AWS Service Catalog Overview

AWS Service Catalog is designed to help organizations manage their AWS services and resources more efficiently, ensuring compliance and governance across the AWS environment. It simplifies the process for users to find, deploy, and manage cloud resources by providing a self-service portal where predefined and approved products can be easily launched. Here's a detailed breakdown:

Key Concepts and Workflow

• Admins and Users: The system is divided into admins, who create and manage the catalog, and users, who consume the products from the catalog.
• Products: These are essentially AWS CloudFormation templates packaged for easy consumption. Admins create these products to define the resources and configurations users can deploy.
• Portfolio: A collection of products (CloudFormation templates) grouped together. Admins can create portfolios to organize resources based on different criteria, such as project, department, or compliance requirements.
• IAM Permissions: Access controls are defined using AWS Identity and Access Management (IAM), determining who can access which portfolio and its products.
• Launching Products: Users select and launch products from the portfolio available to them. These products are provisioned as fully configured and ready-to-use AWS resources.

Sharing Catalogs

• Within an Account or Organization: Portfolios can be shared across accounts within an organization, facilitating standardized resource deployment.
• Two Sharing Options:
  1. Reference Sharing: The shared portfolio remains synchronized with the original, allowing recipients to see and launch any new products added over time.
     1. You can share in several ways, including account-to-account sharing, organizational sharing. This imported portfolio isn't an independent copy.
  2. Copy Sharing: A copy of the portfolio is deployed to recipient accounts, which is not synchronized with the original. Any updates in the original portfolio must be manually copied to the recipients.

Tags and TagOptions

• TagOptions: Predefined key-value pairs that can be associated with portfolios and products. These tags are automatically applied to resources when they are provisioned through the Service Catalog.
• Use Cases: Ensuring consistent resource tagging across the organization, enforcing tagging policies, and enabling easier management and identification of resources.
• Sharing TagOptions: TagOptions can also be shared across accounts or within an organization to maintain consistent tagging standards.

Benefits of AWS Service Catalog

• Compliance and Governance: Ensures that all resources deployed are compliant with organizational policies and standards.
• Simplified Resource Management: Provides a user-friendly interface for deploying and managing AWS resources, reducing complexity for end-users.