By Edan Evantal, Chief Product Officer at Quali
Providing simple self-service provisioning of application and infrastructure environments to your technical teams was already an established digital transformation strategy. Now, companies have increased urgency to enable technical teams as they balance speed and governance while working remotely.
As businesses seek to grow the productivity of IT and tech teams, you need to implement systems and processes that help teams collaborate and communicate remotely.
Technical teams need ongoing access to IT environments for development, testing, and security work that brings innovation to your customers. Even technical sales teams—whose travel is limited—need virtualized demo and proof of concept (PoC) environments.
In this new reality, leveraging Amazon Web Services (AWS) to create secured and standardized environments on-demand is likely more attractive than ever.
But what about compliance and security in cloud-based remote access and work from home (WFH) scenarios? How do you ensure teams only get access to the environments they need? And how do you avoid losing control over cloud costs?
In this post, I will explore how enterprises can enable self-service access to application environments on AWS for development teams while providing the policies ITOps relies on using Quali’s CloudShell Colony.
Quali is an AWS Partner Network (APN) Advanced Technology Partner. Our CloudShell Colony platform brings the power of self-service environments to your entire organization with support for full-stack automation of application on cloud infrastructure.
CloudShell Colony is a software-as-a-service (SaaS) platform for delivering infrastructure automation at scale for complex application-centric environments on cloud technologies, including AWS and Kubernetes. Quali enables self-service automation and governance to streamline application development, testing, and release to production.
Business Continuity for Remote and Distributed Technical Teams
When technical teams work remotely, they need more than just laptops and a virtual private network (VPN). They need the on-demand access to infrastructure environments to develop, test, and deploy their applications.
Leveraging AWS resources and CloudShell Colony provides teams with essential infrastructure to do their jobs efficiently. For example, an engineering team that needs a production-like environment for debugging purposes can use CloudShell Colony with AWS to consume such an environment through a self-service portal or API.
Technical teams need to use multiple resources, AWS services, or tools available in the marketplace. They also require quick access to the resources they need to stay productive.
When attempting to take advantage of AWS for enabling technical teams, there are several important questions to consider.
- How do you control access to AWS resources?
- Is it OK to give everyone the credentials to the cloud provider?
- How can you make sure everyone gets a secure and isolated environment?
- How do you make sure cloud resources on AWS are consumed in ways that comply with your standards, and you don’t end up exposing data or making unauthorized access possible?
- How do you keep track of cloud costs during these changes and beyond?
Achieving Security, Compliance, and Cost Governance
Built for dynamic environments, an infrastructure automation at scale platform helps teams get on-demand access to secure and isolated AWS environments through a self-service portal.
On one hand, automation of environments built properly enables repeatable immutable environments. On the other, full management interface also allows ITOps to govern access, cost, and security.
At Quali, we believe governance should be achieved through automation and orchestration, without burdening the ITOps teams.
Using CloudShell Colony on AWS allows remote technical teams to be fast and productive with simple, user-friendly access to the environments they need without waiting days or weeks to set them up manually. This is achieved using an application-centric approach to automate the provisioning, which allows platform and operation engineers to focus on engineering infrastructure (like CI tools) and developers to focus on applications.
At the same time, CloudShell Colony provides the governance you need to manage access, security, and compliance, providing continuous visibility and control on cloud costs.
Getting Started with CloudShell Colony
CloudShell Colony makes it simple for DevOps engineers to enable speed through self-service application-centric infrastructure automation and governance with cost control, role-based access, and more.
Let’s go through the steps you can take to set up CloudShell Colony.
Step 1: Link Your AWS Account
The first step once a user logs on to their new CloudShell Colony space is to grant CloudShell Colony permission to access their AWS account. This is done through a short authentication process, during which CloudShell Colony creates a slim management layer that keeps the access data safe.
This process creates a link to the AWS account that will be used for deploying cloud infrastructure and services consumed in Colony’s sandbox environments.
For more information, check our documentation on this topic.
Step 2: Create Your First Blueprint
CloudShell Colony blueprints are version controlled YAML files used to define application and blueprints for reusability. This enables DevOps engineers to quickly create complex application environments using modular building blocks that greatly simplify the overall work required in a typical infrastructure as code (IaC) configuration.
CloudShell Colony blueprints uses the IaC principles, such as version control, while in the backend automation takes care of the boilerplate around networking, domain name system (DNS), security, and healthcheck. It generates its own AWS CloudFormation template, and makes sure each environment is isolated from each other.
