Cloud Application Manager Service Guide

Updated: December 20, 2017


Product Description

Developer, operations and IT finance teams have different tools and priorities, which can sometimes lead to losing sight of the business benefits of different cloud platform options.

Cloud Application Manager allows organizations to do more with their clouds by driving collaboration between the spheres of influence within enterprise IT – Developers, IT Operations and Finance into a common team workspace, where they focus on modeling workloads, managing them through their lifecycle, and optimizing costs against each business initiatives.

From one interface, you can purchase and deploy Public Cloud services, as well as manage your Private Cloud deployments. The entire team can track the lifecycle costs of your cloud deployments, from one common interface. Our model-driven architecture can automatically configure, deploy, scale, or update new and existing applications. Users can leverage the experts at CenturyLink to monitor and manage the health and stability of your workloads.

The primary capabilities of Cloud Application Manager focus on:

  • Application Lifecycle Management: Model and manage workloads from build to deployment. Can be used against on-premises data centers, public cloud and service provider environments.
  • Managed Services Anywhere: Choose to have CenturyLink manage their workloads which includes monitoring, patching and remote administration.
  • Cloud Optimization & Analytics: Buy AWS and Azure services natively through CenturyLink to receive consolidated billing, spend optimization, utilization reporting, chargeback and more.

Product Editions

Cloud Application Manager is available in one of two commercial models – the Cloud Edition (SaaS) or the Data Center Edition (a virtual appliance that runs on-premises in the customer's data center or any other location including public cloud environments).

Features and Capabilities

Core Platform

Cloud Application Manager allows users to integrate with their existing Authentication systems. Cloud Application Manager support the following authentication mechanisms:

  • Google Authentication
  • GitHub Authentication
  • SAML
  • LDAP
  • User ID and Password

 
Once logged into Cloud Application Manager, users can seamlessly navigate between Application Lifecycle Management, Cloud Optimization and Analytics, Monitoring and Ticketing portal sites using single sign-on. Cloud Application Manager users can access the entire functionality via API as well as User Interface at cam.ctl.io. Users can create a permanent or a short- term authentication token that can be used to perform API calls.

Application Lifecycle Management
  • Application Lifecycle Management (ALM) provides a single interface for users to deploy and manage multiple environments across public and private cloud platforms
  • Allows users to use single sign-on to access public cloud provider’s management console.
  • Create a hierarchy of Organization, Cost Centers and Workspaces to organize resources to represent various internal environments, teams and departments.
  • Allows users to model applications using the ALM framework for configuration management and reusability and build cloud agnostic applications.
  • Allows users to leverage the cloud provider orchestration templates to deploy provider native services.
  • Identity and access management allows the sharing of workspaces, applications and cloud infrastructure across your organization.
  • Flexibility to deploy workloads on all major cloud infrastructures to meet business demands and organizational preferences.
  • Available via “Cloud” Edition (SaaS) or “Data Center” Edition (on-premises virtual appliance) – customer’s choice.
Managed Services Anywhere
  • Flexibility to invoke managed service per instance or application stack.
  • Monitoring (Watcher) provides insight into cloud workloads and services via integrated cloud provider performance data. Graphing and analysis of performance data including custom overlay across data sets and custom time periods are exposed through the Watcher UI.
  • Supplemented with CenturyLink’s managed services, custom policies monitoring cloud infrastructure, services and applications enable 24x7x365 response to performance anomalies by certified cloud engineers.
  • Remote Administration of cloud services via secure management appliance allows for immediate access to remote systems.
  • Secure virtual environment access via automated VPN connectivity through Management Appliance.
  • Secure VM access utilizing SSH key management (Linux) and AD synchronization (Windows).
  • Logging of all remote access and changes to virtual machines helps maintain compliance and speeds troubleshooting and remediation.
  • Operating System Support for RedHat Enterprise Linux 6 & 7, Windows 2008 R2 & 2012 R2 and AWS Linux.
  • Configuration, Optimization, Patching and Upgrades are offered through CenturyLink’s cloud certified engineers.
  • Cloud Provider Support for cloud provider issues from certified cloud engineer 24x7x265.
  • Ownership of incidents and issues related to cloud providers utilizing CenturyLink’s Enterprise Support agreements on the customer’s behalf.
Cloud Optimization & Analytics
AWS and Azure Resale
  • Customers can create new Microsoft Azure or AWS accounts using CenturyLink reseller partnership or transition their existing account(s) to CenturyLink.
  • Customers get the benefit of consolidated billing of customer’s cloud spend leveraging CenturyLink’s enterprise agreements and resell relationships with AWS and Azure.
  • Cloud Optimization & Analytics provides the following features through the Optimization module:
    • Best Practices checks include more than 350 automated checks evaluated against customer’s cloud provider accounts
      • Cost
      • Savings
      • Security
      • Utilization
    • Potential Monthly Savings, Idle Resources and Unused Resources.
    • Change Monitoring Reports that list all changes performed by Provider account.
    • IAM Admin User Reports.

Application Lifecycle Management (ALM)

The Application Lifecycle Management capability allows customers to model their infrastructure and applications in Cloud Application Manager once and deploy to any of the supported environments. Customers can choose to model their application in a cloud agnostic fashion or use one of the cloud provider’s native modeling templates like AWS Cloud Formation Template or Azure Resource Manager template. Once applications are deployed using the templates, customers can manage the lifecycle of the application, auto-scale the infrastructure, update/patch their applications without down-time and replicate them across environments.

Application Lifecycle Management also has a Continuous Integration and Continuous Deployment (CI/CD) plugin that can be configured to invoke policies in Cloud Application Manager and update their applications and infrastructure residing in the underlying provider platforms, on every code release. Customers can choose to use this functionality even without having to run the bill through Cloud Application Manager.

Auto-Discovery

The Auto-Discovery feature for instances running on AWS, Azure and CenturyLink Cloud infrastructure provider(s) enables visibility of resources that have been previously running. Once a provider is configured, Cloud Application Manger discovers all of the virtual machine instances in that environment and lists them for the user. At that time, a virtual machine instance can be selected and imported. Users register an existing instance so that the lifecycle can be managed within the Cloud Application Manager platform.


Managed Services Anywhere (MSA)

Managed Services Anywhere (MSA) allows customers the ability to delegate management of devices, applications and cloud environments with a click of a button to CenturyLink’s highly trained and experienced support teams. MSA provides tools and automation which allow our support teams to manage customers’ infrastructure, applications and cloud provider services on AWS, Azure, CenturyLink Cloud (CLC), CenturyLink Dedicated Cloud Compute (DCC) and CenturyLink Dedicated Cloud Compute Foundation (DCC-F). Customers can choose to have CenturyLink manage their workloads which includes monitoring, patching and remote administration. CenturyLink offers managed services for the operating system and white-labeled applications running on CenturyLink Cloud, AWS, Azure, CenturyLink DCC and CenturyLink DCC-F.

MSA is enabled within the Cloud Application Manager once a user delegates management to CenturyLink. The standard features of MSA includes deployment, configuration, administration, monitoring, maintenance and support for the CenturyLink-supported operating systems, applications and cloud provider native features. By selecting the MSA service, the customer agrees to a CenturyLink management appliance that is a managed server which runs within the environment being managed (CLC, AWS or Azure). There may be associated usage fees applied from the cloud provider of choice.

The table below describes the typical operational support definition. When the customer initiates a service request for tasks that are not described in the tables below, CenturyLink reserves the right to charge the customer on an hourly basis for a requested task. Please contact your CenturyLink account executive for service charge details.

