What have we accomplished?

We started with a set of requirements for budget, cost, and data governance and turned them into codified controls in your AWS Accounts using native AWS Services and modern software development practices.

  • An AWS Config rule that helps us discover Amazon EC2 instance types in use
  • An AWS Config rule that identifies Amazon RDS instances that do not use encryption at rest
  • An AWS Service Catalog product that creates a curated version of Amazon Aurora that enforces encryption by default

In the workshop we used a single AWS Account and a single AWS Region to show you what's possible using open source service catalog tools and AWS Service Catalog. You can use the service catalog tools and AWS Service Catalog to provision products across AWS estates that have hundreds of AWS Accounts, in different regions based on your requirements.

What's next?

We recommend that you follow this workshop with further reading about service catalog factory and service catalog puppet to get a deeper understanding of how the service catalog tools work behind the scenes to easily create and provision curated AWS Service Catalog products across your organisation.

Level up your skills by trying out the tasks you've completed across an estate of AWS Accounts. Think about how you could fit the tools into your day-to-day workflow with AWS Service Catalog.


Remember to provide feedback for the workshop in the re:Invent mobile app before you leave. Your feedback helps us shape the content of workshops and is important in driving future work on service catalog tools.

If you'd like to provide feedback about the service catalog tools or report bugs in the workshop, please use our GitHub issue tracker.

Enjoy re:Invent!