AWS MSP checklist – Details and steps to becoming an AWS MSP Partner

AWS is one of the world’s leading cloud service providers, offering various products and services organizations use to scale, innovate, and grow. To maximize the benefits of these resources, many companies rely on AWS Managed Service Providers (MSPs) partners who have attained a high degree of AWS knowledge and proficiency.

Becoming an AWS MSP requires completing a rigorous audit and adhering to the AWS MSP Checklist, requirements, and best practices. This article provides a detailed guide to understanding the AWS MSP Checklist and practical steps for achieving AWS MSP status.

Summary of the AWS MSP checklist

Here’s a step-by-step guide on becoming an AWS MSP.

Join AWS Partner Network (APN).	You must be a member of the AWS partner network to be eligible for their MSP program. Unlock advanced or premium tier on AWS APN. Review the requirements listed on the AWS partner network portal.
Create best practice offerings.	Create best practice offering relevant to your organization.
Prepare for AWS MSP Validation Checklist.	Go through the validation checklist and ensure all the mandatory requirements are met.
Apply.	The application involves a self-assessment and a pre-assessment from an independent third party.
Pass the review assessment.	Prepare for and pass an in-depth audit.
Post Audit.	Steps to take after a full audit has been completed.
Stay compliant.	Ensure you stay compliant for future audits to keep availing of all the AWS MSP program benefits.

MSP Partner Program benefits

AWS MSP Partner certification establishes credibility and trust among clients. It demonstrates expertise in managing AWS environments, implementing best practices, and delivering high-quality services. 

Access additional resources

AWS-certified MSPs gain access to:

• Wide range of resources, including technical support, training materials, and documentation.
• Joint marketing activities and collaboration opportunities with AWS teams. 
• Invitations to strategy sessions, account mapping discussions, and customized co-selling courses.

They stay up-to-date with the latest AWS services, features, and best practices and can offer cutting-edge solutions to their clients.  

Stand apart from the competition

The MSP Partner program also differentiates MSPs from their competitors. They can attract a broader customer base, leading to business growth, partnerships, and new revenue streams. MSPs benefit both from the reputation and market reach of AWS. For example, AWS MSP partners can target the following customer demographics.

• Small and medium enterprises (SMEs) that lack the resources and expertise to independently manage complex IT infrastructure and cloud services. 
• Startups with limited IT budgets that need to scale their infrastructure as they expand.
• Large enterprises with complex IT environments and diverse systems that require specialized expertise to migrate their on-premises infrastructure to the cloud.
• Online retailers and ecommerce businesses that require scalable and high-performing infrastructure to handle seasonal peaks in demand.
• SaaS companies that host and deploy applications on cloud platforms like AWS. 

MSPs can provide cost-effective solutions, scalability, round-the-clock support, and guidance to new and existing AWS customers.

Step 1—Join the AWS Partner Network (APN) 

The first step to becoming an AWS MSP is to join the APN, which provides technical, business, and marketing support to grow your AWS-based business. Go to this link to join the AWS APN. It is important to note that AWS assigns the Alliance Lead role to whoever signs up for the APN. The Alliance Lead should have the legal authority to accept the AWS Partner Network Terms and Conditions for your business. This could be the owner of the company, someone working in the company, or a consultant hired for this specific role.

Once you have completed the registration process, you should then be able to log in to the APN partner central portal. Here’s the link to the official AWS video tutorial on registering for APN. 

Achieve Advanced or Premier Tier 

MSPs must be at the APN Advanced or Premier Tier level to qualify for the MSP partner program. For Advanced Tier, you require at least eight certified employees and:

• Four AWS foundation certified employees 
• Six technical certified individuals (three must hold professional or specialist level certifications).

For Premier Tier, you require twenty accredited individuals, ten foundational certified individuals, and twenty-five technical certified individuals, out of which at least ten hold professional or specialist-level certifications. Both tiers also have additional criteria on the project values you have delivered and a USD 2500 annual fee.

Review program requirements 

This is the best time to contact your AWS Partner Manager. You will be assigned a manager as soon as you become an APN member. You can email or call support to connect you with your partner manager. 

Thoroughly review the program requirements to ensure your business meets all the criteria to become an AWS MSP. The program requires an extensive independent audit to validate your capabilities in delivering AWS solutions. Make sure to assess your company’s qualifications, including technical expertise, customer support, and financial stability, before proceeding further.

