AWS Cloud Operations Blog

Category: Technical How-to

Automate Systems Manager patching reports via email and Slack notifications in an AWS Organization

An effective patch management is foremost for maintaining system security, reliability, and compliance across your IT infrastructure. AWS Systems Manager (SSM) provides a comprehensive patching solution, enabling you to automate the deployment of operating system updates to your nodes deployed on AWS, on-premises, and multicloud environments. However, as your organization scales, tracking and reporting on […]

Analyzing AWS Control Tower Drift with Amazon Bedrock

Introduction In order to enforce best practices for governance and compliance across AWS accounts in a centralized way, AWS Control Tower is an easy place to start.  However, ensuring continuous compliance requires regular drift detection and remediation, which Control Tower facilitates by providing a mechanism to detect drift and publish notifications to Amazon Simple Notification […]

AWS Organizations, moving an organization member account to another organization: Part 1

December 24, 2024: This post was republished to update terminology for AWS RAM resource shares and to update links. AWS customers use AWS Organizations as the basis of a multi-account AWS environment as defined by the Organizing Your AWS Environment Using Multiple Accounts AWS Whitepaper. Organizations is an AWS service that enables you to centrally […]

Troubleshooting AWS Systems Manager patching made easy with Amazon Bedrock’s automated recommendations

Keeping your AWS infrastructure up-to-date and secure is a critical part of maintaining a robust and reliable cloud environment. AWS Systems Manager’s patching capabilities are a powerful tool in this effort, allowing you to automatically apply the latest security updates and bug fixes to your managed nodes, including Amazon Elastic Compute Cloud (EC2) instances, on-premises […]

How to detect and monitor Amazon Simple Storage Service (S3) access with AWS CloudTrail and Amazon CloudWatch

How to detect and monitor Amazon Simple Storage Service (S3) access with AWS CloudTrail and Amazon CloudWatch

While protection of data is critical, equally important is observing who accesses it.  AWS services allow you to control your data by determining where it’s stored, who has access, and how it’s secured. AWS CloudTrail provides an effective way to track data access activities.  You can detect access attempts, and identify potential unauthorized attempts. CloudTrail, […]

Using Terraform with Landing Zone Accelerator on AWS

In this post, we explore how you can incorporate HashiCorp Terraform to manage your Amazon Web Services (AWS) application infrastructure after using AWS Control Tower with Landing Zone Accelerator on AWS (LZA) to manage your AWS ecosystem. The LZA deploys a cloud foundation that is architected to align with AWS best practices and multiple global […]

Streamlining AWS Organizations Cleanup Strategies

AWS Organizations provides capabilities for AWS customers to centrally manage accounts in their multi-account environment. As the business landscape evolves, customers may need to close multiple AWS accounts or an entire organization. This could take place during mergers and acquisitions, to support cleanup efforts which reduce cost from unused resources, or decommissioning a venture or […]

Know Before You Go – AWS re:Invent 2024 Cloud Governance and Compliance

We are so excited to see you at our annual cloud computing conference, AWS re:Invent 2024 in Las Vegas from Dec 2 to Dec 6. At AWS re:Invent, cloud enthusiasts from all over the world will gather together to collaborate and learn from one another! You will have the opportunity to meet with AWS experts, […]

Operations re:Imagined – Know Before You Go – AWS re:Invent 2024

We are so excited to see you at our annual cloud computing conference, AWS re:Invent 2024 in Las Vegas from Dec 2 to Dec 6. At this conference, you’ll have the opportunity to attend thought-provoking keynotes, dive deep into our services, and meet with fellow cloud enthusiasts! No matter your level of expertise, we’ll have sessions […]

Know Before You Go – AWS re:Invent 2024 Monitoring and Observability

Planning to join us in Las Vegas from Dec 2 to Dec 6 at AWS re:Invent 2024 and looking to learn more about monitoring and observability? If you are, this blog highlights Cloud Operations sessions that focus on monitoring and observability at re:Invent 2024! Monitoring and Observability allows you to understand the health of your applications and […]