AWS Cloud Operations & Migrations Blog

Category: Management & Governance

How to auto add new cross-account Amazon EC2 instances in a central Amazon CloudWatch dashboard

Managing various metrics of Amazon Elastic Compute Cloud (Amazon EC2) instances in multiple accounts can be challenging, especially if new instances are launched regularly. Amazon CloudWatch has a cross-account dashboard functionality that provides you with cross-account visibility to various metrics without having to log in and out of different accounts. In addition, CloudWatch dashboards are […]

Read More

Tracking feature flags in Jira with AWS AppConfig

A key element of agile software development is the team agreeing on the “definition of done.” Before completing a project or feature, the team should document acceptance criteria that must be met to consider the work complete. A project or feature is “done” when all of the acceptance criteria are met and when value is […]

Read More

Centralized view of support cases opened from multiple AWS accounts using AWS Systems Manager

AWS Systems Manager Explorer is a customizable operations dashboard that reports information about your AWS resources. Explorer displays an aggregated view of operations data (OpsData) for your AWS accounts and AWS Regions. OpsData also includes information from supporting AWS services, such as AWS Trusted Advisor, AWS Compute Optimizer, and AWS Support Center cases, among other […]

Read More

How to centrally manage AWS IoT Greengrass devices using AWS Systems Manager

Remotely managing vast fleets of disparate systems and applications can be a challenging task for edge device administrators. AWS IoT Greengrass can help these system administrators manage their edge device application stack. However, system software on these devices must be updated and maintained separately via operational policies consistent with those of their larger IT organizations. […]

Read More

Establishing RPO and RTO Targets for Cloud Applications

Determining how to protect and recover an application can often be easier than determining how quickly your business needs that application recovered. Establishing the correct recovery objective targets at an application level is a critical part of business continuity planning, though. This blog is intended to help customers as they establish or reevaluate recovery targets, […]

Read More

Service Notice – Upcoming changes required for AWS Config

On July 5, 2022, the AWS managed policy AWSConfigRole will be deprecated. This policy is being replaced by a more scoped-down policy, AWS_ConfigRole. The AWSConfigRole managed policy will continue working for all currently attached users, groups, and roles. However, after July 5, 2022, the AWSConfigRole managed policy can’t be attached to any new users, groups, […]

Read More

How to automate AWS Support API with Amazon EventBridge

The practice of Operational Integration defines how one organization’s people, processes, and tools integrate with the people, processes, and tools of another organization. When certain activities occur within one organization, it may trigger an automated or manual response in another. For example, it’s common for AWS customers to operationally integrate with AWS Support or AWS Managed Services whenever […]

Read More
Figure 3 Flight Controller deployment using CFCTv2

Flight Controller by Contino – A Solution built on AWS Control Tower

Today AWS customers are rapidly adopting the cloud and at a massive scale. To support this demand, customers must build a strong foundation based on AWS well-architected best practices. A well-architected landing zone is a key construct that lets you vend accounts, provision access, setup security guardrails, and build CI/CD pipelines. However, at scale, implicit […]

Read More

How Capgemini used AWS Systems Manager and other AWS services to provide cloud-native, self-service patch management and automation

This post was written in collaboration with David Wansell, an Enterprise Cloud Architect at Capgemini with over 20 years of experience across multiple enterprise domains. He designs and builds automation and solutions that enable customers to deliver on their desired outcomes in their cloud adoption journey. Customers need a way to do patch management in […]

Read More

Automate vulnerability management and remediation in AWS using Amazon Inspector and AWS Systems Manager – Part 2

This post is the second part of the Automate vulnerability management and remediation series using Amazon Inspector and AWS Systems Manager. This series provides methods for remediating Amazon Inspector findings on-demand using AWS Systems Manager Automation runbooks. In Part 1 of this series, you learned how to remediate Inspector findings for a specific vulnerability affecting […]

Read More