AWS Cloud Operations & Migrations Blog

Category: Advanced (300)

How to validate authentication using Amazon CloudWatch Synthetics – Part 2

In the second post of this two-part series, I will demonstrate how to utilize the Amazon CloudWatch Synthetics canary that uses the multiple HTTP endpoints blueprint in order to monitor an application requiring an authentication certificate. The first post Multi-step API monitoring using Amazon CloudWatch Synthetics provided steps to create an Amazon CloudWatch Synthetics script for executing a […]

Read More

Visualize application costs using AWS Service Catalog AppRegistry and Amazon QuickSight

In a previous blog post, we discussed how AWS Service Catalog AppRegistry lets you create a repository of your applications and associated resources. Then, you can define and manage your application metadata. This lets you understand the context of your applications and resources across your environments. This post will demonstrate how to utilize your application […]

Read More
Implement AWS resource tagging strategy using AWS Tag Policies and Service Control Policies (SCPs)

Implement AWS resource tagging strategy using AWS Tag Policies and Service Control Policies (SCPs)

AWS lets us assign metadata to the AWS resources in the form of tags. Each tag is a simple label consisting of a customer-defined key and a value that makes it easier to manage, search for, and filter AWS resources. Tagging can be an effective scaling mechanism for implementing cloud management and governance strategies. Tags […]

Read More

Policy-as-Code for Securing AWS and Third-Party Resource Types

This post was written by Scott Alexander and Kevin Formsma from Mphasis Stelligent. Every day, more developers are having lightbulb moments as they realize they can design and manage their infrastructure. It’s our responsibility, as practitioners of the DevOps mindset, to build systems that allow developers to move quickly and speed up the feedback loop […]

Read More
How to Deploy AWS Config Conformance Packs Using Terraform

How to Deploy AWS Config Conformance Packs Using Terraform

This post demonstrates how to enable AWS Config and deploy a sample AWS Config Conformance pack using HashiCorp’s Terraform. AWS Config provides configuration, compliance, and auditing features required for governing your resources and providing security posture assessment at scale. This service lets you create managed rules, which are predefined, customizable rules that AWS Config uses […]

Read More

Programmatically managing alternate contacts on member accounts with AWS Organizations

Today, we are making it easier for you to manage the alternate contacts (billing, operations, and security) on your member accounts in AWS Organizations. You can now programmatically manage your account alternate contact information in addition to the existing experience in the AWS console. This launch ensures that the right individuals receive important AWS notifications […]

Read More

How to integrate Amazon Managed Service for Prometheus with Slack

Amazon Managed Service for Prometheus is a serverless Prometheus-compatible monitoring service for metrics to securely monitor container environments at scale. Amazon Managed Service for Prometheus lets you utilize open source Prometheus query language (PromQL) to monitor containerized workload performance without having to manage the underlying infrastructure required for the ingestion, storage, alerting, and querying of […]

Read More

Using Amazon Managed Service for Prometheus Alert Manager to receive alerts with PagerDuty

Many customers using Amazon Managed Service for Prometheus are transitioning from their self-managed Prometheus systems to the fully managed service. Within this transition journey, Amazon Managed Service for Prometheus users need ways to migrate their existing Prometheus and Alert Manager configurations. PagerDuty is a receiver used by many customers to route alerts to their internal […]

Read More

Using AWS X-Ray and AWS Application Cost Profiler to track tenant cost of shared AWS Infrastructure

In our last blog post, we introduced AWS Application Cost Profiler (ACP), where we discussed this new service that allows customers, running multi-tenant applications, to receive granular cost breakdowns of shared AWS resources across their tenants. AWS Application Cost Profiler provides customers, especially SaaS ISVs, with a standard mechanism to correlate and report their infrastructure […]

Read More

Using CloudTrail data events with Athena and CloudWatch to create an audit trail for DynamoDB tables events

Highly regulated industries must maintain an audit trail of events at various levels to meet regulatory and industry compliance requirements. Data events provide visibility into the resource operations performed on or in a resource, including object-level API activities such as delete, update, and put items. You can use AWS CloudTrail to create an audit trail […]

Read More