AWS Management & Governance Blog

Setting up custom AWS Config rule that checks the OS CIS compliance

AWS announced that AWS Systems Manager’s Run Command now offers Chef InSpec audits through the AWS-RunInspecChecks document. This is a significant win for Systems Manager enthusiasts and other users who prefer an OS-based compliance check solution rather than using a whole new cloud service. This blog post is not about how to keep an OS […]

Read More
Multi-account framework

Governance, risk, and compliance when establishing your cloud presence

When speaking with the business and technology leaders I work with, they express the need to bring new products and services to market quickly. They must also stay secure while doing so. At the same time, they must maintain a resilient environment while adapting workloads to changing business needs over time. In this multi-part blog […]

Read More

Applying managed instance policy best practices

Since AWS Systems Manager was launched, the service has continued to add new features for customers to use. Many features are enabled by granting your Amazon EC2 instances and on-premises servers access to Systems Manager using an AWS Identity and Access Management (IAM) role with the necessary permissions. To provide customers more flexible, fine-grained permission […]

Read More

Monitor your private internal endpoints 24×7 using CloudWatch Synthetics

Introduction Since Amazon CloudWatch Synthetics launched in 2019, Synthetics canaries have become the first line of defense to reliably alert developers if their public endpoints, including REST APIs and URLs, show unexpected latencies or availability drops. In addition, Synthetics canaries can also monitor for broken links, or unauthorized content changes resulting from phishing, code injection, […]

Read More

Manage custom AWS Config rules with remediations using conformance packs

Different organizations have different compliance and security requirements for their resources and accounts. AWS Config makes it easier for customers to implement these controls. While AWS Config offers customers a wide selection of managed AWS Config rules that help them comply with their requirements, there are customers who require more customized control and can take […]

Read More
ahova architecture diagram

Send Organizational AWS Health Events to Amazon Chime or Slack

Receiving notifications for AWS Health events can be done in multiple ways depending on your desired platform, from email notifications with Amazon SNS to account-specific chat notifications with AWS Chatbot. Recently, the team behind AWS Health API (available to AWS Business/Enterprise Support customers) released AWS Health Organizational View, which allows you to aggregate all AWS […]

Read More
Event-based notifications AWS Service Catalog

Creating event-based notifications and remediation in AWS Service Catalog using AWS Config

AWS Service Catalog allows organizations to quickly let their users deploy approved IT services to organize, govern, and provision cloud resources on AWS. However, users launching multiple instances can cause issues because: Some instances are not always active. The lack of limits on the number of active instances can result in an organization’s costs going […]

Read More
Solution architecture for the proposed solution

Automate RDS Aurora Snapshots for disaster recovery

It is important to have a well-defined proactive disaster recovery strategy for efficient and uninterrupted flow of data across an organization. This applies to all components of your application architecture, including the database layer. While Amazon Aurora database clusters are fault-tolerant and highly available by design, for disaster recovery use cases, customers prefer to keep […]

Read More

Deploy Enterprise Proof-of-Concept with prooV and AWS Service Catalog

Deploy Enterprise Proof-of-Concept with prooV and AWS Service Catalog Proof-of-concept testing is a must-have practice for enterprise application development teams for decision making regarding technology adoption. With the elasticity and scalability provided by the cloud, it’s more important now than ever to predict and understand application behavior in a real-world scenario. Before releasing a new […]

Read More

AWS Config best practices

AWS Config is a service that maintains a configuration history of your AWS resources and evaluates the configuration against best practices and your internal policies. You can use this information for operational troubleshooting, audit, and compliance use cases. In this blog post, I share best practices on how to use AWS Config as a tool […]

Read More