A blueprint also includes the required application components that can be retrieved from a package repository, such as JFrog Artifactory or an Amazon Simple Storage Service (Amazon S3) bucket, and installed automatically.
CloudShell Colony offers a number of out-of-the-box blueprints that can be used as templates. All blueprints are stored in a private code repository, such as GitHub and BitBucket, and automatically synced to CloudShell Colony, so DevOps engineers can get started rapidly.
Blueprints and applications are created in a YAML format and can be interchanged with the unique user interface. A full designer that will allow blueprint creation from the web interface is soon to come. A sample blueprint containing three applications can be seen below.
Figure 1 – Sample blueprint containing three applications.
Step 3: Deploy Your Application Environments
Once a blueprint is published within a CloudShell Colony space, it becomes available to all of the users in the space. That includes developers and testers, and other automation tools such as Jenkins or Slack.
An environment may be deployed in pre-production as a sandbox, or in production using methods such as blue-green deployment. In the case of pre-production environments, each environment is time-bound, so that cloud infrastructure is only consumed for the duration of the test.
Any authorized user from the CloudShell Colony space can select a blueprint from the catalog, provide a few input parameters as needed, and deploy it. Once available, the user is notified and can access the application directly through its web interface, or get console access to each infrastructure element as needed.
Pipeline orchestration tools can also deploy and tear down environments using CloudShell Colony’s REST API as part of a fully automated CI/CD workflow. That includes the ability to deploy these application environments all the way to production using blue-green deployment REST API.
CloudShell Colony supports Amazon Elastic Compute Cloud (Amazon EC2), AWS native cloud services through Terraform modules, as well as Amazon Elastic Kubernetes Service (Amazon EKS) for containerized applications.
Step 4: Analyze Your Consumption
In order to help IT managers control deployment cost and predicted cloud consumption for each remotely distributed team, CloudShell Colony offers comprehensive business-oriented dashboards mapped to application deployment activities.
This information is directly pulled from AWS cost management data in the backend. It enables administrators to quickly derive an ROI and trend for all infrastructure consumed as part of an application release activity.
Cost information is very important for any organization working with AWS. CloudShell Colony allows tracking cloud cost information from the infrastructure to the business initiative. Important KPIs like what is the current expense of a specific team, user, environment are visible through the dashboard below.
Figure 2 – CloudShell Colony allows tracking cloud cost information.
Customer Success: Resident
How do AWS customers use the CloudShell Colony platform?
Pavel Eliav, DevOps Lead at online retail business Resident, describes the challenges their distributed development teams were facing.
“Our backend systems and applications are complex. They need to be. But, for us to expand at the level of growth we were experiencing, we needed flexibility and alignment throughout our DevOps lifecycle,” says Eliav.
“We weren’t going to get there with our globally distributed development teams sharing static staging environments. We could either tell our DevOps teams to share the keys to the cloud—which wasn’t going to happen—or we could find a solution.”
Resident needed to quickly develop, test, and release business-critical application in the public cloud using a DevOps approach to attain fast feedback on new features and accelerate innovation. To meet these needs, Resident leveraged AWS for public cloud infrastructure and native services such as Amazon Route 53 and turned to the environment as a service solution, CloudShell Colony, to deliver self-service application provisioning to their developers.
With CloudShell Colony and AWS, Resident has been able to add flexibility, collaboration, and self-service capabilities throughout their DevOps pipeline. In addition to benefiting from the adaptability of the AWS Cloud, Resident has built an integration into a Slack communication channel to help their globally distributed development team reserve dynamic application environments on-demand.
CloudShell connected to AWS brings an environment approach and allows to bridge between the IT/Operations and engineering. This greatly removes bottlenecks and provides any engineering teams remote or on-premises to consume environments for any reason through a self-service portal.
If you are looking to put together a solid plan for enabling remote technical teams that takes full advantage of infrastructure automation at scale, visit Quali.com.
CloudShell Colony is available in AWS Marketplace as a SaaS solution, for both public and private offers.
The content and opinions in this blog are those of the third party author and AWS is not responsible for the content or accuracy of this post.
Quali – APN Partner Spotlight
Quali is an APN Advanced Technology Partner. Quali’s CloudShell Colony platform brings the power of self-service environments to your entire organization with support for full-stack automation of application on cloud infrastructure.
*Already worked with Quali? Rate this Partner
*To review an APN Partner, you must be an AWS customer that has worked with them directly on a project.