AWS Cloud Operations & Migrations Blog

Deploy and Customize AWS accounts using Account Factory for Terraform in AWS Control Tower

Customers use AWS Control Tower Account Factory to create a new AWS account or enroll existing AWS accounts in their AWS Organizations. Customers launch Account Factory from the AWS Control Tower console or via AWS Service Catalog API. We hear from customers that they want to manage their AWS accounts in the same way that […]

Read More

Use AWS Systems Manager Automation to create input parameters that populate AWS resources as a dropdown list

As a Solution Architect at AWS, my customers regularly ask how to automate everyday operations within their cloud environment. Their use cases include a variety of operational needs, such as provisioning new resources within an AWS account, and patching/updating managed Amazon Elastic Compute Cloud (Amazon EC2) instances. They are also focused on cost management with […]

Read More

Customize AWS Config resource tracking in AWS Control Tower environment

Some of our largest customers use AWS Control Tower to govern and secure their multi-account AWS environment. AWS Control Tower implements security best practices like enabling AWS Config during account enrollment, which monitors all supported AWS resources. We heard from some of our customers that this configuration records the activity of specific resources that aren’t […]

Read More

How to use Resiliency Hub’s Fault Injection Experiments to test application’s resilience

In this post, you’ll learn how to utilize AWS Fault Injection Simulator (AWS FIS) and AWS Resiliency Hub to refactor a simple serverless application. Resilience Hub lets you define, validate, and track the resiliency of your AWS application. Resilience Hub integrates with AWS FIS, a chaos engineering service, to provide fault-injection simulations of real-world failures. These […]

Read More

Viewing Amazon CloudWatch metrics with Amazon Managed Service for Prometheus and Amazon Managed Grafana

Monitoring AWS services comprising of a customer workload with Amazon CloudWatch is important for resiliency of a workload. Customers can bring their CloudWatch data alongside their existing Prometheus data sources to improve their ability to join or query across for a holistic view of their systems. The Amazon Managed Service for Prometheus is a serverless […]

Read More

Governance Patterns to Manage Private Workloads through Cloud Operations Services

Introduction For enterprises, one of the larger obstacles when adopting and migrating to the cloud is how to establish a well-thought-out cloud governance model to meet internal or regulatory compliance requirements. One common inhibitor in the field is that enterprises seek to come up with a one-size-fits-all approach to cloud governance for all workloads. We […]

Read More

A self-service patching solution for multi-account organizations

Patch Management is a critical operation that every organization wants to prioritize. This becomes tedious and challenging if an enterprise operates on a platform-consumer or hub-spoke model. An example of this would be a multi-account environment with hundreds of accounts and thousands of users using applications hosted in AWS. Different application owners have different requirements […]

Read More

Validating and Improving the RTO and RPO Using AWS Resilience Hub

“Everything fails, all the time”, a famous quote from Werner Vogels, VP and CTO of Amazon.com. When you design and build an application, a typical goal is to have it working, the next is to keep it running, no matter what disruptions may occur. It is crucial to achieve resiliency, but you need to consider […]

Read More

Procuring software on AWS Marketplace for customers in regulated spaces

Customers operating in highly-regulated spaces often tell us about the compliance challenges that they face when procuring commercial software in the cloud. This is especially true for federal customers subject to the GSA Schedule , or state and local customers operating under NASPO Value Point. Procurements in this space often require negotiated purchasing agreements and […]

Read More

Using Amazon CloudWatch dashboards custom widgets

Many of our customers use Amazon CloudWatch dashboards but have additional use cases that would benefit from the ability to include custom datasets in their existing dashboards. Custom widgets let you create your own visualizations or datasets, share them with other teams, provide input or parameters to your widget, and adjust the time scoped on […]

Read More