To ASK or to MASK is the question! Accelerated Cloud Discovery

Summary

We have grown used to and trained to believe that asking more questions shows your thirst for learning, helps you make connections and more importantly your manager thinks you have a good learning attitude (as long as such questions are not about promotion 😊)

But things are changing fast with digital connected-ness replacing physical interactions. Now is the time to encapsulate your questions in the forms of simple script/program and find out answers yourself. It holds true when it comes to discovering Cloud setup. I have been part of a number RfPs where the first thing every service provider does - is ask a standard set of questions to gather some insights into a client's Cloud Environment. Wouldn't it be better, if I ask one question - "can you please run this script to help me understand your cloud setup?"

Lots of questions - one script

Consider a typical scenario - a client has deployed some workloads on the (AWS) cloud and wants your organization to take over its operations, optimize costs and bring in tools and accelerators to provide a better experience. We can certainly provide such services, but in order to determine the shape and form of such a service, we need some basic information. Typically, we would start with a few questions like:

a. How many servers/VMs are there on the cloud?

b. Which all services are in use?

c. What is your monthly spend?

d. Is the account standalone or part of an (AWS) organization?

e. Is the cloud platform integrated with on-premise ADFS or AzureAD?

f. Is there direct connect setup?

g. What is the level of automation you have in place?

h. Is your cloud networking still in teens (up 2019, pre-TGW era)?

i. How many RDS instances are there in the environment?

j. Do you have any naming/tagging standards implemented?

k. Is AWS Backup service used for management of backups?

These questions help us determine the environment size and hence manpower required to support; type of services and hence the skillset required; maturity and automation of the environment hence determine the operational complexity.

While we certainly need answers to these "discovery" questions, we could obtain answers by executing a simple script. The additional benefits of scripted approach include

Standard set of questions [ person independent]
Answers in a standardized/CSV format [ easy to visualize]
· Quick turnaround [script takes less than a min to run]
· Unambiguous answers [what you see is how the environment setup]

The Script - Python with AWS SDK

AWS SDK or boto3 library is quite handy. I have used simple construct of functions for each of the discovery questions. These functions are grouped in a module. When you want "ask" one or more of these typical questions - you just call one or more functions.

The best part is you can customize these scripts to grab additional attributes/properties or write similar functions as add-on, building upon the base set of functions. The choice is yours.

You will need read-only access to the aws account/master account to execute scripts. Just set a profile with access key and secret access, execute the script with profile name as the parameter.

Obtaining script

The scripts are stored in a private repository on git-hub. If you are interested in using or enhancing these scripts, please obtain access from the author of this blog by sending an email with your git-hub UserID. You are more than welcome to help enhance these scripts or add similar functionality by way of additional functions/modules. Instructions on contribution and usage of scripts are provided in the readme file of the repo.

Typical output

Here is sample output from one or more functions. In this example, only one function - to list the instances in that account is called.

You could very well send the output to an excel and make it even more readable.