NASA JSC – Managed Cloud Environment

Executive summary

Johnsons Space Center (JSC) desires to implement a managed cloud environment (JSC-MCE) within the Amazon Web Services (AWS) environment.

Our team is establishing an AWS Managed Cloud Environment that is integrated with Agency IT and business services and adheres to the EMCC Service Level Agreement (SLA) for Cloud Services.

Business Challenge / Problem Detail

Based on NASA CIO’s recommendation to leverage the cloud, Johnsons Space Center (JSC) desires to implement a managed cloud environment (JSC-MCE) within the Amazon Web Services (AWS) environment to provide application hosting, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and a flexible, and scalable cloud computing platform. The MCE will enable JSC successfully manage implementation of its mission critical projects, with rapid adoption of cloud technologies, allowing for quicker ramp up, innovation, and results, while maintaining NASA-wide governance and compliance protocols. The envisioned software development environment will streamline the deployment and operational approval of applications developed specifically for JSC while ensuring IT optimization and improved TCO.

Output / Our Solution

Our team is establishing an AWS Managed Cloud Environment that is integrated with Agency IT and business services and adheres to the EMCC Service Level Agreement (SLA) for Cloud Services. Core functionality provided by JSC-MCE include integration with billing system, access to NASA approved AWS services, pre-negotiated SLA, and streamlined IT security compliance. The recommended architecture defines the governance baseline and infrastructure architectures across several security and operating domains. The CIS AWS Foundations Benchmarks (v1.1) is used as a basis for establishing governance baselines. The benchmarks are a set of best practices for securing AWS accounts and resources; they comprise fifty-four recommendations across four control families: identity and access management, logging, monitoring, and networking.

Apart from establishing the MCE, Enquizit will be migrating JSC’s first workload into AWS using end-to-end automation while implementing tight security controls, monitoring & logging components, standardized backup protocols, load balancing and Auto Scaling capabilities.

Enquizit Role

Design, documentation and implementation of the AWS based JSC-MCE.

Migrate JSC’s first workload into AWS using automation

Provide cloud expertise to the JSC technical community to assist in integrating into the MCE

Serve as the primary technical support at JSC for AWS related topics.

Work with the government SME to meet ensure compliance with government policy requirements and best practices to include but not limited to IT Security FISMA Requirements and 508 Accessibility standards.

Provide knowledge transfer and necessary documents to aid smooth ongoing operations.

Tooling (Tools and Technologies)

IAM, CloudWatch, CloudTrail, S3, Lambda, ELB, EBS, VPC, EC2, CloudFormation, KMS

Xceedium, Splunk

Client:

NASA – Johnsons Space Center

Industry:

Government

Problem Statement

JSC desires to implement a managed cloud environment (JSC-MCE) within the Amazon Web Services (AWS) environment to provide application hosting, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and a flexible, and scalable cloud computing platform.

Goals and Benefits

New Opportunities in Computing Scalability

Improved availability of NASA’s public data

Faster Project start-up times

Pay only for the compute usage

Better TCO by shifting away from hardware and facilities ownership

Core Partners:

AWS, Enquizit and Four Points

Learn more about our work and we think about key issues in different industries.