AWS Architecture Blog

Category: Security, Identity, & Compliance

AWS Micro Frontend

Micro-frontend Architectures on AWS

A microservice architecture is characterized by independent services that are focused on a specific business function and maintained by small, self-contained teams. Microservice architectures are used frequently for web applications developed on AWS, and for good reason. They offer many well-known benefits such as development agility, technological freedom, targeted deployments, and more. Despite the popularity […]

ERGO Architecture

How ERGO Implemented an Event-driven Security Remediation Architecture on AWS

ERGO is one of the major insurance groups in Germany and Europe. Within the ERGO Group, ERGO Technology & Services S.A. (ET&S), a part of ET&SM holding, has competencies in digital transformation, know-how in creating and implementing complex IT systems with focus on the quality of solutions and a portfolio aligned with the entire value […]

AWS Control Tower Management account screenshot

Field Notes: Enroll Existing AWS Accounts into AWS Control Tower

Originally published on April 21, 2020 to the Field Notes blog and updated in August 2020 with new prechecks to the account enrollment script. Updated April 8, 2021 to reflect changes in the AWS Organizations service.  Last updated September 29, 2022: you can now enroll an existing account or register an organizational unit  from the […]

Sample post-merger AWS environment

Mergers and Acquisitions Readiness with the Well-Architected Framework

Companies looking for an acquisition or a successful exit through a merger, undergo a technical assessment as part of the due diligence process. While being a profitable business by itself can attract interest, running a disciplined IT department within your organization can make the acquisition more valuable. As an entity operating cloud workloads on AWS, […]

Figure 2 - Tagging Strategy

Field Notes: How FactSet Uses ‘microAccounts’ to Reduce Developer Friction and Maintain Security at Scale

This post was co-written by FactSet’s Cloud Infrastructure team, Gaurav Jain, Nathan Goodman, Geoff Wang, Daniel Cordes, Sunu Joseph and AWS Solution Architects, Amit Borulkar and Tarik Makota. FactSet considers developer self-service and DevOps essential for realizing cloud benefits.  As part of their cloud adoption journey, they wanted developers to have a frictionless infrastructure provisioning […]

Route 53 PHZs and Resolver Endpoints

Using Route 53 Private Hosted Zones for Cross-account Multi-region Architectures

This post was co-written by Anandprasanna Gaitonde, AWS Solutions Architect and John Bickle, Senior Technical Account Manager, AWS Enterprise Support Introduction Many AWS customers have internal business applications spread over multiple AWS accounts and on-premises to support different business units. In such environments, you may find a consistent view of DNS records and domain names […]

SIH: Emvironment in AWS Cloud-2

Fast and Cost-Effective Image Manipulation with Serverless Image Handler

As a modern company, you most likely have both a web-based and mobile app platform to provide content to customers who view it on a range of devices. This means you need to store multiple versions of images, depending on the device. The resulting image management can be a headache as it can be expensive […]

Field Notes: Automating Migration Requests for Reserved Instances and Savings Plans in Closed Accounts

Enterprise AWS customers are often managing many accounts under a payer account, and sometimes accounts are closed before Reserved Instances (RI) or Savings Plans (SP) are fully used. Manually tracking account closures and requesting RI and SP migration from the closed accounts can become complex and error prone. This blog post describes a solution for automating […]

Cow

The Satellite Ear Tag that is Changing Cattle Management

Most cattle are not raised in cities—they live on cattle stations, large open plains, and tracts of land largely unpopulated by humans. It’s hard to keep connected with the herd. Cattle don’t often carry their own mobile phones, and they don’t pay a mobile phone bill. Naturally, the areas in which cattle live, often do […]

WAF Solution Architecture

Field Notes: How to Identify and Block Fake Crawler Bots Using AWS WAF

In this blog post, we focus on how to identify fake bots using these AWS services: AWS WAF, Amazon Kinesis Data Firehose, Amazon S3 and AWS Lambda. We use fake Google/Bing bots to demonstrate, but the principles can be applied to other popular crawlers like Slurp Bot from Yahoo, DuckDuckBot from DuckDuckGo, Alexa crawler from […]