AWS Cloud Operations Blog
Tag: AWS CloudTrail
Prepare for an Audit in AWS Part 2 – General Best Practices
In Part 1 of this blog series, I discussed how you can use purpose-built services, such as AWS Audit Manager, AWS Config, and AWS Artifact, to help with almost any audit that you may be preparing for, with features geared specifically to what is required by an audit. But the story shouldn’t start there. Instead, […]
Prepare for an Audit in AWS Part 1 – AWS Audit Manager, AWS Config, and AWS Artifact
AWS customers represent a range of different verticals, locations, and sizes. Given today’s digital, global economy, customers have various governance needs based upon their geographies. Regardless of the regulations or standards, AWS provides services and resources that help our customers prepare to meet those requirements. In this post, I demonstrate how you can use AWS […]
Find the most evaluated AWS Config rules using AWS CloudTrail Lake
In this post, I’ll show you how to find most evaluated AWS Config rules to dive deep into AWS Config charges on your invoice by using AWS CloudTrail Lake. The solution uses the new AWS CloudTrail feature, CloudTrail Lake, to analyze CloudTrail events. AWS Config is a service that enables you to assess, audit, and […]
Announcing AWS CloudTrail Lake – a managed audit and security Lake
Organizations managing cloud infrastructure in AWS need effective mechanisms to audit operations in their AWS accounts for security and compliance. In November 2013, we announced AWS CloudTrail as the auditing platform for AWS. Since then, millions of customers have adopted this service. We believe CloudTrail is so important to AWS customers’ success that every new […]
Improve governance and business agility using AWS Management and Governance videos – part 2
This blog post highlights newly published videos on the AWS Management and Governance YouTube channel that help you enable, provision, and operate your AWS environments effectively. The first part of this blog series was published last spring. The objective of these video-based, hands-on solutions is to enable you to innovate faster while maintaining control over […]
Analyzing AWS CloudTrail in Amazon CloudWatch
In this blog post, we learn how to ingest AWS CloudTrail log data into Amazon CloudWatch to monitor and identify your AWS account activity against security threats, and create a governance framework for security best practices. We will analyze log trail event data in CloudWatch using features such as Logs Insight, Contributor Insights, Metric filters […]
Using lifecycle events to track AWS Control Tower actions and trigger automated workflows
Many customers that I work with are creating and provisioning new accounts using AWS Control Tower. They prefer an AWS native solution for creating their environment knowing that it will be based upon documented AWS Best Practices. As customers scale their account creation, there exists an opportunity to use additional Control Tower features to perform […]
Building a fully automated Dow Jones Asset Tracking System on AWS
Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 130 years and today has one of the world’s largest news gathering operations globally. It […]
Controlling your AWS costs by deleting unused Amazon EBS volumes
Customers across industries and verticals consider cost management as one of their top priorities. Limited visibility into a volume’s lifecycle can result in costs for unutilized resources. AWS builds cost-management products to access, organize, understand, control, and optimize costs on AWS. Unused and overlooked Amazon EBS volumes contribute to AWS costs. The lifecycle of EBS […]
How to Detect and Mitigate Guardrail Violation with AWS Control Tower
Many companies that I work with would like to innovate fast in the cloud by adopting a self-service infrastructure provisioning model in a multi-account environment. However, maintaining security and governance in such a model is an organizational challenge. Without structured guardrails and baseline configuration enforcement, troubleshooting and mitigating risk can be cumbersome. AWS Control Tower […]