AWS Management Tools Blog

How to create custom AWS Config rules with AWS CodeStar

The AWS Config rules feature enables you to define in code the desired configuration of your AWS resources. For example, you can check that your Amazon S3 buckets are not publicly accessible or that your instances are associated with a security group. While Config offers a set of prebuilt (managed) rules that represent common best […]

Read More

Using AWS Systems Manager to run compliance scans using InSpec by Chef

As described in the Security Pillar of the AWS Well-Architected Framework, the careful management of the security configurations of the running systems within your environment forms the foundation of how you will maintain robust, secure, scalable systems. InSpec by Chef, an open-source testing framework, provides teams the ability to define and assess system state and […]

Read More

How to develop custom AWS Config rules using the Rule Development Kit

To help customers rapidly prototype, develop, and deploy their custom AWS Config rules at scale, AWS introduces a new version of the AWS Config Rule Development Kit (RDK). The RDK is a command-line utility designed to help you to shorten your security and compliance feedback cycles when using Config. It helps you build a continuous […]

Read More

Recovering AWS CloudFormation stacks using ContinueUpdateRollback

AWS CloudFormation treats a stack as a collection of AWS resources that customers can manage as a single unit. After you launch a stack, you can use the AWS CloudFormation console, API, or AWS CLI to update resources in your stacks. You should not make any changes to stack resources outside of CloudFormation. This is […]

Read More

How to Track Changes to Auto Scaling Groups Using AWS Config

Recently, AWS Config announced support for Auto Scaling groups. You can now track configuration changes in Auto Scaling groups, such as minimum, maximum, and desired capacities, termination policies, scaling policies, subnets, and instance protection settings. You can also use a new managed AWS Config rule to check whether the Auto Scaling groups associated with your […]

Read More

How to Track Configuration Changes to Classic Load Balancers Using AWS Config

Recently, AWS Config announced support for Classic Load Balancer in all public regions and AWS GovCloud (US). You can now start tracking the current and historical configurations of your Classic Load Balancers, and get notified via Amazon SNS when your configurations change. You can also use three new managed AWS Config rules to verify whether your […]

Read More

AWS Config: A Year in Review 2017

It’s been another exciting year for AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. We have expanded our regional availability, added support for new resource types, introduced new managed Config rules, and introduced a dashboard view of your resource configuration and compliance. In this post, […]

Read More

Centralized Management of Multiple Accounts and Cross-Platform EC2 Instances Using AWS Systems Manager

Introduction Many AWS customers, particularly in the public sector, are implementing a central IT agency model. These organizations have an AWS account for central IT that is designated for the management of security and compliance activities such as patch management, use of golden Amazon Machine Images (AMIs), and federates user access for other agencies’ AWS […]

Read More

AWS CloudFormation: 2017 in Review

In 2017, over 350,000 AWS customers used AWS CloudFormation to manage resources collected across 2.4M stacks. We added coverage for 14 new services and several new features. In this post, I’d like to look back at some features and new content that CloudFormation introduced in 2017, including: New AWS resources that you can provision with […]

Read More

How to secure infrequently used EC2 instances with AWS Systems Manager

Many organizations have predictable spikes in the usage of their applications and services. For example, retailers see large spikes in usage during Black Friday or Cyber Monday. The beauty of Amazon Elastic Compute Cloud (Amazon EC2) is that it allows customers to quickly scale up their compute power to meet these demands. However, some customers […]

Read More