AWS Cloud Operations & Migrations Blog

Category: Management & Governance

Root and Nested Organizational Unit Support for Customizations for AWS Control Tower

Customers often use AWS accounts as a boundary to segregate their workloads, environments, business units, compliance requirements, or any type of logical isolation that suits their business. An AWS account serves as a hard boundary by design – each account is its own logical entity with controls, limits, and guardrails. Large customers typically have many […]

Read More

A beginners’ guide for Finance and Operations teams in their cloud migration journey

Finance teams maintain a unique position in their organization enabling them to accelerate strategic business imperatives. As custodians of capital, they play a crucial role in deciding where to place strategic bets. A cloud migration comes with many unknowns, variables, and new capabilities that business teams must unpack for a seamless cloud journey. This blog […]

Read More

Managing configuration compliance across your organization with AWS Systems Manager Quick Setup

When running your applications on AWS, the number of resources you use increases as the demand of your applications keeps growing. Eventually, keeping track of your AWS resources and the relationships between them becomes challenging from a governance perspective. AWS Config lets you more easily assess, audit, and evaluate the configurations of your AWS resources. […]

Read More

Update your Amazon CloudWatch dashboards automatically using Amazon EventBridge and AWS Lambda

Amazon CloudWatch lets customers collect monitoring and operational data in the form of logs, metrics, and alarms. This allows for easy visualization and notifications regarding their workload health. Amazon CloudWatch dashboards are customizable home pages in the CloudWatch console that you can use to monitor your resources in a single view, even those resources that […]

Read More

Identity Guide – Preventive controls with AWS Identity – SCPs

AWS Identity offers a set of features that let customers apply preventive controls to their AWS environment. This includes AWS Organizations service control policies (SCPs). For you to achieve common preventive controls, SCPs provide preventative enforcement by offering central control over the maximum available permissions for all accounts in your organization. SCPs affect all users and roles […]

Read More

How and when to enable session cookies with Amazon CloudWatch RUM

Amazon CloudWatch RUM is a real user monitoring service that closes the gap between the end-user experience in a web application, and the serving of that content from your AWS or on-premises environment. By measuring client-side application performance, such as page load time and JavaScript errors, you have access to new and powerful tools for […]

Read More

Migrate AWS Landing Zone solution to AWS Control Tower

Customers who wanted to quickly set up a secure, compliant, multi-account AWS environment had adopted AWS Landing Zone solution (ALZ). To reduce the burden of managing this ALZ, AWS has announced a managed service – AWS Control Tower (Control Tower). AWS Control Tower creates your landing zone using AWS Organizations, thereby bringing together ongoing account […]

Read More

Monitoring AWS Lambda errors using Amazon CloudWatch

When we troubleshoot failed invocations from our Lambda functions, we often must identify the invocations that failed (from among all of the invocations), identify the root cause, and reduce mean time to resolution (MTTR). In this post, we will demonstrate how to utilize Amazon CloudWatch to identify failed AWS Lambda invocations. Likewise, we will show how […]

Read More

Visualize Amazon EC2 based VPN metrics with Amazon CloudWatch Logs

Organizations have many options for connecting to on-premises networks or third parties, including AWS Site-to-Site VPN. However, some organizations still need to use an Amazon Elastic Compute Cloud (Amazon EC2) instance running VPN software, such as strongSwan. Gaining insight into Amazon EC2-based VPN metrics can be challenging when compared to AWS native VPN services that […]

Read More

Create metrics and alarms for specific web pages with Amazon CloudWatch RUM

Amazon CloudWatch RUM makes it easy for AWS customers to access real-world performance metrics from web applications, thereby giving insights into the end-user experience. These user experiences are quantified into discrete metrics that you can then create alarms for. But what if you must have different load time alarms for certain pages? Or you’re testing […]

Read More