AWS Cloud Operations & Migrations Blog
Category: Management & Governance
Achieving operational excellence by integrating AWS Health into change process
Operations teams create and use procedures to respond to operational events and need to ensure their effectiveness to support business needs. Everything continues to change—your business context, business priorities, and customer needs. It’s important to design operations to support changes over time in response to business iteration, and to incorporate lessons learned to minimize failures and […]
A sneak peek at the Governance, Risk, and Compliance (GRC) sessions for re:Inforce 2023
A full conference pass is $1,099. Register today with the code secure150off to receive a limited time $150 discount, while supplies last. AWS re:Inforce is just around the corner and this post covers sessions on cloud governance, risk management, and compliance that you should add to your agenda. AWS re:Inforce is a security learning conference […]
Use Amazon CloudWatch Internet Monitor for greater visibility into online experiences
Today millions of internet users access applications hosted globally across 167,000 cities served by over 74,000 autonomous systems (ASNs). Tracking constantly changing network routes can be a daunting task for Site Reliability Engineers (SREs), application developers, network operators, systems engineers, and cloud solutions architects. With Amazon CloudWatch Internet Monitor, teams can quickly identify the network […]
Building CIS hardened Golden Images and Pipelines with EC2 Image Builder
Until recently, customers had to navigate to the AWS Marketplace Console and search for a compatible Amazon Machine Image (AMI) product for your image pipeline. They also had to write their own custom components to harden the operating systems to meet Center for Internet Security (CIS) Benchmark guidelines. This required subscriptions to the CIS Benchmark […]
Visualize and gain insights into your VPC Flow logs with Amazon Managed Grafana
Modern IT infrastructure in Cloud is becoming increasingly distributed and data intensive. With the growing number of devices, applications, and users consuming the services, the amount of data being transmitted across networks is increasing rapidly. This increase in data warrants organizations to have visibility in the network traffic. Analysis of network traffic can help in […]
Estimating AWS Config recorder costs and usage using AWS CloudTrail
AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to create a configuration item whenever it detects a change to a resource type that it is recording. For example, if AWS Config is recording Amazon S3 buckets, AWS Config creates a configuration […]
Automating Amazon CloudWatch Alarm Cleanup at Scale
Do you have thousands of Amazon CloudWatch alarms across AWS Regions and want to quickly identify which ones are low-value alarms or misconfigured alarms across regions? Are you looking for ways to identify alarms which are in ‘ALARM’ or ‘IN_SUFFICIENT’ state for several days and need to be revisited? Do you need a cleanup mechanism […]
How Hapag-Lloyd established observability for serverless multi-account workloads
This post is co-authored by Grzegorz Kaczor from Hapag-Lloyd AG and Michael Graumann and Daniel Moser from AWS. Introduction Establishing observability over the state, performance, health, and security posture of applications is key to successfully operating multi-account workloads in the cloud. As the number and size of workloads increases, finding and correlating all available information […]
Implementing AWS Session Manager logging guardrails in a multi-account environment
Raiffeisen Bank International (RBI), a prominent Austrian banking group, maintains a multi-account AWS environment that allows product teams to build and test new customer features at speed, but within the limits of central security guardrails. One of these guardrails requires central logging of all sessions established to Amazon Elastic Compute Cloud (Amazon EC2) instances across the […]
Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks
Organizations require their cloud environment to be secure and compliant according to their governance policies. AWS Config provides customers configuration details of their resources in AWS accounts. Customers can make use of AWS Config managed rules, AWS Config custom rules or conformance packs to get to know the configuration details of their resources quickly. Being aware of […]