AWS Management & Governance Blog

Category: Advanced (300)

Systems Manager Quick Setup Organization feature

Manage instances using AWS Systems Manager Quick Setup across AWS Organization

Are you an operations administrator trying to enable common configurations such as agent updates or patch scanning across your company? AWS Systems Manager Quick Setup now supports AWS Organizations. With this feature, Organization master accounts can now easily define configurations for Systems Manager to engage on your behalf across accounts in your Organization. You can […]

Read More

Analyzing AWS CloudTrail in Amazon CloudWatch

In this blog post, we learn how to ingest AWS CloudTrail log data into Amazon CloudWatch to monitor and identify your AWS account activity against security threats, and create a governance framework for security best practices. We will analyze log trail event data in CloudWatch using features such as Logs Insight, Contributor Insights, Metric filters […]

Read More
Automatic drift remediation solution architecture

Implement automatic drift remediation for AWS CloudFormation using Amazon CloudWatch and AWS Lambda

“Stack drift” is a common occurrence for organizations using AWS CloudFormation, and remediating stack drift represents a persistent and tedious challenge for organizations managing critical infrastructure with CloudFormation stacks. Stack drift occurs when the actual configuration of an infrastructure resource differs from its expected configuration. Typically, this is caused by users editing resources directly by […]

Read More

Configure Session Manager access for federated users using SAML session tags

In this blog post, we show you how to configure Attribute-Based Access Control (ABAC) permissions to federate users into AWS Systems Manager Session Manager. We demonstrate how you can use attributes defined in external identity systems as part of the ABAC decisions within AWS, with SAML session tags. For example, you can grant access to […]

Read More

Keeping Ansible effortless with AWS Systems Manager

Ansible is a powerful tool because it lets you handle many complicated tasks with minimal effort. Some time ago, I published running Ansible playbooks using Systems Manager blog when the first version of the AWS Systems Manager (SSM) document was released, which enabled support for Ansible. In that blog, I discussed the tight integration of […]

Read More

Automating Feature Release using AWS AppConfig Integration with AWS Codepipeline

Last year, we released AWS AppConfig a new capability within AWS Systems Manager to create, manage, and quickly deploy application configurations. AppConfig enables you to validate your application configuration before deployment and enables you to deploy configuration in a controlled and monitored way. AWS AppConfig enables you to deploy configuration changes independent of the application code […]

Read More
Image showing the current AWS License Manager license configurations.

Tracking your Oracle licenses using AWS License Manager

Introduction Many of our customers are running Oracle databases in AWS. They have asked for help with managing their Oracle licenses. In response, AWS has released some new features to AWS License Manager to help customers manage their Oracle licenses running in AWS. AWS License Manager is a service that helps customers manage their software […]

Read More

Software patching with AWS Systems Manager

Cloud computing adoption has been rapidly increasing with enterprises around the globe, opting for various migration patterns during their cloud journey. Taking monolithic legacy applications as-is and moving them to the cloud, is an approach also known as “lift-and-shift,” and is one of the main drivers for cloud migration. As customers become more knowledgeable about […]

Read More
Image showing associate license configuration dialog with AWS Systems Manager managed instance

Track IBM license usage with AWS License Manager

Introduction In this blog post, I show you how you can track and enforce licensing for your IBM software products running on AWS or on-premises. IBM licenses many of its products using a processor-based licensing approach by Processor Value Units (PVU). IBM defines a processor, for purposes of PVU-based licensing, to be each processor core […]

Read More