Finding an Easy Migration Path Supported with Funding

By the end of 2020, 80% of SMB’s will be leveraging the power of the cloud to accelerate their business. Your path to the cloud should be well-architected and phased-in to minimize disruption and maximize ROI. Join our technology experts at the Finding an Easy Migration Path Supported with Funding session to learn how to migrate to the cloud with a plan and a proven AWS partner at a low cost.

What you will learn:

  • Benefits of migrating to the cloud
  • Innovative’s cloud migration journey
  • Funding to help offset the cost of your move to the cloud
Can’t make the event? Register and we will send you the recording.

Modernize Your Application to Drive Growth and Reduce TCO

Designing your applications for the future on AWS is essential so that you can address the evolving demands of your customers. By modernizing your applications on AWS, you can unlock your growth potential and reduce your total cost of ownership (TCO) by 64%. Join our AWS experts at the Modernization of Application to Drive Growth and Reduce TCO session to learn to modernize your software, retire legacy solution, and drive business value.

What you will learn:

  • How to drive growth by retiring legacy solutions to improve your financial posture
  • How to maximize the value of existing hardware, software and business applications
  • Working with a trusted cloud provider will accelerate your cloud migration journey
Can’t make the event? Register and we will send you the recording.

Security in the AWS Cloud

Did you know…

280 Days is the average time to identify and contain a breach
37% of small businesses experience financial loss after a breach
25% of small businesses experience financial loss after a breach
10% of small businesses experience financial loss after a breach

It is essential for you to focus on scaling and innovating your business in the most secure way possible. By using AWS, you can gain the control and confidence you need to securely run your business with the most flexible and secure cloud computing environment available today. Join our AWS experts at the Security in the Cloud for Startups session to learn how we can help you build a secure, high-performing, resilient, and efficient infrastructure at a low cost.

What you will learn:

  • Why you should secure your cloud
  • The benefits of cloud security
  • Startups can get enterprise grade security tools at a startup cost
  • Security Myths vs Reality
Can’t make the event? Register and we will send you the recording.

A Startups Guide to Leveraging the Power of the Cloud

As a startup, leveraging cloud technology is essential for the success of your business so you can grow and scale rapidly at a low cost. Join our technology experts to learn how the cloud can provide a foundation for your ambition and accelerate your business.  In this four-part Startup Acceleration series, you will learn how to best leverage the cloud to get the most out of your infrastructure.

Areas of focus include:

  • How to scale your environment to future-proof your business
  • Key considerations and best practices to use to secure your cloud environment
  • How transform your business with application modernization

Whether you’re taking your first step into the cloud, looking for ways to unlock massive potential through modernization programs, or looking to learn how to best optimize the security of your cloud, this series will steer you through your journey.

What you will learn:

  • How transitioning to serverless will accelerate your speed to market and increase your efficiency
  • How to reduce cloud spend and maximize ROI on AWS
  • Best practices for building and deploying an optimized cloud environment

Can’t make the event? Register and we will send you the recording.

AI/ML Immersion Day with Innovative and AWS

Join us for a virtual AWS Immersion Day on Wednesday, September 16th as we demystify artificial intelligence and machine learning (AI/ML) during this half-day workshop. During the AI/ML Immersion Day, you will be introduced to fundamentals, data science process,  algorithms, and have the opportunity to learn with hands-on labs. Solution Engineers from AWS and Innovative will help you adopt methodologies and technologies to address business challenges.  Register today to take the first step towards getting started with your AI/ML initiatives.

Windows Workloads on AWS: The Best Path Forward Webinar

Customers every day are moving away from SQL Server, .NET applications, and other Microsoft technologies to reduce costs and escape licensing restrictions. However, moving to AWS doesn’t mean moving away from your favorite Windows applications.

In fact, AWS runs:

> 2x more Windows Server instances than the next largest competitor
> SQL workloads faster than the next largest competitor
> SQL workloads at a lower cost than the next largest competitor

Join AWS and Innovative Solutions in this upcoming webinar that will be packed with information you need to understand the value of migrating your Windows workloads to AWS. We will help inform you of the business value of running Windows workloads on AWS, the easiest way to take action in 2020, and different funding programs to help offset the cost of your move to the cloud.

It’s your business on Windows…only better.

The Value of an AWS Well-Architected Review

Is your cloud environment architected to meet your desired business and technical goals? Consider a formal evaluation of your cloud infrastructure with an AWS Well-Architected Review. Learn, measure, and build using architectural best practices to enhance and modernize your infrastructure. This assessment will help your business optimize and accelerate your AWS environment to meet your key business objectives.  But what does the phrase “well-architected” mean?

What is an AWS Well-Architected Review (WAR)?

An AWS Well-Architected Review, or WAR, is a framework that was developed by AWS Cloud Architects to help create an efficient and effective infrastructure for applications being used in the AWS environment. The framework is now used globally by AWS Cloud Architect’s to help customers increase the value of their AWS platform for their specific business needs.

AWS Well-Architected Reviews are based on the following five key pillars:

These five key pillars are the foundation of your architecture. Just like buildings, when the foundation is not solid, structural problems can weaken the integrity of the building, leaving you at risk. Incorporating the pillars into your cloud architecture allows you to produce a stable and efficient foundation that can be easily built upon.

Not only do five the pillars allow you to focus on other aspects of software design, such as functional requirements, but it provides a consistent approach to evaluate your infrastructure.  Learn more about the 5 Pillars of an AWS Well-Architected Review

 

What is the Value of an AWS Well-Architected Review?

Conducting a Well Architected Review will help align your technology and business objectives. After this assessment, you will receive direct actionable solutions to strengthen your foundation. These recommendations are highly valuable and if chosen to proceed with the remediations, the benefits your company will experience are very clear.  A WAR can provide value to your business in the following ways:

  • Cut down costs and maximize your company’s IT spend
  • Help leverage cloud technology to improve your cloud usage and modernize infrastructure
  • Address any concerns or questions surrounding security, reliability, and operations.
  • Receive help in navigating the many services provided by the AWS.

 

How can an AWS Well-Architected Review Support Your Business?

A WAR can teach you how to achieve your business outcomes while cost optimizing in four key ways:

  • Right sizing your resources so you only pay for what you use
  • Choosing the right pricing model to meet your cost targets
  • Meeting changes in demand with cloud elasticity
  • Measuring, monitoring, and improving your usage and spending to ensure you are taking the most cost-effective approaches

 

Why Choose Innovative for an AWS Well-Architected Review?

Just like AWS, we are customer-obsessed in everything we do. We want to help customers maximize their AWS platform to get the most out of it. Our experts provide an efficient process to help clients create a roadmap to improve their infrastructure. To help drive confidence in your cloud decisions, we are committed to showing you relentless support. As an AWS Advanced Consulting Partner, we can take your company to the next level through modernizing and transforming your business and technology. We will show you how to harness the power of AWS to experience full business potential.

What Should I Do Next?

There is no better time than now to schedule your AWS Well-Architected Review. Make sure your business is running efficiently in a cost-optimized environment and you are leveraging the right services to meet your key business objectives.

Schedule Your Well-Architected Review

John Hill

Written by:

John Hill

jhill@innovativesol.com

Why you should consider Infrastructure as Code

Infrastructure as Code (IaC) has revolutionized the way that infrastructure is provisioned. In short, IaC is defining your cloud infrastructure (Amazon VPC, subnet, Amazon EC2 instances, security groups, etc.) in a template file or in actual code.

Initially, you could only define the infrastructure in a template using JSON or YAML and then create a stack using AWS CloudFormation. Now, there is another option – the Cloud Development Kit (CDK) – that allows you to write code in common programming languages such as JavaScript and Python to define your cloud infrastructure. Under the hood, the CDK converts the code to an AWS CloudFormation template and then creates a stack from that. No matter which route you choose, IaC provides many benefits such as automation, repeatability, compliance-ready design, and the ability to leverage source control.

Automation

By defining your infrastructure as code with a servicelike AWS CloudFormation you can easily build your entire infrastructure with the click of a button. Before cloud computing platforms, like AWS, the infrastructure team would need to manually spin up each server, configure their settings and services, and install any needed software and packages. This was a manual, time-consuming process with a high risk of human error. By using AWS CloudFormation and its associated helper scripts such as cfn-init and cfn-signal, you can install and configure software packages as the infrastructure is provisioned ensuring everything is built in the correct order.

AWS provides the Metadata section in AWS CloudFormation to define information that can be used to customize the setup of an instance. The AWS::CloudFormation::Init: section under Metadata helps us declare information that we need to help install and configure our instances. For example, we can automate the installation and configuration of a LAMP stack onto our Amazon EC2 instance. As seen below, we declare two configSets: Install and Configure. Under the Install configSet, we declare the packages that we want to install and the package manager we want to use to install them (yum in this case).