Licensing

CenturyLink will provide support for the following license types for instances that are designated for MSA:

  • Customer-provided licenses used and modeled within Cloud Application Manager
  • Licenses provided by the native under-pinning cloud platforms – Azure and AWS

Available Platforms

The Managed Services Anywhere is available when a workload is deployed on the following platforms:

  • CenturyLink Cloud (CLC)
  • Dedicated Cloud Compute – Core (DCC)
  • Dedicated Cloud Compute – Foundation (DCC-F)
  • Microsoft Azure
  • Amazon Web Services (AWS)
Deployment
  • Operating system deployment verification and will confirm functionality post deployment.
  • Application deployment verification post deployment.
  • Anti-virus software and ongoing virus signature updates from the software vendor on Managed Windows servers running on CenturyLink Cloud.
Configuration Management
  • Confirm the initial install and basic functionality of the OS image based on platform and vendor recommended best-practices.
  • Perform configuration management on the managed device via Cloud Application Manager’s Remote Administration functionality.
  • Maintain version control of deployed VMs, application and services.
Monitoring and Alerting

The CenturyLink developed monitoring service (Watcher) enables host, service, and application monitoring of customer environments. The Watcher service utilizes an intelligent agent deployed to all managed VMs including the CenturyLink Management Appliances. Monitoring policies are centrally configured and maintained by CenturyLink certified cloud engineers.

CenturyLink’s Watcher uses both agent based and provider integrations to collect metrics and generate alerts.

  • Comprehensive monitoring policy is applied to all managed instances.
  • Configurable monitoring policies for defining alerts and trigger based notifications via service request.
  • Change Management integration for automated suppression of alerts during maintenance activities.
  • Watcher dashboard to view policies and alerts on all managed devices, applications and services.
  • Graphing of performance data for managed devices, applications and services enables historical trending and analysis to both managed service customers and operations staff.
  • Historical performance data retention is currently 14 days.
  • Graph data overlays to compose and compare disparate data sets in a single view.

Upon detection of any alerts, CenturyLink will immediately initiate automated or manual remediation through our 24x7x365 support desk. CenturyLink will retain primary notification and resolution responsibilities for all automated environment alerts. Where required, a Customer technical contact will be notified.

Remote Administration

CenturyLink provides 365x24x7 support to perform systems administration tasks on the customer’s behalf.

CenturyLink will maintain administrator-level access to all managed VM instances.

CenturyLink Management Appliance is deployed within customer’s cloud environment (AWS - VPC or Azure - Virtual Network)

  • Cloud provider charges for VM will be reflected on customer’s cloud provider bill.
  • CenturyLink Management Appliance is a managed server however CenturyLink MSA fees are waived for the Management Appliance.
  • Remote Gateway is deployed on the CenturyLink Management Appliance and a secure connection is established between customer network and CenturyLink to remotely access managed devices on the customer’s network.
  • This connection is monitored and maintained by CenturyLink.
  • In order to provide effective remote administration tasks for Windows Operating Systems, a trust is established between customer’s managed device and CenturyLink’s Active Directory domain hosted on the CenturyLink Management Appliance.

For public sector scenarios, CenturyLink has the ability ensure that US persons-only with restricted access are assigned to an account. This request needs to be made at the time of order and account setup. Contact your CenturyLink account exec for more details.

Maintenance and Support

CenturyLink provides access to live support for managed services (24 hours per day, 7 days per week, and 365 days per year) and will respond to notifications of service interruptions.

Patch and Update Management: With support available for all critical and vendor-recommended patches, CenturyLink ensures only such patches are installed. Customers have full control to define when and if CenturyLink should schedule their patching cycles. CenturyLink’s automated system tracks the change request, performs the patch management and provides reports.

Patch Releases: CenturyLink certifies, approves, bundles and delivers Service Packs, Cumulative Updates and Hotfixes for installation in Customer’s environment.

Amazon Web Services (AWS) and Microsoft Azure Patch Releases: CenturyLink delivers provider Service Packs, Cumulative Updates and Hotfixes for installation in Customer’s environment. Customers have full control to define when and if CenturyLink should schedule their patching cycles. CenturyLink’s automated systems tracks the change request, performs the patch management and provides reports.

