AWS Cloud Operations & Migrations Blog

Category: Learning Levels

How to validate AWS Service Catalog AppRegistry attribute groups schema and take remediation actions

Many customers define resource tagging strategy to manage their AWS resources to either being able to identify the resource owner or the cost center, or for any other purpose. Therefore, it’s important to have a mechanism to identify those resources that don’t have the essential resource tags. In AWS Service Catalog AppRegistry, attribute groups are […]

Read More

Automate AWS Config data visualization with AWS Systems Manager

Earlier this year we published a blog, Visualizing AWS Config data using Amazon Athena and Amazon QuickSight. It outlines the steps for setting up AWS Config with Amazon Athena and Amazon QuickSight. We received great feedback from that post. To further help our customers adopt these tools we are happy to announce the availability of […]

Read More

Announcing AWS CloudTrail Lake – a managed audit and security Lake

Organizations managing cloud infrastructure in AWS need effective mechanisms to audit operations in their AWS accounts for security and compliance. In November 2013, we announced AWS CloudTrail as the auditing platform for AWS. Since then, millions of customers have adopted this service. We believe CloudTrail is so important to AWS customers’ success that every new […]

Read More

How to monitor hybrid environments with AWS services

As enterprises start migrating to the cloud, one challenge they will face is framing and implementing a holistic monitoring strategy for the hybrid environment. In our experience, there are three main reasons for this. First and foremost, an enterprise generally has multiple monitoring tools in place, but when the enterprises start moving to the cloud, […]

Read More

Using ELB Access Logs and AWS Application Cost Profiler to track tenant cost of shared AWS Infrastructure

In our previous post on AWS Application Cost Profiler (ACP), we demonstrated how application owners instrument a serverless application with tenant metadata in a contextual format using AWS X-Ray. This tenant metadata is necessary for ACP to generate a granular cost breakdown of shared AWS resources used by multi-tenant applications. These granular cost insights let […]

Read More

Root and Nested Organizational Unit Support for Customizations for AWS Control Tower

Customers often use AWS accounts as a boundary to segregate their workloads, environments, business units, compliance requirements, or any type of logical isolation that suits their business. An AWS account serves as a hard boundary by design – each account is its own logical entity with controls, limits, and guardrails. Large customers typically have many […]

Read More

A beginners’ guide for Finance and Operations teams in their cloud migration journey

Finance teams maintain a unique position in their organization enabling them to accelerate strategic business imperatives. As custodians of capital, they play a crucial role in deciding where to place strategic bets. A cloud migration comes with many unknowns, variables, and new capabilities that business teams must unpack for a seamless cloud journey. This blog […]

Read More

Managing configuration compliance across your organization with AWS Systems Manager Quick Setup

When running your applications on AWS, the number of resources you use increases as the demand of your applications keeps growing. Eventually, keeping track of your AWS resources and the relationships between them becomes challenging from a governance perspective. AWS Config lets you more easily assess, audit, and evaluate the configurations of your AWS resources. […]

Read More

Update your Amazon CloudWatch dashboards automatically using Amazon EventBridge and AWS Lambda

Amazon CloudWatch lets customers collect monitoring and operational data in the form of logs, metrics, and alarms. This allows for easy visualization and notifications regarding their workload health. Amazon CloudWatch dashboards are customizable home pages in the CloudWatch console that you can use to monitor your resources in a single view, even those resources that […]

Read More

Identity Guide – Preventive controls with AWS Identity – SCPs

AWS Identity offers a set of features that let customers apply preventive controls to their AWS environment. This includes AWS Organizations service control policies (SCPs). For you to achieve common preventive controls, SCPs provide preventative enforcement by offering central control over the maximum available permissions for all accounts in your organization. SCPs affect all users and roles […]

Read More