AWS Cloud Operations & Migrations Blog

Category: AWS Systems Manager

Centralized software package distribution across multiple regions and accounts in an AWS Organization using AWS Systems Manager Distributor

Centralized software package distribution across multiple regions and accounts in an AWS Organization using AWS Systems Manager Distributor

Security remains a top priority for most organizations, and, in order to stay secure and compliant, they leverage agent-based vulnerability management tools, such as CrowdStrike, TrendMicro, and Tennable. AWS Systems Manager Distributor automates the process of packaging and publishing software to managed Windows and Linux instances across the cloud landscape, as well as to on-premises […]

Read More
Monitor for public AWS Systems Manager custom documents with AWS Config rules

Monitor for public AWS Systems Manager custom documents with AWS Config rules

A new managed AWS Config rule is now available that checks if your AWS Systems Manager (SSM) documents have been shared publicly. This makes it easy to monitor your SSM document public sharing settings by leveraging a managed Config rule. This post demonstrates how to utilize detective controls and remediation actions for publicly shared SSM […]

Read More

Build an AWS Config Custom Rule to Optimize Amazon EBS Volume Types

This blog provides step-by-step instructions for building an AWS Config custom rule and a custom Config Remediation so that you can optimize your EBS Volume types with Amazon EBS gp3 volumes. AWS Config is a service that lets you assess, audit, and evaluate your AWS resource configurations. AWS Config provides AWS Managed Rules, which are […]

Read More
Featured Image for the Blog

Govern your applications centrally using AppRegistry and Application Manager

The customers I work with often handle multiple applications in their cloud environments. In general, an application includes multiple AWS resources deployed via AWS CloudFormation stacks, APIs, or other infrastructure as code tools. My customers often ask me about efficient mechanisms for managing the resources and governing the security policies of their resources in an Application […]

Read More
Query and visualize Microsoft SQL Server license utilization using Amazon Athena and Amazon QuickSight

Query and visualize Microsoft SQL Server license utilization using Amazon Athena and Amazon QuickSight

In part 1 of this two-part series, I showed you how to deploy a solution to centrally track Microsoft SQL Server licenses in AWS Organizations across multiple AWS accounts and Regions. In this post, I will show you how to query and visualize the aggregated Inventory data using Amazon Athena and Amazon QuickSight to centrally manage your SQL Server licenses. With […]

Read More

How Ryanair governs their image distribution using EC2 Image Builder

Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Buzz, Lauda, Malta Air, and Ryanair. Before the COVID-19 pandemic, it carried 149 million guests on more than 2,500 daily flights from more than 80 bases. The Ryanair Group connects over 225 destinations in 37 countries on a fleet of 450 aircraft—and there […]

Read More

Building a cloud CMDB on AWS for consistent resource configuration in hybrid environments

In this post, we will show you how you can design and implement a configuration management database (CMDB) strategy as part of your cloud operating model. We are going to review some common needs when building a CMDB and the relevant AWS services that will help you build a comprehensive solution. We will talk about […]

Read More
Manage workload risks using the AWS Well-Architected Tool and AWS Systems Manager

Manage workload risks using the AWS Well-Architected Tool and AWS Systems Manager

You can use the AWS Well-Architected Tool (AWS WA Tool) to identify and remediate risks in your workloads that map to the five pillars of the AWS Well-Architected Framework: operational excellence, security, reliability, performance efficiency, and cost optimization. The AWS WA Tool helps you identify and address vulnerabilities before they negatively impact your business. As […]

Read More
How Rackspace uses AWS Systems Manager for instance patching across multi-cloud and hybrid environments

How Rackspace uses AWS Systems Manager for instance patching across multi-cloud and hybrid environments

This post was written in collaboration with Ryan Walker, a Principal Engineer with the Solutions and Services Engineering team at Rackspace. Now that cloud technology has become ubiquitous, companies have many options for hosting servers and building out solutions. From the use of multiple cloud providers to bare metal devices to private cloud, or even […]

Read More
Introducing the AWSSQLServer-DBCC Automation document for SQL Server maintenance

Introducing the AWSSQLServer-DBCC Automation document for SQL Server maintenance

In the first three posts in this five-part series, I introduced you to AWS Launch Wizard Systems Manager Automation documents for SQL Server and showed you how to run the AWSSQLServer-Backup, AWSSQLServer-Restore, and AWSSQLServer-Index Automation documents. In this post, I’ll show you how to use the AWSSQLServer-DBCC document for SQL Server to execute database consistency […]

Read More