DEV Community

Cover image for Achieving AWS MSP compliance: a workshop report.
Public Cloud Group
Public Cloud Group

Posted on • Originally published at kreuzwerker.de

Achieving AWS MSP compliance: a workshop report.

Written by Daniel Meisen
Originally published on May 25th 2021

kreuzwerker has reached yet another milestone: being accepted in the AWS Managed Service Provider Program - or MSP for short. The AWS Managed Service Provider (MSP) Program is designed to validate and promote AWS Partner Network (APN) Advanced and Premier Tier Consulting Partners, providing end-to-end AWS managed services to customers and solving complex business needs at any stage of a cloud adoption journey.

kreuzwerker has already been an AWS Advanced Consulting Partner with additional DevOps, ISV Workload Migration and Well Architected designations for many years, and has recently surpassed the 50+ certified individuals mark. With our service offerings and purpose-built solutions, we support our customers across the complete lifecycle of cloud adoption: from ideation over implementation and validation to optimization and operations. We also have delivered managed services at scale to customers for many years. We added the AWS MSP program participation to our roadmap around three years ago already.

AWS Partner Badge

Nearly a year ago we started the internal kickoff process to asses our program readiness based on the program requirements: pass a two-day two-day audit executed by an external auditor to prove that we leverage next-generation business and technical best practices.

The journey leading to the final validation and subsequent acceptance to the program is highly formalized and consists of the following steps:

msp-application-process

Simple enough, right? Once we were confident in our ability to pass, the process from officially applying for the MSP designation, sending over the self-assessment, executing a pre-audit and final validation audit took about 8 weeks. The "heavy lifting" of the actual implementation, however, did keep us busy for the last year or so.

MSP program compliance is assessed against a comprehensive checklist covering all aspects of a provider business across 13 chapters:

1.0 AWS Partner Capabilities Overview
2.0 Business Health
3.0 Business Management
4.0 Customer Obsession
5.0 Solution Design Capability
6.0 DevOps
7.0 Infrastructure and Application Migration Capability
8.0 Security
9.0 Next Generation Service Management
10.0 Service Level Agreement
11.0 Optimization
12.0 AWS Billing and Cost Management
13.0 AWS Knowledge

Each of these chapters contains sections requiring evidence in the form of presentations, processes, assets and technical demonstrations resulting in around 130 individual items to assess. Each item has an attached score that will either increase the overall score (if met), or reduce the overall score (if not met). A partner needs 900 points to pass. With 1000 points as the maximum possible score, and so called "Mandatory Action Items" reducing the score by -200 points if not met, there is not a lot of room for missing an item.

Being an Atlassian Platinum Solution Partner as well, it was relatively clear from the beginning that we did not want to spend a year exchanging a constantly updated Excel spreadsheet provided by AWS. Instead, we created a dedicated MSP project in Jira based on the official checklist. That allowed us to work collaboratively towards the goal, and have an up-to-date status on each item that also allowed documenting the required evidence.

msp-project-board

A core team of three executives and team leads worked closely on covering all requirements by collecting and documenting evidence and involving colleagues from other parts of the company as well. In the audit we could build on support from our finance, marketing and sales teams, as well as our internal culture club. We had regular reviews along the way and did a dry-run once a chapter was completely covered. Thanks to the great support from our AWS partners, this turned out to be a very helpful exercise to improve and adjust evidence and technical demonstrations.

We tried to limit the ownership of the items to a small team to ensure a seamless audit process with only a few items being delegated to internal subject matter experts. A typical item from the checklist would contain the requirement, score, ownership, complexity, evidence and current status. The audit aims at a thorough inspection of all aspects of the company and will put all processes and technical capabilities under the microscope.

msp-ticket

Holding the DevOps competency allowed us to take a shortcut for section 6, but all other items required an in-depth review leading up to our validation audit by ISSI. The one-day pre-audit is optional, but I would highly recommend it: it's a great opportunity to walk through all chapters again and get an independent perspective. It also helps answering any remaining questions.

Originally, we started out with version 4.1 of the MSP specification. In February 2021, an updated version 4.1.1 was released. It only contained minor changes and clarifications that we were able to incorporate quickly. The upcoming MSP 4.2 will contain additional changes as will future revisions. Keeping an eye on the announcements for upcoming changes in order not to lose too much time between initial kick-off and audit, seems generally advisable.

The time between pre-audit and validation audit passed quickly. The two-day audit followed a rigorous scheme and went through every single item of the specification concluding with a closing session and a presentation of findings from the auditor. The ongoing Covid-19 pandemic did not allow for an on-site audit, so all prep-work, as well as the validation-audit was conducted using video-conferencing.

Thanks to all the dedicated teams and thorough preparation, we passed the audit without any mandatory score items missed. We even managed to be awarded full points in all other score affecting items resulting in a 100% score. I was really impressed by the very detailed analysis and feedback our auditor provided. After just two days of knowing kreuzwerker, she could perfectly outline the companies strengths as well as areas of improvements.

We are super excited about having mastered the MSP program audit and once again stepping up on our managed service offerings.

Thanks again to everyone for making that happen: our kick-ass team, our AWS partner team for providing invaluable feedback and of course our great partners Atlassian, DataDog, NewRelic and the whole of AWS.


Image-Source: Devin Berko on unsplash

Top comments (0)