Step 2—Create a best practice offering

The next step is to create a defined managed services offering specifically for AWS customers, aligned to AWS best practices like those below.

Adopt AWS Well-Architected Framework

The AWS Well-Architected Framework should form the cornerstone of your best practices offering. It comprises five pillars: 

1. Operational Excellence
2. Security
3. Reliability
4. Performance efficiency, and
5. Cost optimization. 

Each pillar has a set of principles and best practices that you should ingrain into your offerings and customer solutions. For instance, you can implement and advocate AWS’s extensive security tools and services, such as AWS Shield for DDoS mitigation, AWS WAF for protection against web exploits, and Amazon Inspector for automated security assessments.

Promote efficiency in cloud operations

DevOps principles such as Infrastructure as Code (IaC), Continuous Integration and Continuous Delivery (CI/CD), and Microservices architectures are essential to efficient cloud operations. Showcase your ability to build robust disaster recovery and backup solutions using AWS services like Amazon S3, AWS Backup, and AWS Disaster Recovery. You can also implement best practices like rightsizing, increasing elasticity and using pricing models that best suit the workload. You can incorporate tools like AWS Cost Explorer, AWS Budgets, and AWS Trusted Advisor for managing and optimizing costs.

Support regular auditing and reporting.

You must ensure your infrastructure aligns with AWS best practices and prioritize identifying improvement areas. You must offer regular audits of the AWS environment using the AWS Well-Architected tool. Provide customers with detailed reports outlining their AWS usage, costs, performance, and security posture and offer continuous compliance monitoring. Services such as AWS Config and AWS CloudTrail can monitor and log activities so that you can ensure all operations comply with the desired regulations and standards.

Step 3—Prepare for AWS MSP Validation Checklist 

Familiarize yourself with the AWS MSP Validation Checklist Version 5 (login required) and prepare your organization to meet all the requirements. Whereas the previous versions of VCL were point-based, the new version 5 VCL has replaced points with requirements that are either mandatory or recommended. You must meet all the mandatory requirements to be eligible for the MSP program. 

It is essential to fulfill as many recommended requirements as possible since some would be changed to mandatory. Version 6 release is due sometime in 2023. The latest version 5, released in 2022, categorizes its requirements into four sections:

Section	Description
Plan and design	Design customer solutions based on AWS best practice.
Build and migrate	Build new infrastructure and migrate existing workloads to AWS.
Run and operate	Run and operate customer workloads securely and efficiently.
Optimize	Continuously improve customer workloads.

Each section contains a variety of checks that MSPs must meet, which includes possessing AWS Certified individuals, providing specific services, demonstrating AWS usage, and submitting customer case studies.

Plan and design 

The plan and design phase of the AWS MSP Checklist focuses on establishing a strong framework and strategy that aligns with the customer’s business objectives and AWS best practices. This phase sets the stage for implementing and maintaining the customer’s cloud infrastructure.

The MSP defines its core competencies, service offerings, and target market in this phase. It involves identifying the specific AWS services the MSP intends to specialize in and the competencies they will acquire to demonstrate expertise. Additionally, MSPs can:

• Establish a governance framework with policies and procedures that outline how they will manage customer environments on AWS.
• Design a well-documented and scalable onboarding process that accommodates multiple customers simultaneously.
• Select and implement the appropriate operational tools that integrate with AWS cloud offerings.
• Design well-defined service offerings that align with customer requirements. 

MSP offerings should include clear deliverables, service-level agreements (SLAs), and pricing structures.  You should also utilize this phase to assess staffing requirements and hire, train, or upskill staff as required. It is also critical to develop a comprehensive business continuity plan to mitigate potential risks and ensure the continuity of services in the event of disruptions. This plan should address disaster recovery, backup strategies, and incident response procedures.

You can thus use the plan and design phase to establish a solid foundation for subsequent phases of the AWS MSP Checklist.

Build and migrate

The build and migrate phase of the AWS MSP Checklist focuses on implementing the cloud infrastructure based on the agreed-upon design and migrating existing workloads to the Amazon Web Services (AWS) platform. The first step is to build the AWS environment according to the design specifications developed previously. This involves provisioning the necessary AWS resources, such as virtual private clouds (VPCs), subnets, security groups, and storage solutions. MSPs should follow AWS best practices and use automation tools like AWS CloudFormation or AWS CDK to enable repeatable and consistent infrastructure deployment.

