Category: Integration & Automation

Backup compliance in AWS includes defining and enforcing backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. AWS Backup Audit Manager, a feature within the AWS Backup service, provides built-in compliance controls for these areas. […]

It is common for customers to have multiple teams creating infrastructure as code (IaC) templates (for example, by using AWS CloudFormation). Because there is duplication of the common resources used in these templates, you might understandably feel like you’re reinventing the wheel. By sharing these common definitions as CloudFormation modules, you can provide access to […]

AWS Control Tower helps customers put an orchestration layer on top of a multi-account strategy. When customers build applications, they often use separate accounts as part of a deployment pipeline so that they can validate changes before production. This best practice helps reduce blast radius should there be any issues with newer iterations. With AWS […]

The Three Lines Model developed by the Institute of Internal Auditors (IIA) helps organizations identify structures and processes to facilitate strong governance and risk management. In that model, the first-line function manages risk, the second-line function oversees risk and the third-line function provides objective and independent assurance of risk management. According to a Deloitte analysis […]

Companies and organizations are moving data and technology infrastructure to AWS to modernize their applications and gain access to cloud services. The move results in lower costs, increased productivity, and reduced downtime. Some customers are migrating data to Amazon Simple Storage Service (Amazon S3) to take advantage of AWS AI and ML services, while others […]

If you migrate your workloads to the cloud to modernize your applications or secure infrastructure and operations, you’ll find these migrations are increasingly performed with a DevOps methodology that incorporates continuous development, integration, and testing. It is always a best practice to incorporate security as code in your DevOps workflows to uncover security issues when […]

AWS CloudFormation allows you to create and manage resources with templates. AWS provides a number of Regions where its services and features are available. Although it can be beneficial to deploy the same AWS CloudFormation template in multiple Regions, customers who operate in multiple Regions face challenges due to parity differences among services and their […]

We often use AWS CloudFormation StackSets to automatically deploy infrastructure into many different accounts. Whether they are managed by AWS Control Tower or AWS Organizations, StackSets provide a simple and automated way to handle the creation of resources and infrastructure right after provisioning a new account. You can automatically deploy StackSets to accounts that belong […]

Session Manager is a fully managed AWS Systems Manager capability that you can use to manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, on-premises instances, and virtual machines (VMs) through an interactive one-click browser-based shell or through the AWS CLI. Session Manager also provides secure and auditable instance management without the need to open […]

Cut costs by minimizing infrastructure when it’s not under heavy use, for example turning off EC2 and RDS instances nights and weekends. In this post you will learn how to do this using Systems Manager Automation Documents, State Manager, and CloudWatch Events.