AWS Cloud Operations & Migrations Blog

Category: Foundational (100)

CloudFormation StackSets delegated administration

If you are using AWS CloudFormation StackSets, you are having to manage your stacks from the AWS Organizations management account. According to best practice, the management account should be used only for tasks that require it. Until today, you had to use the management account to manage your AWS CloudFormation stack sets. To help limit […]

Read More

Best practices for creating and managing sandbox accounts in AWS

Organizations use multiple environments, each with different security and compliance controls, as part of their deployment pipeline. Following the principle of least privilege, production environments have the most restrictive security and compliance controls. They tightly limit who can access the environment and which actions each user (or principal) can perform. Development and test environments also […]

Read More
AWS Management and Governance image

Discover application issues and get notifications with AWS X-Ray Insights

Today, AWS X-Ray is pleased to announce the general availability of Insights, a feature that helps you proactively detect performance issues in your applications. AWS X-Ray helps developers and DevOps engineers analyze and debug production environments and distributed applications, such as those built using a microservices architecture. Using anomaly detection, X-Ray Insights determines if the […]

Read More

Migrating to Amazon API Gateway: A Datalex success story

Datalex is an industry leader of omni-channel retail solutions for airlines around the world. The Datalex product portfolio supports end-to-end retail capabilities that include pricing, shopping, and order management. This year, Datalex’s multi-year deal with their API provider was up for renewal. As part of a best practice review, they considered other options. When the […]

Read More
Analyzing Amazon Lex conversation log data with Grafana

Analyzing Amazon Lex conversation log data with Grafana

To support business and internal processes, organizations are increasing their use of conversational interfaces. They offer opportunities for more availability, improved service levels, and reduced costs. As these conversational services become more important, so, too, does the need to monitor performance and effectiveness of these interfaces with analytics and dashboards. This analysis, in turn, is […]

Read More

Open sesame: Granting privileged access to EC2 instances with Session Manager

In this guest blog post, Herman Lee (Cloud Solution Architect, VP) and Nauman Noor (Managing Director) from the public cloud engineering team at State Street discuss their use of AWS Systems Manager Session Manager for privileged access management of Amazon EC2 instances. State Street Corporation is a financial services company responsible for the management, custody, […]

Read More
Manage AWS Managed Microsoft AD resources with Session Manager port forwarding

Manage AWS Managed Microsoft AD resources with Session Manager port forwarding

Active Directory administrators are accustomed to managing domain resources using Remote Server Administrators Tools (RSAT) installed on either their workstations or a member server in the domain.  When it comes to managing resources on a managed Active Directory service, such as the case with AWS Managed Microsoft AD, these tools must be available for administrators […]

Read More

How Line of Business Leaders Can Jump-Start Cloud Innovation

Cloud transformation is imperative Line of business (LOB) leaders and application owners within a business recognize that they urgently need to pivot their model to cloud—and not just to save cost or to get out of a data center. They own the apps that drive revenue for the business and modernizing them is critical to […]

Read More

Getting Started with Amazon Managed Service for Prometheus

4/9/2021 – Updated the Prometheus server deployment setup part by removing the AWS SigV4 side-car proxy container. This is no longer needed as the Prometheus server now directly signs requests made to the AMP remote write API. Amazon Managed Service for Prometheus (AMP) is a Prometheus-compatible monitoring service for container infrastructure and application metrics for […]

Read More

Amazon Managed Grafana – Getting Started

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Amazon Managed Grafana is a fully managed and secure data visualization service that enables customers to instantly query, correlate, and visualize operational metrics, logs, and traces for their applications from multiple data sources. Amazon Managed Grafana is based on the […]

Read More