Next, MSPs should carefully plan and execute the migration strategy, considering factors such as workload dependencies, data transfer requirements, and minimizing downtime. AWS provides several migration services, such as AWS Server Migration Service (SMS) or AWS Database Migration Service (DMS), to facilitate a smooth transition from on-premises or other cloud platforms to AWS. MSPs must validate and test the environment thoroughly before going live with the migrated workloads.

Additionally MSPs can:

• Create a secure and reliable network architecture that enables seamless communication between on-premises resources and AWS services.
• Implement appropriate security controls, such as Identity and Access Management (IAM), security groups, and encryption mechanisms.
• Define backup schedules and data replication strategies.
• Implement robust monitoring and logging mechanisms to gain visibility into the performance and security.

MSPs can deliver a smooth and successful customer migration experience by following the guidelines and best practices outlined in the build and migrate phase of the AWS MSP Checklist.

Run and operate

In the run and operate phase. of the AWS MSP Checklist, MSPs take on the responsibility of managing and maintaining the customer’s AWS cloud infrastructure.

MSPs must proactively monitor the AWS environment to ensure optimal performance and availability. They can use AWS CloudWatch and other monitoring tools to track key performance metrics. Configuring alerting mechanisms is critical to identify deviations from predefined thresholds and take timely actions.

MSPs should also establish robust incident and problem management processes. This includes promptly responding to incidents, troubleshooting, and resolving problems to minimize service disruptions. AWS expects MSPs to:

• Maintain a comprehensive knowledge base and documentation to streamline incident resolution and share best practices
• Continually assess and address security vulnerabilities, implement security patches, and review access controls.
• Closely monitor resource utilization trends to anticipate capacity needs and ensure scalability. 
• Conduct regular backups, verify backup integrity and test recovery processes periodically.
• Provide regular reports and promptly address any concerns or questions raised by the customer.
• Conduct regular performance reviews to build trust and strengthen the partnership.

The run and operate phase of the AWS MSP Checklist provides opportunities to improve the AWS environment continuously. AWS expects MSPs to stay current with AWS best practices, new features, and service updates. They should leverage the latest advancements and continuously enhance the customer’s environment.

Optimize

The optimization phase of the AWS MSP Checklist focuses on continually improving the customer’s AWS environment to help customers achieve maximum value from their cloud investments. It involves identifying and implementing strategies to eliminate unnecessary expenses.  For instance, MSPs can:

• Analyze the customer’s cost data and identify idle underutilized resources.
• Recommend the right sizing to select the appropriate instance types and sizes based on workload requirements.
• Automate routine operational tasks and implement orchestration workflows to streamline processes. 
• Identify inefficient storage options and optimize data transfer costs
• Identify system bottlenecks and fine-tune configurations to improve overall system performance.

This phase requires tooling for cloud governance including provisioning, configuration, security management, and cost optimization. CloudBolt offers an integrated set of tools that allow MSPs to leverage a single platform and a single pane of glass to meet the functionality requirements. These capabilities include:

• Cloud automation. Learn more (here)
• Cloud security management, Learn more (here)
• Cloud cost optimization including cloud resource right-sizing, Learn more (here)

An integrated toolset provides confidence to the operations team by avoiding mistakes and oversight, and reduce expenses associated with managing client environments.

The optimization phase of the AWS MSP Checklist thus empowers MSPs to continuously improve the efficiency, performance, and cost-effectiveness of their customers’ AWS environments. 

Step 4 – Apply and pass assessments.

After reviewing the program requirements and confirming your eligibility, it’s time to apply for the AWS MSP program. The application process typically involves providing detailed information about your company, its expertise, and customer references and completing the necessary forms. Take the time to fill out the application accurately and provide relevant supporting documentation.

You must complete and email the AWS MSP checklist for your self-assessment. AWS will then review the checklist within ten business days and schedule a pre-assessment that a third-party firm conducts remotely. Pre-assessment costs USD 2000 and typically takes up to 8 hours. Following the pre-assessment result, AWS will move the MSP to a full audit or ask it to meet and provide further evidence for any lacking requirements. 

The full audit or MSP Review Assessment is an intensive two-day audit conducted by an independent third party (Information Security Systems International) that validates an organization’s capabilities across various criteria. MSPs have to demonstrate the business and technical best practices outlined in the AWS MSP Checklist consistently and accurately. 

There are two key things MSPs need to bring to the audit. 

