AMS Accelerate features

AMS Accelerate is designed to help detect and respond to incidents and assists your team in resolving issues. You can reach out to AMS Accelerate operations engineers 24x7 using AWS Support Center, with incident response time SLAs depending on the level of response you selected for your account.

Accounts enrolled in AMS Accelerate are configured with a baseline deployment of CloudWatch events and alarms that have been optimized to reduce noise and to identify a possible upcoming incident. After receiving the alerts, the AMS team uses automated remediations, people, and processes, to bring the resources back to a healthy state and engage with your teams when appropriate to provide insights into learnings on the behavior and how to prevent it. If remediation fails, AMS starts the incident management process. You can change the baselines by updating the default configuration file. 

AMS helps you protect your information assets and helps you keep your AWS infrastructure secure by using multiple controls. AMS deploys a collection of AWS Config rules aligned with the National Institute of Standards and Technology Cloud Security (Framework NIST CSF) and the Center for Internet Security AWS Foundations (CIS) security frameworks. These rules continuously check whether your existing and new resources are conformant with those security frameworks. 

In addition, AMS leverages Amazon GuardDuty to help identify potentially unauthorized or malicious activity in your AWS managed environment. GuardDuty findings are monitored 24x7 by AMS. AMS collaborates with you to understand the impact of the findings and remediations based on best practice recommendations. AMS also supports Amazon Macie to help protect your sensitive data such as personal health information (PHI), personally identifiable information (PII), and financial data. 

For an AWS account with the patch add-on, AMS applies and installs vendor updates to EC2 instances for supported operating systems during your chosen maintenance windows. AMS creates a snapshot of the instance prior to patching, monitors the patch installation, and notifies you of the outcome. If the patch fails, AMS investigates the failure, tries to remediate it, or restores the instance as needed. AMS provides reports of patch compliance coverage and advises you of the recommended course of action for your business.

AMS can create, monitor, and store snapshots for AWS services supported by AWS Backup. You define the backup schedules, frequency, and retention period by creating AWS Backup plans while onboarding accounts and applications. You associate the plans to resources. AMS tracks all backup jobs, and, when a backup job fails, alerts our team to run a remediation. AMS leverages your snapshots to perform restoration actions during incidents, if needed. AMS provides you with a backup coverage report and a backup status report.  

AMS Accelerate designates a Cloud Service Delivery Manager (CSDM) and a Cloud Architect (CA) to partner with your organization and drive operational and security enhancement. Your CSDM and CA provide you guidance during and after configuration and onboarding AMS Accelerate, deliver a monthly report of your operational metrics, and work with you to identify potential cost savings using tools such as AWS Cost Explorer, Cost and Usage Reports, and Trusted Advisor.

AMS Accelerate is designed to provide ongoing operations for your workload's infrastructure in AWS. Our patch, backup, monitoring, and incident management services depend on having resources tagged, and the AWS Systems Manager (SSM) and CloudWatch agents installed and configured on your EC2 instances with an IAM instance profile that authorizes them to interact with the SSM and CloudWatch services. AMS Accelerate provides tools like Resource Tagger to help you tag your resources based on rules, and automated instance configuration to install the required agents in your EC2 instances. If you're following immutable infrastructure practices, you can complete the prerequisites directly in the console or infrastructure-as-code templates.

All AMS Accelerate customers start with incident management, monitoring, security monitoring, log recording, prerequisite tools, backup management, and reporting capabilities. You can add AMS Patch add-on at an additional price.  

AMS aggregates and stores logs generated as a result of operations in CloudWatch, CloudTrail, and VPC Flow Logs. Logging from AMS assists in incident resolution and system audits. AMS Accelerate also provides you with a monthly service report that summarizes key performance metrics of AMS, including an executive summary and insights, operational metrics, managed resources, AMS service level agreement (SLA) adherence, and financial metrics around spending, savings, and cost optimization. Reports are delivered by the AMS cloud service delivery manager (CSDM) designated to you. 

Operations on Demand (OOD) is an AMS feature that extends the standard scope of your AMS operations plan by providing operational services that are not currently offered natively by the AMS operations plan or AWS. Once selected, the catalog offering is delivered by a combination of automation and highly skilled AMS resources. There are no long-term commitments or additional contracts, allowing you to extend your existing AMS and AWS operations and capabilities as needed. You agree to purchase blocks of hours (OOD blocks), 20 hours per block, on a monthly basis.

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.aws.amazon.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.amazon.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.