AWS Cloud Operations & Migrations Blog

Category: Provisioning and orchestration

Building CIS hardened Golden Images and Pipelines with EC2 Image Builder

Until recently, customers had to navigate to the AWS Marketplace Console and search for a compatible Amazon Machine Image (AMI) product for your image pipeline. They also had to write their own custom components to harden the operating systems to meet Center for Internet Security (CIS) Benchmark guidelines. This required subscriptions to the CIS Benchmark […]

Fail fast but safely – how Old Mutual is using Developer Sandboxes for real digital innovation

This is a guest post co-authored with Kershnee Ballack and Wilkister Wechuli from Old Mutual Limited Old Mutual Limited (OML) is a pan-African financial services group that offers financial solutions to retail and corporate customers across 14 African countries. Its purpose is to help customers thrive by enabling them to achieve their lifetime financial goals, […]

Gaining more control over Multi-Regional AWS CloudFormation deployments

Routinely deploying resources to multiple regions is increasingly normal for situations like Disaster Recovery (DR), regulatory and compliance, and end-user latency requirements. Keeping multiple environments in sync is challenging and drives Infrastructure as Code (IaC) adoption through services like AWS CloudFormation. This post demonstrates a generic design pattern for orchestrating multi-Regional deployments when you need […]

Proactively keep resources secure and compliant with AWS CloudFormation Hooks

Organizations want their developers to provision resources that they need to build applications while maintaining compliance with security, operational, and cost optimization best practices. Most solutions today inform customers about noncompliant resources only after those resources have been provisioned. These noncompliant resources exist until they are deleted or modified and increase security risk, operational overhead, […]

How to validate AWS Service Catalog AppRegistry attribute groups schema and take remediation actions

Many customers define resource tagging strategy to manage their AWS resources to either being able to identify the resource owner or the cost center, or for any other purpose. Therefore, it’s important to have a mechanism to identify those resources that don’t have the essential resource tags. In AWS Service Catalog AppRegistry, attribute groups are […]

Control developer account costs with AWS CloudFormation and AWS Budgets

Often when working with customers, we guide them by using AWS Budgets and related tools in the AWS platform in order to create cost and utilization guardrails. These tools can be used to conduct advanced, automated, and hands-free actions within your AWS environment – even across multiple accounts. This post will walk you through a […]

Automating account provisioning with CloudCheckr integration for Cloud Financial Management

AWS Organizations helps you centrally manage and govern your environment as you grow and scale your AWS resources. AWS Organizations lets you programmatically create new AWS accounts to allocate resources, group accounts to organize your workflows, apply policies to accounts or groups for governance, and simplify billing by utilizing a single payment method for every […]

Policy-as-Code for Securing AWS and Third-Party Resource Types

This post was written by Scott Alexander and Kevin Formsma from Mphasis Stelligent. Every day, more developers are having lightbulb moments as they realize they can design and manage their infrastructure. It’s our responsibility, as practitioners of the DevOps mindset, to build systems that allow developers to move quickly and speed up the feedback loop […]

Visualize and gain insights into your AWS cost and usage with Cloud Intelligence Dashboards and CUDOS using Amazon QuickSight

Across all industry segments, our customers require better visibility into their AWS usage to help them understand the return on their investment, achieve operational efficiency, and make business decisions that have financial impact. As organizations mature, customers need to answer simple but granular operational questions related to: Which key areas should I focus to optimize […]

Standardize compliance in AWS using DevOps and a Cloud Center of Excellence (CCOE) approach

Standardize compliance in AWS using DevOps and a Cloud Center of Excellence (CCOE) approach

In large scale cloud migrations and deployments, a Cloud Center of Excellence (CCOE) organizational setup enables project and account owners to move at their own speed, reuse components, and integrate them into their application environments. The CCOE team can develop better tools and automation for the application teams to leverage, and they can be sure […]