1. The process documents required by the audit checklist, including documented procedures, process guides, instructions, and any related plans.
2. Implementation evidence like test reports, checklists, emails, minutes of meetings, design documents, and implementation plans.

You must also demonstrate using tools in a live presentation in front of the auditor in a test or sandbox environment.

Tips for passing audit

Collate all the evidence into a central folder, keeping track of which items were prepared by specific individuals and organizing or tagging them with control numbers. Do not waste time creating extensive PowerPoint slides capturing every detail. The best approach is to create a few high-level slides as discussion points. 

Coordinate calendars and make sure all stakeholders are available when needed. Having every audit prep team member attend the entire audit is unnecessary. But everyone involved in the audit preparation, especially all subject matter experts (SMEs), should be on standby if the auditor asks a question.

Start with an explanation of how you’re going to proceed. Always describe your process first, even if the checklist does not require a process description. If you have a detailed written procedure, show it, but only elaborate details if asked specific questions by the auditor. Watch for signals or gestures from the auditor that imply “too much,” “too little,” “too slow,” or “confusing.” If the auditor says “enough” and asks to move on, you have covered all the points —Don’t feel offended; it’s a good sign!

Every audit prep member must present their own evidence. Don’t present evidence on someone else’s behalf because you may not be able to answer it correctly during probing questions from the auditor. The auditor may also want to test your system by asking where you keep your records. 

Common reasons for failing an audit

One of the most common reasons for failing audits is that MSPs are not able to provide the required evidence, such as processes, records, or documents.

Or sometimes, they will provide evidence, but it falls short because the stakeholder had an incorrect understanding of what was required. Perhaps they were not paying close attention to the details of the requirements. The audit checklist is built on international and industry best practices, but in some regions, some practices are not aligned with the checklist, which can lead to failure in a particular part of the audit.

MSPs also fail because stakeholders have not properly reviewed and rehearsed their presentation, or they rushed through their prep as the audit date closed in. Sometimes failures happen when you rely too heavily on a single SME during the audit prep, and that person isn’t there on the day of the audit.

Step 5—Post audit and beyond 

After the audit, you can gather all stakeholders and conduct a comprehensive debrief. Identify follow-up action items and lessons learned. If there’s an action item that needs a response, make sure to provide a corrective action and not just a correction.

Evaluating results

If an MSP fails the audit, action items are critical to getting back on track. Auditors also issue an “Opportunities for Improvement” document, or OFI, which contains suggestions, recommendations, best practices, and potential issues that appeared during the audit. Although the OFI recommendations are optional, AWS strongly encourage partners to act on them.

If you have passed the audit, then congratulations! The audit team members and the MSP organization should be proud of the effort and what it will do for the business going forward.

It’s a good idea to establish maintenance procedures to ensure the renewal of the AWS MSP designation—currently every three years—goes smoothly. Identify a champion in your organization to own and keep current on the requirements. The champion should direct compliance and ensure the system meets requirements anytime.

If any of the original preparation team members leave the company, find replacements. As a best practice, MSPs should conduct an annual internal review on compliance, at least on the mandatory items against the most recent AWS MSP checklist. In parallel, partners should be aware of the yearly AWS MSP Performance-Based Renewal motion between full audits designed to validate partners’ MSP practice on an ongoing basis.

Final words

Becoming an AWS Managed Service Provider (MSP) is an accomplishment that sets organizations apart, positioning them as industry leaders capable of delivering comprehensive AWS solutions. Becoming an AWS MSP demands a commitment to building deep AWS expertise, achieving operational excellence, and focusing on customer success.

The AWS MSP checklist is a critical roadmap in this journey, outlining stringent technical and business requirements that potential MSPs must meet. Adherence to this checklist ensures that AWS MSPs deliver reliable, secure, and cost-effective services that align with AWS’s best practices. From cultivating a team of certified professionals and developing a broad range of AWS service capabilities to demonstrating proven customer success and providing a solid business value-add, each point in the checklist ensures development toward becoming a top-tier MSP.

Becoming an AWS MSP is an intensive but rewarding journey that fosters growth, customer satisfaction, and business success. The AWS MSP Checklist is your guide, and the audit process is your milestone. CloudBolt specializes in providing the required tooling to meet the requirements of the AWS partnership program. With years of experience and a commitment to the MSP market, CloudBolt can be a reliable partner in your journey. Learn more here.  

Remember, it’s not just about achieving the status; it’s about delivering unparalleled value to your customers and shaping a future in the cloud.