In what's being described as a "radical shift" in its cloud strategy, the CIA has signed a reported $600 million, 10-year deal with Amazon Web Services (AWS) to build a private cloud, according to a story in Federal Computer Week.
Such a deal would be significant for multiple reasons. First, there are ongoing questions about whether cloud computing is an appropriate use case for important, mission-critical workloads and large enterprises. The CIA embracing the cloud to the tune of a $600 million contract could help dispel that somewhat.
In addition, the article reports that Amazon would likely build a private cloud for the government agency, meaning it would run, at least in part, on the CIA's own infrastructure, behind the CIA firewall, and not in Amazon-controlled public cloud data centers. That would be a radical shift for AWS, which does not have a private cloud offering for customers to run on their own premises.
The article reads: "While the full scope of its current contract with Amazon is not yet clear, it is likely this contract essentially brings a public cloud computing environment inside the secure firewalls of the intelligence community, thereby negating concerns of classified data being hosted in any public environment."
AWS has virtual private clouds (VPC), which are infrastructure as a service (IaaS) resources dedicated to specific customers, but it does not have a product for customers to deploy AWS-like clouds on customers own infrastructure. AWS partners such as Eucalyptus claim to fill this void. Some have questioned if private clouds are a business AWS may get into, but Bernard Golden, vice president of enterprise solutions at Enstratius, says building private clouds would not follow AWS's business model of high-volume, low-margin public cloud IaaS services.
Golden says the bigger takeaway from the CIA news is that a major government entity has chosen the AWS platform to mimic on its own premises, and not competing services from VMware or OpenStack, for example. "The CIA has access to a large amount of resources, they could have chosen any platform, and they decided this was the right architecture for their cloud," he says. "If the CIA is relying on Amazon's cloud, I think that means enterprises can be comfortable doing so."
As for AWS building what could be its first private cloud on a customer's premise, Golden says if the money is right, businesses are willing to work with clients. "If the CIA calls, you don't just hang up on them," he says.
AWS already has a stake in government cloud circles. The company has nine regions where customers can choose to deploy their IaaS services, including one in the Pacific Northwest only for government clients.
Mikhail Malamud, a former defense contractor who used to work with Amazon and founder of cloud gateway company CloudAware, which integrates with AWS IaaS Services, says he views this CIA deal as a beachhead for Amazon to expand its federal government customer base. If AWS can provide the CIA as a reference customer, it should be able to much more easily sign up other government clients.
A spokesperson for AWS did not immediately respond to a request for comment. FCW reported that neither AWS nor CIA officials would comment.