AWS Insight

Managed Services for AWS

One ‘gotcha’ I’ve experienced when discussing cloud ecosystems is that the term ‘managed services’ has drastically different meanings depending on the context. This is unfortunate as it adds extra effort to get to truly valuable conversations around the power of cloud. Below I’ll spell out some of these different meanings in the context of Amazon Web Services (AWS) by answering three questions:

  1. What does it mean when AWS says they offer AWS Managed Services?
  2. What does it mean when a consulting company says they offer AWS Managed Services?
  3. What does it mean when a product is a Managed Service?

What does it mean when AWS says they offer AWS Managed Services?

A: AWS is offering to serve as your outsourced I.T. Infrastructure Team (no DevOps).

AWS itself offers to be an outsourced team for the same services offered above, however they usually stay out of the DevOps business. This means you'll need another vendor to manage application development and the usual capabilities of DevOps (automation, some aspects of provisioning, builds and deployment, etc). AWS will maintain the:

  • hardware (disk, CPU, etc)
  • supporting virtualization software
  • their portal (aka the AWS console)
  • networking (as configured by you)
  • software services (database, operating system, etc) - though patching and security updates are your responsibility

From a security standpoint relationship is called the AWS Shared Responsibility model, and is described visually below:

AWS Shared responsibility model
The AWS Shared responsibility model

What does it mean when a cloud consulting partner says they offer “AWS Managed Services”?

A: They are offering to serve as your outsourced I.T. Infrastructure Team and your DevOps Team.

When your company does not have a dedicated capability in cloud infrastructure and DevOps, you’ll lean into an AWS Managed Services vendor to fill the gap. Generally speaking, the vendor always offers:

  • 24x7 support with tight SLAs combined with robust monitoring
  • Security, patching, and overall hygiene of the ecosystem
  • Automation of builds and deployments
  • Provisioning, change management, and cost controls
  • Collaboration with developers and stakeholders for continuous improvement

One important element that may be absent here is application feature and security support. While this is a service that can be procured from certain AWS managed service providers, the majority of managed services contracts assume that you have an internal software development team that is focused on those facets of your application.  Even if feature development is not taking place, security updates and updates to keep up with changing devices (new versions of phones, etc.) are an important consideration.

When it comes to security, returning to the AWS shared responsibility model above, the consulting partner should take on a number of activities (described visually below):

AWS + Consulting Partner Shared Responsibility model
AWS + Consulting Partner Shared Responsibility model

Importantly, none of these activities should be taken for granted; this is what Metal Toad provides and some other AWS cloud consulting partners may have different exclusions or fees for service. However, this can provide a jumping off point or talking point where you can achieve clarity around who does what.

What does it mean when a product is a Managed Service?

A: The product abstracts away the underlying infrastructure so your developers can solely focus on application development.

Most cloud services can be broken up into a rule of thirds as so:

  • Application: These services are for developers exclusively, and the cloud handles all the managed services away from view.
  • Platform: These services are a mix.  In some cases, you can manage the underlying infrastructure, in other cases the underlying infrastructure is viewable but not something you manage. 
  • Infrastructure: These services are the classic ‘hardware in the cloud’, where you move your physical data centers to virtualized machines in the cloud.

When talking about products that are ‘fully managed service’, we are mostly talking about the ‘Application’ services above. In some cases, ‘Platform’ services fit in this category as well.

Let us know if you’d like to learn more about cloud services, and the complex approaches to achieving a right-sized outsourcing model for your I.T. teams when the capabilities are not available in house.  

Date posted: May 18, 2022

Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <cpp>, <java>, <php>. The supported tag styles are: <foo>, [foo].
  • Web page addresses and email addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Metal Toad is an Advanced AWS Consulting Partner. Learn more about our AWS Managed Services

About the Author

Nathan Wilkerson, VP of Engineering

Nathan started building computers, programming and networking with a home IPX network at age 13. Since then he has had a love of all things computer; working in programming, system administration, devops, and Cloud Computing. Over the years he's enriched his knowledge of computers with hands on experience and earning his AWS Certified Solutions Architect – Professional.

Recently, Nathan has transitioned to a Cloud Operations Manager role. He helps clients and internal teams interface with the Cloud Team using the best practices of Kanban to ensure a speedy response and resolution to tickets.

Have questions?