Category: AWS Service Catalog

Many organizations may have tens to hundreds of accounts and thousands of users that require services in AWS. Enforcing organizational governance controls for deploying services requires time and resources to build the necessary guardrails, security controls, and auditing. Using the AWS Service Catalog hub and spoke model and launch constraints, I’ll show you how to […]

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

This blog-post is part two in a two-part series of blog posts. Part one shows you how to use AWS Service Catalog to control AWS resources available to your users. Part two shows you how you can use AWS Lambda to decommission all products provisioned from any product of a Portfolio. Sometimes you might have […]

To manage access to the AWS Cloud, many companies prefer Enterprise Federation over AWS Identity and Access Management (IAM) users. Identity federation provides single sign-on (SSO) to access AWS accounts using credentials from the corporate directory. This method of accessing AWS allows companies to utilize their existing identity solutions, such as Active Directory (AD) or […]

If you have a lot of development activity in your organization, it’s important to keep track of your non-production AWS accounts. If these accounts aren’t monitored closely, you might easily end up exceeding your budget. In this blog post, I demonstrate how you can use the AWS Budgets alert in conjunction with AWS Lambda and […]