Category: Management Tools

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

This blog-post is part two in a two-part series of blog posts. Part one shows you how to use AWS Service Catalog to control AWS resources available to your users. Part two shows you how you can use AWS Lambda to decommission all products provisioned from any product of a Portfolio. Sometimes you might have […]

By Melonia Mendonca, Software Development Engineer at Amazon Web Services AWS Systems Manager (SSM) documents enable infrastructure as code that allows you to configure, manage, and automate your AWS and on-premises resources using AWS Systems Manager services. These SSM Documents define the actions that you want to perform on managed instances. Systems Manager offers a […]

Many large enterprises operate on a federated model. That is, they are separated into different business units or organizations, with different goals, procedures, and skill sets. These enterprises typically use a system to manage their infrastructure configuration and changes. You might ask, “Can we apply a federated model to configuration management? If so, what are […]

AWS OpsWorks for Chef Automate and AWS OpsWorks for Puppet Enterprise provide fully managed Chef and Puppet servers with a suite of automation tools for infrastructure and application management. Enterprise customers rely on OpsWorks for easy configuration management and secure maintenance as the service automatically patches, updates, and backs up servers. This blog post gives […]

AWS OpsWorks for Puppet Enterprise was released in November of 2017. It has a secure API (associate node) that provides a secure, convenient, and AWS-integrated method to sign certificates for clients of OpsWorks for Puppet Enterprise. This secure API is ideal for use within a user data script when being used for AWS CloudFormation (which […]

By Ryan Coleman, Director of Product Management at Puppet We’re really excited to see AWS OpsWorks for Puppet Enterprise out in the wild. Over 600 people attended our joint session at AWS re:Invent 2017 (check out the video here) and many of you stopped by our booth to find out more. This post is for […]

AWS CloudFormation has always allowed you to customize your templates by using parameters for runtime input values. Parameters make your template code dynamically configurable, improving the reusability of your code. Previously, the only ways you could specify values for these parameters were to pass the plaintext values as arguments to the CloudFormation API, or hard […]

For customers new to configuration management with AWS OpsWorks for Puppet Enterprise (OWPE), a frequently-asked question is “How do I store sensitive data, such as database passwords, for use in my manifests?” Hiera allows you to manage and access data from various backends (data storage locations). By default, Hiera 5 supports YAML, JSON, and HOCON […]

To manage access to the AWS Cloud, many companies prefer Enterprise Federation over AWS Identity and Access Management (IAM) users. Identity federation provides single sign-on (SSO) to access AWS accounts using credentials from the corporate directory. This method of accessing AWS allows companies to utilize their existing identity solutions, such as Active Directory (AD) or […]