undefined | Better HN

0 pointsbob10296mo ago0 comments

I moved a 100% MS shop to AWS circa 2015. We ran our DCs on EC2 instances just as if they were on prem. At some point we installed the AAD connector and bridged some stuff to Azure for office/mail/etc., but it was all effectively in AWS. We were selling software to banks so we had a lot of due diligence to suffer. AWS Artifact did much of the heavy lifting for us. We started with Amazon's compliance documentation and provided our own feedback on top where needed.

I feel like compliance is the entire point of using these cloud providers. You get a huge head start. Maintaining something like PCI-DSS when you own the real estate is a much bigger headache than if it's hosted in a provider who is already compliant up through the physical/hardware/networking layers. Getting application-layer checkboxes ticked off is trivial compared to "oops we forgot to hire an armed security team". I just took a look and there are currently 316 certifications and attestations listed under my account.

https://aws.amazon.com/artifact/faq/

0 comments

thewebguyd6mo ago

I've found that lift and shifting to EC2 is also generally cheaper than the equivalent VMs on Azure.

Microsoft really wants you to use their PaaS offerings, and so things on Azure are priced accordingly. A Microsoft shop just wanting to lift-and-shift, Azure isn't the best choice unless the org has that "nobody ever got fired for buying Microsoft" attitude.

j / k navigate · click thread line to collapse

0 comments

thewebguyd6mo ago

I've found that lift and shifting to EC2 is also generally cheaper than the equivalent VMs on Azure.

j / k navigate · click thread line to collapse