5.1.1.1 Employ technology watches Copy URL
The repository shall employ technology watches or other technology monitoring notification systems.
This is necessary to track when hardware or software components will become obsolete and migration is needed to new infrastructure.
Management of periodic technology assessment reports. Comparison of existing technology to each new assessment.
The objective is to understand when any subsystem poses a risk of obsolescence, and enable planning migration to new technology before interoperability mechanisms are no longer available. This can be driven by proprietary software dependencies (the vendor no longer supports the subsystem component), and by emergence of new protocols (the mechanism for accessing the system has become obsolete and is no longer supported).
APTrust has two primary strategies to meet this requirement.
The first one is the offboarding of datacenter and physical hardware monitoring to AWS as well as the logical hardware (IaaS) by migrating to a platform solution (PaaS). As defined in the AWS Shared Responsibility model AWS is now responsible for both:
“AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.”
“For abstracted services, … AWS operates the infrastructure layer, the operating system, and platforms, and customers access the endpoints to store and retrieve data.”
When changes to the underlying infrastructure require APTrust to take action on the logical (virtual) infrastructure, AWS informs APTrust by email and the AWS event console.
“A new ElastiCache service update, elasticache-redis-6-2-6-update-20230109, is now available for your ElastiCache cluster(s). Service updates improve the security, reliability, and operational performance of your ElastiCache nodes and can be applied using ElastiCache console, API or AWS CLI.
For more information on such updates including risk assessment, cluster impact analysis and whether to apply them or not, see ElastiCache Service Updates FAQs https://aws.amazon.com/elasticache/elasticache-maintenance/.
Applicable ElastiCache cluster name(s) for this service updates
apt-elasticache-staging
apt-elasticache-demo
apt-elasticache-prod
Service Update Summary:
Service Update Name: elasticache-redis-6-2-6-update-20230109, Severity: medium, Update Type: engine-update, AWS Recommended Apply By Date: 2023-03-18 07:59:59 UTC, Auto-Update after Due Date: no, AWS Region: us-east-1”
For infrastructure resources operated and maintained by APTrust on AWS, APTrust uses the AWS Cloudwatch suite, which consists of logging aggregator, deep performance monitoring, alarms, and analysis tools.
Ref: AWS Shared Responsibility model
Ref: AWS Cloudwatch
“You are receiving this email because your Amazon CloudWatch Alarm “mid-tier-prod-RDSAlarmCPUHigh-UBN3S8J42LNZ” in the US East (N. Virginia) region has entered the OK state, because “Threshold Crossed: 2 out of the last 3 datapoints [32.34166666666667 (15/11/22 20:07:00), 41.041666666666664 (15/11/22 20:06:00)] were not greater than the threshold (90.0) (minimum 2 datapoints for ALARM -> OK transition).” at “Tuesday 15 November, 2022 20:09:01 UTC”.
View this alarm in the AWS Management Console:
Alarm Details:
– Name: mid-tier-prod-RDSAlarmCPUHigh-UBN3S8J42LNZ
– Description: An alert for when the RDS CPU usage is very high for multiple periods.
– State Change: ALARM -> OK
– Reason for State Change: Threshold Crossed: 2 out of the last 3 datapoints [32.34166666666667 (15/11/22 20:07:00), 41.041666666666664 (15/11/22 20:06:00)] were not greater than the threshold (90.0) (minimum 2 datapoints for ALARM -> OK transition).
– Timestamp: Tuesday 15 November, 2022 20:09:01 UTC
– AWS Account: 997427182289
– Alarm Arn: arn:aws:cloudwatch:us-east-1:997427182289:alarm:mid-tier-prod-RDSAlarmCPUHigh-UBN3S8J42LNZ”