Change Management: All changes to the operating systems are subject to CenturyLink’s change management process. This process ensures that work is reviewed for completeness (risk assessment, completed test procedure, metrics for measuring progress, back out procedure, etc.) and accuracy prior to scheduling and implementation.

Access is provided to operating system-level change data performed by CenturyLink personnel, along with robust ITIL-based internal change control. CenturyLink will perform changes on behalf of the customer on the defined instances and tracks all the changes for auditing purposes. Customer is responsible for contacting CenturyLink support and requesting the installation of patch releases.

Maintenance Windows: All times listed under Schedule Maintenance Windows are local times and subject to change. CenturyLink will use commercially reasonable efforts to perform routine maintenance only during off-peak maintenance windows.

Vendor Management

CenturyLink takes full responsibility for vendor licenses on CenturyLink Cloud (CLC), CenturyLink Dedicated Cloud Compute and CenturyLink DCC Foundation.

Access Management

CenturyLink takes full responsibility for the user policies, administration and password management enforcement of cloud provider accounts configured within Cloud Application Manager.

Security

CenturyLink secures the OS with industry-standard anti-virus protection, regular virus and malware signature updates, and additional OS-level hardening to mitigate risk on CenturyLink Cloud (CLC).

CenturyLink will also ensure that it is within the guidelines of various cloud providers.

Supported Operating Systems

  • Red Hat Enterprise (RHEL 6 or RHEL 7)
  • Microsoft Windows Server 2008 R2 (Standard, Enterprise and Datacenter)
  • Microsoft Windows Server 2012 R2 (Standard, Enterprise and Datacenter)*
  • Windows Server 2016 Datacenter*
  • Amazon AWS-Linux (deployed on AWS EC2)

* Managed services delivered by CenturyLink do not support the underlying Hyper-V virtualization host features of Windows Server 2012 Datacenter or Windows Server 2016 Datacenter. Hyper-V hosts that are provisioned up on the Windows 2012 R2 Datacenter or Windows 2016 Datacenter instance will not be monitored or supported under standard CenturyLink’s Managed Services Anywhere services. Contact your sales team to discuss alternatives for support of Windows Hyper-V host implementations.

Managed Applications

  • MS SQL (2008, 2012, 2014)
  • Microsoft IIS
  • Tomcat
  • Apache

Cloud Optimization & Analytics

Cloud optimization reduces overhead cost via automation while centralizing billing across public cloud platforms. CenturyLink is an authorized Reseller of Amazon Web Services (AWS) and Microsoft Azure (Azure). For customers who procure AWS and Azure through CenturyLink, CenturyLink provides consolidated billing, cost optimization, spend analytics, chargeback and best practice recommendations.

Consolidated Billing

CenturyLink provides Consolidated Billing of Amazon Web Services (AWS) and Microsoft Azure (Azure) services for customers who bought those services from CenturyLink.

Platform Support

CenturyLink provides Platform Support on Amazon Web Services and Microsoft Azure for customers who bought those services from CenturyLink. The scope of the Cloud Application Manager Platform Support model can be found here.

Optimization & Analytics

Cloud Application Manager Customers who bought Amazon Web Services through CenturyLink can use the Optimization and Analytics service. As part of Optimization and Analytics service, customers get the following reports on their AWS accounts.

  • Potential Monthly Savings, Idle Resources and Unused Resources.
  • Best Practices across Availability, Cost, Security and Usage.
  • Change Monitoring – List of all the changes performed within customer’s AWS account.
  • IAM Admin User List

Amazon Web Services

Cloud Application Manager customers can migrate their existing AWS accounts to CenturyLink or setup new AWS accounts. Customers can add a new “Provider” and select Amazon Web Services as the provider type. Customers are then presented with three different options:

  1. “Use an existing AWS customer account”
  2. "Migrate my account to CenturyLink for consolidated billing and Platform Support” and
  3. “Create a new AWS account for consolidated billing and Platform Support”

Once customers choose to migrate an existing account (option “2”) or create a new account (option “3”), customers will be presented with AWS Reseller Terms and Conditions. After accepting the Terms and Conditions, the customer’s existing account is migrated or a new account is created based on the selected option.

