AWS Cloud Operations & Migrations Blog
Category: AWS CloudFormation
How to Export EC2 Instance Execution Logs to an S3 Bucket Using CloudWatch Logs, Lambda, and CloudFormation
“We want to get execution logs from our EC2 instances into S3,” my customer said. “Then we can store them and process them later, for optimization, audit, and security review, and so on. We’d like to do it in our CloudFormation stacks, as that’s our execution standard. Can you help us?” This blog post shows […]
The Virtues of YAML CloudFormation and Using CloudFormation Designer to Convert JSON to YAML
AWS CloudFormation provides the framework to define infrastructure-as-code in AWS and, until last year, this could only be written in JSON. However, in 2016, AWS added YAML 1.1 support for CloudFormation. Let’s take a look at some of the advantages of using YAML over JSON, as well as how to overcome some of the challenges […]
AWS CloudFormation Guardrails: Protecting your Stacks and Ensuring Safer Updates
“I wonder what will happen if I touch these two wires together.” – Unix fortune If you’ve worked with cloud-hosted applications or large distributed architectures for any extended period of time, chances are you’ve heard colleagues invoke Murphy’s law: “Anything that can go wrong, will go wrong”. All of us have experienced one of those events in the […]
Your AWS CloudFormation Guide to re:Invent 2017
There are only five weeks left until re:Invent 2017. As in years past, AWS CloudFormation will be there, both behind the scenes deploying infrastructure and front-and-center for break-out sessions, workshops, and developer chats. Here are a few highlights we’ve pulled from the session catalog, followed by the full list of CloudFormation-focused sessions and workshops to […]
AWS CloudFormation Feature Updates: Support for Amazon Athena and Coverage Updates for Amazon S3, Amazon RDS, Amazon Kinesis and Amazon CloudWatch
As one of the most widely-used services in AWS, CloudFormation continues to expand its feature set by including adding support for Amazon Athena, two new features to protect stacks and control rollback processes, plus several new coverage updates. CloudFormation now supports the creation of an Amazon Athena named query as a resource. Amazon Athena is a […]
Configuring Serverless Applications Using AWS CloudFormation Custom Resources
AWS makes it easy for developers to get started developing applications in the cloud. With the extensive array of services available on AWS, developers might incorporate more than just a few components in their applications. Manually managing the resources needed for an application can become time consuming. In addition, applications usually require more than just […]
Use AWS CloudFormation Stack Termination Protection and Rollback Triggers to Maintain Infrastructure Availability
Managing your infrastructure as code using AWS CloudFormation provides a consistent way to rapidly deliver AWS environments for your applications. As your pace of delivery increases, it’s important to ensure you have the appropriate guardrails to protect your most critical infrastructure resources. AWS CloudFormation now includes two additional tools to help you ensure the consistent […]
Supercharge Multi-Account Management with AWS CloudFormation
As your use of Amazon Web Services evolves, you will probably outgrow your first account, and need to move into a multi-account model. There are plenty of benefits to using more than one AWS account: An administrative boundary: I can choose how permissive or restrictive my policies are based on the account type. Separating user […]
Monitor and Notify on AWS Account Root User Activity
Are you aware when someone uses your AWS account credentials to perform some activity? Are you notified in time? When you first create an AWS account, you begin only with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the root user and […]
Monitor Changes and Auto-Enable Logging in AWS CloudTrail
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Hence, it’s crucial to monitor any changes to CloudTrail and make sure that logging is always enabled. With CloudTrail, you can log, continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides […]