AWS Management & Governance Blog

Category: Technical How-to

Four ways to retrieve any AWS service property using AWS CloudFormation (Part 3 of 3)

This post is the last in a series on how to build customizations using AWS CloudFormation. In part 1, we introduced you to cfn-response and crhelper and discussed the scenarios they are best suited for. In part 2, we addressed a coverage gap in our public roadmap and showed you how to build an AWS […]

Read More

Four ways to retrieve any AWS service property using AWS CloudFormation (Part 2 of 3)

This post is the second in a series on how to build customizations using AWS CloudFormation. In part 1, we showed you how to develop customizations using cfn-response and crhelper and shared the scenarios they are best suited for. In this post, we’ll use AWS CloudFormation macros to address some of the coverage gaps identified […]

Read More

Monitor and scale your Amazon ECS on AWS Fargate application using Prometheus metrics

If you’ve ever run a containerized workload, you know that it can be tricky to check what’s happening in your container. In this blog post, I show how you can monitor and scale your Amazon Elastic Container Service (Amazon ECS) on AWS Fargate application using Prometheus metrics. Although there is more information about Prometheus already […]

Read More

Visualizing AWS Config data using Amazon Athena and Amazon QuickSight

In this guest post, Henrik André Olsen, Solutions Architect, discusses how he visualized AWS Config data in Amazon QuickSight dashboards with a high value for the Danish insurance company Topdanmark.  If you are an AWS Config user, you are probably already familiar with how to use the AWS Config console to access data, but it’s […]

Read More

Building secure Amazon SageMaker access URLs with AWS Service Catalog

Many customers need a secure method to access Amazon SageMaker notebooks within their private network without logging in to the AWS console, or using the AWS CLI/SDKs. This may be desired for enhanced security or to provide an easier self-service path for data scientists. In this blog post, we show you a how to connect […]

Read More

Automate AWS Backups with AWS Service Catalog

If you’re an organization with multiple AWS accounts and independent teams, cloud governance can seem a daunting task. The complexities of balancing developer velocity with centralized governance risks can slow down the innovation you’re trying to speed up. Fortunately, AWS Service Catalog, and AWS Backup help to implement a well-architected approach to self-service while meeting […]

Read More
ReadOnly SCP Post Featured Image

How to implement a read-only service control policy (SCP) for accounts in AWS Organizations

Customers who manage multiple AWS accounts in AWS Organizations can use service control policies (SCPs) to centrally manage permissions in their environment. SCPs can be applied to an organization unit (OU), account, or entire organization to restrict the maximum permissions that can be applied in the scoped AWS accounts. In this post, we are going to explore the use of SCPs to restrict an AWS account to read-only access.

Read More

Streamline server fleet management with AWS Systems Manager Fleet Manager

Organizations manage an increasingly diverse IT infrastructure, one that spans cloud and on-premises environments and uses different tools and services. Managing these diverse hybrid environments can be complicated and resource-intensive. Fleet Manager, a new feature in AWS Systems Manager, makes it easy and cost-effective to remotely manage Windows and Linux servers running across AWS, on-premises, […]

Read More

View AWS Config rules across multiple accounts and Regions using AWS Systems Manager Explorer

AWS Systems Manager Explorer is a customizable operations dashboard that displays an aggregated view of operations data from across your AWS accounts and AWS Regions. Explorer provides context into how operational issues are distributed, trend over time, and vary by category. In this blog post, I explain how Explorer gathers the compliance status of AWS […]

Read More

How BT uses Amazon CloudWatch to monitor millions of devices

In this guest post, Ciaran Kearney, Data Engineer at multinational telecommunications company BT discusses how BT built a monitoring solution using Amazon CloudWatch dashboards, composite alarms, and embedded metric format to support the monitoring of millions of devices. Customers with high-cardinality monitoring use cases often face challenges when it comes to implementing observability. Monitoring high-cardinality workloads […]

Read More