Additionally, customers who choose to migrate an existing account (option “2”) are required to be fully hardened per the CenturyLink guidelines. This level of service also includes consolidated billing, cost analytics, account security configurations, platform support and operational access for CenturyLink experts.

Customers who select option "3" will always receive full hardening, described above.

Once the AWS account is configured and setup, customers can then deploy infrastructure and manage their applications and infrastructure using the Application Lifecycle Management module within Cloud Application Manager.

Account Security Configurations

Fully hardened, customer AWS accounts created within or migrated into CenturyLink’s reseller program must comply with security best practices and allow operational access. When accounts are created or on-boarded, CenturyLink must initially be given programmatic access to accounts to enable security-related configuration and to permit appropriately-permissioned, CenturyLink employee access. Any credentials provided by the customer to CenturyLink for this purpose will be deleted by CenturyLink after account creation or onboarding. The following steps will be taken during onboarding:

  • Confirm or set up data storage for security event monitoring. Ensure or establish correct AWS support plan.
  • Create IAM policies and roles for CenturyLink Operations, Service Management, and Development staff.
  • Create IAM policies roles for Application Lifecycle Management and Cost Optimization.
  • Ensure or set up password policy.
  • Ensure or Enable root-account MFA access.
  • Set up Account Controls.
  • Enable audits of these configurations.

Customer-owned data about security events will be stored within the customer account and will be retained for the duration of the contract.

Per AWS recommendations, the customer access to cost and spend data via the account will be restricted. This data will be provided at no additional cost through Cloud Application Manager’s Cloud Optimization and Analytics module.

Operational Access

CenturyLink will take all the steps necessary to prevent unauthorized access to the customer’s account. Operations staff will have permission to review configurations within the account but will not have permission to add, change, or delete resources. Service Management staff will be enabled to act on the customer’s behalf as an administrator but will not do so unless specifically designated as a part of a Service Management agreement. CenturyLink development will maintain the ability to make changes to the account as best practices change or the configurations are in conflict with Customer’s business. CenturyLink will take all the necessary steps to ensure these roles are enabled continuously or until the end of the contract. Should the customer leave CenturyLink’s care, Customer will be able to remove these policies and roles. Customer will retain access to migrated accounts that existed prior to the migration.

Microsoft Azure

Cloud Application Manager customers can migrate their existing Azure accounts to CenturyLink or setup new Azure accounts. Customers can add a new “Provider” and select Microsoft Azure as the provider type. Customers are then presented with three different options:

  1. “Use an existing Azure customer account”
  2. "Migrate my account to CenturyLink for consolidated billing and Platform Support” and
  3. “Create a new Azure account for consolidated billing and Platform Support”

Once customers select between migrating an existing account (option “2”) or creating a new account (option “3”), they will be presented with Azure Reseller Terms and Conditions. After accepting the Terms and Conditions, the customer’s existing account is migrated or a new account is created based on the selected option.

Once the Azure account is configured and setup, customers can then deploy infrastructure and manage their applications and infrastructure using the Application Lifecycle Management module within Cloud Application Manager.

Operational Access

CenturyLink will take all the steps necessary to prevent unauthorized access to the customer’s account. In order to complete migration of existing Azure accounts to CenturyLink, Customer must give access to a CenturyLink user on their existing subscription(s) and provide that user the Owner role so that resources can be transferred. This is a meta-data change and causes no downtime and does not affect connectivity. Once the change has been made, CenturyLink Operations staff will have access to review configurations of the resources in the account and create tickets on the customer’s behalf. Customer will not be able to create tickets directly with Microsoft, but Microsoft may be able to reach out to Customer as a result of the ticket.


Billing

Cloud Application Manager usage will be a metered on an hourly consumption that is billed monthly. Each of the three primary services will be billed at varying rates rolled up under the Cloud Application Manager and consolidated on a single CenturyLink bill (including the Azure and AWS usage). The customer will contract with CenturyLink on a single schedule that covers each of the services below.

