AWS Management & Governance Blog

Category: Intermediate (200)

Simplified Bring-Your-Own-License experience using AWS License Manager

AWS License Manager’s simplified Bring-Your-Own-License (BYOL) experience allows you to effectively govern and manage software licenses, such as Windows and SQL Server, that require a dedicated physical server. You can enjoy the flexibility and cost effectiveness of using your own licenses on Amazon EC2 Dedicated Hosts, but with the simplicity, resiliency, and elasticity of Amazon EC2. […]

Read More
Illustration of the flow of actions between accounts for the Security Hub account association handshake.

Automating AWS Security Hub Alerts with AWS Control Tower lifecycle events

AWS Control Tower is an AWS managed service that automates the creation of a well-architected multi-account AWS environment. Control Tower simplifies new account provisioning for your AWS Organization. Control Tower also centralizes logging from AWS CloudTrail and AWS Config, and provides preventative and detective guardrails. AWS Security Hub can be used to provide a comprehensive […]

Read More

Deploy Conformance Packs across an Organization with Automatic Remediation

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale – from policy definition to auditing and aggregated reporting using a common framework and packaging model. Many enterprises have multiple AWS accounts to manage their AWS infrastructure and demand an easy way to manage compliance policy definitions across their organization. […]

Read More
Workflow diagram that shows how Control Tower's lifecycle events are generated and recorded

Using lifecycle events to track AWS Control Tower actions and trigger automated workflows

Many customers that I work with are creating and provisioning new accounts using AWS Control Tower. They prefer an AWS native solution for creating their environment knowing that it will be based upon documented AWS Best Practices. As customers scale their account creation, there exists an opportunity to use additional Control Tower features to perform […]

Read More

New features of Run Command: Copy to new, rerun, and CloudWatch Metrics

In this blog post, I cover new features of AWS Systems Manger Run Command that make deploying and testing automation at scale easier. AWS Systems Manager is a great platform to simplify the task of managing infrastructure at scale. One of the key features of this platform is Run Command, which enables automation of common […]

Read More

Introducing AWS Config Multi-Account, Multi-Region support for Advanced Query

I’m excited to introduce you to our latest feature addition, AWS Config Advanced Query. Advanced query, launched last year, makes it easy to query the resource configuration properties of your AWS resources for audit, compliance, or operational troubleshooting using simple SQL-like queries. With our latest release, you can now use Advanced query with configuration aggregators, enabling you […]

Read More

Mechanisms to govern license usage with AWS License Manager

AWS License Manager streamlines the process of bringing software vendor licenses to the cloud. As you build your applications in AWS that use third party licenses or move your on-premises workloads to AWS, you can save costs by using bring-your-own-license (BYOL) opportunities. This can be done by re-purposing your existing license inventory for use with […]

Read More

Tracking software usage across multiple AWS accounts using AWS License Manager

In a previous post Using AWS License Manager to track your Microsoft SQL Server licenses, you learned how to use AWS License Manager to help you manage your software licenses. In this post, I show you how to use License Manager to manage licenses for your entire organization or a select group of accounts. Overview […]

Read More

AWS CloudFormation: Signed, sealed, and deployed

State Street Corporation is a global bank that is responsible for managing over 10% of the world’s wealth.  It also focuses on engineering better outcomes for its investors and customers, striving to bring innovative solutions to market and enhance customer value. To manage complexity and provide a stable agile platform, State Street uses Infrastructure as […]

Read More

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More