AWS Management & Governance Blog

Category: Advanced (300)

How to set up automatic failover for AWS OpsWorks for Chef Automate

Creating a resilient configuration management system comes with a variety of challenges. The goal of this post is to solve an important component of this: failing over to a standby AWS OpsWorks for Chef Automate server when a primary server is unavailable. With the procedure described in this post, if the main OpsWorks for Chef […]

Read More

Controlling your AWS costs by deleting unused Amazon EBS volumes

Customers across industries and verticals consider cost management as one of their top priorities. Limited visibility into a volume’s lifecycle can result in costs for unutilized resources. AWS builds cost-management products to access, organize, understand, control, and optimize costs on AWS. Unused and overlooked Amazon EBS volumes contribute to AWS costs. The lifecycle of EBS […]

Read More

How to Detect and Mitigate Guardrail Violation with AWS Control Tower

Many companies that I work with would like to innovate fast in the cloud by adopting a self-service infrastructure provisioning model in a multi-account environment. However, maintaining security and governance in such a model is an organizational challenge. Without structured guardrails and baseline configuration enforcement, troubleshooting and mitigating risk can be cumbersome. AWS Control Tower […]

Read More

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More

How to self-service manage AWS Auto Scaling groups and Amazon Redshift with AWS Service Catalog Service Actions

Some of the customers I work with provide AWS Service Catalog products to their end-users to enable self-service for launching and managing Amazon Redshift, EMR clusters or web applications at scale using AWS Auto Scaling groups. These end-users would like the ability to self-manage these resources, for example, be able to take a snapshot of […]

Read More

Introducing Amazon CloudWatch Container Insights for Amazon ECS

Amazon Elastic Container Service (Amazon ECS) lets you monitor resources using Amazon CloudWatch, a service that provides metrics for CPU and memory reservation and cluster and services utilization. In the past, you had to enable custom monitoring of services and tasks. Now, you can monitor, troubleshoot, and set alarms for all your Amazon ECS resources using […]

Read More

Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB

Introduction Many AWS customers either integrate ServiceNow into their existing AWS services or set up both ServiceNow and AWS services for simultaneous use. One challenge in this use case is the need to update your configuration management database (CMDB) when a new spin-up instance appears in AWS. This post demonstrates how to integrate AWS Config […]

Read More

Creating and hydrating self-service data lakes with AWS Service Catalog

Organizations are evolving IT processes to include data lakes and supporting services. Your organization might start by looking to extend the self-service portals you built using AWS Service Catalog to create data lakes as well. A self-service portal lets users vend required AWS resources within the guardrails defined by your cloud center of excellence (CCOE) […]

Read More

Analyzing Amazon VPC Flow Log data with support for Amazon S3 as a destination

In a world of highly distributed applications and increasingly bespoke architectures, data monitoring tools help DevOps engineers stay abreast of ongoing system problems. This post focuses on one such feature: Amazon VPC Flow Logs. In this post, I explain how you can deliver flow log data to Amazon S3 and then use Amazon Athena to […]

Read More

Automating life-cycle management for ephemeral resources using AWS Service Catalog

Enterprises deploy AWS resources and services daily to support different business objectives. For example: A data scientist might like to create an EMR cluster for a job that should not take longer than one week. A sales engineer needs a demo environment for two days. A marketing application owner wants a marketing application to run […]

Read More