Modern Operations Resolution SLA
The following tasks are covered under Rackspace Modern Operations Resolution SLA by hyperscaler.
For further details about Modern Operations SLA, please refer to the Rackspace Managed Public Cloud Service Guide, available in Solution Hub or by request. If you have questions about the Resolution SLAs or need a copy of the Service Guide, please email [email protected]
The resolution SLA is based on the number of items for each task which corresponds to how long the task will take to be completed. There will be a corresponding ticket that should be limited to single tasks and/or the same task for multiple devices/services.
AWS
Resource Type | Action | Description |
---|---|---|
S3 Storage Bucket | Create/Modify/Delete | Creating/Modifying an AWS storage account |
IAM Policy Updates | Create/Modify/Delete | Creating/Modifying an IAM access policies |
Security Group | Create/Modify/Delete | Creating/Modifying security groups and users |
Azure
Resource Type | Action | Description |
---|---|---|
Private Endpoint | Create/Modify/Delete | Creating/Modifying private communication between resources. |
Application Gateway | Create/Modify/Delete | Creating/Modifying layer 7 gateway (Load balancer) |
Application Gateway (WAF) | Modify | Adjusting Gateway WAF rule configuration. |
Virtual Machine Backup | Create/Modify/Delete | Update backup configuration including ad hoc and schedules. |
Virtual Network | Create/Modify/Delete | Create/Modify virtual network configuration |
GCP
Resource Type | Action | Description |
---|---|---|
Load Balancer | Create/Modify/Delete | Creating/Modifying/Destroying Cloud Load Balancers. |
Instance Group | Create/Modify/Delete | Creating/Modifying/Destroying GCP Instance Groups. |
Individual Compute Instance | Create/Modify/Delete | Creating process documents for modern operations tasks. |
OS Patching | Create/Setup | Creating process documents for modern operations tasks. |
Storage Bucket | Create/Modify/Delete | Creating/Modifying/Destroying Cloud Storage buckets. |
SSL Certificate | Create/Modify/Delete | Creating process documents for modern operations tasks. |
Firewall Rule | Create/Modify/Delete | Creating/Modifying/Destroying GCP Firewall Rule. |
Health Check | Create/Modify/Delete | Creating/Modifying/Destroying GCP Health Check. |
HA VPN Gateway | Create/Modify/Delete | Creating/Modifying/Destroying GCP HA VPN Gateway. |
SQL Cloud Instance | Create/Modify/Delete | Creating/Modifying/Destroying GCP Cloud SQL Instance. |
Cloud NAT | Create/Modify/Delete | Creating/Modifying/Destroying GCP Cloud NAT. |
Shared VPC | Create/Modify/Delete | Creating/Modifying/Destroying GCP Shared VPC. |
Persistent Disk | Create/Modify/Delete | Creating/Modifying/Destroying GCP Persistent Disk. |
AWS Resolution Time by Action
S3 Storage Bucket
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. Customers of all sizes and industries can use Amazon S3 to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides management features so that you can optimize, organize, and configure access to your data to meet your specific business, organizational, and compliance requirements.
Action Type | Single Task | Multiple Task |
---|---|---|
Create Bucket | 1 x 30 min | 10 x 60 min |
Modify Bucket | 1 x 30 min | 10 x 90 min |
Delete Bucket | 1 x 30 min | 10 x 90 min |
IAM Policy Updates
You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. A policy is an object in AWS that, when associated with an identity or resource, defines its permissions. AWS evaluates these policies when an IAM principal (user or role) makes a request. Permissions in the policies determine whether the request is allowed or denied. Most policies are stored in AWS as JSON documents. AWS supports six types of policies: identity-based policies, resource-based policies, permissions boundaries, Organizations SCPs, ACLs, and session policies.
Action Type | Single Task | Multiple Task |
---|---|---|
IAM Changes | 1 x 30 min | 10 x 60 min |
Security Group
A security group acts as a firewall that controls the traffic allowed to and from the resources in your virtual private cloud (VPC). You can choose the ports and protocols to allow for inbound traffic and for outbound traffic.
