AWS Cloud Operations & Migrations Blog

Category: Expert (400)

Monitor Private VPC Endpoint Health in Hybrid DNS Environments Using CloudWatch Synthetics

We start by paying homage to the Amazon CloudWatch Synthetics canary naming convention, which nods to the original use of canaries to detect carbon monoxide in coal mines. The bird’s small size, high metabolism, and intensified breathing led to their early demise when exposed to the poisonous gas, thereby allowing miners to take corrective action […]

Read More

Extending your Control Tower Network security with Amazon Route 53 DNS Firewall

In our previous post, “Securely scale multi-account architecture with AWS Network Firewall and AWS Control Tower”, we described how AWS Network Firewall can be implemented in an AWS Control Tower environment. AWS Network Firewall provides a stateful, managed firewall with rules to filter and block network and application layer traffic coming to your applications. Centralized […]

Read More

Monitoring AWS Elastic Beanstalk .NET applications with Amazon CloudWatch and Amazon Managed Grafana

AWS Elastic Beanstalk simplifies deployments by handling many of the architectural complexities involved with managing highly available applications. Elastic Beanstalk provides a monitoring console that displays your environment’s status and application health. However, in large deployments with complex application servers, this often requires supplemental, finer grained monitoring and dynamic dashboards in order to achieve the […]

Read More

Migrating accounts between AWS Organizations with consolidated billing to all features

Customers start their cloud journey with one AWS account, and over time they deploy many resources within it before utilizing more accounts. Prior to the launch of AWS Organizations in 2017, customers received a consolidated bill for all of these accounts. The launch of AWS Organizations meant these customers were provided with an organization that […]

Read More
Centralized software package distribution across multiple regions and accounts in an AWS Organization using AWS Systems Manager Distributor

Centralized software package distribution across multiple regions and accounts in an AWS Organization using AWS Systems Manager Distributor

Security remains a top priority for most organizations, and, in order to stay secure and compliant, they leverage agent-based vulnerability management tools, such as CrowdStrike, TrendMicro, and Tennable. AWS Systems Manager Distributor automates the process of packaging and publishing software to managed Windows and Linux instances across the cloud landscape, as well as to on-premises […]

Read More

Control developer account costs with AWS CloudFormation and AWS Budgets

Often when working with customers, we guide them by using AWS Budgets and related tools in the AWS platform in order to create cost and utilization guardrails. These tools can be used to conduct advanced, automated, and hands-free actions within your AWS environment – even across multiple accounts. This post will walk you through a […]

Read More

Build an AWS Config Custom Rule to Optimize Amazon EBS Volume Types

This blog provides step-by-step instructions for building an AWS Config custom rule and a custom Config Remediation so that you can optimize your EBS Volume types with Amazon EBS gp3 volumes. AWS Config is a service that lets you assess, audit, and evaluate your AWS resource configurations. AWS Config provides AWS Managed Rules, which are […]

Read More
Standardize compliance in AWS using DevOps and a Cloud Center of Excellence (CCOE) approach

Standardize compliance in AWS using DevOps and a Cloud Center of Excellence (CCOE) approach

In large scale cloud migrations and deployments, a Cloud Center of Excellence (CCOE) organizational setup enables project and account owners to move at their own speed, reuse components, and integrate them into their application environments. The CCOE team can develop better tools and automation for the application teams to leverage, and they can be sure […]

Read More
SNMP monitoring using Amazon CloudWatch and Elastic Logstash

SNMP monitoring using Amazon CloudWatch and Elastic Logstash

Customers want a single pane of glass for their systems operations where they can visualize the health and performance of applications running in several AWS Regions and in their on-premises environment. Simple Network Management Protocol (SNMP) is an internet standard protocol for collecting and organizing information about managed devices on IP networks and for modifying […]

Read More
Using OPA to create AWS Config rules

Using OPA to create AWS Config rules

In this blog post, we will show how you can use AWS Config custom rules with Open Policy Agent (OPA) to evaluate the compliance of your AWS resources. AWS Config enables you to assess, audit, and evaluate the configuration of your AWS resources. The service continuously monitors and records your AWS resource configurations and allows […]

Read More