- AWS Service Catalog allows IT administrators to create, manage, and distribute portfolios of approved products to end users.
- Users can access these products which they need through their personalized portal.
AWS Service Catalog
- AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS.
- These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures.
AWS Service Catalog provides the following benefits
- Promote standardization
- Self-service discovery and launch
- Fine-grain access controls of configuration and provisioning
- Extensibility and version control
AWS Service Catalog Component
- AWS Service Catalog users
- Provisioned Product
- AWS CloudFormation Stack
AWS Service Catalog users
AWS Service Catalog users are of following types, depending on the level of permissions that they have:
Catalog administrators (administrators) – Manage a catalog of products (applications and services), organizing them into portfolios and granting access to end users.
End users – Receive AWS credentials from their IT department or manager and use the AWS Management Console to launch products to which they have been granted access.
A portfolio is a collection of products, together with configuration information.
Portfolios help manage who can use specific products and how they can use them.
When user add a new version of a product to a portfolio, that version is automatically available to all current users.
A product is an IT service that user want to make available for deployment on AWS.
A product can comprise one or more AWS resource, such as EC2 instances, storage volumes, databases, monitoring configurations, and networking components, or packaged AWS Marketplace products.
A product can be a single compute instance running AWS Linux, a fully configured multi-tier web application running in its own environment, or anything in between.
When an end user launches a product, an instance of the product is created and is using resources.
Most commonly, a provisioned product is an AWS CloudFormation stack.
AWS CloudFormation Stack
AWS CloudFormation stacks is used to manage the lifecycle of user’s product by allowing them to provision, tag, update, and terminate their product instance as a single unit.
An AWS CloudFormation stack includes an AWS CloudFormation template, written in either JSON or YAML format, and its associated collection of resources.
A provisioned product in AWS Service Catalog is most commonly a stack.
AWS Service Catalog allows user to manage multiple versions of the products in their catalog.
This allows user to add new versions of templates and associated resources based on software updates or configuration changes.
Users can update running instances of the product to the new version quickly and easily.
Granting a user access to a portfolio enables that user to browse the portfolio and launch the products in it.
User apply AWS IAM permissions to control who can view and modify their catalog.
IAM permissions can be assigned to IAM users, groups, and roles.
When a user launches a product that has an IAM role assigned to it, AWS Service Catalog uses the role to launch the product’s cloud resources using AWS CloudFormation.
Constraints control the ways that specific AWS resources can be deployed for a product.
User can use them to apply limits to products for governance or cost control.
There are two distinct types of AWS Service Catalog constraints: template and launch.