Often called "AWS Landing Zone", it is a set of baseline settings and rules for governing your cloud resources and ensuring that they conform to necessary standards and security best-practices.

Why you are providing such offering if guides on AWS best-practices exist and are publicly available?

Whether you're starting your cloud journey or you're a seasoned cloud veteran, governing your cloud resources and ensuring that they conform to necessary standards is not an easy task. Although security best-practices guides exist and are publicly available, knowing which services to use, how to configure them, and how to perform these tasks at scale can easily end up in misconfiguration unless it's done in a clear, automated, and repeatable way.EraCloud's Yaseer solution provides an enterprise-scale governance and security solution that configures and updates multi-account, multi-region AWS Organizations organizational units (OUs) based on AWS services.

Customers often start using AWS with a single account with few resources for testing and experimenting. As their workload increase, more resources are added and more people are involved and given access to that AWS account. With time, customers find themselves mixing different types of workloads, different environments and different skills on that single AWS account. This creates a very challenging environment to maintain, keep secure and up-to-date. A multi-account environment is an answer to these challenges. An AWS account acts as a natural border for your resources, thus having different accounts for different workloads makes governance and security easy.

No. When you use AWS, you pay for the resources you are using in that account, you don't pay for the account itself. So, if we suppose you have 3 environments (development, staging, production) in a single account, and these environments (combined) cost you $1,000 per month, you will still pay the same $1,000 per month even if you move each environment to it's own dedicated AWS account.

• Simplified billing: Using multiple AWS accounts simplifies how you allocate your AWS cost, by helping to identify which product or service line is responsible for an AWS charge.
• Rapid innovation with various requirements: You can allocate AWS accounts to different teams, projects, or products within your company. Separate accounts provide a mechanism for rapid innovation, while allowing for unique security requirements.
• Sandbox accounts: You can create "temporary" accounts to test or develop something, then once it is completed you can terminate that account along with its resources completely.
• Flexible security controls: You can use multiple AWS accounts to isolate workloads or applications that have specific security requirements, or must meet strict guidelines for compliance, such as HIPAA or PCI DSS.
• Easily adapts to business processes: You can easily organize multiple AWS accounts in a way that best reflects the diverse needs of your company’s business processes, such as different operational, regulatory, and budgetary requirements.

I already have an AWS account, can I still benefit from your solution?

Yaseer can be deployed in any AWS region. You chose the AWS region of your preference.

Yaseer is an arabic word which stands for simplicity and ease. It is a word which reflects our vision for the solution.

Yaseer is a governance and security solution. It is built to configure and update multi-account, multi-region AWS Organizations OUs and enforce your pre-defined rules on AWS resources and users. The solution works as a fundamental baseline to lay the foundation for a cloud migration or any modernization journey, or to manage large growing AWS environments. The process of onboarding to Yaseer consists of two parts: technical design sessions and Yaseer deployment.

The technical design sessions are intended to map out the customer's business needs. They are held between EraCloud's solutions architects (SAs) and the customer's stakeholders in research and development, security, networking, finance, and operations. Technical design sessions cover AWS account structure, AWS Identity and Access Management structure, business continuity, backup policies, compliance requirements, and more.

The deployment of Yaseer is simple and straightforward through out an AWS ec2 instance. Once the Yaseer has been deployed, EraCloud's engineers will configure the solution alongside the customer according to the requirements from the technical design sessions to ensure that by the end of the process the customer has the necessary know-how to operate and manage the solution. Cost governance and control are assured by enabling detective guardrails for resources and setting resource limits and account budget alerts.

1. Technical design sessions: Meetings between EraCloud SAs and customer stakeholders to map out business needs
2. Yaseer deployment: EraCloud engineers will deploy Yaseer and configure high-availability options.
3. Configuration and customization: EraCloud's engineers will configure Yaseer framework alongside the customer according to the requirements from the technical design sessions.
4. Flexible network blueprints: Customizable network topologies allowing network connectivity between your on-premises datacenter and other cloud vendors.
5. Data protection: Enforce security policies such as public Amazon Simple Storage Service (Amazon S3) buckets, encryption, key deletion, custom alerts, backups and replication.
6. Cost governance and control: Enable detective guardrails for resources, setting resources limits and account budget alerts.

Several factors define how much deploying a Yaseer solution can cost. The cost is highly defined by the length of the technical sessions conducted by EraCloud engineers and the amount of the necessary customization needed to meet customer's business and technical requirements.

Deploying a full solution can vary from few days to several months depending on your business case.