AWS Management & Governance Blog
Category: *Post Types
Best practices for creating and managing sandbox accounts in AWS
Organizations use multiple environments, each with different security and compliance controls, as part of their deployment pipeline. Following the principle of least privilege, production environments have the most restrictive security and compliance controls. They tightly limit who can access the environment and which actions each user (or principal) can perform. Development and test environments also […]
Read MoreStandardize with speed using AWS Service Catalog stack import
If you’ve used AWS Service Catalog, you probably know how it helps organizations increase standardization, encourage compliance, and improve speed and agility. This is done by enabling central administrators to publish and manage a standard set of compliant products that users can consume in a self-service manner. Customers often start by creating an AWS CloudFormation-based product in […]
Read MoreManage Amazon CloudWatch agent deployment at scale using the AWS Cloud Development Kit to optimize AWS usage
In this blog post, we will show you how you can programmatically deploy the Amazon CloudWatch agent using the AWS Cloud Development Kit (AWS CDK) as you create your Amazon Elastic Compute Cloud (Amazon EC2) instances. You can use the command line, AWS Systems Manager, and AWS CloudFormation to install the CloudWatch agent on your EC2 instances. We also recently announced that the […]
Read MoreFour ways to retrieve any AWS service property using AWS CloudFormation (Part 3 of 3)
This post is the last in a series on how to build customizations using AWS CloudFormation. In part 1, we introduced you to cfn-response and crhelper and discussed the scenarios they are best suited for. In part 2, we addressed a coverage gap in our public roadmap and showed you how to build an AWS […]
Read MoreFour ways to retrieve any AWS service property using AWS CloudFormation (Part 2 of 3)
This post is the second in a series on how to build customizations using AWS CloudFormation. In part 1, we showed you how to develop customizations using cfn-response and crhelper and shared the scenarios they are best suited for. In this post, we’ll use AWS CloudFormation macros to address some of the coverage gaps identified […]
Read MoreMonitor and scale your Amazon ECS on AWS Fargate application using Prometheus metrics
If you’ve ever run a containerized workload, you know that it can be tricky to check what’s happening in your container. In this blog post, I show how you can monitor and scale your Amazon Elastic Container Service (Amazon ECS) on AWS Fargate application using Prometheus metrics. Although there is more information about Prometheus already […]
Read MoreVisualizing AWS Config data using Amazon Athena and Amazon QuickSight
In this guest post, Henrik André Olsen, Solutions Architect, discusses how he visualized AWS Config data in Amazon QuickSight dashboards with a high value for the Danish insurance company Topdanmark. If you are an AWS Config user, you are probably already familiar with how to use the AWS Config console to access data, but it’s […]
Read MoreBuilding secure Amazon SageMaker access URLs with AWS Service Catalog
Many customers need a secure method to access Amazon SageMaker notebooks within their private network without logging in to the AWS console, or using the AWS CLI/SDKs. This may be desired for enhanced security or to provide an easier self-service path for data scientists. In this blog post, we show you a how to connect […]
Read MoreDiscover application issues and get notifications with AWS X-Ray Insights
Today, AWS X-Ray is pleased to announce the general availability of Insights, a feature that helps you proactively detect performance issues in your applications. AWS X-Ray helps developers and DevOps engineers analyze and debug production environments and distributed applications, such as those built using a microservices architecture. Using anomaly detection, X-Ray Insights determines if the […]
Read MoreAutomate AWS Backups with AWS Service Catalog
If you’re an organization with multiple AWS accounts and independent teams, cloud governance can seem a daunting task. The complexities of balancing developer velocity with centralized governance risks can slow down the innovation you’re trying to speed up. Fortunately, AWS Service Catalog, and AWS Backup help to implement a well-architected approach to self-service while meeting […]
Read More