AWS Management & Governance Blog

Category: Learning Levels

Control developer account costs with AWS CloudFormation and AWS Budgets

Often when working with customers, we guide them by using AWS Budgets and related tools in the AWS platform in order to create cost and utilization guardrails. These tools can be used to conduct advanced, automated, and hands-free actions within your AWS environment – even across multiple accounts. This post will walk you through a […]

Read More

Visual monitoring of applications with Amazon CloudWatch Synthetics

Monitoring application endpoints is a reliable way to measure availability. This best practice can be extended by adding synthetic monitoring to your observability strategy. Synthetic monitoring lets you continually verify your customers’ experience by following the same routes and actions as your customers. You can create scripts or canaries that monitor things such as availability, […]

Read More

Automating account provisioning with CloudCheckr integration for Cloud Financial Management

AWS Organizations helps you centrally manage and govern your environment as you grow and scale your AWS resources. AWS Organizations lets you programmatically create new AWS accounts to allocate resources, group accounts to organize your workflows, apply policies to accounts or groups for governance, and simplify billing by utilizing a single payment method for every […]

Read More

Policy-as-Code for Securing AWS and Third-Party Resource Types

This post was written by Scott Alexander and Kevin Formsma from Mphasis Stelligent. Every day, more developers are having lightbulb moments as they realize they can design and manage their infrastructure. It’s our responsibility, as practitioners of the DevOps mindset, to build systems that allow developers to move quickly and speed up the feedback loop […]

Read More
How to Deploy AWS Config Conformance Packs Using Terraform

How to Deploy AWS Config Conformance Packs Using Terraform

This post demonstrates how to enable AWS Config and deploy a sample AWS Config Conformance pack using HashiCorp’s Terraform. AWS Config provides configuration, compliance, and auditing features required for governing your resources and providing security posture assessment at scale. This service lets you create managed rules, which are predefined, customizable rules that AWS Config uses […]

Read More

Programmatically managing alternate contacts on member accounts with AWS Organizations

Today, we are making it easier for you to manage the alternate contacts (billing, operations, and security) on your member accounts in AWS Organizations. You can now programmatically manage your account alternate contact information in addition to the existing experience in the AWS console. This launch ensures that the right individuals receive important AWS notifications […]

Read More

How to integrate Amazon Managed Service for Prometheus with Slack

Amazon Managed Service for Prometheus is a serverless Prometheus-compatible monitoring service for metrics to securely monitor container environments at scale. Amazon Managed Service for Prometheus lets you utilize open source Prometheus query language (PromQL) to monitor containerized workload performance without having to manage the underlying infrastructure required for the ingestion, storage, alerting, and querying of […]

Read More

Using Amazon Managed Service for Prometheus Alert Manager to receive alerts with PagerDuty

Many customers using Amazon Managed Service for Prometheus are transitioning from their self-managed Prometheus systems to the fully managed service. Within this transition journey, Amazon Managed Service for Prometheus users need ways to migrate their existing Prometheus and Alert Manager configurations. PagerDuty is a receiver used by many customers to route alerts to their internal […]

Read More

Using AWS X-Ray and AWS Application Cost Profiler to track tenant cost of shared AWS Infrastructure

In our last blog post, we introduced AWS Application Cost Profiler (ACP), where we discussed this new service that allows customers, running multi-tenant applications, to receive granular cost breakdowns of shared AWS resources across their tenants. AWS Application Cost Profiler provides customers, especially SaaS ISVs, with a standard mechanism to correlate and report their infrastructure […]

Read More
Migrating custom Landing Zone with RAM to AWS Control Tower

Migrating custom Landing Zone with RAM to AWS Control Tower

The AWS Landing Zone is a solution that helps customers accelerate the setting up of a secure, multi-account AWS environment based on AWS best practices. In June 2019, AWS launched AWS Control Tower. AWS Control Tower is a managed AWS service that automates the creation of a multi-account AWS environment based upon the AWS Well-Architected […]

Read More