Category: Configuration, compliance, and auditing

Highly regulated industries must maintain an audit trail of events at various levels to meet regulatory and industry compliance requirements. Data events provide visibility into the resource operations performed on or in a resource, including object-level API activities such as delete, update, and put items. You can use AWS CloudTrail to create an audit trail […]

The customers I work with often handle multiple applications in their cloud environments. In general, an application includes multiple AWS resources deployed via AWS CloudFormation stacks, APIs, or other infrastructure as code tools. My customers often ask me about efficient mechanisms for managing the resources and governing the security policies of their resources in an Application […]

In this post, we will show you how you can design and implement a configuration management database (CMDB) strategy as part of your cloud operating model. We are going to review some common needs when building a CMDB and the relevant AWS services that will help you build a comprehensive solution. We will talk about […]

AWS allows customers to assign metadata to their AWS resources in the form of tags. Each tag consists of a customer-defined key and an optional value. Tags can make it easier to manage, search for, and filter resources by purpose, owner, environment, or other criteria. AWS tags can be used for many purposes like organizing […]

In this blog post, we will show how you can use AWS Config custom rules with Open Policy Agent (OPA) to evaluate the compliance of your AWS resources. AWS Config enables you to assess, audit, and evaluate the configuration of your AWS resources. The service continuously monitors and records your AWS resource configurations and allows […]

AWS Config enables you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config rules are evaluated when changes are made in the AWS environment. By analyzing changes as they occur, you can catch compliance violations quickly and minimize the exposure to your organization. When you apply a remediation action to an […]

Update (March 30, 2023): The solution has been updated to support delegated administrator account in your AWS organization. Most enterprises find it hard to maintain control of the commercial licensing of Microsoft, SAP, Oracle, and IBM products due to limited visibility. They wind up over-provisioning licenses to avoid the headache with third-party license providers or […]

AWS License Manager helps reduce the risk of noncompliance by providing independent software vendors (ISVs) with a centralized AWS account and built-in controls to ensure only approved users and workloads can consume licenses. ISVs can use License Manager to manage and distribute software licenses to end users with and without AWS accounts. As an issuer, […]

In a previous blog, “How to run Microsoft Exchange on AWS using Amazon EC2”, you learn how you can run Microsoft Exchange on AWS. However, did you also know that you could save costs by bringing both your Windows Server and Exchange licensing to Dedicated Hosts? In this post, I will show you how Amazon […]

AWS Config is a service that enables you to audit your AWS resources for compliance to a desired configuration state. You are billed based on the number of Configuration Items (a point-in-time snapshot of an AWS resource) recorded and the number of AWS Config rules (a function that reports resource compliancy) evaluated per resource per […]