AWS Cloud Operations & Migrations Blog

Category: AWS CloudFormation

Introducing new language extensions in AWS CloudFormation

AWS CloudFormation, an Infrastructure as Code (IaC) service that lets you model, provision, and manage AWS and third-party resources, recently released a new language transform that enhances the core CloudFormation language. For our first release, these enhancements are new intrinsic functions for JSON string conversion (Fn::ToJsonString), length (Fn::Length), and support for intrinsic functions and pseudo-parameter […]

How to use the AWS Resilience Hub score

Time to read 10 minutes Time to complete 1 hour Cost to complete $15 per day (WordPress Multi-AZ application, AWS ResilienceHub Application and recommendations Learning level 200 – Intermediate Services used AWS ResilienceHub, AWS CloudFormation, Amazon CloudWatch, AWS Fault Injection Simulator AWS Resilience Hub provides a central place to define, validate, and track the resiliency […]

A self-service patching solution for multi-account organizations

Patch Management is a critical operation that every organization wants to prioritize. This becomes tedious and challenging if an enterprise operates on a platform-consumer or hub-spoke model. An example of this would be a multi-account environment with hundreds of accounts and thousands of users using applications hosted in AWS. Different application owners have different requirements […]

Delegate account factory creation to parts of your organization with AWS Control Tower

While working with many of our regulated industry customers, we have been posed the question: “How can we enable a local team to create AWS Control Tower managed accounts within their specific Organizational Units (OUs)?” The customers want to leverage the guardrails and baselines put in place by AWS Control Tower so that: They could […]

Using Amazon CloudWatch metrics math to monitor and scale resources

Many applications require monitoring, scaling, and alerting across multiple dimensions. This requirement adds operational complexity for Developer Operations (DevOps) teams, as they must track numerous discrete data points. Instead, you can use Amazon CloudWatch metric math to create composite metrics quickly and easily. In this post, you’ll learn to apply these concepts to monitoring dashboards, […]

Automate folder recovery with AWS Systems Manager

Amazon Elastic Block Store (Amazon EBS) snapshots provide you with a mechanism to back-up your critical workloads. There are several ways that you can back up your workloads, including Amazon Data Lifecycle Manager and AWS Backup. You can use Amazon Data Lifecycle Manager to automate the creation, retention, and deletion of Amazon EBS snapshots and Amazon EBS-backed […]

Change Management for Life Sciences

In this post, we’ll demonstrate how Customers looking to maintain Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP) can get started evaluating their environments for the controls found in Title 21 of the Code of Federal regulations (CFR) Part 11, and remediate non-compliant resources via a change control process using native […]

Centralized view of support cases opened from multiple AWS accounts using AWS Systems Manager

AWS Systems Manager Explorer is a customizable operations dashboard that reports information about your AWS resources. Explorer displays an aggregated view of operations data (OpsData) for your AWS accounts and AWS Regions. OpsData also includes information from supporting AWS services, such as AWS Trusted Advisor, AWS Compute Optimizer, and AWS Support Center cases, among other […]

How to automate AWS Support API with Amazon EventBridge

The practice of Operational Integration defines how one organization’s people, processes, and tools integrate with the people, processes, and tools of another organization. When certain activities occur within one organization, it may trigger an automated or manual response in another. For example, it’s common for AWS customers to operationally integrate with AWS Support or AWS Managed Services whenever […]

Figure 3 Flight Controller deployment using CFCTv2

Flight Controller by Contino – A Solution built on AWS Control Tower

Today AWS customers are rapidly adopting the cloud and at a massive scale. To support this demand, customers must build a strong foundation based on AWS well-architected best practices. A well-architected landing zone is a key construct that lets you vend accounts, provision access, setup security guardrails, and build CI/CD pipelines. However, at scale, implicit […]