AWS Management Tools Blog

Managing AWS resources across multiple accounts and Regions using AWS Systems Manager Automation

AWS Systems Manager Automation simplifies common administrative and maintenance tasks of AWS resources. Using Systems Manager Automation, you can execute predefined tasks/workflows in the form of AWS Systems Manager documents (SSM documents) that you can write yourself or use community published documents. A SSM document defines the actions that Systems Manager performs on your AWS […]

Read More

Automate account creation, and resource provisioning using AWS Service Catalog, AWS Organizations, and AWS Lambda

As an organization expands its use of AWS services, there is often a conversation about the need to create multiple AWS accounts to ensure separation of business processes or for security, compliance, and billing. Many of the customers we work with use separate AWS accounts for each business unit so they can meet the different […]

Read More

How to perform cross-parameter validation using AWS CloudFormation rules and assertions

Most AWS CloudFormation templates use parameters to enable customization. It’s important to validate parameters to ensure a good user experience. AWS CloudFormation gives you several ways to perform parameter validation. For example, you can specify AllowedValues or a Default, or you can assign Types. For more information on validating parameters, see the documentation. Often, developers […]

Read More

How to patch Windows EC2 instances in private subnets Using AWS Systems Manager

Patching Windows instances in private subnets could be challenging since those Amazon EC2 instances have no internet connectivity. In this blog post we explain how to use AWS Systems Manager and Windows Server Update Services (WSUS) to keep those instances updated. We’ll create a new VPC with the proper endpoints, security groups, and network access […]

Read More

Reporting and remediating EC2 instances that AWS Systems Manager doesn’t list as managed instances

One of the primary features of AWS Systems Manager is Run Command. Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any Amazon EC2 instance that has been configured for Systems Manager. Now that the service has released the ec2-instance-managed-by-ssm, this is a good time to […]

Read More
AWS-ApplyDSCMofs Document Diagram

Run compliance enforcement and view compliant and non-compliant instances using AWS Systems Manager and PowerShell DSC

Point-and-click management randomizes servers with every single change made. It’s great to configure your servers with code. In addition, having automation to manage server configuration and compliance helps companies save time, improve availability, and lower the risks associated with up-time and security. However, the learning experience and administrative effort required to maintain such an environment […]

Read More

Centralized multi-account and multi-Region patching with AWS Systems Manager Automation

AWS Systems Manager Automation now supports multi-account and multi-Region actions enabling you to centrally manage your AWS resources. This feature reduces the time and overhead needed for enterprise-wide configuration, operational actions, and compliance remediation. In this blog post, I show you how to use AWS Systems Manager Automation to patch your managed instances across multiple […]

Read More

How to update AWS Service Catalog provisioned products to new product versions and report changes using AWS Step Functions, AWS Lambda, and Amazon Athena

AWS Service Catalog enables organizations to centrally manage commonly-deployed AWS services and provisioned software products. It also helps you achieve consistent governance and compliance requirements, while it empowers users to self-serve and quickly deploy the approved AWS services they need. Customers that I talk to want to have a mechanism to keep previously provisioned products […]

Read More

Your AWS CloudFormation guide to re:Invent 2018

There are less than two weeks left until re:Invent 2018. As in years past, AWS CloudFormation will be there, both behind the scenes deploying infrastructure and front-and-center for break-out sessions, workshops, and chalk talks. Here are a few highlights we’ve pulled from the session catalog, followed by the full list of CloudFormation-focused sessions and workshops to help […]

Read More