in gold.

All in all, a Well-Architected Review is not necessary in every scenario, but they can provide value no matter your business’s situation. Even if you have gone through a WAR within the last year, AWS recommends that these reviews are conducted on a semi-continuous basis to address newer concerns with your architecture.

After reviewing these common scenarios, you may realize you want to conduct a WAR on your infrastructure. You may be thinking, “Who can help me through this process and help me see the benefits of a WAR now?” Good news for you: you have partners that are here to help! AWS has a Well-Architected Partner Program where AWS trains APN Consulting Partners on how to perform Well-Architected reviews. Our company along with others have this certification and we can help you establish good architectural habits, eliminate risk, and respond faster to changes that affect designs, applications, and workloads. If you’re interested in conducting a WAR for your infrastructure, feel free to reach out to us by filling out the form below, or find another partner that will be able to assist you in your needs.



Still have a question about AWS Well-Architected Reviews? Contact us to get your answer

Written by:

Innovative Solutions

The Value of an AWS Well-Architected Review

Is your cloud environment architected to meet your desired business and technical goals? Consider a formal evaluation of your cloud infrastructure with an AWS Well-Architected Review. Learn, measure, and build using architectural best practices to enhance and modernize your infrastructure. This assessment will help your business optimize and accelerate your AWS environment to meet your key business objectives.  But what does the phrase “well-architected” mean?

What is an AWS Well-Architected Review (WAR)?

An AWS Well-Architected Review, or WAR, is a framework that was developed by AWS Cloud Architects to help create an efficient and effective infrastructure for applications being used in the AWS environment. The framework is now used globally by AWS Cloud Architect’s to help customers increase the value of their AWS platform for their specific business needs.

AWS Well-Architected Reviews are based on the following five key pillars:

These five key pillars are the foundation of your architecture. Just like buildings, when the foundation is not solid, structural problems can weaken the integrity of the building, leaving you at risk. Incorporating the pillars into your cloud architecture allows you to produce a stable and efficient foundation that can be easily built upon.

Not only do five the pillars allow you to focus on other aspects of software design, such as functional requirements, but it provides a consistent approach to evaluate your infrastructure.  Learn more about the 5 Pillars of an AWS Well-Architected Review


What is the Value of an AWS Well-Architected Review?

Conducting a Well Architected Review will help align your technology and business objectives. After this assessment, you will receive direct actionable solutions to strengthen your foundation. These recommendations are highly valuable and if chosen to proceed with the remediations, the benefits your company will experience are very clear.  A WAR can provide value to your business in the following ways:

  • Cut down costs and maximize your company’s IT spend
  • Help leverage cloud technology to improve your cloud usage and modernize infrastructure
  • Address any concerns or questions surrounding security, reliability, and operations.
  • Receive help in navigating the many services provided by the AWS.


How can an AWS Well-Architected Review Support Your Business?

A WAR can teach you how to achieve your business outcomes while cost optimizing in four key ways:

  • Right sizing your resources so you only pay for what you use
  • Choosing the right pricing model to meet your cost targets
  • Meeting changes in demand with cloud elasticity
  • Measuring, monitoring, and improving your usage and spending to ensure you are taking the most cost-effective approaches


Why Choose Innovative for an AWS Well-Architected Review?

Just like AWS, we are customer-obsessed in everything we do. We want to help customers maximize their AWS platform to get the most out of it. Our experts provide an efficient process to help clients create a roadmap to improve their infrastructure. To help drive confidence in your cloud decisions, we are committed to showing you relentless support. As an AWS Advanced Consulting Partner, we can take your company to the next level through modernizing and transforming your business and technology. We will show you how to harness the power of AWS to experience full business potential.

What Should I Do Next?

There is no better time than now to schedule your AWS Well-Architected Review. Make sure your business is running efficiently in a cost-optimized environment and you are leveraging the right services to meet your key business objectives.

Schedule Your Well-Architected Review

Written by:

John Hill

Why you should consider Infrastructure as Code

Infrastructure as Code (IaC) has revolutionized the way that infrastructure is provisioned. In short, IaC is defining your cloud infrastructure (Amazon VPC, subnet, Amazon EC2 instances, security groups, etc.) in a template file or in actual code.

Initially, you could only define the infrastructure in a template using JSON or YAML and then create a stack using AWS CloudFormation. Now, there is another option – the Cloud Development Kit (CDK) – that allows you to write code in common programming languages such as JavaScript and Python to define your cloud infrastructure. Under the hood, the CDK converts the code to an AWS CloudFormation template and then creates a stack from that. No matter which route you choose, IaC provides many benefits such as automation, repeatability, compliance-ready design, and the ability to leverage source control.


By defining your infrastructure as code with a servicelike AWS CloudFormation you can easily build your entire infrastructure with the click of a button. Before cloud computing platforms, like AWS, the infrastructure team would need to manually spin up each server, configure their settings and services, and install any needed software and packages. This was a manual, time-consuming process with a high risk of human error. By using AWS CloudFormation and its associated helper scripts such as cfn-init and cfn-signal, you can install and configure software packages as the infrastructure is provisioned ensuring everything is built in the correct order.

AWS provides the Metadata section in AWS CloudFormation to define information that can be used to customize the setup of an instance. The AWS::CloudFormation::Init: section under Metadata helps us declare information that we need to help install and configure our instances. For example, we can automate the installation and configuration of a LAMP stack onto our Amazon EC2 instance. As seen below, we declare two configSets: Install and Configure. Under the Install configSet, we declare the packages that we want to install and the package manager we want to use to install them (yum in this case).

Further down in the Amazon EC2 resource definition, the UserData section is where we can define commands to run automatically on startup of an instance. In this case, we update the AWS CloudFormation bootstrap package and then run the cfn-init command, which looks at the AWS::CloudFormation::Init section where we defined the packages that we want to install. It passes in the name of the AWS CloudFormation stack, the name of the resource, the configSets that we want to run and the region as command line parameters.

After the cfn-init command, there is another AWS CloudFormation helper script command called cfn-signal. This command is receiving the output (success or failure) from the cfn-init command and signals to the CreationPolicy if the installation was successful. The timeout in the CreationPolicy section means that AWS CloudFormation will wait for five minutes for a success signal. If it doesn’t receive a signal in that time period, the AWS CloudFormation will stop the stack creation and mark it as “failed to create.”


Once you have defined your infrastructure in an AWS CloudFormation template, you can repeatably create environments anytime. Here at Innovative Solutions, we have a standard networking templates that can be used for any new projects. This removes human error involved with manually provisioning your infrastructure with each new project.


By default, an AWS CloudFormation stack allows update actions on all the underlying resources. To solve this, we can define a stack policy that will ensure that the resources in the AWS CloudFormation stack cannot be updated. There are also other tools such as Drift Detection to ensure no one is changing the underlying infrastructure. Ad hoc manual changes to the stack should never be permitted because this could result in a non-compliant environment. Especially for a production environment, all changes should be run through the AWS CloudFormation template via a stack update.

Source control

Another great part of having your infrastructure defined as code is you can check it into source control just as you would with any code. This allows you and your team to be able to see the history of templates and the various changes that happen over time. Also, this allows your team to collaborate on the development of templates.

Organizing and managing templates between teams

When starting out with AWS CloudFormation you will probably put all your resources in one template. However, as your infrastructure gets more complex, this will become unmanageable. For example, a company has three teams working on a given application: a network team, an application development team, and a security team. Each team will have multiple resources that they need to provision for the application. Let’s say the network team needs to make a change to the VPC resource they have defined in the AWS CloudFormation template. If the teams are sharing one template, this could cause confusion and unnecessary overlap. To solve this issue, the best practice is to create three separate templates, one for each of the teams. This way each team can manage their own template without needing to check with and coordinate with the other teams before making changes to their resources.

Certainly, there will be resources that will need to be shared and referenced between the three templates. To solve this, we can use cross-stack references, which allow resources to be exported from one template and imported into another. For example, if the security team needs to reference the VPC defined in the network stack, it can do so by importing the VPC resource (if the network stack exported that VPC resource).

In the network stack, we need to export the ProdVPC resource:

In the application stack, we import the VPC Id for use in defining the target group of our Elastic Load Balancer.

Another best practice is to use nested stacks to re-use templates that are commonly used. Let’s say you have a network stack that is used in all the applications you create. Instead of defining the same network stack in each application template, you can make the network stack its own template, host it in Amazon S3, and then when you require another stack, you can define a resource type AWS::CloudFormation::Stack and then point to the location of the network template.

Here is an example of what this looks like in a template:

We are defining a CloudFormation stack that is referencing a template file that is stored in S3.

How does Innovative Solutions leverage IaC?

Innovative Solutions has been leveraging AWS CloudFormation for years because of the many benefits it provides for our organization. We have developed many different templates for networking, security, and others, that have been incrementally improved through the years. Having mature AWS CloudFormation templates at our disposal makes it easy to build infrastructure quickly and reliably. This allows us to save time and focus on the actual workload.

Our templates are stored in source control so they can be easily updated as services evolve. All past versions are tracked and can be easily updated for collaboration. For each project, we are able leverage our AWS CloudFormation templates to easily deploy multiple identical stacks for each of our environments (dev, staging, production).

Cloud Development Kit

The Cloud Development Kit (CDK) is another excellent way to define your AWS infrastructure as code. In fact, CDK abstracts away a lot of complexity of the AWS CloudFormation template. It allows you to provision AWS resources in popular programming languages such as C#, Java, JavaScript, and TypeScript, instead of creating a separate template file written in JSON or YAML. Using the CDK also allows you to use programming logic (if statements/for loops) that developers are comfortable with to help provision infrastructure resources. Writing ten lines of code using the CDK can produce hundreds of lines of an AWS CloudFormation template.

When you run your CDK app, an AWS CloudFormation template is synthesized (created). This doesn’t create any resources. The cdk deploy command actually creates the stack and the underlying resources.

Below is a sample Python CDK application that creates an SQS queue and an SNS topic. The queue is added as a subscription to the SNS topic so that it will receive messages when they are pushed to the SNS topic.

As seen above, this is simple, easy to understand code to write in Python. These lines of code create a CloudFormation template that is 150 lines long! The CDK provides an amazing level of abstraction that organizations can adopt quickly, if they haven’t already.

IaC has forever changed how we create virtual infrastructure. Once an organization learns how to leverage IaC, they will never go back to manually creating virtual servers and configuring all the settings and services associated with them. Not only is doing all this manual work extremely tedious, it also poses a high risk of human error because of the manual steps involved. With the development of the CDK, there is less of a barrier to entry leveraging IaC at your organization. You can find numerous sample templates online on the AWS website e. There is some up-front work involved with IaC, but once you are up and running you will appreciate the multitude of benefits that come with it.


Do you still have questions about Infrastructure as Code (IaC) ?

Feel free to contact us, we’d love the opportunity to further discuss anything you have read.

Contact us for more information

Written by:

John Hill


  • This field is for validation purposes and should be left unchanged.