Category: *Post Types

VPC sharing allows customers to share subnets from a central AWS account with other AWS accounts in the same organization created in AWS Organizations. Centralized control of your virtual private cloud (VPC) structure allows you to maintain separation of duties through AWS account boundaries. A best practice for creating VPCs and other resources in the AWS […]

The first post in this series, Reinventing automated operations (Part I), covered the importance of operations in the cloud and how deferring the creation of an operations plan can slow down your migration. In this post, I’ll share the primary mechanism of iterative improvement (aka flywheel) that AWS Managed Services (AMS) uses to increase operational […]

Get to the Cloud. Make awesome happen! This blog post explores GoDaddy’s journey to the cloud and the GoDaddy Public Cloud Portal, an application used by engineering teams to onboard to AWS. GoDaddy started their journey to the cloud in early 2018 when they announced their partnership with AWS. This post will outline the project […]

In this blog post, we explore GoDaddy’s journey to the cloud and their Public Cloud Portal, an application created to onboard engineering teams to AWS. GoDaddy started this journey in early 2018 when they announced their partnership with AWS. We’ll focus on how GoDaddy created a service to enable thousands of employees and hundreds of […]

AWS provides a flexible and secure environment where you can experiment, innovate, and scale more quickly. As you build and deploy your workloads, you need mechanisms to isolate your resources (for example, a resource container). You can use multiple AWS accounts for this purpose. An AWS account provides natural security, access, and billing boundaries for […]

In the first post of this two-part series, we showed you two approaches for preventing cost overruns in a centralized budget management pattern: Applying a restrictive service control policy (SCP) to an organizational unit (OU). Moving the account to another OU with restrictive SCPs. In this post, we share how you can prevent cost overruns […]

Enterprise customers with multiple users want to manage policies on cloud resources like AWS Key Management Service (AWS KMS) and Amazon Simple Storage Service (Amazon S3) to grant access to additional users after the product has been deployed through, for example, AWS CloudFormation templates. In addition, customers want to accomplish this task in a self-service […]

The Three Lines Model developed by the Institute of Internal Auditors (IIA) helps organizations identify structures and processes to facilitate strong governance and risk management. In that model, the first-line function manages risk, the second-line function oversees risk and the third-line function provides objective and independent assurance of risk management. According to a Deloitte analysis […]

In this post, we will show you how to configure AWS Systems Manager OpsCenter to aggregate security findings from AWS Security Hub into OpsCenter as operational issues. OpsCenter helps operations engineers and IT professionals reduce issue resolution time by providing a central place to view, investigate, and resolve security issues.  AWS Systems Manager Explorer provides […]

As consultants, we often help customers manage AWS services using infrastructure as code (IaC). We follow DevOps practices for building, versioning, testing, and deploying services. We also use AWS Config custom and managed rules to evaluate the configuration settings of AWS resources. AWS Config continuously tracks the configuration changes that occur among AWS resources and […]