AWS Cloud Operations Blog

Category: Configuration, compliance, and auditing

Evaluate custom configurations using AWS Config Custom Policy rules and the open source sample repository

Does your organization have custom configuration requirements for your resources? Do you find it challenging to compare actual resource configuration settings against your configuration requirements? Today, you can leverage a new public repository of sample AWS Config custom rules using AWS CloudFormation Guard to help you address these challenges. AWS Config allows you to evaluate actual […]

Manage continuous compliance by using AWS Config Configuration Recorder resource type

AWS Config recently added support for configuration recorder as a resource type. The AWS::Config::ConfigurationRecorder resource is a configuration item (CI) for configuration recorder that tracks changes to the state of AWS Config configuration recorder (configuration recorder). You can use this CI to check if the state of the configuration recorder has changed (drifted), from its […]

Announcing AWS CloudTrail Lake Dashboards – Visualize and Analyze CloudTrail data

In January 2022, AWS announced general availability of AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store and query activity logs for auditing, security investigation and operational troubleshooting. Since launch, thousands of customers have adopted this feature. We are excited to announce that CloudTrail Lake dashboards are now […]

Implementing AWS Session Manager logging guardrails in a multi-account environment

Raiffeisen Bank International (RBI), a prominent Austrian banking group, maintains a multi-account AWS environment that allows product teams to build and test new customer features at speed, but within the limits of central security guardrails. One of these guardrails requires central logging of all sessions established to Amazon Elastic Compute Cloud (Amazon EC2) instances across the […]

Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks

Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks

Organizations require their cloud environment to be secure and compliant according to their governance policies. AWS Config provides customers configuration details of their resources in AWS accounts. Customers can make use of AWS Config managed rules, AWS Config custom rules or conformance packs to get to know the configuration details of their resources quickly. Being aware of […]

Consolidate and query AWS CloudTrail data across accounts and regions using AWS CloudTrail Lake

AWS CloudTrail allows tracking of user and API activities across your AWS infrastructure. AWS CloudTrail best practices recommend AWS customers set up separate trails for different use cases such as operational troubleshooting, auditing, security monitoring, etc. Once the use case is accomplished, customers might permanently delete some of the trails but choose to retain their […]

Top 10 AWS Cloud Operations and Migrations Blog posts of 2022

With 2022 behind us, we want to take the opportunity to highlight our readers and the top blog posts from 2022. A big thank you to all our readers but also our authors who continue to work on delighting our customers with their blog posts. #1 Announcing AWS CloudTrail Lake – a managed audit and […]

Deploying Custom AWS Config Rules in an AWS Organization Environment

In this post, we will show how you can deploy AWS Config custom rules across accounts in your organization, leveraging the Rules Development Kit (RDK), an open source development kit designed to support intuitive and efficient “Compliance-as-Code” workflows. With AWS Config custom rules, you can define custom logic for the desired configuration state of your […]

Know Before You Go – AWS re:Invent 2022 Compliance & Auditing

As organizations scale by moving more of their workloads to the cloud, they are looking to manage their cloud operations securely and to be prepared for compliance and auditing. AWS Cloud Operations aims to improve the compliance and auditing process in the cloud through best-in-class services by the scale and security of AWS infrastructure, per […]

Automate continuous compliance at scale in AWS

AWS Config continuously monitors and records your AWS resource configurations. You can use the service to automate the evaluation and remediation of recorded configurations against desired configurations. You also can review changes in configurations and relationships between AWS resources and dive into the history of a resource configuration. AWS Config conformance packs provide a general-purpose compliance […]