We are comprehensive cloud management for modern enterprises, services providers, and the public sector.
Everything you need to manage and allocate costs, optimize spending, and save money.
Unified secure configuration, activity monitoring, and IAM tracking for the public cloud.
Give financial operations a complete picture of IT costs across hybrid cloud infrastructure.
The next step in cloud security—ensure your cloud infrastructure is audit-ready for 35 regulatory standards.
Built to optimize the best features of the major cloud providers in a single pane of glass.
With an integrated ecosystem carefully chosen for your success.
Our technology partners amplify the advantages of the cloud.
Total visibility cloud management.
Advanced security for regulated industries.
FedRAMP Ready cloud management.
Our Amazon Web Services (AWS) MSP Validation Checklist Mapping is designed to provide CloudCheckr partners with a practical means to validate the functional and operational benefits of CloudCheckr when measured against the AWS MSP v4.0 evaluation metrics.
This validation checklist mapping is meant to respond to the latest version of the AWS MSP evaluation matrix (version 4.0) which was released in February 2019. By definition, the AWS controls are subject to interpretation and revision. This mapping should be used, in conjunction with specific use-case knowledge, to fulfill the listed controls in the manner indicated. Our matrix reflects the most recent program criteria, with improvements focused on raising the bar for both MSP Partner and AWS customer experiences.
CloudCheckr offers a forum for MSPs to evangelize the benefits of the cloud, including managed services and AWS in specific. MSP partners are encouraged to participate in CloudCheckr webinars, blog posts and more.
CloudCheckr can provide AWS financial metrics, profit analysis, and spend analysis reports to assist Partner with providing financial planning reports.
CloudCheckr can help author case studies covering an MSP’s customers who use CloudCheckr, either via white labeled or CloudCheckr branding.
CloudCheckr delivers heatmaps and forecasting reports and reserved instance recommendations to help predict and plan for future usage.
CloudCheckr has multiple competencies with AWS and was recognized as AWS re:Invent 2017 Sponsor of the Year. CloudCheckr’s numerous Security Best Practice Checks include ensuring Multi-Factor Authentication is enabled. These features, combined with process documentation from the Partner, can demonstrate due diligence.
CloudCheckr can detect the support level of an AWS customer.
CloudCheckr includes system performance, capacity management and availability reports in the form of heatmaps, utilization reports, idle and unused resources best practice checks. Security and gap identification are addressed with best practice checks and Total Compliance reports. CloudCheckr employees numerous individuals with various AWS certifications including Solutions Architect.
CloudCheckr is closely-aligned with the AWS Well-Architected Framework, delivering features that address all of the ‘pillars’ described in the framework, particularly Security (Security Best Practice Checks, Total Compliance), Reliability (Availability Best Practice Checks), Performance Efficiency (Heatmaps, Utilization Reports, Right Sizing, Idle and Unused Best Practice Checks), and Cost Optimization (Savings Report, Reservation Recommendations, Right Sizing.)
CloudCheckr automatically and periodically runs 100+ Security Best Practice Checks, many supporting Automated Self-Healing. Infrastructure is scored on up to 35 compliance standards via Total Compliance. Change Monitoring records changes to infrastructure. Alerts can generate tickets or messages via ServiceNow, Jira, PagerDuty, Slack, email, SNS and even AWS Lambda.
CloudCheckr maintains reports and logs for as long as seven years, to assist with audits. Data is immutable a.k.a. read-only for added security. CloudCheckr SnapBack™ enables point-in-time review.
CloudCheckr Alerts can generate tickets or messages via ServiceNow, Jira, PagerDuty, Slack, email, SNS and even AWS Lambda.
CloudCheckr integrates with both CloudWatch and CloudTrail for ongoing monitoring and alerts. Automated Self-Healing can repair misconfigurations upon detection, if enabled.
CloudCheckr integrates with and ingests data from numerous heterogeneous monitoring and logging sources, both via Direct Integrations and the CloudCheckr Application Programming Interface.
Data sources include Datadog, New Relic, CloudTrail and CloudWatch, including CloudWatch Custom Metrics.
Additionally, CloudCheckr dynamically ingests Blocklist data (https://www.neutrinoapi.com/api/ip-blocklist/) to incorporate malicious IP addresses in order to automatically take action.