Platform
Virtual Appliance (Data Center Edition only)

Fixed charge per month for unlimited usage.

Application Lifecycle Management
(Cloud) Edition only)

Per hour per instance deployed on the Cloud Application Manager platform.

Managed Services Anywhere

Per hour per instance managed.

Cloud Optimization & Analytics for AWS

Based on usage. The most recent usage update from AWS is collected at 10am GMT on the last day of the month and an invoice is generated on the first day of the following month. The remaining usage between 10am GMT and Midnight GMT on the last day of the month is charged in arrears in the following month’s invoice.

Example: January usage is collected up to 10am GMT on Jan 31st and an invoice is generated on Feb 1. Charges for the last 14 hours of January 31st will appear on the March 1st invoice as arrears.

Cloud Optimization & Analytics for Azure

Based on usage. Microsoft Azure charges are billed in arrears.

Example: January usage is collected up to the end of the month but the charges appear on the March 1st invoice.


Onboarding Services

Cloud Application Manager Onboarding Services

The Cloud Application Manager Onboarding Services are designed to assist Customers with implementation and setup of services in Cloud Application Manager. There are two fee-based Onboarding packages to choose from: Cloud Application Manager Onboarding Standard and Cloud Application Manager Onboarding Advanced. These Onboarding Services are intended to help Customers through their initial usage period and will be initiated within 30 days of account activation and be completed as set out in the Service Guide, below.

Cloud Application Manager Onboarding: Standard

The Cloud Application Manager Onboarding Standard Service is best suited for Customers interested in Cloud Optimization and/or Managed Services Anywhere. Sessions include a kickoff, deep dive training, assisted configuration of customer space within Cloud Application Manager, Managed Services Anywhere hands-on work sessions, and suggested practices with a long-term support overview. The Cloud Application Manager Onboarding Service also includes up to five hours of assistance with either AWS or Azure IaaS workshops detailed below.

The IaaS Workshop shall not exceed a combined total of 5 hours or the assisted deployment quantities listed, whichever comes first. This will include services from one of the Cloud Service Providers via the native CSP portal and for the purposes of enabling customers to use the product.

The Cloud Application Manager Onboarding Standard Service is provided within 30 calendar days starting from the QuickStart kickoff date. Extensions can be considered on a case by case basis.

IaaS AWS Workshop Includes:
 

Assisting the customer with deployment and provisioning:

  • EC2 instances from existing Amazon Machine Images (AMI’s) (up to 4 instances)
  • 1 Custom VPC with 2 subnets, 2 NACLs, 2 security groups
  • 1 Elastic Load Balancer, 1 Auto Scaling group, 1 Launch Configuration
  • Databases (up to 2)
  • S3 buckets with lifecycle management policies (up to 2)
  • 2 IAM Users with AWS managed policies
  • 2 IAM Roles AWS managed policies
  • The Free Tier of AWS CloudWatch. Further details can be found here:
    • https://aws.amazon.com/cloudwatch/
    • https://aws.amazon.com/free/

The Service does not include:

  • Logging directly into VMs
  • Detailed cloud assessments and architecture design workshops
  • Creation and/or consulting on cloud formation templates
  • Deploying storage gateways on customer premise
  • Creating/Defining custom IAM roles and policies
  • Deploying Lambda, Kinesis, Mobile, Analytics, or other special services
  • Logging into databases and configuring
  • Features beyond what is included in the AWS CloudWatch Free Tier
  • Extending the customers Active Directory (we can provide overall guidance/process overview only)
  • Anything not explicitly listed in the “IaaS AWS Workshop includes” section above

IaaS Azure Workshop Includes:
 

Assisting the customer with deployment and provisioning:

  • Compute virtual machine instances from existing virtual machine images or web applications / worker roles (up to 4 instances)
  • 1 Custom VNET with 2 subnets and 2 network security groups
  • Site-to-site VPN or point-to-site VPN setup on Azure side (client side VPN setup not included)
  • Provisioning application insights with basic configuration for applications
  • Storage account setup (up to 2)
  • 1 load balancer (Microsoft), 1 availability set
  • 1 Database

