AWS Cloud Operations & Migrations Blog

Tag: AWS CloudFormation StackSets

How to centralize CloudWatch Alarms with Amazon EventBridge and AWS CloudFormation

Amazon CloudWatch lets customers collect monitoring and operational data in the form of logs, metrics, and events, providing an easy way to monitor and receive notifications regarding their workload health and often integrate directly with other systems, such as JIRA Service Desk and ServiceNow. The CloudWatch alarms feature lets you monitor CloudWatch metrics and receive […]

Deploying Custom AWS Config Rules in an AWS Organization Environment

In this post, we will show how you can deploy AWS Config custom rules across accounts in your organization, leveraging the Rules Development Kit (RDK), an open source development kit designed to support intuitive and efficient “Compliance-as-Code” workflows. With AWS Config custom rules, you can define custom logic for the desired configuration state of your […]

Automating centralized package management in AWS using AWS Systems Manager Distributor and AWS Systems Manager State Manager

This blog post was jointly contributed by Kanishk Mahajan, AWS and Dominic Medsker, Moody’s Customers routinely leverage 3rd party agent-based packages and vulnerability management tools, such as CrowdStrike, TrendMicro, and Tenable, to securetheir AWS environments. AWS supports distribution of third-party agents with AWS Systems Manager Distributor (Distributor). Distributor lets you package your own software or […]

Gaining more control over Multi-Regional AWS CloudFormation deployments

Routinely deploying resources to multiple regions is increasingly normal for situations like Disaster Recovery (DR), regulatory and compliance, and end-user latency requirements. Keeping multiple environments in sync is challenging and drives Infrastructure as Code (IaC) adoption through services like AWS CloudFormation. This post demonstrates a generic design pattern for orchestrating multi-Regional deployments when you need […]

Managing the multi-account environment using AWS Organizations and AWS Control Tower

Managing the multi-account environment using AWS Organizations and AWS Control Tower

This is the third post in our series about multi-account management. In the first post, Governance, risk, and compliance when establishing your cloud presence, we focus on design considerations for managing in a cloud environment. Our second post, Best Practices for Organizational Units with AWS Organizations, provides guidance for a production-ready organizational unit (OU) structure when creating […]

Latest from AWS Organizations

The latest from AWS Organizations (Spring 2021)

AWS Organizations provides features customers can use to manage their AWS environment across accounts. When paired with other AWS services, AWS Organizations helps you manage permissions, create and share resources, govern your environment, and centrally control your security requirements. Here’s what the team has been up to since our virtual 2020 re:Invent season. Use attribute-based […]

2020 in Review for AWS CloudFormation

As we move into 2021, we would like to provide a recap of how AWS CloudFormation coverage changed in 2020 and offer you a look at new features. These changes lay the foundation for 2021 as we focus on registry, resource types, and resource coverage. Resource Coverage In 2019, we released the AWS CloudFormation registry, […]

CloudFormation StackSets delegated administration

If you are using AWS CloudFormation StackSets, you are having to manage your stacks from the AWS Organizations management account. According to best practice, the management account should be used only for tasks that require it. Until today, you had to use the management account to manage your AWS CloudFormation stack sets. To help limit […]