AWS Management & Governance Blog

Tag: AWS CloudFormation

Remediate drift via resource import with AWS CloudFormation

When it comes to restaurants, consistency is key. Being able to create a salad once is simple, but being able to recreate the exact salad multiple times tends to be more difficult. Little variances between them may cause issues, like too much or not enough salad dressing, ruining the balance of the composed salad. Infrastructure […]

Read More

Duplicating infrastructure on AWS

In large enterprise organizations, it’s challenging to maintain standardization across environments. This is especially true if these environments are provisioned in a self-service manner—and even more so when new users access these provisioning services. Once you have the resources deployed into an environment, it can be hard, or even impossible, to change it. In case […]

Read More

Deploy Conformance Packs across an Organization with Automatic Remediation

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale – from policy definition to auditing and aggregated reporting using a common framework and packaging model. Many enterprises have multiple AWS accounts to manage their AWS infrastructure and demand an easy way to manage compliance policy definitions across their organization. […]

Read More

Mechanisms to govern license usage with AWS License Manager

AWS License Manager streamlines the process of bringing software vendor licenses to the cloud. As you build your applications in AWS that use third party licenses or move your on-premises workloads to AWS, you can save costs by using bring-your-own-license (BYOL) opportunities. This can be done by re-purposing your existing license inventory for use with […]

Read More
Active Directory AWS Control Tower diagram

Extend a self-managed Active Directory to AWS Control Tower

One common use case for customers during the early cloud journey is to use existing identity service such as Microsoft Active Directory. In this blog post, I show you how to setup AWS Control Tower to delegate user authentication to a self-managed Microsoft Active Directory via AWS Managed Microsoft AD. This blog post shows a […]

Read More

AWS CloudFormation: Signed, sealed, and deployed

State Street Corporation is a global bank that is responsible for managing over 10% of the world’s wealth.  It also focuses on engineering better outcomes for its investors and customers, striving to bring innovative solutions to market and enhance customer value. To manage complexity and provide a stable agile platform, State Street uses Infrastructure as […]

Read More

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More

How to Create an AWS Cross-Account Support Case Dashboard

At AWS, our customer obsession drives us to leave no stone unturned in helping our customers achieve success. Therefore, when a customer finds an interesting way to create valuable functionality using a combination of AWS services, we want to let our other customers know about it so they can also reap the benefits. A great […]

Read More

How to self-service manage AWS Auto Scaling groups and Amazon Redshift with AWS Service Catalog Service Actions

Some of the customers I work with provide AWS Service Catalog products to their end-users to enable self-service for launching and managing Amazon Redshift, EMR clusters or web applications at scale using AWS Auto Scaling groups. These end-users would like the ability to self-manage these resources, for example, be able to take a snapshot of […]

Read More

Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB

Introduction Many AWS customers either integrate ServiceNow into their existing AWS services or set up both ServiceNow and AWS services for simultaneous use. One challenge in this use case is the need to update your configuration management database (CMDB) when a new spin-up instance appears in AWS. This post demonstrates how to integrate AWS Config […]

Read More