Migration to the cloud has many different approaches, not every business will take the same path but there is value in learning from the experiences of those who have gone before.
Outsource whatever does not add value to your business and use a “Pay as You Go” model where you only pay for services that you use.
|1||Appoint an executive sponsor||without it cultural change across the business will falter|
|2||Make sure your business case is strong and valid||Review iteratively|
|3||Identify and separate blockers into internal and external||internal can be more easily managed|
|4||Determine what is your source of truth for Authentication||keep in mind that more than one service may hold full record|
|5||If regulatory compliance is a heavy burden outsource what you can||leverage AWS compliance certifications at https://aws.amazon.com/artifact/ https://d0.awsstatic.com/whitepapers/compliance/AWS_Auditing_Security_Checklist.pdf https://docs.aws.amazon.com/general/latest/gr/aws-security-audit-guide.html|
|6||Experiment and test run migrations first, use AMI SOEs||This may seem obvious but I have seen things|
|7||If you work in a regulated area use fake data for POC, experimentation||use encryption even in dev, make security part of your dev process|
|8||When app/server is moved to cloud shut down old one||avoid running two systems, doubling workload and cost|
|9||Start team guardrails as prescriptive then relax as adoption experience improves||Wait till skills mature and controls are working|
|10||Send all logs to S3 for data analysis||avoid multiple log storage points except for short term|
|11||Outsource to managed service providers as much as possible||especially authentication|
|12||Tag all assets for cost controls||Here are a list of suggested tags 1. Cost centre 2. Who is SME 3. Phone of SME 4. Date of creation 5. Scheduled date of shutdown 6. Last back up 7. AMI number 8. Stage 9. Version 10. Last patched 11. Application ID 12. Application name|
|13||Plan for standardised instance types for EC2||enables move from On Demand to Reserved instances to be as frictionless as possible|