The Service does not include:

  • Logging directly into VMs
  • Detailed cloud assessments and architecture design workshops
  • Creation and/or consulting on ARM templates
  • ExpressRoute configuration
  • Extending the customers Active Directory (we can provide overall guidance/process overview only)
  • Creating/Defining custom roles
  • Identity Management
  • Deploying Azure Functions, IOT, AI/Cognitive Services or other advanced platform services
  • Database configuration and management
  • Anything not explicitly listed in the “IaaS Azure Workshop includes” section above

Cloud Application Manager Onboarding: Advanced

The Cloud Application Manager Onboarding Advanced Service is targeted for customers who wish to use ALM. It includes everything in the standard onboarding, plus ALM hands-on work sessions. These ALM sessions include:

  • Assisted configuration/deployment of ALM – Application
  • Script and template boxes
  • Auto-discovery of existing instances, registration, and multi-cloud deployment guidance
  • Versioning and auto-updating box how tos
  • In-place editing/troubleshooting guidance of deployed instances
  • Review and guidance of deployment policy configuration with ALM
  • Assisted configuration of virtual appliance for data center customers

To order custom Onboarding Services specific to your organization, which may include onsite workshops/training, extended VM imports/builds etc., please contact your CenturyLink account executive.

The Cloud Application Manager Onboarding Advanced Service is provided within 60 calendar days starting from the QuickStart kickoff date. Extensions can be considered on a case by case basis.


Support

Support for the Cloud Application Manager is provided by CenturyLink Global Operations Center. Global Operations Center facilitates the appropriate team for support on the various services within the platform. Customers can engage CenturyLink Global Operations Center 365x24x7 via phone, email or by opening a ticket. Links are provided within the platform to connect directly with CenturyLink support.

The scope of the Cloud Application Manager Platform Support model can be found here.

Customers can use the following mechanisms to report or escalate issues to the CenturyLink Global Operations Center.

Email incident@CenturyLink.com Response: less than 6 hours
Phone United States: 1-888-638-6771
Canada: 1-866-296-5335
EMEA: 00800 72884743
Asia Pacific: +65 6768 8099
Response: 1-5 minutes
Ticket Cloud Application Manager portal Response: less than 1 hour

Cloud Application Manager provides easy access to customers to manage their interaction with CenturyLink Global Operations Center. Once logged into Cloud Application Manager, customers can launch the Support Center and view existing tickets or open new tickets. When opening a new ticket, the Support Center will navigate the user based on the selections.

CenturyLink Global Operations Center team members will log into the Cloud Application Manager using their credentials to manage customer services, handle support calls and troubleshoot issues.

Within Cloud Application Manager, CenturyLink’s Global Operations Center personnel will have access to the customers’ instances in the workspaces belonging to Customer organizations when authorized by the customer to help manage workloads, workspaces and cost centers. As part of initial setup, every customer organization within Cloud Application Manager is configured to add CenturyLink support group as an administrator within the Organization.

When a CenturyLink Operations team member looks up an instance for management activities, the following information is available about the instance:

  • Name
  • Description
  • Hostname (populated from the provider and shown in the instance page)
  • Provider
  • Provider Region (available if the provider supports it)
  • Provider Data Center
  • Provider Instance ID
  • Cloud Application Manager Instance ID (displayed as "ID")
  • IP Address (displayed in the EndPoints)
  • Operating System (named as Template)

Managed Services Anywhere (MSA) Operations Tasks

User Account Administration
(Local Accounts)
(add, deleted, change, disable, lock)
Sudo File Support (add/delete/update - user/group/services)
Network Administration Add/Delete/Change in static routes
Filesystem Support EXT4 & XFS
AWS S3 Bucket Mount Filesystem – s3fs
Filesystem Expansion Supported Filesystems Types: EXT4/ XFS
Shrinking File System All Filesystem types
Software RAID Support RAID1 (mirror volume)
OS Patching using Cloud Providers’ Supported Repos amzn-main.repo & amzn-updates.repo
RSYSLOG Configuration Configure basic remote logging options
NTP Service Client setup
NFS Service Client Setup / Mount the Amazon EFS File System
SAMBA Service Client Setup
Postfix Services Configure SMTP Relay

Appendix A – Service Policies and Governance

Customer Data

CenturyLink manages the various types of customer data according to the following practices.

