Build Your Foundations Yourself

While it has always been possible to slap down a credit card and start using services to spin up resources in AWS, that isn’t appropriate when you’re building a production-grade environment to store your business—and your customers’—sensitive applications and information. Just like building a house, you need to lay solid foundations if you’re going to build something that lasts, something to house your belongings and loved ones!

In AWS, when we talk about foundations, we mean hardened, secure accounts, guardrails to prevent misuse, a repeatable deployment process, user access, and network configuration and management.

For the longest time, your only option as an AWS customer was to build these foundations yourself. AWS provided industry-leading building blocks for you to create and configure a cloud environment to your requirements. After all, AWS is for builders!

Over the years, as our collective understanding of cloud has matured, and AWS has released more guidance (e.g., AWS Well-Architected, The Amazon Builders' Library) on how to use the AWS cloud securely and effectively, some clear and consistent patterns and best practices have emerged.

In practice, this means that despite different customers from different industries building their own “unique” foundations, they inherently end up with a fairly similar, standardized build.

Think of a house: while the foundations for each house may differ slightly because they are crafted by hand, they all follow the same guidelines and standards.

After all, you don’t actually want a house with an “innovative” approach to its foundations., do you? Foundations have an important, critical, but ultimately simple job to do. It’s the parts that come after that warrant innovation and unique investment.

The Challenge of Building

Building the foundations, yourself means you own them. You will need people on hand to manage and maintain it. Regardless of whether you have an in-house team, engage consultants, or a managed service partner, there’s cost and time associated with building things by hand. These people need to know not only what to build, but also how to do it, with the AWS services and tools at hand.

Much to our collective dismay, cloud experts don't grow on trees. With businesses engaged in a widespread rush to the cloud, competition for in-house talent has never been more intense. A recent report from Deloitte suggests there is a massive shortage of workers in the space, with a projected gap of more than 100,000 ICT workers in the next five years, combined with declining rates of ICT graduates.

If you do get lucky and find someone with the skills to help with a move to the cloud, you need to be able to retain them, as they are approached daily by recruiters or other businesses seeking their talents.

While foundations are critical to your business, it’s not critical that they be unique. In fact, heavily-customized foundations mean more work in the long run. Custom or bespoke constructions require specialized knowledge, and often have cost due to the complexity and technical debt that is often incurred when building. When you’re building your house, there are some things that you’re just going to want, like windows to let light in, locks on your doors to keep things secure, and plumbing so you can have running water.

Tools Can Make Building Faster

Over the years, AWS has heard the challenges and pain that customer have been facing when building their own foundations. In typical AWS fashion, they’ve taken that feedback to heart, listened to their customers, and have built a service for that!

After releasing AWS Landing Zones (which usually required a consulting partner to deploy) AWS made AWS Control Tower generally available in 2019, which offered the AWS Landing Zones functionality as a service. While undoubtably a better tool, Control Tower has a specific focus of on-boarding customers into AWS. It also still falls into the category of build it yourself, with all the ownership and maintenance that that implies. Control Tower has made it easier to follow best practices but it doesn’t relieve you of the requirement to look after your environment, from now and into the future.

While AWS provides great services, they can’t take actions on your behalf due to the shared responsibility model. Like building your foundations with an architect, they can tell you what you need to be considering, and offer generic suggestions, but they won’t pick up the hammer and do the work for you. You and your teams still need to spend time and effort building and maintaining your low-level foundations. This is time that could be spent on more valuable work further up your technology stack, work that would make a meaningful impact with your customers and their challenges.

At the same time, AWS is always releasing new services and features into your AWS accounts. Without the expertise and capacity to incorporate these improvements into your custom-built foundations, you miss out on the benefits of using the AWS cloud. This can mean increased costs, security exposure, and complexity for your operating environment and teams.

But Do You Need to Build?

Many businesses are still choosing to build their cloud foundations, believing that’s the only option. This has been the way businesses enter the cloud since AWS was created, so it makes sense they would reach for this option first. But it doesn’t make sense for every business, even the large ones.

Instead of directing your teams to build foundations from scratch—which requires engineers to know what they need to build—why not buy them? This allows teams to focus on core business projects, generating maximum output with minimum effort.

Stax allows businesses to rapidly establish an enterprise-grade, production-ready cloud environment, ready to build on in days, not months. An AWS-endorsed architecture for a multi-account cloud environment with segregated account access means your environment is “secure by design” and can scale as your business grows.

By leveraging automation and testing, Stax can provide you a best practice AWS environment in a fraction of the time. Instead of building from scratch and running the risk of complications and delays during the process, Stax provides production-grade foundations that can be configured to your requirements quickly, getting you up the stack quicker and safer.

As well as getting you started in the shortest time possible, our team is constantly reviewing and assessing AWS service releases and features, so they can be integrated into customers’ environments. This means customers benefit from improvements from AWS, without having to make additional investments, whether in time or money.

If you have a large, experienced cloud or DevOps team who are knowledgeable about AWS, native tools such as AWS Control Tower may be the right fit.

However, with a limited number of experienced developers in market, organizations must be mindful to recruit—and just as importantly retain—talent with projects higher up the stack that offer more depth and scope, allowing skilled talent to focus their efforts on core business projects.

Looking to learn more? Let’s talk.

By Rowan Udell Stax expert Rowan Udell's blogs feature unique insights into the realities of building an AWS ecosystem.