Further down in the Amazon EC2 resource definition, the UserData section is where we can define commands to run automatically on startup of an instance. In this case, we update the AWS CloudFormation bootstrap package and then run the cfn-init command, which looks at the AWS::CloudFormation::Init section where we defined the packages that we want to install. It passes in the name of the AWS CloudFormation stack, the name of the resource, the configSets that we want to run and the region as command line parameters.

After the cfn-init command, there is another AWS CloudFormation helper script command called cfn-signal. This command is receiving the output (success or failure) from the cfn-init command and signals to the CreationPolicy if the installation was successful. The timeout in the CreationPolicy section means that AWS CloudFormation will wait for five minutes for a success signal. If it doesn’t receive a signal in that time period, the AWS CloudFormation will stop the stack creation and mark it as “failed to create.”

Repeatability

Once you have defined your infrastructure in an AWS CloudFormation template, you can repeatably create environments anytime. Here at Innovative Solutions, we have a standard networking templates that can be used for any new projects. This removes human error involved with manually provisioning your infrastructure with each new project.

Compliance-ready

By default, an AWS CloudFormation stack allows update actions on all the underlying resources. To solve this, we can define a stack policy that will ensure that the resources in the AWS CloudFormation stack cannot be updated. There are also other tools such as Drift Detection to ensure no one is changing the underlying infrastructure. Ad hoc manual changes to the stack should never be permitted because this could result in a non-compliant environment. Especially for a production environment, all changes should be run through the AWS CloudFormation template via a stack update.

Source control

Another great part of having your infrastructure defined as code is you can check it into source control just as you would with any code. This allows you and your team to be able to see the history of templates and the various changes that happen over time. Also, this allows your team to collaborate on the development of templates.

Organizing and managing templates between teams

When starting out with AWS CloudFormation you will probably put all your resources in one template. However, as your infrastructure gets more complex, this will become unmanageable. For example, a company has three teams working on a given application: a network team, an application development team, and a security team. Each team will have multiple resources that they need to provision for the application. Let’s say the network team needs to make a change to the VPC resource they have defined in the AWS CloudFormation template. If the teams are sharing one template, this could cause confusion and unnecessary overlap. To solve this issue, the best practice is to create three separate templates, one for each of the teams. This way each team can manage their own template without needing to check with and coordinate with the other teams before making changes to their resources.

Certainly, there will be resources that will need to be shared and referenced between the three templates. To solve this, we can use cross-stack references, which allow resources to be exported from one template and imported into another. For example, if the security team needs to reference the VPC defined in the network stack, it can do so by importing the VPC resource (if the network stack exported that VPC resource).

In the network stack, we need to export the ProdVPC resource:

In the application stack, we import the VPC Id for use in defining the target group of our Elastic Load Balancer.

Another best practice is to use nested stacks to re-use templates that are commonly used. Let’s say you have a network stack that is used in all the applications you create. Instead of defining the same network stack in each application template, you can make the network stack its own template, host it in Amazon S3, and then when you require another stack, you can define a resource type AWS::CloudFormation::Stack and then point to the location of the network template.

Here is an example of what this looks like in a template:

We are defining a CloudFormation stack that is referencing a template file that is stored in S3.

How does Innovative Solutions leverage IaC?

Innovative Solutions has been leveraging AWS CloudFormation for years because of the many benefits it provides for our organization. We have developed many different templates for networking, security, and others, that have been incrementally improved through the years. Having mature AWS CloudFormation templates at our disposal makes it easy to build infrastructure quickly and reliably. This allows us to save time and focus on the actual workload.

Our templates are stored in source control so they can be easily updated as services evolve. All past versions are tracked and can be easily updated for collaboration. For each project, we are able leverage our AWS CloudFormation templates to easily deploy multiple identical stacks for each of our environments (dev, staging, production).

Cloud Development Kit

The Cloud Development Kit (CDK) is another excellent way to define your AWS infrastructure as code. In fact, CDK abstracts away a lot of complexity of the AWS CloudFormation template. It allows you to provision AWS resources in popular programming languages such as C#, Java, JavaScript, and TypeScript, instead of creating a separate template file written in JSON or YAML. Using the CDK also allows you to use programming logic (if statements/for loops) that developers are comfortable with to help provision infrastructure resources. Writing ten lines of code using the CDK can produce hundreds of lines of an AWS CloudFormation template.

When you run your CDK app, an AWS CloudFormation template is synthesized (created). This doesn’t create any resources. The cdk deploy command actually creates the stack and the underlying resources.

Below is a sample Python CDK application that creates an SQS queue and an SNS topic. The queue is added as a subscription to the SNS topic so that it will receive messages when they are pushed to the SNS topic.

