AWS Managed Services Advanced operational plan with preventative controls via a change management system within an AWS managed landing zone, which provides a full operational solution and trades some flexibility for increased operational rigor to protect your critical business applications.
Service desk
AWS Managed Services offers unlimited incidents and service request interactions with responses within 15 minutes, and incident restorations within 4 hours, depending on the SLAs. You have 24 x 7 access to our team of Cloud experts via web case, phone, or chat.
AWS Managed Services helps protect your organization's information, as well as its infrastructure, with our incident response and resolution capabilities. AMS proactively detects security and availability issues, and offers unlimited incident response across AWS. Our team of cloud experts are here to investigate, remediate, and restore your infrastucture.
Create unlimited Service Requests for information on how to use AWS Managed Services, trouble shoot operational issues that are not an incident, and receive guidance on operational integration for your workloads. Contact our team of cloud experts via web case, phone, or chat.
AWS Incident Detection and Response is an add-on to Enterprise Support that offers 24x7 proactive monitoring and incident management for subscribed or onboarded workloads. AWS Incident Detection and Response is available at no additional charge in eligible regions for AWS Managed Services direct customers with AWS Enterprise Support.
Operational monitoring
AWS Managed Services monitors the logs and metrics of your AWS resources 24x7 to detect performance and availability issues. After receiving an alert, AMS combines automated remediations, cloud experts, and processes to bring the resources back to a healthy state and engages with your teams to convert insights into learnings on how to prevent this behavior in the future.
AWS Managed Services monitors the performance and the availability of AWS services, regions, and accounts using AWS Health. We work with you to prepare for planned activities and to respond to events in progress.
Backup management
AWS Managed Services helps you back up critical information on a regular basis and assosts with a timely recovery using a proven methodology. You define the backup schedules, frequency, and retention period while AWS Managed Services initiates and monitors all backup jobs.
Cost optimization
Your Cloud Service Delivery Manager provides monthly recommendations to optimize your AWS usage and cost. Our team of cloud experts will make the changes to your infrastructure based on the recommendations to ensure you get the most out of our AWS investment.
Logging
AWS Managed Services aggregates and stores all logs generated as a result of all operations in Amazon CloudWatch, AWS CloudTrail, and system logs. Consistent log handling prevents tampering and makes it faster and easier for us and customers to audit, detect, and resolve issues.
Reporting
AWS Managed Services provides customers with a monthly service report which summarizes key performance metrics of AWS Managed Services, including an executive summary and insights, operational metrics, AMS SLA adherence, and financial metrics around spend, savings and cost optimization. Reports are delivered by an AMS Cloud Service Delivery Manager (CSDM) designated to the customer.
Service delivery
AWS Managed Services offers two tiers of service levels, Plus and Premium, to meet the operational requirements for different types of workloads. The Plus service level is targeted at non-production and non-critical workloads, and the higher service levels of Premium tier are targeted at the needs of business critical applications. Credits are provided for non-conformance to SLAs for each tier, and customers have the flexibility to choose between the tiers per account on a monthly basis.
AWS Managed Services designates a Cloud Service Delivery Manager (CSDM) who provides visibility, recommendations, escalation channel, and reporting through all phases of the operations lifecycle including onboarding and migration. of the onboarding, migration and operational lifecycle. CSDMs conduct monthly business reviews and provide insights such as financial spend, cost-saving recommendations, service utilization, and risk reporting.
AWS Managed Services designates a Cloud Architect (CA) who provides technical expertise to navigate the operational challenges of cloud computing. They help identify candidate workloads from the application pipeline, on-board accounts, lead game days, perform disaster recovery testing, and provide problem management and architectural guidance.
Planned Event Management engagements are conducted with customers in preparation for launch including Game Days, workshops, and security, operational readiness and technical reviews.
Patching
AWS Managed Services applies and installs updates to EC2 instances for supported operating systems during your chosen maintenance windows. AWS Managed Services creates a snapshot of the instance prior to patching, monitors the patch installation, and notifies you of the outcome. In case of patching failures, AWS Managed Services investigates the failure, tries to remediate it, or rollbacks the instance if needed.
AWS Managed Services produces updated AMIs every month for each of our supported operating systems. The AMIs are based on updated Amazon Machine Images that are modified for AWS Managed Services, and hardened following Center for Internet Security (CIS) guidelines.
Landing zone and account operations
AWS Managed Services provides a standard security-tested and conformant architecture to start your cloud journey. Our managed landing zone is pre-configured with the infrastructure to facilitate authentication, security, networking, and logging, so you can quickly migrate your AWS workloads and we handle on-going landing zone management.
Provisioning and change management
The AWS Managed Services change system protects your workloads by preventing the execution of risky changes to your AWS infrastructure or unauthorized access. Customers request changes from a library of automated changes previously vetted by our security and operations teams or request manual changes that will be reviewed and executed by our operations team if they are deemed safe.
You can provision resources in several ways, including AWS Managed Services Change Management, security-hardened AMIs, CloudFormation templates, AWS Service Catalog, ITSM Integration, and and self-service provisioning.
Create and record unlimited changes through a secure and controlled mechanism in the AWS Managed Services environment, with automated and manual changes that can be scheduled at your convenience. Change control allows you to restrict access and ensure only authorized changes are made in your environment.
Access management
AWS Managed Services provides a Microsoft Active Directory (AD) based access model for Amazon EC2 instances that is secure, and integrates with the customer's Active Directory. AWS Managed Services operates the AD while giving the customer control of their authentication model. We handle the creation, coordination, and management of AD while customers focus on user administration.
The AWS Managed Services security team reviews customer-proposed IAM roles and security groups, evaluating proposed policies against a known standard, ensuring properly scoped down roles across AMS-managed accounts. The AWS Managed Services security team regularly interacts with the customers' security team to ensure access controls meet the customers' expectations.
Security management
AWS Managed Services (AMS) protects your resources with AWS security tools optimized to reduce noise and to identify indications of an upcoming security incident. AMS leverages Amazon GuardDuty to identify potentially unauthorized or malicious activity in your AWS environment and Amazon Macie to protect your sensitive data such as personal health information (PHI), personally identifiable information (PII) and financial data.
All access to Amazon Ec2 instances inside AWS Managed Services (AMS) managed accounts, for both customers and AMS is gated by the use of bastions. AMS maintains both Linux and Windows RDP bastions for access thar are accessible over customers' private connection (VPN or DX). In addition to a firewall to prevent inbound traffic, bastions are regularly re-provisioned on a fixed schedule.
AWS Managed Services Managed Firewall extends AWS networking and security capabilities with a fully-managed firewall appliance, combining industry-leading firewall technology with day-to-day infrastructure management, security incident response, and event remediation capabilities within a compliant operating environment. The Managed Firewall creates a single, highly-available connection point to the Internet, reduces the attack surface for data breaches, blocks egressing of sensitive data from customer accounts, and meets the compliance requirements for regulated industries.
IT Service Management integration
AWS Managed Services provides bi-directional integration with the customer's ITSM solution, including productized connector with ServiceNow to enable the creation, update and sync of incidents, service requests and requests for change.