AWS Architecture Blog
Category: Management & Governance
Let’s Architect! Governance best practices
Governance plays a crucial role in AWS environments, as it ensures compliance, security, and operational efficiency. In this Let’s Architect!, we aim to provide valuable insights and best practices on how to configure governance appropriately within a company’s AWS infrastructure. By implementing these best practices, you can establish robust controls, enhance security, and maintain compliance, […]
Let’s Architect! Monitoring production systems at scale
“Everything fails, all the time” is a famous quote from Amazon’s Chief Technology Officer Werner Vogels. This means that software and distributed systems may eventually fail because something can always go wrong. We have to accept this and design our systems accordingly, test our software and services, and think about all the possible edge cases. […]
Continually assessing application resilience with AWS Resilience Hub and AWS CodePipeline
As customers commit to a DevOps mindset and embrace a nearly continuous integration/continuous delivery model to implement change with a higher velocity, assessing every change impact on an application resilience is key. This blog shows an architecture pattern for automating resiliency assessments as part of your CI/CD pipeline. Automatically running a resiliency assessment within CI/CD […]
Let’s Architect! Architecting for governance and management
As you develop next-generation cloud-native applications and modernize existing workloads by migrating to cloud, you need cloud teams that can govern centrally with policies for security, compliance, operations and spend management. In this edition of Let’s Architect!, we gather content to help software architects and tech leaders explore new ideas, case studies, and technical approaches […]
Migration updates announced at re:Invent 2021
re:Invent is a yearly event that offers learning and networking opportunities for the global cloud computing community. 2021 marks the launch of several new features in different areas of cloud services and migration. In this blog, we’ll cover some of the most important recent announcements. AWS Mainframe Modernization (Preview) Mainframe modernization has become a necessity […]
Field Notes: Monitor IBM Db2 for Errors Using Amazon CloudWatch and Send Notifications Using Amazon SNS
Monitoring a is crucial function to be able to detect any unanticipated or unknown access to your data in an IBM Db2 database running on AWS. You also need to monitor any specific errors which might have an impact on the system stability and get notified immediately in case such an event occurs. Depending on […]
Building Resilient Well-Architected Workloads Using AWS Resilience Hub
AWS Resilience Hub is a new service that helps you understand and improve the resiliency of your workloads using AWS Well-Architected best practices. As the lead for the Reliability Pillar of AWS Well-Architected, I am eager to share with you how you can use Resilience Hub to ensure your workload architecture is as reliable as […]
Field Notes: Clear Unused AWS SSO Mappings Automatically During AWS Control Tower Upgrades
Increasingly organizations are using AWS Control Tower to manage their multiple accounts as well as an external third-party identity source for their federation needs. Cloud architects who use these external identity sources, needed an automated way to clear the unused maps created by AWS Control Tower landing zone as part of the launch, or during […]
Field Notes: Extending the Baseline in AWS Control Tower to Accelerate the Transition from AWS Landing Zone
Caution: The solution covered in this blog post works on AWS Landing Zone 2.4.5 and lower, and AWS Control Tower 2.9 and lower. To use it in higher versions, you need to use a separate IAM password policy template for IamPasswordPolicy baseline and change the deployment target to a management account for the EnableNotifications baseline […]