As seen above, this is simple, easy to understand code to write in Python. These lines of code create a CloudFormation template that is 150 lines long! The CDK provides an amazing level of abstraction that organizations can adopt quickly, if they haven’t already.

IaC has forever changed how we create virtual infrastructure. Once an organization learns how to leverage IaC, they will never go back to manually creating virtual servers and configuring all the settings and services associated with them. Not only is doing all this manual work extremely tedious, it also poses a high risk of human error because of the manual steps involved. With the development of the CDK, there is less of a barrier to entry leveraging IaC at your organization. You can find numerous sample templates online on the AWS website e. There is some up-front work involved with IaC, but once you are up and running you will appreciate the multitude of benefits that come with it.

 

Do you still have questions about Infrastructure as Code (IaC) ?

Feel free to contact us, we’d love the opportunity to further discuss anything you have read.

Contact us for more information

John Hill

Written by:

John Hill

jhill@innovativesol.com

Content Management Systems on Amazon Web Services (AWS)

A content management system (CMS) is an application allowing users to become authors of their own content. An administrator of a CMS site has the ability to add new pages, text, files, and completely own the structure and content of their website without any backend access or development knowledge. CMS sites can be efficiently hosted and maintained on various services provided by AWS. Many of these services improve the SDLC of the application by securely storing application code, enabling frequent releases, providing highly available custom content, and the ability to replicate environments using Infrastructure as Code.

AWS CodePipeline

AWS provides CI/CD tools that work seamlessly with CMS applications. It’s important for any application to have a well-defined release process and AWS CodePipeline streamlines the build and deploy steps. AWS CodePipeline can use AWS CodeCommit, GitHub, or Amazon S3 as sources. Many open source CMS solutions have their source checked into GitHub which makes tying these projects to AWS CodePipeline incredibly simple.

Developers can connect to GitHub or AWS CodeCommit through the AWS console under the AWS CodePipeline service where they can select their source repository. They can then add build, deploy, custom, and manual approval actions as needed. Once in place, when a change is made to a source repository a pipeline can automatically trigger and all defined steps in the pipeline will be executed.

 Environment automation with AWS CloudFormation and AWS Elastic Beanstalk

AWS provides two services to quickly spin up new environments and projects with the click of a button: AWS CloudFormation and AWS Elastic Beanstalk. Both can be used to create environments for CMS sites providing different levels of automation and environmental control. Often a new environment will need to be spun up quickly to provide a new testing or QA site. In other scenarios, a brand-new application may need to be created, but that application’s functionality overlaps with previously created CMS sites and just needs to be customized for a client. AWS CloudFormation allows a developer to create templates that describe in yaml or json code the environment’s specific resources such as Amazon EC2 servers, Amazon S3 buckets, or Security Groups. These templates only need to be created once and can then be reused or modified to quickly create new environments. AWS CloudFormation allows complete control over the environment’s resources whereas AWS Elastic Beanstalk manages more of the environment.

AWS Elastic Beanstalk requires just a few pieces of information about the type of application being created, and then automatically creates all necessary resources for the environment. There is less control over the resources created by an AWS Elastic Beanstalk application, but the speed in creating an entire application stack means less time developers need to spend provisioning and configuring resources by hand. Both environment creation methods decrease the potential for human error caused by a manual process.

Amazon EBS, Amazon EFS, Amazon S3, and Amazon FSx for Decoupled Site Asset Storage

CMS applications often allow users to upload custom files such as media or CSS. By default, most CMS frameworks store these files to local disc. AWS provides many storage options, each with benefits and drawbacks, to store these assets: Amazon EBS, Amazon EFS, Amazon S3, and Amazon FSx.

Amazon EBS (Elastic Block Store) has two main disk type options: SSD and HDD. An SSD disk type will provide faster performance than an HDD. Amazon EBS volumes can be attached to both Linux and Windows servers and it is typically the most performant solution. However, Amazon EBS volumes can only be attached to one EC2 instance at a time, meaning it will not be usable for shared storage in auto-scaling scenarios. If a CMS site will get a lot of traffic and needs to scale to maintain site performance, Amazon EBS would not be a good choice to store dynamic content. Amazon EBS provides a snapshot method of backing up content and restoring to new Amazon EC2 instances.

Amazon EFS (Elastic File System) is similar to Amazon EBS but has the ability to be accessed by multiple Amazon EC2 instances. It is therefore useful when auto-scaling is needed for a heavily trafficked application. However, Amazon EFS cannot be mounted to Windows instances.

