MAP Mobilize should not start with more than five failed controls in Platform or Security. This 47-point readiness checklist (People, Platform, Security, FinOps) is the auditable artifact we attach to Assess-phase business cases—aligned to CAF 3.0 and the Migration Lens, not generic cloud maturity fluff.
Nine recurring program mistakes still show up in 2026 reviews—especially after AWS closed Migration Hub to new customers on November 7, 2025. Practical fixes tied to AMS (MGN), DMS, AWS Transform, Org/SCPs, FinOps bubble costs, and the Migration Lens checklist.
SOC 2 Type II certification proves your controls are effective over 6-12 months. This guide covers the compliance roadmap, AWS security controls, documentation requirements, and audit preparation for 2026 certification.
Amazon Bedrock Agents automate workflows by giving foundation models the ability to call tools (APIs, Lambda, databases). This guide covers building agents with tool definitions, testing in the console, handling errors, and scaling to production.
Amazon Bedrock Knowledge Bases automate the RAG (Retrieval-Augmented Generation) pipeline — semantic search, chunking, embedding, and context injection into Claude or other foundation models. This guide covers setup, data ingestion, cost optimization, and production patterns.
AWS Glue automates ETL (Extract, Transform, Load) workflows while Athena provides serverless SQL queries. This guide covers building a complete data pipeline: ingesting raw data, transforming it, and querying at scale without managing servers.
AWS WAF protects APIs from SQL injection, XSS, DDoS, and account takeover attacks. This guide covers advanced WAF rules, rate limiting, bot control, and production patterns for defending REST APIs and GraphQL endpoints.
Karpenter replaces Kubernetes Cluster Autoscaler with intelligent bin-packing and just-in-time node provisioning. This guide covers setup, consolidation, cost optimization, and production patterns for EKS clusters.
Blue/green deployments eliminate downtime by running two identical production environments. Traffic switches from blue (old) to green (new) instantly. This guide covers CodeDeploy automation, health check validation, and rollback strategies for zero-downtime releases on AWS ECS.
A solutions architect's build guide for HIPAA on AWS. KMS key strategy, VPC isolation, RDS/S3/Lambda configuration patterns, IaC controls, and continuous validation — code-level decisions, not policy templates.
Migrating a monolith from on-premises or EC2 to ECS Fargate enables containerization and serverless compute. This guide covers zero-downtime migration: deploying containers, gradual traffic shifting, and rollback strategies.
Amazon SageMaker automates ML training, but instance costs add up fast. This guide covers spot instances, instance selection, distributed training, and production patterns to reduce SageMaker costs by 50-70%.
