AWS Management & Governance Blog

Category: Advanced (300)

Configuring AWS Systems Manager Session Manager run as support for federated users using session tags

In this blog post, we share a procedure for configuring AWS Systems Manager Session Manager run as support for Active Directory (AD) federated users using AWS Security Token Service (AWS STS) session tags. We show you how to start a Session Manager session using the AD user name of the federated user on an AD-joined […]

Read More
Authorize different sets of interactive session commands for users using SSM documents

Limit interactive session commands by groups of users using AWS Systems Manager

Customers are looking for a way to limit the types of commands that can be run on their Amazon Elastic Compute Cloud (Amazon EC2) instances when using AWS Systems Manager Session Manager interactive sessions. Allowed commands vary by group, meaning you need to allow different sets of commands based on the group of users. For […]

Read More
Service Catalog AppRegistry graphic

Increase application visibility and governance using AWS Service Catalog AppRegistry

Many customers deploy applications with a multitude of resources using AWS CloudFormation templates.  As customers begin to scale, these templates are often re-used across multiple applications.  At this point, important tasks like identifying deployed applications and understanding which CloudFormation stacks are associated with an application become more difficult. Visibility is an important component of a […]

Read More
The success banner at the top of the page says the AMI has been successfully associated.

Creating ServiceNow incidents for AWS License Manager notifications

AWS License Manager streamlines the process of managing software licenses from software vendors like Microsoft, Oracle, IBM, SAP, and others across AWS and in on-premises environments. Administrators can create customized licensing rules that AWS License Manager enforces when Amazon Elastic Compute Cloud (Amazon EC2) instances are launched. This helps you prevent licensing violations by stopping the […]

Read More
AppConfig Featured Image

Application configuration deployment to container workloads using AWS AppConfig

AWS AppConfig is a capability of AWS Systems Manager that you can use to create, manage, and quickly deploy application configurations at runtime. With AWS AppConfig, you can validate your configuration data to check for any errors, and define deployment strategies to control the rate at which deployments occur. You can also set monitors to watch […]

Read More
Example Dashboard

View AWS Trusted Advisor recommendations at scale with AWS Organizations

Since 2014, AWS Trusted Advisor has been providing customers with visibility into an individual AWS account and providing recommendations based on known AWS best practices. Trusted Advisor makes recommendations to help customers achieve a better security posture, control their costs, optimize application performance, design better fault tolerance, and maintain control over their AWS service limits […]

Read More
Cloud native application monitoring for AWS

Cloud Native Application Monitoring for AWS

This blog post will show you how DXC used AWS management tools and services to create a custom cloud native application monitoring framework. DXC made this advanced monitoring offering available to their customers, which resulted in improved customer satisfaction. The business driver DXC has a robust set of tools and capabilities to solve customers’ application […]

Read More

AWS Config Rule Development Kit library: Build and operate rules at scale

AWS would like to introduce you to the RDKLib, an open source Python library you can use to build, develop, and deploy custom AWS Config rules at scale. RDKLib works with the AWS Config Rule Development Kit. It is designed to work at the AWS Lambda layer, so you can use the library without needing […]

Read More

Introducing CloudWatch Lambda Insights

CloudWatch Lambda Insights is a monitoring and troubleshooting solution for serverless applications running on AWS Lambda. The solution collects, aggregates, and summarizes system-level metrics including CPU time, memory, disk, and network. It also collects, aggregates, and summarizes diagnostic information such as cold starts and Lambda worker shutdowns to help you isolate issues with your Lambda […]

Read More
Auto tagging blog post

Automatically tag new AWS resources based on identity or role

You might have heard the adage to “tag early, tag often” in infrastructure planning and design sessions. Using accurate, meaningful tags on your AWS resources is a best practice. Consistently applied resource tags deliver organizational benefits such as accurate cost allocation, granular access controls, precisely routed operation issues, and simplified resource operating state changes. This […]

Read More