AWS Management Tools Blog

Category: Management Tools

How to Track Configuration Changes to Classic Load Balancers Using AWS Config

Recently, AWS Config announced support for Classic Load Balancer in all public regions and AWS GovCloud (US). You can now start tracking the current and historical configurations of your Classic Load Balancers, and get notified via Amazon SNS when your configurations change. You can also use three new managed AWS Config rules to verify whether your […]

Read More

AWS Config: A Year in Review 2017

It’s been another exciting year for AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. We have expanded our regional availability, added support for new resource types, introduced new managed Config rules, and introduced a dashboard view of your resource configuration and compliance. In this post, […]

Read More

Centralized Management of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager

Introduction Many AWS customers, particularly in the public sector, are implementing a central IT agency model. These organizations have an AWS account for central IT that is designated for the management of security and compliance activities such as patch management, use of golden Amazon Machine Images (AMIs), and federates user access for other agencies’ AWS […]

Read More

AWS CloudFormation: 2017 in Review

In 2017, over 350,000 AWS customers used AWS CloudFormation to manage resources collected across 2.4M stacks. We added coverage for 14 new services and several new features. In this post, I’d like to look back at some features and new content that CloudFormation introduced in 2017, including: New AWS resources that you can provision with […]

Read More

How to secure infrequently used EC2 instances with AWS Systems Manager

Many organizations have predictable spikes in the usage of their applications and services. For example, retailers see large spikes in usage during Black Friday or Cyber Monday. The beauty of Amazon Elastic Compute Cloud (Amazon EC2) is that it allows customers to quickly scale up their compute power to meet these demands. However, some customers […]

Read More

Analyzing Bitcoin Data: AWS CloudFormation Support for AWS Glue

The AWS CloudFormation team has been busy in the last couple of months, adding support for new resource types for recently released AWS services. In this post, I take a deep dive into using AWS Glue with CloudFormation. About AWS Glue AWS Glue was first announced at re:Invent in 2016, and was made generally available […]

Read More

AWS CloudFormation Update: AWS Guard Duty, Amazon Inspector, and Service Discovery, plus 40 resource updates

AWS CloudFormation recently added support for these recently released AWS services: AWS Guard Duty is an automated threat-detection service that can be quickly enabled, does not require agents to be installed, and monitors unusual account usage using sources like AWS CloudTrail logs, DNS logs, and other sources. With the new AWS CloudFormation resource support, you […]

Read More

Password Rotation for Windows on Amazon EC2 Made Easy with EC2Rescue

EC2Rescue for Windows is an easy-to-use tool that you run on an Amazon EC2 Windows Server instance to diagnose and troubleshoot possible problems. A common use of the tool is to reset the local administrator password. Password rotation is an important security task in any organization. In addition, setting strong passwords is necessary to ensure […]

Read More

Control AWS resources available to your users using AWS Service Catalog

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

Read More

Using AWS Lambda to decommission products provisioned from an AWS Service Catalog portfolio

This blog-post is part two in a two-part series of blog posts. Part one shows you how to use AWS Service Catalog to control AWS resources available to your users. Part two shows you how you can use AWS Lambda to decommission all products provisioned from any product of a Portfolio. Sometimes you might have […]

Read More