Category: Security, Identity, & Compliance

System Administrators face a never-ending list of tasks in IT organizations, with one of the most critical being the installation and updating of software packages. This process is essential for maintaining a secure posture across systems. However, as the number of servers grows, manually managing updates becomes increasingly time-consuming and inefficient. The challenge we’re addressing […]

Customers are looking for a way to limit the types of commands that can be run on their Amazon Elastic Compute Cloud (Amazon EC2) instances when using AWS Systems Manager Session Manager interactive sessions. Allowed commands vary by group, meaning you need to allow different sets of commands based on the group of users. For […]

When managing multiple AWS accounts in AWS Organizations organization, it’s important to implement central access controls that govern both identities and resources. These controls are essential for ensuring security, compliance, and scalability across your environment. AWS Organizations service control policies (SCPs), resource control policies (RCPs), and declarative policies enable you to centrally configure and manage […]

Introduction AWS Organizations provides the capability to centrally manage and govern your AWS environment. As an organization, you can delegate administration of specific AWS services integrated with AWS Organizations to authorized individuals or teams. Implementing effective controls for these delegated administrators is essential to ensuring the security, compliance, and operational efficiency of your AWS environment. […]

December 24, 2024: This post was republished to update terminology for AWS RAM resource shares and to update links. AWS customers use AWS Organizations as the basis of a multi-account AWS environment as defined by the Organizing Your AWS Environment Using Multiple Accounts AWS Whitepaper. Organizations is an AWS service that enables you to centrally […]

Security is “job zero” at AWS. It’s crucial to gain deeper insights into your AWS infrastructure’s security posture to respond quickly to threats. The ability to centrally monitor and visualize the security findings make it easier for you to identify any security threats or gaps and also keep the principle of least privilege in focus. […]

As organizations increasingly adopt cloud services, they often face the challenge of hosting diverse workloads with varying cost structures and budget constraints. To establish a solid foundation for cost optimization without compromising operational efficiency in your cloud operations, it’s essential to manage your cloud expenses efficiently. This aligns with the AWS Well-Architected Cost Optimization pillar, […]

AWS Organizations provides capabilities for AWS customers to centrally manage accounts in their multi-account environment. As the business landscape evolves, customers may need to close multiple AWS accounts or an entire organization. This could take place during mergers and acquisitions, to support cleanup efforts which reduce cost from unused resources, or decommissioning a venture or […]

Customers often spend time finding and managing individual resources within their applications. They need to find various applications, manage and perform application tasks, and monitor resources during different stages of the application lifecycle. Customers usually have hundreds to thousands of resources within even a single AWS account. This requires navigating across multiple AWS services pages […]

AWS Config is a fully managed service that provides customers with resource inventory, configuration monitoring, and configuration change notifications to support security, governance, and compliance for workloads in AWS. An AWS Config rule represents desired configurations for a resource and evaluates changes in near real-time and records the compliance history in AWS Config. Using AWS […]