Production data related to the applications and infrastructure

This type of data is not managed within the CenturyLink Cloud Application Manager as this platform serves solely as an orchestration engine. CenturyLink does not have access to the proprietary data what resides within the native platforms.

Scripts related to activities performed on the applications and infrastructures

This type of data is limited to the organizations and workspaces that are dedicated to the customer account. CenturyLink only accesses these environments when the customer requests support and/or Managed Services Anywhere. Once the service and/or accounts are terminated, the associated scripts are also terminated. CenturyLink does not continue to access or retain proprietary customer script information.

Customer ‘Personally Identifiable Information’ (PII) data

This type of data is managed in accordance with the confidentiality agreements within the Master Services Agreements or the CenturyLink Terms and Agreement (CTA). All customer name, address, phone number and account information follows this policy.

Log Retention

As a part of the Managed Services Anywhere and Platform Support for Cloud Application Manager, CenturyLink receives and analyzes customer logs as needed. Logs are managed according to the policies of the CenturyLink Global Operations Center. The details of the log policy can be found here.


Appendix B – Definitions

Break/Fix: Break/fix refers to the fee-for-service method of providing information technology repairs to businesses, in which a customer calls up a service provider to do an upgrade of a computer program, software product, computer, or a repair of something computer-related like a printer or drive array that is broken, the IT provider offers a solution or repair.

Cumulative Update: A grouping of Hotfixes or quick fix engineering updates that have not been fully regression tested by Microsoft but are designed to resolve specific issues with Microsoft SQL Server.

Domain Name System (DNS) Proxy: is a network system of servers that translates numeric IP addresses into readable, hierarchical Internet addresses, and vice versa

Hardened OS: Hardened OS means that all non-essential services and testing patched bundled in a standard operating system are disabled and functionality has been confirmed.

Hotfix: A hotfix or quick fix engineering update is a single cumulative package that includes information that is used to address a problem in a software product.

Hypertext Transfer Protocol (HTTP) Proxy: Provides port access to the Internet.

Major Release: Major Releases (X.y.z) are vehicles for delivering major and minor feature development and enhancements to existing features. They incorporate all applicable error corrections made in prior Major Releases, Minor Releases, and Patch Releases. Software Provider typically has one Major Release per year.

Minor Release: Minor Releases (x.Y.z) are vehicles for delivering minor feature developments, enhancements to existing features, and defect corrections. They incorporate all applicable error corrections made in prior Minor Releases, and Patch Releases.

Network Time Protocol (NTP) Service: Synchronize all server times to a common system time.

Patch Release: Patch Releases (x.y.Z) are vehicles for delivering security fixes, feature developments, enhancements to existing features, and defect corrections. They incorporate all applicable error corrections made in prior Patch Releases

Custom Patch Requirements: Customer selection of specific patches versus accepting all recommended patches, custom reporting to meet regulatory requirements versus standard reporting, variable patch schedule versus defined Maintenance Windows (see Definitions) and support for maintaining multiple patch levels versus having all patches applied (i.e. patches applied differ based on Production or Non-Production Environment).

Data Center: The facility in which the Systems are located. Managed Hosting: The set of CenturyLink managed server services that include Foundation Hosting, Intelligent Hosting and Utility Compute.

Release Management Team: CenturyLink operational team with primary responsibility for the patching and other maintenance activities performed on Managed Servers.

Systems: The computer equipment and software that is approved by CenturyLink and utilized by the customer in connection with the provision of Service by CenturyLink.