AWS Cloud Operations & Migrations Blog

Category: Expert (400)

Scaling Landing Zone with AWS Control Towers

A landing zone (LZ) is a well-architected, multi-account AWS environment that is scalable and secure. This is a starting point from which your organizations can quickly launch and deploy workloads in the secured infrastructure environment. A well-defined LZ provides a set of guardrails and baselines with multi-account architecture, identity and access management, control, data security, […]

Build EC2 Image Builder container images locally

EC2 Image Builder is a fully-managed AWS service that simplifies the creation, management, and deployment of golden server and container images. The images are built using an automation pipeline that is customizable for customers, enabling them to create images that are pre-installed and pre-configured with software and packages to meet specific IT requirements. The service […]

How to deploy CDK v2 to an account that requires boundary policies

Samuel Passman (spssmn, DevOps Consultant), James Dadd (jdaddaws, Infrastructure Architecture Consultant), Asad Syed (asadsy, DevOps Consultant), and Joseph Brian (jkbrian, Senior Engagement Manager) all with ProServe Globals Team. The AWS Cloud Development Kit (AWS CDK) is an open-source framework that simplifies working with cloud resources using familiar programming languages: C#, TypeScript, Java, Python, and Go […]

Use existing Logging and Security Account with AWS Control Tower

AWS Control Tower provides the easiest way for you to set up and govern your AWS environment, or landing zone, following prescriptive AWS best practices managed on your behalf. AWS Control Tower orchestrates multiple AWS services (AWS Organizations, AWS CloudFormation StackSets, Amazon Simple Storage Service (Amazon S3), AWS Single Sign-On (AWS SSO), AWS Config, AWS CloudTrail) to build a landing zone […]

Create speech-enabled products using AWS Service Catalog and Amazon Polly

In this post, we’ll show how enterprises can use AWS Service Catalog to create AWS Service Catalog products based on AWS machine learning (ML) services, such as Amazon Polly and Amazon Rekognition. These products are packaged in AWS Service Catalog portfolios that customers can use for their use cases. These portfolios can generate revenue for […]

Visualizing metrics across Amazon Managed Service for Prometheus workspaces using Amazon Managed Grafana

This post provides step-by-step instructions for aggregating and visualizing your Amazon Elastic Kubernetes Service (Amazon EKS) monitoring metrics using Amazon Managed Service for Prometheus and Amazon Managed Grafana. As part of this solution, promxy a Prometheus proxy, is deployed to enable a single Grafana data source to query multiple Prometheus workspaces. Please note that this […]

Managing AWS account lifecycle in AWS Control Tower using the Account Close API

AWS Control Tower provides the easiest way for you to set up and govern your AWS environment following prescriptive AWS best practices managed on your behalf. AWS Control Tower orchestrates multiple AWS services (AWS Organizations, AWS CloudFormation StackSets, Amazon Simple Storage Service (Amazon S3), AWS Single Sign-On, AWS Config, AWS CloudTrail) to build a landing […]

Figure 3 Flight Controller deployment using CFCTv2

Flight Controller by Contino – A Solution built on AWS Control Tower

Today AWS customers are rapidly adopting the cloud and at a massive scale. To support this demand, customers must build a strong foundation based on AWS well-architected best practices. A well-architected landing zone is a key construct that lets you vend accounts, provision access, setup security guardrails, and build CI/CD pipelines. However, at scale, implicit […]

Sharing AWS Outposts in a multi account AWS environment: Part 2

This post is written by Karl Schween, Principal Solutions Architect at AWS. This post is part two of two part series ‘Sharing AWS Outposts in a multi account AWS environment’ providing you guidance and considerations for sharing AWS Outposts and Amazon S3 on Outposts in a multiple AWS Account environment. AWS Outposts is a fully […]

Sharing AWS Outposts in a multi account AWS environment: Part 1

This post is written by Karl Schween, Principal Solutions Architect at AWS. This post is part one of two part series ‘Sharing AWS Outposts in a multi account AWS environment’ providing you guidance and considerations for sharing AWS Outposts and Amazon S3 on Outposts in a multiple AWS Account environment. AWS Outposts is a fully […]