Page tree
Skip to end of metadata
Go to start of metadata

Welcome to the NET+ Amazon Web Services (AWS) wiki.

Many Internet2 member institutions take advantage of this service offering. If your institution is one of them then this wiki will provide details on how to make the most of your participation of the programming and interact with peers across Internet2 member institutions. 

This program is open to all Internet2 higher education, affiliate and federal affiliate members as well as non-member higher education institutions. If you are looking details on how to join the program, please visit the Sign Up Tab of the NET+ AWS webpage.

You can also find out more about the Internet2 Cloud Connect offering for AWS Direct Connect.

Service Documentation and Resources

Accessibility:

Identity:

Information Security:

  • Cloud Controls Matrix - please email cloud@dlt.com
  • Higher Education Cloud Vendor Assessment Tool (HECVAT) - pending

Contract and Pricing:

Community Resources

Participate in our Online Community (Subscribers Only):

Institutions participating in the NET+ AWS program may take advantage of our email discussion list and Slack channel to receive curated program updates and participate in other activities and events. Please contact netplus@internet2.edu to be added.

Join the AWS Community Forum (Open to all community members):

Users of AWS are encouraged to join the AWS Community Channel in the Educause Cloud Community Group Slack. See the Higher Ed Cloud Community Conversation and Additional Resources page on the Cloud Wiki for instructions to join.

Collaborate on the Cloud Wiki:

Speaking of community, did you know about the Cloud Wiki? This was created specifically for YOU, members of the higher education community to collaborate with each other. Log in to see a Cloud Job descriptions page and contribute your knowledge!

Contribute Code:

Looking to share your latest Terraform config? Add it to the Cloud Wiki Helpful GitHub Repos list or email sjeanes@internet2.edu to request access and create a repo in the Community Cloud Config GitHub organization.

Questions on Billing, AWS Orgs, or CloudCheckr:

Find answers to frequently asked question in these Knowledge Base articles.

Key Program Updates

Subscribers may review our mailing list archives for monthly program and AWS updates.

Thanks to all who the training, and special thanks to Danyell Wilt and the entire AWS team for providing great content and support for answering all the questions.

The video of the session is available at:

https://internet2.hosted.panopto.com/Panopto/Pages/Viewer.aspx?id=0ef71592-8360-4cad-b92e-ac01013b6a2c


Here are Danyell's slides:

And here are Sara Jeanes' slides:



The Q&A from the session is here:


Peter Traub, Sr Cloud Infrastructure Engineer at University of Virginia has put together a great guide to adopting AWS Control Tower. His guide is now hosted on the NET+ AWS service page - AWS Control Tower Adoption Strategies.

Since last Spring, subscribers to NET+ AWS have had access to AWS Organizations, which provides a management framework for AWS accounts, and permits administrations to apply service control policies to various Organizational Units (OUs) within their Organization.

Late last Summer, AWS announce Control Tower, a feature native way to deploy accounts and enforce Guardrails in an AWS patterned way. This functionality was limited to deployment in a completely separate Organization, but in coordinating with a small team of schools, DLT and Internet2 devised a way to deploy Control Tower. These canary schools reported back that while Control Tower can be run, but most should hold off until Control Tower could be run natively in existing AWS Organizations. Today is that day.

Last night, AWS announce that Control Tower can now be run in existing AWS Organizations! While the participating schools are testing the functionality, it does appear Control Tower can be deployed within the OU of an existing Organization. The AWS team posted a blog post with additional details here: https://aws.amazon.com/blogs/field-notes/enroll-existing-aws-accounts-into-aws-control-tower/. If you are a NET+ AWS schools who has deployed an AWS Organization, you should be able to test out the functionality today. We would highly encourage you attend the bi-weekly AWS Orgs and Control Tower call to trade notes with your colleagues and share the pitfalls. We have also on more than one occasion found a bug that collided with common higher ed deployment patterns that needed to be reported back to AWS Engineering.

If you would like to attend the call, or request an AWS Organization for your university, please reach out!

The NET+ AWS Advisory Board, DLT, and Internet2 have worked over the last few months to update the subscriber Enterprise Customer Agreement (ECA). The ECA was last updated in 2017 to include a Business Associates Agreement (BAA) in the program.

With this now available update, subscribers can now access professional services from any participating Partner in the AWS Partner Network. To minimize the hurdles of engaging a Partner, these services can be accessed directly via Statements of Work delivered by DLT under this Agreement. Additionally, the BAA now includes a direct link to all HIPAA eligible services and no longer restricts HIPAA workloads to dedicated instances. To make use of these new features, subscribers will need to execute a new ECA. Please email cloud@dlt.com to get that process started.

We welcome you to join us on biweekly community calls. Our Wednesday morning call focuses on the Technology and tactics of running AWS as scale. Our Thursday call deep dives on the technical particulars of Organizations and Control Tower.

Reach out to sjeanes@internet2.edu to be added to the invites.


The following topics are planned for the Wednesday Technology and Tactics call:

  • 3/25 - A review of IPv6 on AWS
  • 4/8 - A facilitate a conversation on AWS Educate


Hope you can join us!

The great thing about AWS Re:Invent is that all the sessions get posted to YouTube 48 hours after they happen. These two sessions are especially relevant to NET+ AWS subscriber. Thanks to Mark Larsen for flagging these.

Architecting security & governance across your landing zone (SEC325-R2) (aka AWS Orgs OU configuration recommendations)

AWS Transit Gateway reference architectures for many VPCs (NET406-R1)

Feel free to post additional session videos in the comments below.

NET+ AWS is widely adopted by Internet2 higher education members, but is also available to Affiliates and Federal Affiliates as well. NET+ AWS is also available to Regional Networks for their own use (i.e. not for resale). Inquires can be sent to netplus@internet2.edu.

The NET+ AWS community team is happy to announce integration of Control Tower functionality with NET+ AWS, and feature parity with direct-deployed Control Tower implementations. NOTE: Control Tower requires the set up a completely new Organization, and does not currently support merging multiple Organizations so if you have existing AWS accounts we are recommending either deploying Landing Zones, or waiting until the AWS feature launch of existing account migrations (expected for the second half of 2019). Please reach out to netplus@internet2.edu if you would like to join the Control Tower Beta.

Now that more than 20 campuses have deployed AWS Organizations through the NET+ AWS program, we are officially declaring AWS Organizations generally available. Community members have developed the set of knowledge base articles below and are creating a set of recommended Service Control Polices (SCPs) in the Community Cloud Config GitHub organization. Please reach out to cloud@dlt.com if you would like to deploy an AWS Organization.

NET+ AWS Service Advisory Board (SAB) Membership

  • (Chair) Gerard Shockley, Boston University
  • Cornelia Bailey, University of Chicago
  • Asbed Bedrossian, University of Southern California
  • Scott Kirner, University of Notre Dame
  • Bob Flynn, Indiana University
  • Sarah Christen, Cornell University
  • Jim Jokl, University of Virginia
  • Damian Doyle, University of Maryland Baltimore County
  • Jeff Gumpf, Case Western Reserve University
  • Jeff Schneider, College of the Ozarks
  • Sara Jeanes, Internet2, Staff Liaison
  • Mike Cannady, AWS, Staff Liaison

To Contact the Service Advisory Board

NET+ AWS Advisory Board Goals

Questions?

Send Feedback or Submit a Feature Request:

The NET+ AWS program is managed by an Internet2 program manager with the support of the NET+ AWS Service Advisory Board. 

The NET+ AWS Service Advisory Board reviews and priorities community feature requests on a periodic basis. Feature requests may be submitted to netplus@internet2.edu.




 




  • No labels