Category: AWS Service Catalog

(Note: This post was updated June 12, 2020) Introduction To help customers integrate provisioning secure, compliant, and pre-approved AWS products into their ServiceNow portal, AWS created the AWS Service Management Connector for ServiceNow (formerly the AWS Service Catalog Connector) The AWS Service Management Connector for ServiceNow allows ServiceNow end users to provision, manage, and operate […]

Some AWS customers I work with have dedicated analytics/AI research teams who use AWS infrastructure to run their own code or use products from the AWS Marketplace to perform computations. Typically, the AI research team deploys multiple solutions. They bundle their own home-grown solutions into an AWS CloudFormation template along with some AWS Marketplace products, […]

Many organizations may have tens to hundreds of accounts and thousands of users that require services in AWS. Enforcing organizational governance controls for deploying services requires time and resources to build the necessary guardrails, security controls, and auditing. Using the AWS Service Catalog hub and spoke model and launch constraints, I’ll show you how to […]

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

This blog-post is part two in a two-part series of blog posts. Part one shows you how to use AWS Service Catalog to control AWS resources available to your users. Part two shows you how you can use AWS Lambda to decommission all products provisioned from any product of a Portfolio. Sometimes you might have […]

To manage access to the AWS Cloud, many companies prefer Enterprise Federation over AWS Identity and Access Management (IAM) users. Identity federation provides single sign-on (SSO) to access AWS accounts using credentials from the corporate directory. This method of accessing AWS allows companies to utilize their existing identity solutions, such as Active Directory (AD) or […]

If you have a lot of development activity in your organization, it’s important to keep track of your non-production AWS accounts. If these accounts aren’t monitored closely, you might easily end up exceeding your budget. In this blog post, I demonstrate how you can use the AWS Budgets alert in conjunction with AWS Lambda and […]