Cloud for Co-Managed Solutions

Also known as
Also known as: 
  • Amazon Web Services
  • AWS

ITS offers self-service cloud accounts via Amazon Web Services (AWS) for users who are interested in managing their own cloud resources without direct involvement from our technicians. This option allows you to have more autonomy over your data and resources, while still benefitting from features like adherence to institutional data management policies, cost control, and security protocols. ITS does not manage your account, but does have limited access as needed to monitor your resource usage, and ensure your account is compliant with all of our policies. 

Cloud for Co-Managed Solutions empowers you to experiment and innovate rapidly. You can quickly spin up and tear down resources, test new technologies or applications, and iterate on solutions without relying on external teams or undergoing lengthy approval processes.

This service is only available to users who meet a certain level of cloud technical management knowledge. 

Direct support from Amazon is also included in self-managed accounts. 

View and compare our various storage options to find the best solution for your needs. 

 

What's Included

  • Complete account management: Independently manage your AWS account through a self-service portal, including billing and payment information, access controls, and account preferences. 
  • Resource provisioning: Provision and manage your own cloud resources, such as virtual servers (EC2 instances), databases (RDS), and storage (S3). 
  • Cost & budget control: Self-service accounts include monitoring to control costs like budget alerts to track resource usage and stay within allocated budgets. 
  • Security & access control: Have complete control over who has access to your resources by configuring your permissions, security groups, and encryption. Note that ITS does monitor for compliance with centralized security policies. 
  • Collaboration & sharing: Share resources and collaborate with other team members within the organization only.

Cloud Services Comparison Table

Unsure of which cloud solution will meet your needs? Use our comparison chart for help.
FeaturesStandard Solutions on Demand (SSOD)Managed SolutionsCo-Managed Solutions
AWS Account TypeSharedDedicatedDedicated, non-production, sandbox
Solution ComplexityLowMedium/HighAny
ScopeStand-alone AWS EC2, S3, RDSNon-standard apps or services, internally-developed solutions, cloud improvementResearch-focused
Security Access ControlNo console access, role-based CLI/Shell/RDPLimited console access, role-based CLI/Shell/RDPConsole + CLI/Shell/RDP access, restricted IAM/Billing
Compliance StandardsNIST 800-53 rev 5, AWS Guardrails, Policy BoundariesNIST 800-53 rev 5, AWS Guardrails, Policy BoundariesNIST 800-53 rev 5, AWS Guardrails, Policy Boundaries
Supported Data TypesAll (PHI / PII included)All (PHI / PII included)All (PHI / PII included) with required Security attestation
Support GroupDedicated support teamExtended cloud team/white-glove support servicesEnd users, ad-hoc basic infrastucture support
Services ProvidedProvisioning, monitoring, patching, billing supportAll SSOD services + consultation, migration, HA/DR, cost optimizationAccount provisioning, service enablement, network connectivity, monitoring
*Consultation is available for $150/hour
Request MethodmyHelpdeskmyHelpdeskmyHelpdesk
User ResponsibilityMinimalMinimalSign agreement, show cloud knowledge, comply with standards
Who Can RequestAuthorized personnelAuthorized personnelAuthorized personnel
RateCloud usage fee + 25%Cloud usage fee + 40%Cloud usage fee + 5.5%
*Consultation is available for $150/hour
Use Case ExamplesStandalone EC2 instances w/ or w/o ALB (ex: New relic / Halo), Standalone S3 buckets, Standalone RDS instancesContainerized solutions, PaaS like Elastic beanstalk, serverless solutions (Lambda), Analytics (Glue, Athena, RedShift, EMR), Machine Learning / AI (Sagemaker, Bedrock, Amazon Q)Accounts for SDS, App Dev, Security; Insight, Recover, knitdema

Cost and Fees

Current pricing for this service is available on our Rates page under the “Cloud Services."

Service Requirements

Unless approved by WCM’s Security team, co-managed accounts cannot host  moderate-risk or high-risk dataCloud for Managed Solutions are strongly recommended for mid-risk or high-risk data usage.   

Frequently Asked Questions

How do I open a self-service AWS account?

You can submit a request for an account using our Research Computing/Storage Request form on the myHelpdesk site. 

What can I use an AWS self-service account for?

AWS accounts can be useful for several types of scenarios, including, but not limited to: developing and testing environments, running data for research or experimentation, creating hands-on training environments, innovating and prototyping proof-of-concepts, and for managing Agile and DevOps practices.   

Are there any limitations on using an institutional AWS account?

Self-service cloud accounts are not intended for sensitive or confidential data. There are guidelines and access controls that are not in place to prevent unauthorized access or accidental exposure of sensitive information.  

Accounts are also not suitable for hosting critical production systems or applications without proper governance and oversight. Mission-critical applications and systems may require specialized infrastructure, high availability, and more stringent operational processes that necessitate centralized management and monitoring. 

For more information, please review our Cloud and AWS security standards

 

Status

Good

Use this service

Contact its-ccoe@med.cornell.edu for questions about cloud self-service accounts. 

 

Need Help?

myHelpdesk
(212) 746-4878
Monday-Sunday
Open: 24/7 (Excluding holidays)
SMARTDesk
WCM Library Commons
1300 York Ave
New York, NY
10065
Mon & Thurs
9AM - 5PM
Make an appointment

Relevant to: