AWS Management & Governance Blog

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More

How to self-service manage AWS Auto Scaling groups and Amazon Redshift with AWS Service Catalog Service Actions

Some of the customers I work with provide AWS Service Catalog products to their end-users to enable self-service for launching and managing Amazon Redshift, EMR clusters or web applications at scale using AWS Auto Scaling groups. These end-users would like the ability to self-manage these resources, for example, be able to take a snapshot of […]

Read More

Introducing Amazon CloudWatch Container Insights for Amazon ECS

Amazon Elastic Container Service (Amazon ECS) lets you monitor resources using Amazon CloudWatch, a service that provides metrics for CPU and memory reservation and cluster and services utilization. In the past, you had to enable custom monitoring of services and tasks. Now, you can monitor, troubleshoot, and set alarms for all your Amazon ECS resources using […]

Read More

Managing Amazon WorkSpaces by integrating AWS Service Catalog with ServiceNow

As enterprises adopt Amazon WorkSpaces as their virtual desktop solution, there is a need to implement an ITSM-based self-service offering for provisioning and operations. In this post, you will learn how to integrate AWS Service Catalog with ServiceNow so users can request their own WorkSpace instances inclusive of all business-level approvals and auditing. You will […]

Read More

Replacing SSH access to reduce management and security overhead with AWS Systems Manager

Cesar Soares, DevOps and cloud infrastructure manager, VR Beneficios In many corporate enterprises, interactive shell access to cloud or datacenter environments is a necessity. It must be supported in a secure, auditable manner, often programmatic or via scripting, and with strong access controls. As discussed in a previous post by Jeff Barr, AWS Systems Manager […]

Read More
AWS CloudTrail brand image

Maximizing features and functionality in AWS CloudTrail

Thanks to the following AWS CloudTrail experts for their work on this post: Avneesh Singh, Senior Product Manager, AWS CloudTrail Jeff McRae, Software Development Manager, AWS CloudTrail Keith Robertson, Software Development Manager, AWS CloudTrail Susan Ferrell, Senior Technical Writer, AWS Are you taking advantage of all the features and functionality that AWS CloudTrail offers? Here […]

Read More

Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB

Introduction Many AWS customers either integrate ServiceNow into their existing AWS services or set up both ServiceNow and AWS services for simultaneous use. One challenge in this use case is the need to update your configuration management database (CMDB) when a new spin-up instance appears in AWS. This post demonstrates how to integrate AWS Config […]

Read More

Enhancing configuration management at Verizon using AWS Systems Manager

In large enterprise organizations, it’s challenging to maintain standardization across environments. This is especially true if these environments are provisioned in a self-service manner—and even more so when new users access these provisioning services. In this post, I describe how we at Verizon found a balance operating between agility, governance, and standardization for our AWS […]

Read More

Creating and hydrating self-service data lakes with AWS Service Catalog

Organizations are evolving IT processes to include data lakes and supporting services. Your organization might start by looking to extend the self-service portals you built using AWS Service Catalog to create data lakes as well. A self-service portal lets users vend required AWS resources within the guardrails defined by your cloud center of excellence (CCOE) […]

Read More

Analyzing Amazon VPC Flow Log data with support for Amazon S3 as a destination

In a world of highly distributed applications and increasingly bespoke architectures, data monitoring tools help DevOps engineers stay abreast of ongoing system problems. This post focuses on one such feature: Amazon VPC Flow Logs. In this post, I explain how you can deliver flow log data to Amazon S3 and then use Amazon Athena to […]

Read More