AWS Cloud Operations & Migrations Blog
Category: *Post Types
How BBVA USA delivered security and governance at scale using management tools
As BBVA USA began its digital transformation journey, the security operations team had to improve its processes around provisioning and baselining of AWS accounts. The demand for new AWS accounts continued to increase from multiple application teams within the bank. In an effort to standardize new accounts within the enterprise, BBVA USA built an automated […]
Extend AWS Control Tower governance using AWS Config Conformance Packs
As many customers adopt AWS Control Tower, they have asked Raphael and me how to add additional governance policies such as the NIST Cybersecurity Framework (CSF) to their environments on top of the guardrails that AWS Control Tower provides. Customers want to enable these additional policies on the AWS Regions where AWS Control Tower is […]
Automating Amazon CloudWatch Alarms with AWS Systems Manager
Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, Site Reliability Engineers (SRE), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. Are you looking for an automated way […]
Identifying resources with the most configuration changes using AWS Config
AWS Config tracks changes made to supported resources and records them as configuration items (CIs), which are JSON files delivered to an Amazon S3 bucket. These are delivered in 6-hour intervals, as configuration history files. Each file contains details about the resources that changed in that 6-hour period, for the respective resource types, such as […]
Dynamically adjusting X-Ray sampling rules
In a distributed system environment, tracing service-to-service interactions is essential to easily identify service bottlenecks, faults, and errors. AWS X-Ray allows you to set up tracing on your applications hosted on a variety of compute environments, such as Amazon Elastic Compute Cloud (Amazon EC2), AWS Elastic Beanstalk, Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic […]
Simplifying permissions management at scale using tags in AWS Organizations
AWS Organizations has extended its existing tagging support for AWS accounts to include all Organizations resources, such as organizational units (OUs) and your root and organization-level policies. You can tag these resources as you create them, giving you a convenient way to make sure that your Organizations resources are categorized from the start, without needing […]
Multi-account AWS Trusted Advisor summaries now available in AWS Systems Manager Explorer
AWS Systems Manager Explorer is a customizable operations dashboard that reports information about your AWS resources. Explorer displays an aggregated view of operations data (OpsData) for your AWS accounts and across Regions. In Explorer, OpsData includes metadata about your Amazon EC2 instances, patch compliance details, and operational work items (OpsItems). AWS Trusted Advisor is an […]
Using AWS Config for security analysis and resource administration
This blog post is a collaboration between Snehal Nahar, Technical Account Manager at AWS and Howard Zeemer, Manager of Operational Tools and Automation at LendingTree In this post, we will discuss how Lending Tree is using AWS Config for resource administration and security analysis. LendingTree empowers consumers to shop for financial services, comparing multiple offers […]
Actionable Insights based on anomaly detection in AWS X-Ray
Today, we launched in public preview X-Ray Insights, a new feature of AWS X-Ray, which uses anomaly detection to create actionable insights about any anomalies in your application. AWS X-Ray helps developers analyze and debug distributed applications. With this launch, you will be able to proactively identify issues in your applications caused by increases in the […]
Build your own software asset governance platform on AWS
Software Asset Governance or Software Asset Management is a key component of an organization’s cyber security strategy. Different aspects of Software Asset Governance find notable mentions in renowned security frameworks and standards such as SANS CIS Critical Security Controls, NIST Special Publication 800-53, and Cloud Security Alliance’s Cloud Control Matrix. The subject goes beyond cyber-security […]