AWS Architecture Blog

Category: AWS Identity and Access Management (IAM)

Figure 1. App2Container scaling architecture overview

Migrate your Applications to Containers at Scale

AWS App2Container is a command line tool that you can install on a server to automate the containerization of applications. This simplifies the process of migrating a single server to containers. But if you have a fleet of servers, the process of migrating all of them could be quite time-consuming. In this situation, you can […]

Multi-account hierarchy

Journey to Adopt Cloud-Native Architecture Series: #4 – Governing Security at Scale and IAM Baselining

In Part 3 of this series, Improved Resiliency and Standardized Observability, we talked about design patterns that you can adopt to improve resiliency, achieve minimum business continuity, and scale applications with lengthy transactions (more than 3 minutes). As a refresher from previous blogs in this series, our example ecommerce company’s “Shoppers” application runs in the cloud. […]

Figure 3. Multi-VPC centralized architecture

Choosing Your VPC Endpoint Strategy for Amazon S3

This post was co-written with Anusha Dharmalingam, former AWS Solutions Architect. Must your Amazon Web Services (AWS) application connect to Amazon Simple Storage Service (Amazon S3) buckets? Must the connection scale to accommodate bandwidth demands? AWS offers a mechanism called VPC endpoint to meet these requirements. This blog post provides guidance for selecting the right […]

Authorization model for a micro-account

Field Notes: How FactSet Balances Developer Velocity with Governance using AWS IAM

This post was co-written by FactSet’s Cloud Infrastructure team, Gaurav Jain, Nathan Goodman, Geoff Wang, Daniel Cordes, Sunu Joseph and AWS Solution Architects, Amit Borulkar and Tarik Makota. At FactSet, their goal for cloud platform on AWS Cloud is to have high developer velocity alongside enterprise governance. They wanted application teams to have a frictionless […]

Hypergrowth architecture diagram

Journey to Adopt Cloud-Native Architecture Series: #1 – Preparing your Applications for Hypergrowth

In this blog series, we take an example ecommerce company and talk about their challenges due to hypergrowth. Their journey from running monolith applications to running cloud-native applications will provide you architecture patterns and strategies you can adopt to become more agile and innovative. Later in the series, we show you how to address immediate […]

Figure 2 - Tagging Strategy

Field Notes: How FactSet Uses ‘microAccounts’ to Reduce Developer Friction and Maintain Security at Scale

This post was co-written by FactSet’s Cloud Infrastructure team, Gaurav Jain, Nathan Goodman, Geoff Wang, Daniel Cordes, Sunu Joseph and AWS Solution Architects, Amit Borulkar and Tarik Makota. FactSet considers developer self-service and DevOps essential for realizing cloud benefits.  As part of their cloud adoption journey, they wanted developers to have a frictionless infrastructure provisioning […]

NextGen Healthcare logo

NextGen Healthcare: Build and Deployment Pipelines with AWS

Owen Zacharias, Vice President of Application Delivery at NextGen Healthcare, explains to AWS Solutions Architect Andrea Sabet how his company developed a series of build and deployment pipelines using native AWS services in the highly regulated healthcare sector. Learn how the following services can be used to build and deploy infrastructure and application code: AWS […]

Well-Architected Tool

Five Talent Collaborates with Customers Using the AWS Well-Architected Tool

Since its launch at re:Invent 2018, the AWS Well-Architected Tool (AWS WA Tool) has provided a consistent process for documenting and measuring architecture workloads using the best practices from the AWS Well-Architected Framework. However, sharing workload reports for collaborative work experience was time consuming. The new workload sharing feature solves these issues by offering a […]

Stream Amazon CloudWatch Logs to a Centralized Account for Audit and Analysis

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Note: This blog post was updated June 6, 2019. A key component of enterprise multi-account environments is logging. Centralized logging provides a single point of access to all salient logs generated across accounts and regions, and is critical for auditing, […]