If auto-scaling is needed in a Windows environment, Amazon S3 (Simple Storage Solution) and Amazon FSx are viable options. Amazon S3 differs in that it stores files as objects in buckets via an API instead of leveraging a file system mount. Replication can also be configured on a bucket to copy an item from one bucket to another, providing a method of backups or syncing site assets across environments. In general, Amazon S3 will be the cheapest option compared to the alternatives. The biggest decision factor is Amazon S3 likely requires significant application changes to leverage since it can’t be mounted.

Amazon FSx for Windows File Server works similarly to Amazon EFS but for Windows Servers. It provides a managed storage solution that can be attached to multiple instances and also provides some additional functionality like Active Directory integration.

Conclusion

The services mentioned above work together to provide a stable and efficient environment that accommodates a CMS application. AWS CodePipeline can manage the release process and is already integrated with popular version control providers like GitHub. CMS applications can utilize AWS CloudFormation and AWS Elastic Beanstalk which enable new environments to be built and created quickly. AWS provides flexibility when choosing the appropriate storage platform. Amazon EFS, Amazon EBS, Amazon S3, and Amazon FSx cover most storage scenarios when running a CMS.

 

Do you still have questions about custom development or CMS?

Feel free to contact us, we’d love the opportunity to further discuss anything you have read.

Contact us for more information

Learn more about our AWS Cloud Service offering

Innovative Solutions

Written by:

Innovative Solutions

marketing@innovativesol.com

Why Innovative Leverages DevOps

Innovative Solutions is a mid-sized company, but many times we encounter communication and coordination problems at an enterprise scale. Internally, we have multiple development teams with each team comprised of multiple team members bringing a range of skill sets. Each team interacts with third-party vendors, providers, and clients who often bring their own development teams with whom we collaborate. Quite often clients are directly communicating with third parties as well. As the number of entities in this communication graph increases, the complexity of organizing and interacting grows which requires structures and processes to be put in place to ensure efficient communication.

Over the years we have been employing and maturing our SDLC methodologies, following Agile practices, and incorporating the latest tools to help develop, deploy, and support our products and our clients. This has organically led us to leverage DevOps services driven by industry leaders including Amazon Web Services (AWS).

Innovative Solutions takes these ideas very seriously and their adoption has helped us successfully navigate an increasingly complex ecosystem. In fact, Innovative takes this so seriously we require any engagement to be working toward an end goal of leveraging DevOps processes and tools. We’ve seen time and time again when our partners understand the value in laying a proper foundation, and we all win.

Leveraging automated build and CI pipelines has taken a burden off developers freeing them to spend more time creating rather than waiting to see if tests pass. We heavily use AWS CloudFormation to automate our infrastructure setup in a repeatable manner. This makes spinning up a temporary lower environment almost instantaneously, with just one-click versus the weeks it took just a few years ago.

Advanced monitoring and alerting enables Innovative’s team to identify small problems before they become big ones. Tools like Amazon CloudWatch, AWS X-Ray, and Datadog provide visibility into systems unparalleled to anything we had in the past. We now leverage logs and metrics that previously were discarded to identify areas of opportunity so we can continually improve customer experience while providing tangible value to our clients.

DevOps and Regulation

The complexities of interactions these days are exacerbated by ever-growing regulatory pressures. Innovative Solutions consistently partners with customers who must adhere to HIPAA, PCI, SOCs, and other compliances. Innovative has utilized AWS DevOps tools to create processes and controls making compliance and audits more secure and successful.

The same build and deploy pipelines that facilitate our rapid development cycles also provide immutable packages we can promote from environment to environment. This helps us ensure that no bad actors have the ability to tamper with code on its way to production.

We leverage AWS CodePipeline’s manual approvals ensuring releases have the appropriate sign-off before moving forward. This allows us to put in place appropriate controls and separation of duties.

AWS Config gives us the capability to be notified when any part of our infrastructures deviates from the policies we have defined. If this happens, AWS CloudTrail makes it easy to perform root-cause-analysis and correct the problem quickly. Our applications are assessed by Amazon Inspector to identify any deviations from internal standards.

 

A Must-Have for Any Business

DevOps is not something off on the horizon. The methodologies and tools are mature enough that it should be considered as part of the standard SDLC. If you’re not already practicing DevOps, the time is now. DevOps is not a nice-to-have, but a must-have for any business serious about long-term software development.

 

Do you still have questions about DevOps?

Feel free to contact us, we’d love the opportunity to further discuss anything you have read.

Contact us for more information

Learn more about our AWS Cloud Service offering

Mike Krauklis

Written by:

Mike Krauklis

mkrauklis@innovativesol.com

Download