AWS Management & Governance Blog

Category: AWS Lambda

AWS AppConfig Lambda Extension

Deploying application configuration to serverless: introducing the AWS AppConfig Lambda extension

At AWS, we feel strongly that separating application configuration from application code is a best practice. Being able to deploy configuration independently from code makes it possible to build services like Service Quotas and launch new services and features right as we announce them. If we didn’t separate these, even a simple configuration change would […]

Read More

Automating Amazon CloudWatch Alarms with AWS Systems Manager

Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, Site Reliability Engineers (SRE), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. Are you looking for an automated way […]

Read More

Instantly monitor serverless applications with AWS Resource Groups

Serverless computing allows you to build and run applications without thinking about servers. Building serverless applications means that your developers can focus on their core product instead of worrying about managing and operating servers. This reduced overhead lets developers reclaim time and energy that can be spent on developing great products that scale and are reliable. […]

Read More

Automating Service Limit Increases and Enterprise Support with AWS Control Tower

In this post, we show how you can use Account Factory in AWS Control Tower to provision new accounts that are ready for your teams to use. We demonstrate how you can use AWS Control Tower lifecycle events to automatically request regional service quota limit increases and enrollment in AWS Enterprise Support using the respective […]

Read More
CloudWatch Alarm with SNS and Lambda trigger

Alarms, incident management, and remediation in the cloud with Amazon CloudWatch

Application workloads being built for the cloud are getting easier to deploy with tools like Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS and AWS Fargate), infrastructure as code (IaC), and full-scale DevSecOps pipelines. But there’s more to migrating workloads than ease of development and deployment: application workloads still need […]

Read More
New architecture used by FireEye using EMF log format

Lowering costs and focusing on our customers with Amazon CloudWatch embedded custom metrics

Amazon CloudWatch provides a mechanism to publish metrics through logs using a format called Embedded Metric Format (EMF). You can use this to ingest complex application metric data to CloudWatch along with other log data. Although you can use this feature in all environments, it’s particularly useful in high-cardinality environments such as AWS Lambda functions […]

Read More
Solution architecture for Batch account creation using AWS Control Tower

How to automate the creation of multiple accounts in AWS Control Tower

Many customers that we work with are creating and provisioning new accounts using AWS Control Tower. AWS Control Tower is an AWS managed service that automates the creation of a well-architected multi-account AWS environment. AWS Control Tower’s Account Factory is currently a single-threaded process, and customers must allow for the current account creation process to […]

Read More

Automate account creation and resource provisioning for AWS GovCloud(US), using AWS Service Catalog, AWS Organizations, and AWS Lambda

Public and private sector customers are now often working to automate their account creation and operations into the AWS GovCloud (US) Regions. These customers use the AWS GovCloud (US) Regions to access FedRamp certified services and ITAR-governed datasets for multiple accounts. Managing this type of multi-account enterprise footprint with AWS Organizations helps reduce operational costs […]

Read More
Event-based notifications AWS Service Catalog

Creating event-based notifications and remediation in AWS Service Catalog using AWS Config

AWS Service Catalog allows organizations to quickly let their users deploy approved IT services to organize, govern, and provision cloud resources on AWS. However, users launching multiple instances can cause issues because: Some instances are not always active. The lack of limits on the number of active instances can result in an organization’s costs going […]

Read More

Duplicating infrastructure on AWS

In large enterprise organizations, it’s challenging to maintain standardization across environments. This is especially true if these environments are provisioned in a self-service manner—and even more so when new users access these provisioning services. Once you have the resources deployed into an environment, it can be hard, or even impossible, to change it. In case […]

Read More