AWS, Cloud security, Internet of Things (IoT)

5 Mins Read

How to Simplify Self-Service Using AWS Service Catalog 


Managing the software and service deployment can be difficult and time-consuming when your organization has hundreds or thousands of users.  

Ensure your users install authorized software and create the right size instances. You must be certain they have the necessary permissions to access the required services and resources.  

In the past, this procedure would entail calling IT support and opening a ticket to request access for software installation. Large organizations may need hours or days to complete this procedure, which interferes with the end user’s ability to accomplish their work and lowers the organization’s productivity.  

By enabling administrators to compile various AWS services and applications into catalog portfolios of approved applications and access policies, AWS Service Catalog eliminates this problem. It enables AWS users within the account to choose and install software and services and create the instances listed in the catalog without requiring direct access to the underlying services.  

Introduction to the service catalog

Organizations can construct and manage a catalog of IT services allowed for AWS using the Service Catalog. These IT services include a full multi-tier application, EC2 instances, virtual machine images, software, and more.  

Businesses can centrally manage frequently used IT services using a service catalog, maintain consistent governance, and conform to regulatory requirements. End users can easily deploy only the IT services of your administrator, keeping the constraints set by your organization.  

Using Service Catalog provides the following advantages:  

1. Standardization:  

Restrict the product’s launch, the kind of instance that can be created and used, and various additional configuration possibilities to administer and manage allowed assets. Your entire organization now has a consistent landscape for product provisioning.  

2. Granular access control: 

Through AWS Identity and Access Management (IAM), users, groups, and administrators can offer access to product portfolios they have put together from their catalog by adding limitations and resource tags for provisioning.   

3. Launch and discovery in self-service: 

Users search through lists of the products (services or apps) they can access, find the one they wish to use, and then independently start it as a provisioned product.  

Making IT Networks Enterprise-ready – Cloud Management Services

  • Accelerated cloud migration
  • End-to-end view of the cloud environment
Get Started

Components in Service Catalog

1. Users:  

The service catalog supports the following types of users: Administrator- Manage a list of products (apps, servers, and services), keeping them together into portfolios and providing end users access. For advanced resource management, catalog administrators create AWS CloudFormation templates for products, set limitations, and manage IAM roles.  

End User – Obtain AWS credentials from their manager or IT department, then deploy products they have been given access to using the AWS Management Console.   

2. Product:  

An IT service that you intend to offer for deployment on AWS is referred to as a product. A product comprises one or more AWS resources, such as EC2 instances, storage volumes, databases, monitoring setups, and networking components. Products can range from fully configured multi-tier web applications operating in their environments to single compute instances running AWS Linux.  

By using an AWS CloudFormation template, you can create a product. AWS CloudFormation templates specify the AWS resources needed for the product, the connections between resources, and the input parameters that end users can use to set up security groups, create key pairs, etc., when the product is launched.  

3. Provisioned Products  

A stack is a provisioned product. When an end user launches a product, Service Catalog provisioned an instance of the product with the resources required to operate the product.  

4. Portfolios:  

It is the collection of the product. You can assign a name to the portfolio like “Dev Portfolio” for developer, “Prod Portfolio” for production resources, etc. Each type of user in your business can have a different portfolio created for them, and you can selectively offer access to the right portfolio. When added to a portfolio, a new product version is automatically made available to all current users.  

5. Versioning:  

You can have many versions of the products in your catalog using Service Catalog. Using this method, you can add fresh templates and related resources in response to software upgrades or configuration changes, for example. EC2 instance type change. Every user who has access to a product receives an automated update when a new version is created, giving them the option to choose which version of the product to use. Users can quickly and easily upgrade active instances of the software to the latest version.  

6. Constraints: 

The methods you can use to deploy AWS resources for a product are limited by constraints. They can be used to place product restrictions for cost management or governance.  

Initial Administrator Workflow

This diagram shows the initial workflow for an administrator to create a catalog.  

Source: Overview of Service Catalog – Service Catalog ( 

Initial End User Workflow

This diagram shows the initial workflow for the end user to launch a product.  

Source: Overview of Service Catalog – Service Catalog (  


The billing for AWS Service Catalog is determined by how many API calls your account makes to Service Catalog. Every month, calls are billed for the previous month’s usage. Only pay for the API calls you make. The cost of each API call depends on the tier it belongs to.  

For example, if the region is Ohio, the billing will happen as shown below:  

Number of API calls  Price per call 
1-1000  Free 
Over 1000  $0.0007 

Pricing for service catalog with one example:   

You want to create a portfolio with ten products in the AWS Service Catalog and grant access to the portfolio.  

You can use the AWS Service Catalog console, the AWS API, or the CLI to set up your catalog. Twenty-one API calls will be made in this example to set up and authorize access to the portfolio. The initial API request establishes the portfolio, which uses ten calls that links the products to your portfolio by ten calls. A user, group, or position is connected to the portfolio by the most recent call.  

Total bill (if free tier is exceeded) = 21 API calls * $0.0007 per call = $0.0147  

About CloudThat

As a pioneer in the Cloud consulting realm, CloudThat is AWS (Amazon Web Services) Advanced Consulting Partner, AWS authorized Training Partner, Microsoft Gold Partner, and Winner of the Microsoft Asia Superstar Campaign for India: 2021. Our team has designed and delivered various Disaster Recovery strategies to our customers.  

Our mission is to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere to advance in their businesses.  

To get started, go through our Expert Advisory page and Managed Services Package, CloudThat’s offerings. Then, you can quickly contact our highly accomplished team of experts to carry out your migration needs. Feel free to drop a comment or any queries about Audio-to-text Automated Conversion, AWS Transcribe, or any other AWS services; we will get back to you quickly. 


Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.

  • Cloud Training
  • Customized Training
  • Experiential Learning
Read More

About CloudThat

Incepted in 2012 is the first Indian organization to offer Cloud training and consultancy for mid-market and enterprise clients. Our business goal is providing global services on Cloud Engineering, Cloud Training and Cloud Expert Line. The expertise in all major cloud platforms including Microsoft Azure, Amazon Web Services (AWS), VMware and Google Cloud Platform (GCP) position us as pioneers in the realm. 

WRITTEN BY Mahek Tamboli



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!