The result of these integrations can be configured to trigger events in CloudCheckr. Events can launch Lambda scripts to perform automation, ServiceNow tickets, JIRA, PagerDuty, Slack, SNS, email and other events. CloudCheckr’s Workflow Automation supports “Request Fix”, “Fix Now” and “Always Fix” for hands-off automation. See Case Studies, including Ocado, here: https://cloudcheckr.com/resources/?type=casestudy
Some of the anomalies CloudCheckr is able to check for, by “comparing patterns in a single metric over time or comparing a metric for a single member of a cluster against other member nodes to identify unhealthy resources” include the following Best Practice Checks:
Specifically, the “Uneven Availability Zone Distribution of EC2 Instances” Best Practice Check meets the “comparing a metric for a single member of a cluster against other member nodes” requirement. It verifies that no Availability Zone within a region houses 50% fewer EC2 instances than any other Availability Zone. This is an example where a single threshold is not used, such as total number of healthy instances in a cluster, but rather the cumulative state of healthy EC2 instances in each Availability Zones within a single region, are statistically compared to determine if a replacement should occur. This is not based on a specific hardcoded instance count threshold. The number of Healthy Instances in an AZ could be 1, 20, or 99 and that still is not enough to determine if an alert is warranted. It all depends upon the statistics of OTHER healthy EC2 instances in other AZs in the same region.
1+1 = No Alert
1+3 = Alert
20+19 = No Alert
20 + 45 = Alert
99 + 120 = No Alert
99 + 200 = Alert
10 + 10 + 20 = No Alert
10 + 10 + 21 = Alert
In all of those cases, a single metric for a single node is insufficient. The metrics of the entire cluster are factored in and statistically compared to each other in order to determine if an alert is warranted, rather than a static metric.
An Auto-Scaling Group currently has 9 EC2 servers, distributed equally among three Availability Zones, AZ1, AZ2 and AZ3, i.e. three EC2 instances per zone. Suddenly, a failure in AZ1 results in a single EC2 to crash. There are now 2, 3 and 3 instances in the three zones, respectively, in the group.
CloudCheckr detects the anomaly but allows it because the outage is within norms, specifically no more than 50% fewer instances in a specific zone versus the other zone(s).
Now in the same scenario, a second EC2 crashes, also in AZ1. There are now 1, 3 and 3 instances. AZ1 now has 33% of the count of healthy instances in any of the other AZs. An Alert is thrown because this ratio is below 50% of the number of healthy instances in the other Availability Zones.
Alternatively, if there had been 30, 30 and 30 EC2s in the three Availability Zones, and two servers crashed in AZ1, the new ratio would be 28:30:30. This would still be well above the 50% mark so an Alert would not be thrown.
This is an example where a metric based on the number of unhealthy instances is not used as a threshold to generate an alert, but is one variable used to statistically compare against the whole network, in order to generate a notification and recommend action. See Case Studies, including JHC Technology and Ocado, here: https://cloudcheckr.com/resources/?type=casestudy
CloudCheckr’s Total Compliance scores infrastructure relative to 35 distinct regulatory standards (PCI-DSS, HIPAA, CIS, NIST, ISO, etc.) with up to seven years of historical data. CloudCheckr SnapBack™ enables point-in-time review.
Change Monitoring reports displays additions, deletions and edits with details on the time and user who made the change.
Web accessible reports are available to end users, often with the ability to specify parameters, for heatmaps, inventory, Right Sizing, and more.
CloudCheckr delivers optimization manually and automatically via Savings Report, Reservation Recommendations, Heatmaps, Utilization Reports, Right Sizing, Idle and Unused Best Practice Checks. Many Best Practice Checks can be resolved via “Fix Now” or “Always Fix” or “Request Fix” automated workflows.
CloudCheckr provides automated invoicing and cost optimization recommendations including Savings Report, Reservation Recommendations, Heatmaps, Utilization Reports, Right Sizing, Idle and Unused Best Practice Checks.
Ability to add custom charges, apply credits, unshare reservations and display blended, unblended, or list pricing.
CloudCheckr empowers certified MSPs, CSPs, Resellers, System Integrators, and Advanced Consulting Partners worldwide to run their cloud as a business. The CloudCheckr cloud management platform (CMP) unifies cost, security, and governance for multi-cloud deployments. Partners of all sizes trust us to manage and optimize public cloud environments so they can effectively grow their practice, increase profitability, improve business operations and confidently meet the expectations of third-party validation audits for next-generation partners.
With CloudCheckr, partners can deliver differentiated products and services to AWS clients to help them:
Cloud management by CloudCheckr includes automated cloud cost and expense management, cloud security, compliance, asset management, and resource utilization that supports most primary and secondary cloud services. Upon completion of the registration process and setting up of the necessary credentials and permissions, CloudCheckr will load valuable partner information about the who is spending money in the cloud, what services are being used, how are these services being used, how are security controls being implemented, where are potential configuration vulnerabilities or concerning activities, and what has been the history of my usage, costs, configurations, and controls.
Are You Subscribed to the Check List?
Our Best Articles and Insights Direct to Your Inbox
The Cloud Infrastructure Report 2020—Read Now
The Cloud Infrastructure Report 2020
Improve IT visibility with hybrid and multi-cloud management.
Free Webinars Await—See What's Next
How to Build a Fully Optimized Cloud Practice for Your Business