Skip to content

feat(readiness): Add shared AWS program library + Kevin's updated program catalog#68

Open
aritnag123 wants to merge 5 commits into
aws-samples:mainfrom
aritnag123:feat/update-program-library
Open

feat(readiness): Add shared AWS program library + Kevin's updated program catalog#68
aritnag123 wants to merge 5 commits into
aws-samples:mainfrom
aritnag123:feat/update-program-library

Conversation

@aritnag123

Copy link
Copy Markdown

Summary

This PR builds on PR #54 by @lusoal — it includes the original shared program library wiring into portfolio TDs AND integrates Kevin Shin's updated program catalog (Jun 15, 2026).

Supersedes #54 with additional program updates included.

What's included (from PR #54)

  • Shared AWS Program & GTM Library (references/program-library.md) wired into portfolio ARA Step 7 and portfolio MOD Step 9
  • Per-repo ARA/MOD pointer notes (programs are portfolio-level only)
  • HTML visual contracts updated with grouped rendering
  • README directory tree fix

What's new (Kevin's Jun 15 update)

  • New programs: MMA Workshop, AMA, ISV Tooling, Activate4GF, IW Programs, RDS Cost Assessment, DBC, DBOLA, AgentStorming Workshop, AWS AI League
  • Self-service resources: Connected Community, Skill Builder, Workshop Catalog with finding-based mapping table
  • Updated AI DLC with expanded signal patterns
  • Assessment overlap rule + EBA vs AML rule
  • Self-service alternative rule for SMB/startup customers
  • Total: 42 programs (Tier 1: 34, Tier 2: 8)

Test Results

Structural validation (7/7 pass):

  • ARA TD section references resolve ✅
  • JSON group schema matches (3 groups only) ✅
  • ARA vocabulary correct (profiles, dimensions) ✅
  • MOD vocabulary correct (7 pathways, score_rating) ✅
  • All programs referenced in TDs exist in library ✅
  • Selection rules aligned (cap 3-5, sequencing) ✅
  • File integrity clean ✅

Live execution (portfolio-mod-programs-test TD, us-east-1):

  • Input: 3 per-repo MOD reports (Netflix/eureka, ToolJet, conductor-oss)
  • 5 programs recommended from updated library ✅
    • Funded: AppMod PoC Funding, Well-Architected Review
    • Engagement: EBA, Immersion Days
    • GTM: AWS Skill Builder
  • Grouped correctly (Funded → Engagement → GTM) ✅
  • recommended_actions[] entries have group field ✅
  • Capped within 3-5 range ✅
  • No internal 1-4 scores exposed ✅
  • HTML artifact generated with grouped rendering ✅

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

lusoal and others added 2 commits June 10, 2026 11:08
Introduce a shared AWS Program & GTM Library as a reference file and wire
it into the two portfolio readiness Task Definitions so the analysis agent
can recommend relevant AWS programs in the "Next Steps" section of reports.

- Add readiness-analysis/references/program-library.md: 88 programs (35
  Tier 1 detailed incl. 3 ARA agentic anchors, 53 Tier 2 compact) with
  signal patterns, qualification criteria, prioritization, grouping, and
  status filtering. Aligns trigger vocabulary to actual ARA/MOD findings.
- Wire portfolio ARA Step 7 and portfolio MOD Step 9 to load the library;
  replace inline program catalogs with library references.
- Move AI DLC, AXE, and Innovation EBA out of the portfolio ARA TD into
  the library as ARA anchor programs.
- Group recommendations Funded -> Engagement -> GTM, cap at 3-5, and never
  expose the internal MOD 1-4 score.
- Update both portfolio HTML visual contracts to render the full grouped
  library set with a Group column.
- Add per-repo ARA/MOD pointer notes clarifying program recommendations
  are portfolio-level only; remove hardcoded program names from the
  per-repo ARA HTML contract.
- Fix stale portfolio TD filenames in the README directory tree and table.
Integrate Kevin Shin's updated program catalog (Jun 15, 2026) into the
shared AWS Program & GTM Library while maintaining compatibility with
the portfolio ARA and MOD Task Definition interfaces.

Changes from Kevin's update:
- Add new programs: MMA Workshop, AWS Modernization Assurance (AMA),
  AWS-Funded ISV Tooling, Activate4GF, IW Programs, RDS Cost Assessment,
  DBC, DBOLA, AgentStorming Workshop, AWS AI League
- Add self-service resources: Connected Community, Skill Builder,
  Workshop Catalog with finding-based mapping table
- Update AI DLC with expanded signal patterns and Kiro reference
- Add assessment overlap rule and EBA vs AML rule
- Add self-service alternative rule for SMB/startup customers

Adaptations for PR aws-samples#54 interface compatibility:
- Restructure from 4 groups to 3 (Funded Programs / Engagement Models /
  GTM Motions) matching JSON schema and HTML visual contracts
- Add back AXE and Innovation EBA as ARA anchor programs
- Maintain 'Agentic Enablement Programs (ARA Anchors)' section
- Add [ARA]/[MOD]/[ARA+MOD]/[ARA-anchor] tags to all programs
- Fix 'Significant Remediation Required' -> 'Remediation Required'
- Fix ARA dimension vocabulary (no Blocked/Needs Work in ARA signals)
- Maintain 'Mapping findings to triggers' vocabulary alignment section
- Add program status markers (Active/Retiring/Launching/Pilot)
- Expand Agent Reasoning Checklist to 14 items

