AWS Cloud Operations & Migrations Blog

Category: AWS CloudFormation

How to manage multi-account applications with AppRegistry and Resource Access Manager

In previous posts we discussed how AWS Service Catalog AppRegistry helps you group applications and application resources within a single context. You can define applications within AppRegistry by providing a name, description, associations to AWS CloudFormation stacks, and associations to application metadata. It is common for customers to deploy applications with CloudFormation across multiple AWS […]

Moving from a single account AWS Config deployment to an Organization wide deployment

As customers become more mature in the cloud, they will start to investigate how they can utilize additional AWS services in order to meet their goals. In many cases the initial phase will involve some research and testing of the service before deploying it across their cloud environment. For customers that may need to maintain […]

Top 10 AWS Cloud Operations and Migrations Blog posts of 2022

With 2022 behind us, we want to take the opportunity to highlight our readers and the top blog posts from 2022. A big thank you to all our readers but also our authors who continue to work on delighting our customers with their blog posts. #1 Announcing AWS CloudTrail Lake – a managed audit and […]

Blog post use case customer setup structure

How AWS Control Tower users can proactively verify compliance in AWS CloudFormation stacks

AWS Control Tower customers leverage infrastructure as code (IaC) to consistently deploy resources within their AWS multi-account setup. Enterprises want their developers to create and manage resources that they need to build applications while maintaining compliance with the organizations’ security, operational, and cost optimization best practices. Most solutions today inform customers about non-compliant resources only […]

Deploying Custom AWS Config Rules in an AWS Organization Environment

In this post, we will show how you can deploy AWS Config custom rules across accounts in your organization, leveraging the Rules Development Kit (RDK), an open source development kit designed to support intuitive and efficient “Compliance-as-Code” workflows. With AWS Config custom rules, you can define custom logic for the desired configuration state of your […]

Automating centralized package management in AWS using AWS Systems Manager Distributor and AWS Systems Manager State Manager

This blog post was jointly contributed by Kanishk Mahajan, AWS and Dominic Medsker, Moody’s Customers routinely leverage 3rd party agent-based packages and vulnerability management tools, such as CrowdStrike, TrendMicro, and Tenable, to securetheir AWS environments. AWS supports distribution of third-party agents with AWS Systems Manager Distributor (Distributor). Distributor lets you package your own software or […]

Automate continuous compliance at scale in AWS

AWS Config continuously monitors and records your AWS resource configurations. You can use the service to automate the evaluation and remediation of recorded configurations against desired configurations. You also can review changes in configurations and relationships between AWS resources and dive into the history of a resource configuration. AWS Config conformance packs provide a general-purpose compliance […]

Bootstrapping multiple AWS accounts for AWS CDK using CloudFormation StackSets

The AWS CDK makes it easy to deploy an application to the AWS Cloud. But first you must “bootstrap” the target AWS account. You can bootstrap an AWS account by using the AWS CDK CLI and running cdk bootstrap. This is great for teams that have access to AWS accounts, or only need to bootstrap […]

Introducing new language extensions in AWS CloudFormation

AWS CloudFormation, an Infrastructure as Code (IaC) service that lets you model, provision, and manage AWS and third-party resources, recently released a new language transform that enhances the core CloudFormation language. For our first release, these enhancements are new intrinsic functions for JSON string conversion (Fn::ToJsonString), length (Fn::Length), and support for intrinsic functions and pseudo-parameter […]

How to use the AWS Resilience Hub score

Time to read 10 minutes Time to complete 1 hour Cost to complete $15 per day (WordPress Multi-AZ application, AWS ResilienceHub Application and recommendations Learning level 200 – Intermediate Services used AWS ResilienceHub, AWS CloudFormation, Amazon CloudWatch, AWS Fault Injection Simulator AWS Resilience Hub provides a central place to define, validate, and track the resiliency […]