Sold by: KionÂ
Deployed on AWS
Kion automates CloudOps with a single platform providing policy-based identity, FinOps, and compliance for multicloud infrastructure. Kion helps organizations achieve governance by default through improved visibility, automation, guardrails, and guidance across AWS, Azure, GCP, and OCI environments. This helps enterprises reduce complexity, eliminate chaos, and minimize manual work so they can innovate faster with less risk.
Overview
Kion automates CloudOps with a single platform providing policy-based identity, FinOps, and compliance for multicloud infrastructure. Kion helps organizations achieve governance by default through improved visibility, automation, guardrails, and guidance across AWS, Azure, GCP, and OCI environments. This helps enterprises reduce complexity, eliminate chaos, and minimize manual work so they can innovate faster with less risk.
Wherever they are on their cloud journey, Kion empowers organizations to confidently provision accounts, maintain financial control, and ensure compliance with security regulations. Kion serves leading commercial, higher education, and government agencies including Indeed, Verizon, NASA, and the Centers for Disease Control and Prevention (CDC).
For enterprise pricing, contact our team at info@kion.io .
Kion - Privileged Access Requirements
Kion is a cloud governance and management platform that requires privileged access to AWS accounts to provide comprehensive cloud resource management, compliance monitoring, and automated governance. The platform creates and manages cloud resources across multiple AWS accounts on behalf of organizations, which necessitates elevated permissions for proper operation.
| IAM Resource | Purpose | Security Justification |
|---|---|---|
| TaskRole | Primary cloud management execution role for Kion ECS tasks. Enables comprehensive AWS service integration, CloudFormation stack lifecycle management, and secure cross-account role assumption for multi-account cloud governance. | Required for Kion's core function as a cloud management platform. Manages infrastructure deployments, compliance scanning, and resource provisioning across customer AWS environments. |
| ExtractRoleNameLambdaExecutionRole | Lambda execution role for parsing and validating existing IAM role ARNs when customers provide pre-existing application roles instead of creating new ones. | Ensures secure integration with customer-managed IAM roles while maintaining proper access controls. This role is not created with greenfield deployments. |
| ECSTaskExecutionRole | Standard AWS ECS task execution role providing container lifecycle management, Amazon ECR image access, and CloudWatch logging capabilities for the Kion application containers. | Standard AWS service role with minimal permissions required for ECS container execution. |
| CreateSLRLambdaExecutionRole | Lambda execution role for creating AWS ECS service-linked roles required for ECS cluster and service operations. | Creates only AWS-managed service roles necessary for ECS functionality - cannot create custom roles. |
| DBMigrationTaskLambdaExecutionRole | Lambda execution role for database schema migrations and upgrades during Kion application deployments and version updates. | Required for maintaining database integrity during application lifecycle management. |
| EnvFileLambdaExecutionRole | Lambda execution role for securely managing encrypted environment configuration files stored in S3 buckets. | Handles secure configuration management with encryption for sensitive application settings. |
| EcsServiceRestartFunctionExecutionRole | Lambda execution role enabling automated ECS service restart functionality during maintenance windows and application updates. | Provides automated maintenance capabilities to ensure high availability during updates. |
| FederationUserPolicy | IAM policy enabling federated user management and access key lifecycle operations for users accessing managed AWS accounts through Kion. | Cloud Access Management: Kion manages user access to cloud resources across multiple accounts, requiring user and access key management capabilities for federated access. |
| HighSideManagedPolicy | Managed policy for high-security and air-gapped environments, providing controlled role assumption capabilities with additional security restrictions. | Designed for government and high-security environments with restricted cross-account access patterns. |
| ParameterStoreManagedPolicy | Managed policy providing secure access to specific AWS Systems Manager parameters containing encrypted database credentials and configuration values. | Secure credential management using AWS-native parameter store with encryption. |
| ECSExecManagedPolicy | Managed policy enabling AWS ECS Exec functionality for container debugging, troubleshooting, and maintenance operations. | Optional debugging capability - can be disabled in production environments if not needed. |
Highlights
- Identity & Account Management - Get greater visibility into your cloud resources and users. Spend less time provisioning, managing cloud access and accounts.
- FinOps - Align your budget to your organizational structure and projects. Prevent cost overruns with unique enforcement actions, and identify savings opportunities.
- Continuous Compliance - Automate compliance with robust, inheritable access policies. Take the manual effort out of ensuring adherence and restricting use of non-compliant services.
Details
Sold by
Delivery method
Supported services
Delivery option
Kion ECS Deployment
Latest version
Operating system
Linux
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Kion Platform Eval | Paid evaluation access to Kion Platform for one month (not for production use) | $4,500.00 |
Kion Private Offer | Kion Private Offer - Full product description included in Private Offers attached documentation | $30,000.00 |
Vendor refund policy
Please contact info@kion.io for more information.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Kion ECS Deployment
Supported services: Learn moreÂ
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Bug Fixes
- Fixed a bug where "Amortized - Attributed" and "Amortized - NotAttributed" spend would not deduct credits when selected in financial settings.
- Fixed a bug where dimensioning by tag in spend reports would result in a 500 error.
- Fixed a bug that prevented emailing a spend report filtered to "Last 12 Months".
Additional details
Usage instructions
Step 1. Register your Kion Support Account: https://tinyurl.com/kion-registerÂ
Step 2. Follow the Kion ECS Deployment guide here.
https://support.kion.io/hc/en-us/articles/25818192552589-AWS-ECS-Deployment-OverviewÂ
Container Marketplace installs should use the marketplace repository instead of the public ECR repository.
Resources
Vendor resources
Support
Vendor support
Kion offers both standard and premium support options. Premium support includes additional features such as regular health checks and training offerings. Customers can access our Kion Success Center at https://support.kion.io to view user documentation and create a support ticket.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Kion automates CloudOps with a single platform providing policy-based identity, FinOps, and compliance for multicloud infrastructure. Kion helps organizations achieve governance by default through improved visibility, automation, guardrails, and guidance across AWS, Azure, GCP, and OCI environments. This helps enterprises reduce complexity, eliminate chaos, and minimize manual work so they can innovate faster with less risk.
Crayon and Kion have teamed up to improve your cloud confidence by providing visibility and implementing the guardrails necessary to scale secure, compliant, and well-architected environments. Our joint service offerings combine Crayon’s expert consulting with Kion’s cutting-edge CloudOps platform to identify areas for cost savings, boost efficiency, and ensure compliance. Crayon and Kion provide financial insights and robust governance with tailored support that fits your needs, so your cloud journey is optimized for success.
Kion BYOL
By Kion
Kion automates CloudOps with a single platform providing policy-based identity, FinOps, and compliance for multicloud infrastructure. Kion helps organizations achieve governance by default through improved visibility, automation, guardrails, and guidance across AWS, Azure, GCP, and OCI environments. This helps enterprises reduce complexity, eliminate chaos, and minimize manual work so they can innovate faster with less risk.
Kion Professional Services
By Kion
Professional Services can be purchased in units and are billed once the unit has been completed. A single unit of consists of a NTE period of 5 business days (Monday through Friday), each business day consisting of 8 hours or less per day, performed by one or more individuals and can be used for design, implementation configuration, testing, training, troubleshooting and support of the product as required for the customer as defined in the statement of work accompanying the agreement.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.