Category: Technical How-to

AWS provides a flexible and secure environment where you can experiment, innovate, and scale more quickly. As you build and deploy your workloads, you need mechanisms to isolate your resources (for example, a resource container). You can use multiple AWS accounts for this purpose. An AWS account provides natural security, access, and billing boundaries for […]

In the first post of this two-part series, we showed you two approaches for preventing cost overruns in a centralized budget management pattern: Applying a restrictive service control policy (SCP) to an organizational unit (OU). Moving the account to another OU with restrictive SCPs. In this post, we share how you can prevent cost overruns […]

Enterprise customers with multiple users want to manage policies on cloud resources like AWS Key Management Service (AWS KMS) and Amazon Simple Storage Service (Amazon S3) to grant access to additional users after the product has been deployed through, for example, AWS CloudFormation templates. In addition, customers want to accomplish this task in a self-service […]

In this post, we will show you how to configure AWS Systems Manager OpsCenter to aggregate security findings from AWS Security Hub into OpsCenter as operational issues. OpsCenter helps operations engineers and IT professionals reduce issue resolution time by providing a central place to view, investigate, and resolve security issues.  AWS Systems Manager Explorer provides […]

As consultants, we often help customers manage AWS services using infrastructure as code (IaC). We follow DevOps practices for building, versioning, testing, and deploying services. We also use AWS Config custom and managed rules to evaluate the configuration settings of AWS resources. AWS Config continuously tracks the configuration changes that occur among AWS resources and […]

AWS recently launched AWS Network Firewall, a stateful, managed network firewall that provides intrusion detection and prevention for Virtual Private Cloud (Amazon VPC). In a large-scale enterprise environment, it can be difficult and time-consuming to inspect multiple log groups and log streams. Investigating a security incident across a Network Firewall fleet that spans different VPCs […]

If you’ve authored private resource types to extend the AWS CloudFormation registry, you might have used Java, Python, or Go, which, until now, were our officially supported languages. In this blog post, we will show you how to create a private resource type using TypeScript, the latest addition to our growing list of officially supported […]

As customers add more applications, the number of APIs and webpages increase exponentially. The new multi-step HTTP monitoring in Amazon CloudWatch Synthetics offers visibility and helps you proactively solve problems. It helps engineering teams monitor their APIs 24/7 using flexible scripts so that they can maintain SLA compliance. In this post, we show you how […]

Most enterprises find it hard to maintain control of the commercial licensing of Microsoft, SAP, Oracle, and IBM products due to limited visibility. They wind up over-provisioning licenses to avoid the headache with third party license providers or under-provisioning licenses, only to be faced with steep penalties. If your enterprise uses AWS, you can address this […]

Most businesses and professionals build and maintain websites to bring visibility and credibility to their work. These websites often act as a medium for messaging. They shape the online perception of the business. When links on a website are broken, users get frustrated. If they cannot access the information they need, they might take their […]