AWS Cloud Operations & Migrations Blog

Category: Learning Levels

AWS Management and Governance image

Discover application issues and get notifications with AWS X-Ray Insights

Today, AWS X-Ray is pleased to announce the general availability of Insights, a feature that helps you proactively detect performance issues in your applications. AWS X-Ray helps developers and DevOps engineers analyze and debug production environments and distributed applications, such as those built using a microservices architecture. Using anomaly detection, X-Ray Insights determines if the […]

Read More

Automate AWS Backups with AWS Service Catalog

If you’re an organization with multiple AWS accounts and independent teams, cloud governance can seem a daunting task. The complexities of balancing developer velocity with centralized governance risks can slow down the innovation you’re trying to speed up. Fortunately, AWS Service Catalog, and AWS Backup help to implement a well-architected approach to self-service while meeting […]

Read More
ReadOnly SCP Post Featured Image

How to implement a read-only service control policy (SCP) for accounts in AWS Organizations

Customers who manage multiple AWS accounts in AWS Organizations can use service control policies (SCPs) to centrally manage permissions in their environment. SCPs can be applied to an organization unit (OU), account, or entire organization to restrict the maximum permissions that can be applied in the scoped AWS accounts. In this post, we are going to explore the use of SCPs to restrict an AWS account to read-only access.

Read More

Streamline server fleet management with AWS Systems Manager Fleet Manager

Organizations manage an increasingly diverse IT infrastructure, one that spans cloud and on-premises environments and uses different tools and services. Managing these diverse hybrid environments can be complicated and resource-intensive. Fleet Manager, a new feature in AWS Systems Manager, makes it easy and cost-effective to remotely manage Windows and Linux servers running across AWS, on-premises, […]

Read More

View AWS Config rules across multiple accounts and Regions using AWS Systems Manager Explorer

AWS Systems Manager Explorer is a customizable operations dashboard that displays an aggregated view of operations data from across your AWS accounts and AWS Regions. Explorer provides context into how operational issues are distributed, trend over time, and vary by category. In this blog post, I explain how Explorer gathers the compliance status of AWS […]

Read More

How BT uses Amazon CloudWatch to monitor millions of devices

In this guest post, Ciaran Kearney, Data Engineer at multinational telecommunications company BT discusses how BT built a monitoring solution using Amazon CloudWatch dashboards, composite alarms, and embedded metric format to support the monitoring of millions of devices. Customers with high-cardinality monitoring use cases often face challenges when it comes to implementing observability. Monitoring high-cardinality workloads […]

Read More

Improve security by analyzing VPC flow logs with Amazon CloudWatch Contributor Insights

You can use rules in Amazon CloudWatch Contributor Insights to gain security visibility into your VPC flow logs. The rules analyze flow logs in targeted groups in Amazon CloudWatch Logs and display the Top-N contributors for a given log field or combination of log fields. In this post, I’ll show you how to set up CloudWatch Contributor Insight rules for VPC flow logs. I’ll demonstrate how to:

Map the VPC flow log format to rules in Contributor Insights.
Explain how a single rule can be used to monitor many VPC flow logs.
Walk through some sample rules and show them in a CloudWatch dashboard.

Read More
CloudWatch Dashboard Blog Featured Image

Automate customized deployment of cross-account/cross-region CloudWatch Dashboards using tags

Amazon CloudWatch Dashboards are a great way to monitor your AWS resources. During peak events when you are expecting high traffic, monitoring your AWS resources helps you stay ahead of any issues that may arise. You might want a customized and automated dashboard that can be used during a seasonal event, important releases, holidays, and […]

Read More
Featured Image for blog post "Create immutable servers using EC2 Image Builder and AWS CodePipeline"

Create immutable servers using EC2 Image Builder and AWS CodePipeline

When you run an application on multiple Amazon Elastic Compute Cloud (Amazon EC2) instances, you want to avoid differences between the instances because they can cause unpredictable behavior and make it hard to troubleshoot and solve issues. The best way to prevent differences is to replace your instances whenever you want to make a change—to […]

Read More

Configuring AWS Systems Manager Session Manager run as support for federated users using session tags

In this blog post, we share a procedure for configuring AWS Systems Manager Session Manager run as support for Active Directory (AD) federated users using AWS Security Token Service (AWS STS) session tags. We show you how to start a Session Manager session using the AD user name of the federated user on an AD-joined […]

Read More