AggieCloud

Billing and Provisioning

We smooth out the billing and provisioning of cloud accounts, consolidating related financial entities into simplified billing families. Further, this service allows you to pay for cloud provider charges via recharge billing to a local UC Davis accounting source, instead of having to deal with recurring vendor invoices.

Benefits include:

• Automatic billing against a UC Davis funding source; one funding source per account
• Protection against continuity-of-service interruptions due to unpaid / misrouted bills
• Membership in UC-wide protections, such as the AWS limited liability agreement
• Automatic participation in data egress discount pricing
• Avoiding yearly membership prepayment, such as the one required by Azure.  

Security

IET engages with AggieCloud clients to help them protect the integrity of their data and research. As part of our core security model, accounts that are part of AggieCloud enjoy the following security enhancements out-of-box:

• User authentication through the uConnect Active Directory service
• Single sign-on to cloud accounts
• Secured root access to provide security against unauthorized account control
• Auto-enrollment in AWS intelligent threat detection service, GuardDuty.
• DUO multi-factor authentication for each user account

We are also iterating in partnership with campus Information Security Office to further enhance client security. These will be beta-tested with members on an opt-in basis, then rolled out to all members via the Service Catalog to allow them to add onto their accounts if they so choose. Our goals are to:

• Work to establish clear lines of accountability with your unit as required by the UCOP Electronic Information Security policy.
• Provide compliance pathways for the diverse suite of cloud services as required by the UCOP policy
• Develop security-minded product lines to make available to members via the Service Catalog.

AggieCloud Privacy Policy

Support

• The Knowledge Base holds a vast amount of documentation for AggieCloud. 
• Tier 1 support is provided by IT Express. 
• All AggieCloud AWS accounts come with AWS's top tier support out-of-the-box: Enterprise Support. Users are able to connect with Amazon on architecture advice and reviews, service launch support, and more. For a complete list of perks, please check out their service page.

Community of Practice

IET has set up various channels of communication and partnerships with campus units to facilitate communication and add to our collective expertise with the cloud:

• Consulting services on cloud architectures
• Cloud-specific special interest groups such as the AWS SIG.
• Slack channels on the UC Davis slack such as #cloud-computing and others
• Reference architecture git repository
• Training and workshops on cloud computing

Additional Services

In addition to the security services listed above, AggieCloud provides the following:

• A web application for managing access to your AWS cloud accounts
• Intelligent threat detection pre-configured for AWS accounts
• AggieCloud is an active development project and as it evolves we will be rolling out new services. Be on the lookout for:
  • Architectural templates for deploying resources into your cloud accounts
  • Research tools that make getting up-and-running with simple data analyses easier
  • Tools that provide insights into the security of your cloud resources