Blog Automation & Orchestration

How Complements AWS: Setup and Provisioning

Marianna Noll

2 min read

Last updated on October 25th, 2021 at 3:10pm

We often get questions about how compares to or differs from capabilities provided by public cloud providers. So, over the next few posts, we'll look at how complements and extends native AWS functionality. delivers on the three pillars of governance - account management, budget enforcement, and compliance automation - to meet the requirements outlined within the AWS Governance at Scale framework.

Let's kick off by sharing how complements and extends AWS functionality around setup and provisioning. Specifically, we'll look at AWS CloudFormation, Amazon Machine Images, AWS Service Catalog, AWS Landing Zones, and AWS Control Tower.

AWS CloudFormation

Working With

AWS CloudFormation simplifies provisioning of AWS resources through templates for quick and reliable setup of services or applications. Cloud Rules bundle multiple AWS services, including AWS CloudFormation, into a single object for ease of use.

Building On reduces manual labor and minimizes risk and errors by:

  • Consistently applying AWS CloudFormation templates across AWS accounts based on where the accounts live within your organizational hierarchy.
  • Simplifying the update of AWS CloudFormation stacks in AWS regions where StackSets are not available.
  • Helping non-technical security and financial stakeholders to implement template libraries and manage their responsibilities within the cloud.

AMIs and AWS Service Catalog

Working With

Amazon Machine Images (AMIs) provide the operating system and software configurations required to launch a computing instance in the cloud.

AWS Service Catalog enables organizations to create and manage catalogs of IT services that are approved for use on AWS. Cloud Rules bundle multiple AWS services, including AMIs and Service Catalog portfolios, into a single entity for ease of use.

Building On reduces manual labor and minimizes risk and errors by:

  • Including AMIs and Service Catalog portfolios in Cloud Rules to allow you to easily share, update, and deploy approved instance and product configurations with AWS accounts within specific parts of your organization.

AWS Landing Zones and AWS Control Tower

Working With

AWS Landing Zones provides a framework of core accounts to provide shared services, logging, and security to new accounts automatically.

AWS Control Tower automates the set-up of a baseline environment, or landing zone.

Landing Zones are a starting point to build around; takes this starting point and uses this to scale up and across an organization.

Building On helps you scale growth and remain within budget by:

  • Importing existing accounts for initial and ongoing governance and aligning these accounts to your organizational hierarchy via a visual, non-technical interface.
  • Encouraging delegation through roles and responsibilities to minimize the size and labor of a centralized cloud team.
  • Providing financial enforcement capabilities to ensure users remain within budget.
  • Enhancing Single Sign On (SSO) into AWS accounts to provide greater context into spending and policies applied.

That’s it! Next up, we’ll look at how complements AWS native capabilities around account management and permissions.

About the Author

Marianna Noll

Marianna is the VP of Marketing at Kion.

Kion Newsletter

Start your cloud enablement journey.

Request a demo today,