AWS Management Tools Blog

Category: Management Tools

Reporting and remediating EC2 instances that AWS Systems Manager doesn’t list as managed instances

One of the primary features of AWS Systems Manager is Run Command. Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any Amazon EC2 instance that has been configured for Systems Manager. Now that the service has released the ec2-instance-managed-by-ssm, this is a good time to […]

Read More
AWS-ApplyDSCMofs Document Diagram

Run compliance enforcement and view compliant and non-compliant instances using AWS Systems Manager and PowerShell DSC

Point-and-click management randomizes servers with every single change made. It’s great to configure your servers with code. In addition, having automation to manage server configuration and compliance helps companies save time, improve availability, and lower the risks associated with up-time and security. However, the learning experience and administrative effort required to maintain such an environment […]

Read More

Centralized multi-account and multi-Region patching with AWS Systems Manager Automation

AWS Systems Manager Automation now supports multi-account and multi-Region actions enabling you to centrally manage your AWS resources. This feature reduces the time and overhead needed for enterprise-wide configuration, operational actions, and compliance remediation. In this blog post, I show you how to use AWS Systems Manager Automation to patch your managed instances across multiple […]

Read More

How to update AWS Service Catalog provisioned products to new product versions and report changes using AWS Step Functions, AWS Lambda, and Amazon Athena

AWS Service Catalog enables organizations to centrally manage commonly-deployed AWS services and provisioned software products. It also helps you achieve consistent governance and compliance requirements, while it empowers users to self-serve and quickly deploy the approved AWS services they need. Customers that I talk to want to have a mechanism to keep previously provisioned products […]

Read More

Your AWS CloudFormation guide to re:Invent 2018

There are less than two weeks left until re:Invent 2018. As in years past, AWS CloudFormation will be there, both behind the scenes deploying infrastructure and front-and-center for break-out sessions, workshops, and chalk talks. Here are a few highlights we’ve pulled from the session catalog, followed by the full list of CloudFormation-focused sessions and workshops to help […]

Read More
workflow diagram ServiceNow AWS Service Catalog

Create an approval workflow for AWS Service Catalog in ServiceNow

The AWS Service Catalog connector for ServiceNow allows AWS enterprise customers to securely provision compliant workloads using ServiceNow on AWS. A lot of customers ask me how to create an approval workflow in ServiceNow for deploying AWS products. For example, such a workflow might be needed if a data scientist wants to launch an Amazon EMR […]

Read More

Monitor tag changes on AWS resources with serverless workflows and Amazon CloudWatch Events

Introduction Amazon CloudWatch Events now supports tag changes on AWS resources. Using this new CloudWatch Event type, you can build CloudWatch event rules to match tag changes and route them to one or more targets like an AWS Lambda function to trigger automated workflows. In this blog post, I’ll provide an example for using AWS […]

Read More

Building a portfolio of self-service databases with AWS Service Catalog and AWS CloudFormation

Modern distributed applications are moving towards a “purpose-built” database strategy. This means that the selection of database type, size, and configuration should match the problem the database is trying to solve. AWS customers are also requiring that these databases have the appropriate level of security control and organizational governance to operate in customer environments. AWS […]

Read More

Resolving circular dependency in provisioning of Amazon S3 buckets with AWS Lambda event notifications

Overview AWS CloudFormation provides a common language for you to describe and provision all of the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all AWS Regions and accounts. It […]

Read More

Create a security partition for your applications using AWS Service Catalog and AWS Lambda

Some of the customers I work with want to create complete application separation for each application. They don’t want any two applications running on AWS to communicate using APIs or to network with each other’s AWS resources. In other words, they want each application to “stay in its own lane” as competitive swimmers do. In […]

Read More