Author: Snehal Nahar

AWS CloudTrail tracks user and API activities across your AWS environments for governance and auditing purposes. Large enterprises typically use multiple AWS accounts, and many of those accounts might need access to a data lake managed by a single AWS account. By using Lake Formation integration with CloudTrail Lake, you can securely aggregate the data […]

AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and operational purposes. You can aggregate and immutably store your activity events, and run SQL-based queries for search and analysis. In Jan 2023, AWS announced the support of ingestion for activity events […]

AWS Config evaluates the configuration settings of your AWS resources. You do this by creating AWS Config rules, which represent your ideal configuration settings. AWS Config provides customizable, predefined rules called AWS Managed Rules to help you get started. While AWS Config continuously tracks the configuration changes that occur among your resources, it checks whether […]

In this post, we’ll walk you through the various best practices and recommendations for optimizing AWS Config costs. This also provides technical guidance for looking at the rules and the recorder, how to start deleting or removing rules that aren’t needed, and then editing the Settings of Config, specifically the “Resource types to record”, to […]

Back in November 2019, we announced AWS Config Conformance Packs, which is a collection of AWS Config rules and remediation actions that can be easily deployed as a single entity in an account and a region or across an organization in AWS Organizations. Conformance Packs have helped AWS customers to manage and enforce compliance of […]

To comply with regulatory standards and follow security best practices, organizations have told us that they want to ensure they have disabled older versions of Transport Layer Security (TLS), such as TLS 1.0 and 1.1, and only use modern TLS 1.2 and 1.3. When connecting to AWS API endpoints, your client software negotiates its preferred TLS version, […]

Microsoft SCCM (System Center Configuration Manager) enables the management, deployment, and security of devices and applications. Compliance settings in Configuration Manager lets you manage configuration and compliance in your organization. As customers migrate their traditional workloads, they’re also looking for an AWS native solution that provides the flexibility to manage compliance and configuration management on […]

AWS Systems Manager Change Manager, a capability of AWS Systems Manager, is an enterprise change management framework for requesting, approving, implementing, and reporting on operational changes to your application configuration and infrastructure. With Change Manager, you can use preapproved change templates to help automate change processes for your resources and help avoid unintentional results when […]

AWS CloudTrail can be used for security, monitoring restricted API calls, notification of threshold breaches, operational issues, filtering mechanisms for isolating data, faster root cause identification, and speedy resolution. CloudTrail can also be used for various compliance and governance controls, by helping you achieve compliance by logging API calls and changes to resources. Event selectors […]