AWS Architecture Blog
Category: Security, Identity, & Compliance
Micro-frontend Architectures on AWS
A microservice architecture is characterized by independent services that are focused on a specific business function and maintained by small, self-contained teams. Microservice architectures are used frequently for web applications developed on AWS, and for good reason. They offer many well-known benefits such as development agility, technological freedom, targeted deployments, and more. Despite the popularity […]
How ERGO Implemented an Event-driven Security Remediation Architecture on AWS
ERGO is one of the major insurance groups in Germany and Europe. Within the ERGO Group, ERGO Technology & Services S.A. (ET&S), a part of ET&SM holding, has competencies in digital transformation, know-how in creating and implementing complex IT systems with focus on the quality of solutions and a portfolio aligned with the entire value […]
Field Notes: Enroll Existing AWS Accounts into AWS Control Tower
Originally published on April 21, 2020 to the Field Notes blog and updated in August 2020 with new prechecks to the account enrollment script. Updated April 8, 2021 to reflect changes in the AWS Organizations service. Last updated September 29, 2022: you can now enroll an existing account or register an organizational unit from the […]
Mergers and Acquisitions Readiness with the Well-Architected Framework
Companies looking for an acquisition or a successful exit through a merger, undergo a technical assessment as part of the due diligence process. While being a profitable business by itself can attract interest, running a disciplined IT department within your organization can make the acquisition more valuable. As an entity operating cloud workloads on AWS, […]
Field Notes: How FactSet Uses ‘microAccounts’ to Reduce Developer Friction and Maintain Security at Scale
This post was co-written by FactSet’s Cloud Infrastructure team, Gaurav Jain, Nathan Goodman, Geoff Wang, Daniel Cordes, Sunu Joseph and AWS Solution Architects, Amit Borulkar and Tarik Makota. FactSet considers developer self-service and DevOps essential for realizing cloud benefits. As part of their cloud adoption journey, they wanted developers to have a frictionless infrastructure provisioning […]
Using Route 53 Private Hosted Zones for Cross-account Multi-region Architectures
This post was co-written by Anandprasanna Gaitonde, AWS Solutions Architect and John Bickle, Senior Technical Account Manager, AWS Enterprise Support Introduction Many AWS customers have internal business applications spread over multiple AWS accounts and on-premises to support different business units. In such environments, you may find a consistent view of DNS records and domain names […]
Fast and Cost-Effective Image Manipulation with Serverless Image Handler
As a modern company, you most likely have both a web-based and mobile app platform to provide content to customers who view it on a range of devices. This means you need to store multiple versions of images, depending on the device. The resulting image management can be a headache as it can be expensive […]
Field Notes: Automating Migration Requests for Reserved Instances and Savings Plans in Closed Accounts
Enterprise AWS customers are often managing many accounts under a payer account, and sometimes accounts are closed before Reserved Instances (RI) or Savings Plans (SP) are fully used. Manually tracking account closures and requesting RI and SP migration from the closed accounts can become complex and error prone. This blog post describes a solution for automating […]
The Satellite Ear Tag that is Changing Cattle Management
Most cattle are not raised in cities—they live on cattle stations, large open plains, and tracts of land largely unpopulated by humans. It’s hard to keep connected with the herd. Cattle don’t often carry their own mobile phones, and they don’t pay a mobile phone bill. Naturally, the areas in which cattle live, often do […]
Field Notes: How to Identify and Block Fake Crawler Bots Using AWS WAF
In this blog post, we focus on how to identify fake bots using these AWS services: AWS WAF, Amazon Kinesis Data Firehose, Amazon S3 and AWS Lambda. We use fake Google/Bing bots to demonstrate, but the principles can be applied to other popular crawlers like Slurp Bot from Yahoo, DuckDuckBot from DuckDuckGo, Alexa crawler from […]