AWS Cloud Operations & Migrations Blog

Category: Learning Levels

AWS Control Tower Detective Guardrails as an AWS Config Conformance Pack

Many of the customers I work with would like to be able to apply AWS Control Tower’s detective guardrails to an existing AWS account before moving them to Control Tower governance. Now that you can launch AWS Control Tower in an existing AWS Organization, customers want to evaluate their existing accounts for compliance with AWS […]

Read More

Using environment variables with Amazon CloudWatch Synthetics

With the increase in online traffic, organizations have prioritized the continuous monitoring of their applications so that they can detect issues before they cause widespread problems. Canaries emulate a user flow, making it possible for organizations to proactively catch errors thereby ensuring a good customer experience. Amazon CloudWatch Synthetics allows you to create canaries to […]

Read More

Understanding the differences between configuration history and configuration snapshot files in AWS Config

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. When you run your applications on AWS, you often use AWS resources, which you must create and manage collectively. As the demand for your application keeps growing, so does your need to keep track of your AWS resources. AWS Config tracks […]

Read More
Architecture diagram with icons representing the AWS services and their relationships for the CloudWatchAutoAlarms Lambda function

Use tags to create and maintain Amazon CloudWatch alarms for Amazon EC2 instances (Part 1)

This blog post is the first in a two-part series. I walk you through a solution to automatically create and enforce a standard set of Amazon CloudWatch metric alarms for Amazon Elastic Compute Cloud  (Amazon EC2) instances by using Amazon EC2 instance tags. Creating and configuring a standard set of CloudWatch alarms for a large […]

Read More

Use tags to create and maintain Amazon CloudWatch alarms for Amazon EC2 instances (Part 2)

This blog post is the second in a two-part series. Part one of this blog post showed how to deploy and configure the CloudWatchAutoAlarms Lambda function to create a default alarm set and custom alarms for your Amazon Elastic Compute Cloud (Amazon EC2) instances using EC2 instance tags. In this post, I show how you […]

Read More

Manage Amazon EC2 instance clock accuracy using Amazon Time Sync Service and Amazon CloudWatch – Part 2

In part 1 of this series, I cover important concepts about measuring the accuracy of time on Amazon EC2 instances . I discussed calculating ClockErrorBound (?) and using its value as a range between which system time is accurate. In this part, I walk through the process of using Amazon CloudWatch to measure and monitor […]

Read More

Manage Amazon EC2 instance clock accuracy using Amazon Time Sync Service and Amazon CloudWatch – Part 1

This two-part series discusses the measurement and management of time accuracy on Amazon EC2 instances. Part 1 covers the important concepts related to system and reference time. Part 2 covers the mechanism of measure, monitor, and maintain accurate system time on EC2 instances. A large and diverse set of customer workloads depends on the observed […]

Read More

Automating custom cost and usage tracking for member account owners in the AWS Migration Acceleration Program

This blog post was contributed by Kanishk Mahajan, AWS and Kalpana Roge, McAfee The AWS Migration Acceleration Program (MAP) is a cloud migration program that helps enterprises achieve business benefits by migrating existing workloads to Amazon Web Services. MAP provides consulting support, training, and credits on AWS services to reduce risk, build a strong operational […]

Read More

Best practices for AWS Config conformance packs

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale. A conformance pack is a collection of AWS Config rules and remediation actions that can be easily deployed as a single entity in an account or across an organization in AWS Organizations. This is particularly useful if you need to quickly establish a […]

Read More

Monitor API Gateway endpoints with Amazon CloudWatch Synthetics

Monitoring the health of your API endpoints is important to understand the overall health of your workloads. You can use Amazon CloudWatch Synthetics to monitor your API endpoints and understand the overall health of your workloads. CloudWatch Synthetics canaries allow you to monitor API endpoints by creating HTTP steps and configuring the request type, endpoint URL, […]

Read More