AWS Cloud Operations & Migrations Blog

Category: How-To

Building CIS hardened Golden Images and Pipelines with EC2 Image Builder

Until recently, customers had to navigate to the AWS Marketplace Console and search for a compatible Amazon Machine Image (AMI) product for your image pipeline. They also had to write their own custom components to harden the operating systems to meet Center for Internet Security (CIS) Benchmark guidelines. This required subscriptions to the CIS Benchmark […]

Manage EC2 Launch Templates at scale during rehost migrations with AWS MGN

Many customers rehost their environments to AWS using AWS Application Migration Service (MGN), and have to prepare future-state configuration for every server they are migrating within each migration wave. When a migration wave includes multiple servers, customers have to manually configure multiple EC2 Launch Templates in the AWS console. For each server migrated using AWS […]

Strategies for consolidating AWS environments

Organizations undergoing mergers and acquisitions (M&A) are looking for ways to simplify and standardize the governance of their AWS cloud environments. M&As can become complex as different IT departments between the acquirer and the acquiree attempt to merge and operate as a single entity. Customers are increasingly using multiple accounts within an organization built and […]

Service Notice – Upcoming changes required for AWS Config

On July 5, 2022, the AWS managed policy AWSConfigRole will be deprecated. This policy is being replaced by a more scoped-down policy, AWS_ConfigRole. The AWSConfigRole managed policy will continue working for all currently attached users, groups, and roles. However, after July 5, 2022, the AWSConfigRole managed policy can’t be attached to any new users, groups, […]

Use AWS License Manager API operations to manage your Oracle licenses based on Oracle cloud policy

Use AWS License Manager API operations to manage your Oracle licenses based on Oracle cloud policy

Learn with Shree on how to use AWS License Manager API operations to manage your Oracle licenses (for databases running on Amazon RDS for Oracle, Amazon EC2 and on-premises servers) based on Oracle cloud policy. Additionally, learn how to use the built-in integration of License Manager API operations with AWS CloudTrail to prepare for vendor audit.

Use AWS Lambda and Amazon QuickSight to Build a Dashboard for AWS Health Events in Organizational View

Centralized DevOps teams responsible for the operation of Amazon Web Services (AWS) resources across an organization want to have a consistent approach for receiving and visualizing notifications for AWS Health events. It’s challenging and time-consuming to collect this data from individual accounts through email notifications, by managing separate event data, or even by manually clicking […]

Automate FedRAMP controls in your AWS environment using AWS Config conformance packs

AWS Config has released a new sample conformance pack template to help customers meet the operational best practices for Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a U.S. government-wide program that delivers a standard approach to the security assessment, authorization, and continuous monitoring for cloud products and services. Conformance packs are a collection […]

Example Dashboard

View AWS Trusted Advisor recommendations at scale with AWS Organizations

Since 2014, AWS Trusted Advisor has been providing customers with visibility into an individual AWS account and providing recommendations based on known AWS best practices. Trusted Advisor makes recommendations to help customers achieve a better security posture, control their costs, optimize application performance, design better fault tolerance, and maintain control over their AWS service limits […]

Use Systems Manager Automation documents to manage instances and cut costs off-hours

Cut costs by minimizing infrastructure when it’s not under heavy use, for example turning off EC2 and RDS instances nights and weekends. In this post you will learn how to do this using Systems Manager Automation Documents, State Manager, and CloudWatch Events.

How to get notified on specific Lambda function error patterns using CloudWatch

This post demonstrates how to automate alert notifications for specific AWS Lambda function errors using an Amazon CloudWatch log subscription. CloudWatch Logs let you invoke a Lambda function when a log entry matches a pattern. Amazon CloudWatch alarms are used to notify when an error occurs with a Lambda function; this notification does not give […]