Integration & Automation

Category: Amazon EC2

Reduce security risks from IaC drift in multi-Region AWS deployments with Terraform

Are your infrastructure as code (IaC) Terraform deployments on the Amazon Web Services (AWS) Cloud protected against drift? IaC drift, which can leave your data and resources exposed to security risks, is especially difficult to track down and remove in an environment that spans multiple AWS accounts and AWS Regions. You can do it though, and in this post we show you how.

Collect custom metrics with Amazon CloudWatch strategic tagging

Learn how to use an Amazon CloudWatch agent to automate the collection of custom metrics for two Amazon EC2 instances. The solution is based on a tagging strategy combined with AWS Systems Manager State Manager to enforce specific CloudWatch agent configurations for EC2 instances that are tagged appropriately.

Securing your bastion hosts with Amazon EC2 Instance Connect

In this second post of a two-part series, learn how to enhance the security of your bastion hosts by using Amazon EC2 Instance Connect. With EC2 Instance Connect, you no longer have to associate a key pair to the instance, and you don’t need to permanently add user keys to authorized keys.