Total programs indexed: 42 (Tier 1: 34, Tier 2: 8)

Tested (structural validation):
- [PASS] ARA TD section references resolve (ARA Anchors, Mapping, Agent Rules)
- [PASS] JSON group schema matches (3 groups only, no 4th group)
- [PASS] ARA vocabulary correct (profiles, dimensions, no Blocked/Needs Work)
- [PASS] MOD vocabulary correct (7 pathways, score_rating, no internal scores)
- [PASS] All programs referenced in both portfolio TDs exist in library
- [PASS] Selection rules aligned (cap 3-5, sequencing, Retiring exclusion)
- [PASS] File integrity (no merge conflicts, 494 lines, clean diff)

Tested (live execution — portfolio MOD, us-east-1):
- Input: 3 per-repo MOD reports (Netflix/eureka, ToolJet, conductor-oss)
- [PASS] 5 programs recommended from updated library:
    Funded: AppMod PoC Funding, Well-Architected Review
    Engagement: EBA, Immersion Days
    GTM: AWS Skill Builder
- [PASS] Grouped correctly (Funded Programs -> Engagement Models -> GTM Motions)
- [PASS] recommended_actions[] entries all have 'group' field
- [PASS] Capped within 3-5 range (exactly 5)
- [PASS] No internal MOD 1-4 scores exposed in programs section
- [PASS] New library programs surfaced (Immersion Days, Skill Builder, AppMod PoC)
- [PASS] HTML artifact generated (19KB) with grouped program rendering

Tested (live execution — portfolio ARA, us-east-1):
- Input: 3 per-repo ARA reports (Netflix/eureka, ToolJet, FlowiseAI/Flowise)
- [PASS] 4 programs recommended from updated library:
    Funded: AI Assessment Program
    Engagement: AI DLC, SHIP
    GTM: AWS Transform Custom
- [PASS] Grouped correctly (Funded Programs -> Engagement Models -> GTM Motions)
- [PASS] recommended_actions[] entries all have 'group' field
- [PASS] Capped within 3-5 range (exactly 4)
- [PASS] No internal scores exposed in programs section
- [PASS] ARA anchor program (AI DLC) triggered correctly
- [PASS] SHIP triggered from Auth dimension findings (correct vocabulary)
- [PASS] HTML artifact generated (15KB) with grouped program rendering
@aritnag123 aritnag123 force-pushed the feat/update-program-library branch from 5d46594 to b6e5a47 Compare June 30, 2026 14:17
Remove the 'GTM Motions' group from the program recommendation schema.
GTM motions are internal sales plays and should not appear in
customer-facing reports.

Changes:
- Reduce from 3 groups to 2: Funded Programs → Engagement Models
- Move self-service tools (AWS Transform Custom, Transform for Windows,
  Transform for SQL Server, RDS Cost Assessment) under 'Funded Programs'
  as they are customer-accessible entry points
- Remove GTM Motions HTML table templates from both portfolio TDs
- Update JSON schema: group ∈ {Funded Programs, Engagement Models}
- Update all rendering instructions and examples

The library now only surfaces programs customers can directly
engage with or request — no internal jargon.
SHIP (Security Health Improvement Program) is about AWS infrastructure
security posture (CloudTrail, encryption, GuardDuty, IAM policies),
not application-level authentication/authorization patterns.

ARA's 'Authentication & Authorization' dimension evaluates app-level
concerns (API keys, OAuth, RBAC, agent identity controls) which are
not what SHIP addresses.

Changes:
- Retag SHIP from [ARA] to [MOD] — it's infrastructure security
- Update signal pattern to trigger from MOD security findings
  (missing CloudTrail, no encryption at rest, no GuardDuty, etc.)
- Add explicit exclusion: 'application-level auth/authz only'
- Remove SHIP from ARA TD example programs list
@aritnag123 aritnag123 force-pushed the feat/update-program-library branch from 17ff554 to 41a26f7 Compare June 30, 2026 14:33
…er distinction

SHIP (Security Health Improvement Program) addresses infrastructure-layer
security (AWS service enablement) not application-layer agent readiness.

Key changes:
- Retag from [MOD] to [ARA+MOD] — SHIP CAN trigger from ARA findings,
  but only infrastructure ones (hardcoded creds, missing CloudTrail,
  no encryption, unmonitored network exposure)
- Add explicit exclusion: app-layer agent auth findings (machine identity,
  scoped permissions, identity suspension, on-behalf-of flows) should NOT
  trigger SHIP — those need code changes, not AWS service enablement
- Add 'Important distinction' note explaining the two layers
- Add 'Directly resolves' mapping (which findings → which SHIP use cases)
- Add 'Does NOT resolve' list with alternative recommendations
- Add 'Inline remediation note': for isolated findings like 'missing
  encryption', recommend the direct fix (enable KMS) in the remediation
  section first. Only recommend SHIP when multiple infrastructure security
  gaps suggest a systemic posture problem.
- Expand program details (9 use cases, time to value, no prerequisites)
@lusoal

lusoal commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

this LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants