Amazon Web Services customers get by with a little help from Amazon's friends in the cloud management software...
Amazon Web Services (AWS) shops say third-party tools can help make sense of configuration and audit trail data produced by Amazon services such as AWS Config for streamlined cloud management.
One such tool is the vNOC Cloud Management Platform, which became generally available last month from Cloudnexa, a Philadelphia-based AWS Premier Partner. The company got its start providing managed services for AWS customers, and developed vNOC to enhance the AWS Management Console.
The vNOC software as a service (SaaS) offering imports data from the AWS Config auditing service and groups the data into snapshots so users can get a historical view of what was running in the AWS environment at a particular point in time. It also provides graphical reports based on management data AWS CloudTrail and CloudWatch produce.
Cloudnexa customer cyDaptiv Solutions, Inc., an IT security consultancy that works with the federal government and government contractors in the Washington, D.C., area, will use vNOC to manage governance for clients.
"At a higher level, a compliance level, we can look at configurations and pull reports [from vNOC] so individuals do not have to wade through all the services in their AWS Console," said Curt Hefflin, president of cyDaptiv.
While vNOC relies on data AWS produces, which can also be found through the native AWS Management Console, the product's visual reports and the correlations it makes between instances in a user's environment make it easier for clients without much experience in AWS cloud management to understand what's going on, Hefflin said.
One of the challenges cyDaptiv encounters when moving clients from a traditional environment -- where people are accustomed to accessing information through a graphical interface with easy visualizations of the whole topology -- is that the AWS Management Console can appear very abstract, Hefflin said.
With the AWS Management Console, it can be difficult to understand the interconnections and interfaces between all the assets in a given environment, Hefflin added.
However, it's important from a compliance perspective to understand those interconnections; the first thing cyDaptiv does at a new client engagement with federal agencies is a security assessment.
"We begin to discover things that they were not aware of … what's deployed, how it's behaving, what needs attention, and to really make that information actionable, which is somewhat new to some of these federal government agencies," Hefflin said.
Cloudnexa's tool also correlates and reports on assets across regions and separate AWS accounts, which are not as easy to view through the AWS Management Console, Hefflin said.
But vNOC doesn't completely replace AWS cloud management tools such as the AWS Management Console and CloudFormation. Hefflin's company also has engineers who work directly with JSON files and the Ansible configuration management automation tool.
"They're always going to use that, but it's good to be able to go to a tool like this and quickly delve into what's happening and have alerts," Hefflin added.
Cloudnexa also has a close relationship with Amazon and is included in the product development process, to stay a step ahead of native features. Hefflin said he's waiting for Cloudnexa to integrate vNOC with the AWS Service Catalog when it becomes generally available, which Cloudnexa officials say is on the roadmap.
Cloudnexa also has several competitors in the AWS cloud management space, particularly when it comes to asset discovery and health checks. Competitors include CloudHealth Technologies, Cloudability, Cloudun, RightScale and Scalr. Configuration management tools such as Puppet and Chef can also be used instead of Ansible's tools.
Cloudnexa is priced according to a percentage of the customer's AWS expenditures; the company's managed services are priced at 18% of a customer's spend, while a premium service is priced at 47% of a customer's monthly AWS spend and comes with products bundled in from Sumo Logic, Trend Micro and App Dynamics. The vNOC tool is included for any services customers and a limited free version is available to any AWS shop.
Amazon did not comment for this story.
Navigating the AWS Management Console
Streamline resources with CloudFormation
Overcoming multi-cloud management hurdles