Tag: AWS CloudFormation

Balancing developer freedom and governance controls is a key challenge faced by organizations that are adopting cloud. On one hand, developers need the freedom to innovate and develop new applications and services quickly and on the other, organizations need to maintain control over the resources used and the data processed in order to ensure compliance […]

Overview Effective operation of cloud applications and services demands a strong focus on monitoring and observability. It’s critical for your teams to define, capture, and analyze metrics, ensuring operational visibility and extracting actionable insights from logs. In many companies, technical teams share integrated systems to monitor the services or infrastructure they manage. Shared observability systems […]

AWS Trusted Advisor inspects your AWS infrastructure and provides best practice recommendations when opportunities exist to reduce cost, optimize your AWS infrastructure, improve system availability and performance, help close security gaps and monitor service quotas. Trusted Advisor recommendations are based on best practices identified by AWS services experts and learnings from serving thousands of customers […]

Introduction Many of my customers use AWS CloudFormation to streamline provisioning operations for AWS and third-party resources, that they describe with code in JSON- or YAML-formatted CloudFormation templates. Some workloads require custom logic or inputs beyond standard parameter values. For these scenarios, an often overlooked and useful CloudFormation feature lies in AWS Lambda-backed custom resources. With Lambda-backed custom […]

Service control policies (SCPs) are a set of policies that allow organizations to manage permissions using AWS Organizations. SCPs help control access to AWS services and resources provisioned across multiple accounts created within an organization. In addition, SCPs enable you to set up permission guardrails by defining the maximum available permissions for IAM principals in […]

Customers want flexibility and simpler ways to manage their AWS accounts. There are several ways customers can choose to customize their AWS account deployments at scale with flexibility such as Account Factory Customization (AFC), a native solution within AWS Control Tower account factory, or Customizations for Control Tower (CfCT), which this blog focuses on. To […]

AWS Systems Manager Patch Manager helps AWS customers manage and automate the process of patching their Linux and Windows managed nodes in AWS and hybrid environments. It provides various options and allows greater control over which patches are approved or rejected during installation using patch baselines. One parameter of patch baseline approval rules is the Auto […]

Customers build, deploy, and maintain millions of web applications on AWS and many customers deploy these applications using NGINX. The NGINX application server offers configurability, scalability, and the ability to handle millions of concurrent requests. Web application performance is key in modern enterprise infrastructure and applications. Customers leverage CloudWatch to monitor response times, uptime, and […]

Amazon CloudWatch Synthetics offers an automated approach to monitoring the performance and availability of your application endpoints, REST APIs, and website content, allowing you to discover issues before your customers do. As your applications and suite of accompanying canaries grows over time, it becomes more challenging and time consuming to manage them at scale. This […]

There are many benefits to using Infrastructure as Code (IaC), but as you grow your infrastructure or your IaC coverage, the number of components and their dependencies can become increasingly more complex. In this post we will walk through strategies to address this complexity. CloudFormation has built-in support for defining dependencies across resources in your […]