AWS Cloud Operations & Migrations Blog
Category: Learning Levels
Managing resources using AWS CloudFormation Resource Types
Both custom resources and resource types are used to create an AWS CloudFormation resource that allow you to manage third-party resources. For example, during the creation of a simple website you may want to provision a third-party website monitor, which has a public API. In this case, you would develop and use a resource that […]
Read MoreImprove monitoring efficiency using Amazon CloudWatch Composite Alarms
OVERVIEW Amazon CloudWatch alarms help customers improve infrastructure monitoring efficiency by reducing the time to detect, triage, and diagnose issues that impact workload performance. CloudWatch alarms can be used extensively as a means to alert customers when application and infrastructure metrics exceed static or dynamically set thresholds. On March 4, 2020 AWS released CloudWatch composite alarms to extend existing […]
Read MoreKeep up on the latest from AWS Organizations–Spring 2020
The team here at AWS Organizations has been busy developing new features to make it easier for you to manage multiple AWS accounts, whether you are automating new account creation, consolidating resources into a single bill, or maintaining access safeguards around your resources. There are many new announcements at AWS, so we’re starting this quarterly […]
Read MoreSetting up custom AWS Config rule that checks the OS CIS compliance
AWS announced that AWS Systems Manager’s Run Command now offers Chef InSpec audits through the AWS-RunInspecChecks document. This is a significant win for Systems Manager enthusiasts and other users who prefer an OS-based compliance check solution rather than using a whole new cloud service. This blog post is not about how to keep an OS […]
Read MoreGovernance, risk, and compliance when establishing your cloud presence
June 22, 2021: We’ve updated this post to reference the recently published Management & Governance Lens, an extension of the AWS Well-Architected Framework. When speaking with the business and technology leaders I work with, they express the need to bring new products and services to market quickly. They must also stay secure while doing so. […]
Read MoreApplying managed instance policy best practices
Since AWS Systems Manager was launched, the service has continued to add new features for customers to use. Many features are enabled by granting your Amazon EC2 instances and on-premises servers access to Systems Manager using an AWS Identity and Access Management (IAM) role with the necessary permissions. To provide customers more flexible, fine-grained permission […]
Read MoreMonitor your private internal endpoints 24×7 using CloudWatch Synthetics
Introduction Since Amazon CloudWatch Synthetics launched in 2019, Synthetics canaries have become the first line of defense to reliably alert developers if their public endpoints, including REST APIs and URLs, show unexpected latencies or availability drops. In addition, Synthetics canaries can also monitor for broken links, or unauthorized content changes resulting from phishing, code injection, […]
Read MoreManage custom AWS Config rules with remediations using conformance packs
Different organizations have different compliance and security requirements for their resources and accounts. AWS Config makes it easier for customers to implement these controls. While AWS Config offers customers a wide selection of managed AWS Config rules that help them comply with their requirements, there are customers who require more customized control and can take […]
Read MoreSend Organizational AWS Health Events to Amazon Chime or Slack
There’s now a much easier solution! Please see our blog post on AWS Health Aware – Customize AWS Health Alerts for Organizational and Personal AWS Accounts. Receiving notifications for AWS Health events can be done in multiple ways depending on your desired platform, from email notifications with Amazon SNS to account-specific chat notifications with AWS […]
Read MoreCreating event-based notifications and remediation in AWS Service Catalog using AWS Config
AWS Service Catalog allows organizations to quickly let their users deploy approved IT services to organize, govern, and provision cloud resources on AWS. However, users launching multiple instances can cause issues because: Some instances are not always active. The lack of limits on the number of active instances can result in an organization’s costs going […]
Read More