AWS Cloud Operations Blog
Category: Centralized operations management
DevOps automation for backup compliance in AWS using AWS Backup Audit Manager
Backup compliance in AWS includes defining and enforcing backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. AWS Backup Audit Manager, a feature within the AWS Backup service, provides built-in compliance controls for these areas. […]
Using AWS AppConfig Feature Flags
AWS has a native feature flagging solution, AWS AppConfig Feature Flags. Feature flags are a powerful tool that allow engineers to safely push out new features to customers, but doing so in a measured and usually gradual way. In this blog post, you will learn about what feature flags are, what are the benefits to […]
Enforce best practices in AWS Systems Manager documents leveraging CFN Guard
Many of us use AWS Systems Manager (SSM) documents to help automate various tasks. As we author documents and move them toward deployment, we’ll likely enforce certain standards and best practices. The AWS CloudFormation team released a general-purpose tool called AWS CloudFormation Guard that we can use to help enforce these best practices. In this […]
Customize Well-Architected Reviews using Custom Lenses and the AWS Well-Architected Tool
The AWS Well-Architected Tool (AWS WA Tool) lets you learn best practices for architecting workloads on the cloud, measure workloads against these best practices, and improve the workload by implementing best practices. These best practices have been curated under the AWS Well-Architected Framework (AWS WA Framework) and Lenses based on our tens of thousands of […]
Why you should develop a correction of error (COE)
Application reliability is critical. Service interruptions result in a negative customer experience, thereby reducing customer trust and business value. One best practice that we have learned at Amazon, is to have a standard mechanism for post-incident analysis. This lets us analyze a system after an incident in order to avoid reoccurrences in the future. These […]
Cross-account configuration with AWS AppConfig
Customers will often start using various AWS services through a single AWS account. As customers continue their AWS journey, they increase the number and diversity of workloads operating on AWS. Furthermore, as the number of users grows, managing this account becomes difficult and time consuming. Then, customers create more accounts for multiple users. This helps […]
Avoid zero-day vulnerabilities with same-day security patching using AWS Systems Manager
This post was co-authored by Jordan Koch at Veradigm. Applying operating systems patches is one of the easiest ways to secure a system from ever-changing cybersecurity threats. However, for many organizations it is one of the most difficult and time-consuming tasks. Many organizations deploy operating system patches through their various environments, first applying to Development, […]
Use AWS Systems Manager Automation to automate Snowflake storage integrations with Amazon S3
AWS Systems Manager lets you safely automate common and repetitive IT operations and management tasks. Furthermore, Systems Manager Automation lets you use predefined playbooks, or you can build, run, and share wiki-style automated playbooks to enable AWS resource management across multiple accounts and AWS Regions. Snowflake, the Data Cloud, is an APN Partner that provides […]
How CloudFix uses AWS Systems Manager Change Manager to deliver cost savings
For years, the CloudFix team has managed and maintained 120+ AWS hosted SaaS products across hundreds of AWS accounts. Although this model follows established AWS best practices, the team’s scope introduced operational challenges. Their team needed a way to identify cost-saving opportunities across their applications without making architectural compromises or introducing service disruption. The team […]
Use AWS Systems Manager custom Inventory to locate Log4j files on managed nodes
In this post we will provide guidance to assist customers responding to the recently disclosed Log4j vulnerability by detailing how to use AWS Systems Manager Inventory to locate Log4j JAR files on Linux and Windows Amazon Elastic Compute Cloud (EC2) instances and hybrid managed nodes. A hybrid managed node includes on-premises servers, edge devices, and virtual […]