Category: Advanced (300)
Organizations manage an increasingly diverse IT infrastructure, one that spans cloud and on-premises environments and uses different tools and services. Managing these diverse hybrid environments can be complicated and resource-intensive. Fleet Manager, a new feature in AWS Systems Manager, makes it easy and cost-effective to remotely manage Windows and Linux servers running across AWS, on-premises, […]Read More
You can use rules in Amazon CloudWatch Contributor Insights to gain security visibility into your VPC flow logs. The rules analyze flow logs in targeted groups in Amazon CloudWatch Logs and display the Top-N contributors for a given log field or combination of log fields. In this post, I’ll show you how to set up CloudWatch Contributor Insight rules for VPC flow logs. I’ll demonstrate how to:
Map the VPC flow log format to rules in Contributor Insights.
Explain how a single rule can be used to monitor many VPC flow logs.
Walk through some sample rules and show them in a CloudWatch dashboard.
Amazon CloudWatch Dashboards are a great way to monitor your AWS resources. During peak events when you are expecting high traffic, monitoring your AWS resources helps you stay ahead of any issues that may arise. You might want a customized and automated dashboard that can be used during a seasonal event, important releases, holidays, and […]Read More
Configuring AWS Systems Manager Session Manager run as support for federated users using session tags
In this blog post, we share a procedure for configuring AWS Systems Manager Session Manager run as support for Active Directory (AD) federated users using AWS Security Token Service (AWS STS) session tags. We show you how to start a Session Manager session using the AD user name of the federated user on an AD-joined […]Read More
Customers are looking for a way to limit the types of commands that can be run on their Amazon Elastic Compute Cloud (Amazon EC2) instances when using AWS Systems Manager Session Manager interactive sessions. Allowed commands vary by group, meaning you need to allow different sets of commands based on the group of users. For […]Read More
AWS Config has released a new sample conformance pack template to help customers meet the operational best practices for Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a U.S. government-wide program that delivers a standard approach to the security assessment, authorization, and continuous monitoring for cloud products and services. Conformance packs are a collection […]Read More
Many organizations get access to their AWS resources using a Direct Connect connection or a Site-to-Site VPN. AWS Site-to-Site VPN creates a secure connection between your data center or branch office and your AWS cloud resources. In this post, we will see how to monitor your Cisco CSR VPN tunnel and BGP (Border Gateway Protocol) […]Read More
Many customers deploy applications with a multitude of resources using AWS CloudFormation templates. As customers begin to scale, these templates are often re-used across multiple applications. At this point, important tasks like identifying deployed applications and understanding which CloudFormation stacks are associated with an application become more difficult. Visibility is an important component of a […]Read More
Launch a standardized DevOps pipeline to deploy containerized applications using AWS Service Catalog
As companies implement DevOps practices, they find that standardizing the deployment of the continuous integration and continuous deployment (CI/CD) pipelines is increasingly important. Many end users and developers do not have the ability or time to create their own CI/CD pipelines and processes from scratch for each new project. By using AWS Service Catalog, organizations […]Read More
In April 2020, we launched Amazon CloudWatch Synthetics, which developers can use to create canaries that are configurable scripts running on a schedule to monitor endpoints, APIs, and website content. With canaries, your business can discover issues before your customers do, so you can react quickly to fix them. When you’re running scripts on CloudWatch […]Read More