Rethinking AWS CloudOps and Platform Engineering for Digital Acceleration at Scale

NORDICS Rethinking AWS CloudOps and Platform Engineering for Digital Acceleration at Scale Bruno Amaro Almeida | 20th April 2023

Fortum Digital Development: Energy Optimization, Sustainability, Electric Mobility Generation, Trading and Asset Optimization District Heating, Recycling & Waste Consumer Solutions Enterprise 3 … … Startups

Enteprise Cloud Adoption Path • CapEx ↓ OpEx ↑ • New competences, increased R&D & Innovation J • Internal IT struggling to cope L • • • • 4 Driven by Internal IT (or niche digital experiments) Better capacity planning Speed & Agility Focus on the Business (not on Datacenters) • • • • Decentralized IT More advanced and Complex Digital Solutions J Bottlenecks, Lack of Context & Tickets ↑ ↑ ↑ Shadow IT and Fragmented Governance 👀

Typical Cloud Operating Model Business App B App A App C IAM Network 5 Product X AI & Data Team DevOps Team Experiment X Platform Products, Services & Competences Data Platforms Fin & Cost Manag. IT Service Managers Service X CloudOps APIs & Integration Security I&V Team

Different Profiles with Different Needs, Expectations, and Frustrations

John is an employee at Fortum. He is a service manager that is accountable for one (or more) Core IT / Enterprise application. The business stakeholders (internal and/or external) are counting on him to deliver an excellent IT service experience. Own the budget for new development and RUN. Johanna is an employee at Fortum. She is a product owner that works alongside a multi-disciplinary Digital Development team to deliver a successful digital product or service that Fortum customers love. Tech Lead Front End developers Back End developers UX/UI DevOps / Solution Architect Quality Assurance & Testing

Evolving towards a Cloud bi-Operating Model

Core IT x Digital Development Business Core IT Digital Development App B App A Platform Products, Services & Competences App C IT Service Owners SOC Rapid Development Hub CloudOps & Platform Engineering APIs & Integration Network Data Platforms IAM Solution Architecture / Advisory End User Services 9 Product X AI & Data Team SWD Team Experiment X BI & Analytics Service Management Cyber Security Service X LowCode / NoCode Data Engineering Data Science Software Development DevSecOps & SRE Quality Assurance Virtual and Lean Governance, Risk and Compliance steering I&V Team

Rapid Development Hub Hybrid Rapid Development Team

Idea collection Engagement Implementation Planning & Sprint Present the results Handover (design, data, development, advisory) § Technical competence leads § Business enablers Virtual Extension Body 10 We empower anyone in Fortum to experiment innovative digital ideas in 6 weeks

“A digital platform is a foundation of self-service APIs, tools, services, knowledge and support which are arranged as a compelling internal product.” Evan Bottcher https://martinfowler.com/articles/talk-about-platforms.html

Growth Engine for Digital Acceleration Digital Development Digital Dev Proj Team A Digital Dev Proj Team B Digital Dev Proj Team C … Cyber Security Virtual Cloud, GRC and FinOps steering group SOC Network IAM … Each team has end to end responsibility: develop, test, deploy and operate. Each team has full (ownership and) responsibility for their cloud workload infrastructure: monitoring, alerting, vulnerability management, incident response, etc CloudOps & Platform Engineering Team Focus on enabling a great Service Management and SW Engineering Experience Develops automation, self-service capabilities, templates and reference implementation in DevSecOps, Cloud, Tools, SOC, built-in integrations, Security, … Platform Products, Services & Competences 12

Connecting the dots with Backstage.io • Tech Radar’s • Builders Library and Templates • Core IT & Digital Development Handbook • API Catalog • Digital Project Catalog & Discovery • Metrics (e.g. DORA, SLAs, SLOs) • Self-service Cloud & Tools Provisioning • … 13

Self-Service, Automation, IaC • Design the user journey (empathize, define) 💚 – Identify problematic and/or time consuming areas • Explore self-service and automation (ideate, prototype) 🛠 – Done is better than perfect – Balance short-term with long-term CloudFormation ref templates (e.g. Innovation Sandbox) 14 baseline module - network info - IAM - … SW Team IT Ops

AWS Service Catalog AWS Account Management Interesting to explore. Now with Terraform support 💚 Several limitations to automation (e.g. account deletion, setting root MFA, state in account creation) 🥹

NORDICS Thank you!