Before you start the workshop, let’s go through what would be the outcome.

You create five products in AWS Service Catalog - Product-S3, Product-SQS, Product-SNS, Product-DynamoDB and Product-Redshift. The products are created using AWS Cloudformation template for these services.

Product-S3: Creates an Amazon S3 bucket.

Product-SQS: Creates an Amazon Simple Queue Service Queue.

Product-SNS: Creates an topic and subscription in Amazon Simple Notification Service.

Product-DynamoDB: Creates a table in Amazon DynamoDB.

Product-Redshift: Creates an single node Amazon Redshift cluster.

In actual production use, the products are more complex Cloudformation templates and are used to deploy workloads. The products has been kept simple to save time and also to ensure you incur minimum cost when deploying them.

You then organize the products under two portfolios - database-portfolio and app-service-portfolio. The products Product-S3, Product-SQS and Product-SNS go under app-service-portfolio and the remaining two products go under database-portfolio.

You create two users - databaseuser and applicationuser who can use these portfolios and products to launch new AWS Services. The users will have permissions to launch services only from the AWS Service Catalog. They cannot create the same services from the AWS Console.

databaseuser will have access to database-portfolio only; while applicationuser can access both database-portfolio and app-service-portfolio.

You will also create an IAM role awsdojocatalogrole which is used by the Service Catalog to provision the products.

Sounds interesting! Let’s start building now.