Category: *Post Types

In 2018 we launched metric math, which enables you to perform calculations across multiple metrics for real-time analysis. You can visualise these computed metrics through the Amazon CloudWatch console, add them to CloudWatch Dashboards, or retrieve through the newly launched GetMetricData API. You can use metric math to derive insights from your existing CloudWatch metrics and […]

We’re living in a golden age of AWS CloudFormation tooling. Tools like cfn_nag and taskcat make it easier to treat your infrastructure as code by performing testing and validation before you deploy a single resource into your accounts. In this blog post, I’ll show you how to use linters to validate your CloudFormation templates.

I want to take you on a quick look back at what we added for AWS CloudFormation in 2018. We added coverage for 18 new AWS services (up from 14 in 2017) and many new features for existing services, several available at launch. Highlights of the features and new content that CloudFormation introduced in 2018, […]

As an organization expands its use of AWS services, there is often a conversation about the need to create multiple AWS accounts to ensure separation of business processes or for security, compliance, and billing. Many of the customers we work with use separate AWS accounts for each business unit so they can meet the different […]

We have introduced an updated version of the AWS Config Rule Development Kit (RDK). The RDK helps you rapidly deploy custom AWS Config rules at scale across multiple AWS accounts and Regions. You can also create a centralized dashboard to view the AWS Config rule compliance status across various AWS accounts. This blog post is […]

Most AWS CloudFormation templates use parameters to enable customization. It’s important to validate parameters to ensure a good user experience. AWS CloudFormation gives you several ways to perform parameter validation. For example, you can specify AllowedValues or a Default, or you can assign Types. For more information on validating parameters, see the documentation. Often, developers […]

Patching Windows instances in private subnets could be challenging since those Amazon EC2 instances have no internet connectivity. In this blog post we explain how to use AWS Systems Manager and Windows Server Update Services (WSUS) to keep those instances updated. We’ll create a new VPC with the proper endpoints, security groups, and network access […]

Point-and-click management randomizes servers with every single change made. It’s great to configure your servers with code. In addition, having automation to manage server configuration and compliance helps companies save time, improve availability, and lower the risks associated with up-time and security. However, the learning experience and administrative effort required to maintain such an environment […]

Update 01/2023: AWS Systems Manager announces Patch Policies, enabling cross account and cross Region patching. Patch Policies provide a user experience in a single console to easily define and enforce patch compliance across accounts and Regions with a few clicks. For more information, see Centrally deploy patching operations across your AWS Organization using Systems Manager […]

AWS Service Catalog enables organizations to centrally manage commonly-deployed AWS services and provisioned software products. It also helps you achieve consistent governance and compliance requirements, while it empowers users to self-serve and quickly deploy the approved AWS services they need. Customers that I talk to want to have a mechanism to keep previously provisioned products […]