AWS Management & Governance Blog

Category: How-To

Implementing Serverless Transit Network Orchestrator (STNO) in AWS Control Tower

Introduction Many of the customers that we have worked with are using advanced network architectures in AWS for multi-VPC and multi-account architectures. Placing workloads into separate Amazon Virtual Private Clouds (VPCs) has several advantages, chief among them isolating sensitive workloads and allowing teams to innovate without fear of impacting other systems. Many companies are taking […]

Read More

Deploy AWS Config Rules and Conformance Packs using a delegated admin

AWS Config Rules allow customers to evaluate the configuration of resources against best practices and perform remediation when specified configuration policies are not being followed. Using AWS Config Conformance Packs, customers can create a collection of AWS Config rules and remediation actions in a single pack that can be deployed across AWS Organizations. This provides […]

Read More

Manage custom AWS Config rules with remediations using conformance packs

Different organizations have different compliance and security requirements for their resources and accounts. AWS Config makes it easier for customers to implement these controls. While AWS Config offers customers a wide selection of managed AWS Config rules that help them comply with their requirements, there are customers who require more customized control and can take […]

Read More

Duplicating infrastructure on AWS

In large enterprise organizations, it’s challenging to maintain standardization across environments. This is especially true if these environments are provisioned in a self-service manner—and even more so when new users access these provisioning services. Once you have the resources deployed into an environment, it can be hard, or even impossible, to change it. In case […]

Read More

Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB

Introduction Many AWS customers either integrate ServiceNow into their existing AWS services or set up both ServiceNow and AWS services for simultaneous use. One challenge in this use case is the need to update your configuration management database (CMDB) when a new spin-up instance appears in AWS. This post demonstrates how to integrate AWS Config […]

Read More

Packaging to Distribution – Using AWS Systems Manager Distributor to deploy Datadog

AWS Systems Manager Distributor automates the process of packaging and publishing software to managed Windows and Linux instances across the cloud landscape, as well as to on-premises servers, through a single simplified interface. Customers can now leverage AWS Systems Manager Distributor to package custom software like monitoring agents and security agents, and then distribute them […]

Read More

Using AWS License Manager to track your Microsoft SQL Server licenses

AWS License Manager can manage any software licenses that are based on vCPU, physical cores, physical sockets, or number of instances. In this blog post, we’ll walk through a common use case of using AWS License Manager to help you manage your SQL Server licenses. Step 1: Launch License Manager You can access License Manager […]

Read More

Applying customizations automatically in AWS OpsWorks for Chef Automate

During mandatory maintenance, AWS OpsWorks for Chef Automate performs Chef Server and Chef Automate version, security, and operating system patching. Version updates for Chef go through extensive testing to verify they are production ready and don’t disrupt existing environments. When an instance is replaced, customers often ask how they can restore their custom settings in […]

Read More

How to setup and use AWS OpsWorks for Chef Automate or Puppet Enterprise in an isolated subnet

Introduction For enhanced security, it’s often preferable to place resources in AWS within a subnet with no internet access. Recently, AWS expanded the number of services supported by interface VPC endpoints within the AWS ecosystem, so it’s now easier than ever to run AWS OpsWorks for Chef Automate or AWS OpsWorks for Puppet Enterprise within […]

Read More

Recovering AWS CloudFormation stacks using ContinueUpdateRollback

AWS CloudFormation treats a stack as a collection of AWS resources that customers can manage as a single unit. After you launch a stack, you can use the AWS CloudFormation console, API, or AWS CLI to update resources in your stacks. You should not make any changes to stack resources outside of CloudFormation. This is […]

Read More