AWS Management & Governance Blog

Category: Management & Governance

How AWS Partners can determine AWS Support plans in an organization

How AWS Partners can determine AWS Support plans in an organization

Solutions providers who engage with their end customers in a resale arrangement must manage different business models and support delivery models. AWS Organizations makes it possible to build the right account structure to support a resale arrangement. Monthly end-customer invoicing often poses a huge challenge in a shared resale arrangement, where you need to know […]

Read More
Securely scale multi-account architecture with AWS Network Firewall and AWS Control Tower

Securely scale multi-account architecture with AWS Network Firewall and AWS Control Tower

Administrators and developers are always balancing the need for security with the need to move quickly. Recently, AWS published the Management and Governance Lens, an extension of the AWS Well-Architected Framework. The M&G Lens provides a set of prescriptive guidance to help customers build both securely and with speed. From this work, we learn about how to […]

Read More
Use Amazon Athena and AWS CloudTrail to estimate billing for AWS Config rule evaluations

Use Amazon Athena and AWS CloudTrail to estimate billing for AWS Config rule evaluations

AWS Config is a service that enables you to audit your AWS resources for compliance to a desired configuration state. You are billed based on the number of Configuration Items (a point-in-time snapshot of an AWS resource) recorded and the number of AWS Config rules (a function that reports resource compliancy) evaluated per resource per […]

Read More
Scheduling centralized multi-account and multi-Region patching with AWS Systems Manager Automation

Scheduling centralized multi-account and multi-Region patching with AWS Systems Manager Automation

In an earlier blog post, I showed how you can use AWS Systems Manager Automation to patch managed instances across multiple AWS accounts and Regions. I showed how to perform this operation manually (or through the AWS CLI using start-automation-execution). In this blog post, I show you how to schedule a multi-account and multi-Region patching […]

Read More

Automate preapproved operations with AWS Service Catalog service actions

Most of my enterprise customers have the need to allow their users to execute self-service operational tasks while restricting access to a minimum set of services. With AWS Service Catalog, you can provision pre-approved products, when combined with AWS Service Catalog service actions, you can provide simple predefined actions associated with the AWS Service Catalog […]

Read More
How to create a change template using AWS Systems Manager Change Manager

How to create a change template using AWS Systems Manager Change Manager

AWS Systems Manager Change Manager, a capability of AWS Systems Manager, is an enterprise change management framework for requesting, approving, implementing, and reporting on operational changes to your application configuration and infrastructure. With Change Manager, you can use preapproved change templates to help automate change processes for your resources and help avoid unintentional results when […]

Read More
AWS AppConfig: The Amazon service that helps you scale for large events like Prime Day

AWS AppConfig: The Amazon service that helps you scale for large events like Prime Day

Amazon uses a number of AWS services to help meet increased traffic and demand during Prime Day events. As Jeff Barr has mentioned in his previous blog posts, some key services used in Prime Day include: Amazon DynamoDB handles the trillions of Prime Day requests. Amazon Interactive Video Service (Amazon IVS) enables shoppers to shop […]

Read More
Restrict Access by Member Account to a Centralized CloudTrail Logging Bucket

Restrict Access by member account to a centralized CloudTrail logging bucket

Logging and monitoring are critical components of a governance, risk, and compliance strategy. When you use AWS CloudTrail with AWS Organizations, you get an eagle-eye view of account activity across your AWS infrastructure. However, as your enterprise scales workloads in the cloud and accelerates cloud use, the logs can increase exponentially. Over time, you can […]

Read More
Enable secure and compliant Amazon AppStream 2.0 with self-service by using AWS Service Catalog

Enable secure and compliant Amazon AppStream 2.0 with self-service by using AWS Service Catalog

AWS provides several choices to deploy applications and desktops to users. Amazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service. You centrally manage your desktop applications on AppStream 2.0 and securely deliver them to any computer. You can easily scale to any number of users across the globe without acquiring, provisioning, […]

Read More
Use AWS License Manager API operations to manage your Oracle licenses based on Oracle cloud policy

Use AWS License Manager API operations to manage your Oracle licenses based on Oracle cloud policy

Learn with Shree on how to use AWS License Manager API operations to manage your Oracle licenses (for databases running on Amazon RDS for Oracle, Amazon EC2 and on-premises servers) based on Oracle cloud policy. Additionally, learn how to use the built-in integration of License Manager API operations with AWS CloudTrail to prepare for vendor audit.

Read More