added services and ec2 deployment

aws/projects/adsd-centurion-1.0/README.md

@@ -30,8 +30,46 @@ are not used by the Centurion application.
 * adsd-centurion-dmz-prod-{ew,gov}
   * prod
 
+## Services/Connections for DMZ EC2 to consider
+
+1. EC2 deployment
+   * Service Catalog
+   * Ansible Automation Platform (AAP)
+1. RHEL Satellite
+   * from servers (all DMZ networks) to on-prem host sat-ecap2.csvd.census.gov
+   * ports TCP: 80, 443, 9090, 5647
+   * ports UDP: same (this is probably wrong, not setting it up)
+1. MS Defender
+   * This is all done through proxy so this should work as-is.
+1. MS ARC Agent
+   * This is all done through proxy so this should work as-is.
+   * Is it needed?
+1. BigFix
+   8 will need to reference on prem dmz
+1. Backups
+   * there are no netbackup servers in the AWS DMZ
+   * do not want to use on-prem backup serves in the DMZ to backup over network
+   * may be a good opportunity to explore AWS Backups for ec2, ebs, rds, s3
+1. Monitoring
+   * solarwinds is on prem dmz and can be made to have access if not already
+
+### EC2 deployment
+
+Work needs to be done by (mostly the) provisioning team in order to make AWS DMZ capabilities happen.
+
+1. Update ansible settings for AWS DMZ based on on-prem DMZ settings
+1. Update other ansible settings as appropriate
+1. Get service catalog shared to DMZ and updated accordingly
+
+### RHEL Satellite
+
+1. Satellite AWS DMZ to on-prem FW rules
+1. PrivateLink and NLB for AAP to allow connection to server from DMZ
+
+
 # CHANGELOG
 
 * 1.0.0 -- 2026-02-24
   - initial
   - identify account structure
+  - added services and ec2 deployment