Category: Centralized operations management

Centralizing and automating data protection helps you support your business continuity and regulatory compliance goals. Backup compliance includes the ability to define and enforce backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. A common […]

This post was written in collaboration with David Wansell, an Enterprise Cloud Architect at Capgemini with over 20 years of experience across multiple enterprise domains. He designs and builds automation and solutions that enable customers to deliver on their desired outcomes in their cloud adoption journey. Customers need a way to do patch management in […]

Update 11/2022 – In September 2022, Amazon Inspector added support for Windows operating systems for continual software vulnerability scanning. This post supports remediating vulnerabilities only on Linux operating systems supported by the Systems Manager agent. This post is the second part of the Automate vulnerability management and remediation series using Amazon Inspector and AWS Systems […]

Update 11/2022 – In September 2022, Amazon Inspector added support for Windows operating systems for continual software vulnerability scanning. This post supports remediating vulnerabilities only on Linux operating systems supported by the Systems Manager agent. AWS recently launched the new Amazon Inspector for performing continuous vulnerability scans on Amazon Elastic Compute Cloud (Amazon EC2) instances […]

Backup compliance in AWS includes defining and enforcing backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. AWS Backup Audit Manager, a feature within the AWS Backup service, provides built-in compliance controls for these areas. […]

AWS has a native feature flagging solution, AWS AppConfig Feature Flags. Feature flags are a powerful tool that allow engineers to safely push out new features to customers, but doing so in a measured and usually gradual way. In this blog post, you will learn about what feature flags are, what are the benefits to […]

Many of us use AWS Systems Manager (SSM) documents to help automate various tasks. As we author documents and move them toward deployment, we’ll likely enforce certain standards and best practices. The AWS CloudFormation team released a general-purpose tool called AWS CloudFormation Guard that we can use to help enforce these best practices. In this […]

The AWS Well-Architected Tool (AWS WA Tool) lets you learn best practices for architecting workloads on the cloud, measure workloads against these best practices, and improve the workload by implementing best practices. These best practices have been curated under the AWS Well-Architected Framework (AWS WA Framework) and Lenses based on our tens of thousands of […]

Application reliability is critical. Service interruptions result in a negative customer experience, thereby reducing customer trust and business value. One best practice that we have learned at Amazon, is to have a standard mechanism for post-incident analysis. This lets us analyze a system after an incident in order to avoid reoccurrences in the future. These […]

Customers will often start using various AWS services through a single AWS account. As customers continue their AWS journey, they increase the number and diversity of workloads operating on AWS. Furthermore, as the number of users grows, managing this account becomes difficult and time consuming. Then, customers create more accounts for multiple users. This helps […]