Action Type | Single Task | Multiple Task |
---|---|---|
Create security rule | 1 x 30 min | 10 x 60 min |
Modify security rule | 1 x 30 min | 10 x 60 min |
Delete security rule | 1 x 30 min | 10 x 60 min |
Azure Resolution Time by Action
Private Endpoint
A private endpoint is a network interface that uses a private IP address from your virtual network. This network interface connects you privately and securely to a service that's powered by Azure Private Link. By enabling a private endpoint, you're bringing the service into your virtual network.
Action Type | Single Task | Multiple Task |
---|---|---|
Create security rule | 1 x 30 min | 10 x 60 min |
Modify security rule | 1 x 35 min | 10 x 60 min |
Delete security rule | 1 x 30 min | 10 x 60 min |
Application Gateway
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 - TCP and UDP) and route traffic based on a source IP address and port, to a destination IP address and port.
Action Type | Single Task | Multiple Task |
---|---|---|
Create Application Gateway | 1 x 30 min | 10 x 150 min |
Modify Application Gateway | 1 x 30 min | 10 x 90 min |
Delete Application Gateway | 1 x 30 min | 10 x 120 min |
Application Gateway WAF
Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks
Action Type | Single Task | Multiple Task |
---|---|---|
Create Application Gateway with WAF | 1 x 30 min | 1 0x 90 min |
Modify Application Gateway WAF Rules | 1 x 30 min | 10 x 120 |
Delete Application Gateway WAF | 1 x 30 min | 10 x 70 min |
Azure VM Backup Management
Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scaling are simple, backups are optimized, and you can easily restore as needed.
Action Type | Single Task | Multiple Task |
---|---|---|
Enable VM Backup | 1 x 30 min | 1 0x 150 min |
Modify Backup configuration | 1 x 30 min | 1 0x 120 min |
Delete Backups | 1 x 30 min | 1 0x 90 min |
Azure Virtual Network Peering
Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines in peered virtual networks uses the Microsoft backbone infrastructure. Like traffic between virtual machines in the same network, traffic is routed through Microsoft's private network only.
Action Type | Single Task | Multiple Task |
---|---|---|
Create Peering | 1 x 30 min | 1 0x 60 min |
Modify Peering | 1 x 30 min | 1 0x 100 min |
Delete Peering | 1 x 30 min | 1 0x 60 min |
GCP Resolution Time by Action
GCP Load Balancer
A load balancer distributes user traffic across multiple instances of your applications. By spreading the load, load balancing reduces the risk that your applications experience performance issues. Google's Cloud Load Balancing is built on reliable, high-performing technologies such as Maglev, Andromeda, Google Front Ends, and Envoy—the same technologies that power Google's own products. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create LB | 1 x 90 min | 10 x 120 min | 160 mins |
Modify LB | 1 x 60 min | 10 x 120 min | 160 mins |
Destroy LB | 1 x 60 min | 10 x 120 min | 160 mins |
GCP Instance Groups
An instance group is a collection of virtual machine (VM) instances that you can manage as a single entity. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Instance Group | 1 x 60 min | 5 x 120 min | 160 mins |
Modify Instance Group | 1 x 60 min | 5 x 60 min | 160 mins |
Destroy Instance Group | 1 x 60 min | 5 x 60 min | 160 mins |
GCP Compute Engine
Compute Engine is a customizable compute service that lets you create and run virtual machines on Google’s infrastructure. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Compute Engine | 1 x 60 min | 5 x 120 min | 160 mins |
Modify Compute Engine | 1 x 30 min | 5 x 60 min | 160 mins |
Destroy Compute Engine | 1 x 30 min | 5 x 60 min | 160 mins |
GCP OS Patching
OS patch management to apply operating system patches across a set of Compute Engine VM instances (VMs).
