AWS Management & Governance Blog

Category: AWS CloudFormation

Remediate drift via resource import with AWS CloudFormation

When it comes to restaurants, consistency is key. Being able to create a salad once is simple, but being able to recreate the exact salad multiple times tends to be more difficult. Little variances between them may cause issues, like too much or not enough salad dressing, ruining the balance of the composed salad. Infrastructure […]

Read More

Duplicating infrastructure on AWS

In large enterprise organizations, it’s challenging to maintain standardization across environments. This is especially true if these environments are provisioned in a self-service manner—and even more so when new users access these provisioning services. Once you have the resources deployed into an environment, it can be hard, or even impossible, to change it. In case […]

Read More
Workflow diagram that shows how Control Tower's lifecycle events are generated and recorded

Using lifecycle events to track AWS Control Tower actions and trigger automated workflows

Many customers that I work with are creating and provisioning new accounts using AWS Control Tower. They prefer an AWS native solution for creating their environment knowing that it will be based upon documented AWS Best Practices. As customers scale their account creation, there exists an opportunity to use additional Control Tower features to perform […]

Read More

Introducing AWS Config Multi-Account, Multi-Region support for Advanced Query

I’m excited to introduce you to our latest feature addition, AWS Config Advanced Query. Advanced query, launched last year, makes it easy to query the resource configuration properties of your AWS resources for audit, compliance, or operational troubleshooting using simple SQL-like queries. With our latest release, you can now use Advanced query with configuration aggregators, enabling you […]

Read More
Active Directory AWS Control Tower diagram

Extend a self-managed Active Directory to AWS Control Tower

One common use case for customers during the early cloud journey is to use existing identity service such as Microsoft Active Directory. In this blog post, I show you how to setup AWS Control Tower to delegate user authentication to a self-managed Microsoft Active Directory via AWS Managed Microsoft AD. This blog post shows a […]

Read More

AWS CloudFormation: Signed, sealed, and deployed

State Street Corporation is a global bank that is responsible for managing over 10% of the world’s wealth.  It also focuses on engineering better outcomes for its investors and customers, striving to bring innovative solutions to market and enhance customer value. To manage complexity and provide a stable agile platform, State Street uses Infrastructure as […]

Read More

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More

How to take advantage of AWS Control Tower and CloudEndure to migrate workloads to AWS

Most of the customers we work with want to migrate their existing workloads to an AWS environment. They prefer to follow documented AWS best practices, especially if they are in early stages of their cloud journey. About AWS Control Tower AWS Control Tower was created to address this customer request. AWS Control Tower is the […]

Read More

Leveraging AWS CloudFormation to create an immutable infrastructure at Nubank

Bruno Halley Schaefer, software engineer, Nubank Hugo Carvalho, senior solutions architect, AWS Marcelo Nunes, senior technical account manager, AWS Enterprise Support Team   Nubank, a Brazilian company that is one of the world’s largest independent digital banks, is innovatively transforming Latin America’s financial landscape by providing transparent, simple, and efficient services. The company fights complexity […]

Read More

How to Create an AWS Cross-Account Support Case Dashboard

At AWS, our customer obsession drives us to leave no stone unturned in helping our customers achieve success. Therefore, when a customer finds an interesting way to create valuable functionality using a combination of AWS services, we want to let our other customers know about it so they can also reap the benefits. A great […]

Read More