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create OS Patching Job via GCP Console OS Patch Management (each time) | 1 x 60 min | 5 x 120 min | 160 mins |
Create OS Patching Job via Deployment (recurrent automated when managed IAC) | 1 x 60 min | 5 x 120 min | 160 mins |
Cloud Storage Buckets
Buckets are the basic containers that hold your data. Everything that you store in Cloud Storage must be contained in a bucket. You can use buckets to organize your data and control access to your data, but unlike directories and folders, you cannot nest buckets. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Bucket | 1 x 60 min | 5 x 120 min | 160 mins |
Modify Bucket | 1 x 60 min | 5 x 120 min | 160 mins |
Destroy Bucket | 1 x 60 min | 5 x 120 min | 160 mins |
SSL Certificate Update
Certificates that are applied to the load balancer may need to be added or created based on the request. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create | 1 x 60 min | 5 x 120 min | 160 mins |
Update | 1 x 60 min | 5 x 120 min | 160 mins |
Destroy | 1 x 30 min | 5 x 60 min | 160 mins |
GCP Firewall Rule
VPC firewall rules let you allow or deny connections to or from virtual machine (VM) instances in your VPC network. Enabled VPC firewall rules are always enforced, protecting your instances regardless of their configuration and operating system, even if they have not started up. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Firewall Rule | 1 x 30 min | 5 x 60 min | 160 mins |
Modify Firewall Rule | 1 x 30 min | 5 x 40 min | 160 mins |
Destroy Firewall Rule | 1 x 30 min | 5 x 40 min | 160 mins |
GCP Health Check
Google Cloud offers configurable health checks for Google Cloud load balancer backends, Traffic Director backends, and application-based auto healing for managed instance groups. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Health Check | 1 x 30 min | 5 x 60 min | 160 mins |
Modify Health Check | 1 x 40 min | 5 x 40 min | 160 mins |
Destroy Health Check | 1 x 40 min | 5 x 40 min | 160 mins |
GCP HA VPN Gateway
HA VPN gateways use the HA VPN API and provide a 99.99% SLA. This configuration uses a tunnel pair, with one tunnel on each HA VPN gateway interface. To receive a 99.99% SLA, you must configure VPN tunnels on both HA VPN gateway interfaces. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create VPN Gateway | 1 x 120 min | 5 x 180 min | 160 mins |
Modify VPN Gateway | 1 x 60 min | 5 x 90 min | 160 mins |
Destroy VPN Gateway | 1 x 40 min | 5 x 90 min | 160 mins |
GCP Cloud SQL Instance
Google Cloud SQL is a fully managed database service that makes it easy to set up, maintain, manage, and administer your relational MySQL, PostgreSQL, and SQL Server databases in the cloud. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Cloud SQL Instance | 1 x 60 min | 5 x 120 min | 160 mins |
Modify Cloud SQL Instance | 1 x 30 min | 5 x 60 min | 160 mins |
Destroy Cloud SQL Instance | 1 x 30 min | 5 x 60 min | 160 mins |
GCP Cloud NAT
Google Cloud's managed network address translation service, enables you to provision your application instances without public IP addresses while also allowing them to access the internet. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Cloud NAT | 1 x 90 min | 5 x 180 min | 160 mins |
Modify Cloud NAT | 1 x 40 min | 5 x 90 min | 160 mins |
Destroy Cloud NAT | 1 x 40 min | 5 x 90 min | 160 mins |
GCP Shared VPC
Shared VPC lets organization administrators delegate administrative responsibilities, such as creating and managing instances, to Service Project Admins while maintaining centralized control over network resources like subnets, routes, and firewalls. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Shared VPC | 1 x 40 min | 5 x 120 min | 160 mins |
Modify Shared VPC | 1 x 30 min | 5 x 40 min | 160 mins |
Destroy Shared VPC | 1 x 30 min | 5 x 40 min | 160 mins |
GCP Persistent Disk
Persistent Disk volumes provide high-performance and redundant network storage. If instance drift is detected additional time will be required to true up the IaC pipeline.
Action Type | Single Task | Multiple Task | Drift/Outdated IaC |
---|---|---|---|
Create Persistent Disk | 1 x 30 min | 5 x 90 min | 160 mins |
Modify Persistent Disk | 1 x 30 min | 5 x 60 min | 160 mins |
Destroy Persistent Disk | 1 x 30 min | 5 x 60 min | 160 mins |
Updated 10 months ago