AWS Management & Governance Blog

Tag: AWS Organizations

Best Practices for Organizational Units with AWS Organizations

AWS customers look to move quickly and securely when launching new business innovations. The multi-account framework provides guidance to help customers plan their AWS environment. The framework is designed to meet security needs, while maintaining the ability to scale and adapt their environments with changing business demands. The basis of a well-architected multi-account AWS environment […]

Read More
Delegated Administrator for AWS Service Catalog

Simplify sharing your AWS Service Catalog portfolios in an AWS Organizations setup

Note: This is a June 2020 update to the blog post How to set up a multi-region, multi-account catalog of company standard AWS Service Catalog products. Overview I have seen interest in the native infrastructure template sharing capabilities offered by AWS Service Catalog. For example, my customers share AWS Service Catalog portfolios directly to AWS […]

Read More
AWS Systems Manager patch compliance data to AWS Security Hub

Multi-Account patch compliance with Patch Manager and Security Hub

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Read More

Deploy AWS Config Rules and Conformance Packs using a delegated admin

AWS Config Rules allow customers to evaluate the configuration of resources against best practices and perform remediation when specified configuration policies are not being followed. Using AWS Config Conformance Packs, customers can create a collection of AWS Config rules and remediation actions in a single pack that can be deployed across AWS Organizations. This provides […]

Read More

Automate account creation and resource provisioning for AWS GovCloud(US), using AWS Service Catalog, AWS Organizations, and AWS Lambda

Public and private sector customers are now often working to automate their account creation and operations into the AWS GovCloud (US) Regions. These customers use the AWS GovCloud (US) Regions to access FedRamp certified services and ITAR-governed datasets for multiple accounts. Managing this type of multi-account enterprise footprint with AWS Organizations helps reduce operational costs […]

Read More

Keep up on the latest from AWS Organizations–Spring 2020

The team here at AWS Organizations has been busy developing new features to make it easier for you to manage multiple AWS accounts, whether you are automating new account creation, consolidating resources into a single bill, or maintaining access safeguards around your resources. There are many new announcements at AWS, so we’re starting this quarterly […]

Read More
Multi-account framework

Governance, risk, and compliance when establishing your cloud presence

When speaking with the business and technology leaders I work with, they express the need to bring new products and services to market quickly. They must also stay secure while doing so. At the same time, they must maintain a resilient environment while adapting workloads to changing business needs over time. In this multi-part blog […]

Read More

Manage custom AWS Config rules with remediations using conformance packs

Different organizations have different compliance and security requirements for their resources and accounts. AWS Config makes it easier for customers to implement these controls. While AWS Config offers customers a wide selection of managed AWS Config rules that help them comply with their requirements, there are customers who require more customized control and can take […]

Read More
ahova architecture diagram

Send Organizational AWS Health Events to Amazon Chime or Slack

Receiving notifications for AWS Health events can be done in multiple ways depending on your desired platform, from email notifications with Amazon SNS to account-specific chat notifications with AWS Chatbot. Recently, the team behind AWS Health API (available to AWS Business/Enterprise Support customers) released AWS Health Organizational View, which allows you to aggregate all AWS […]

Read More

Deploy Conformance Packs across an Organization with Automatic Remediation

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale – from policy definition to auditing and aggregated reporting using a common framework and packaging model. Many enterprises have multiple AWS accounts to manage their AWS infrastructure and demand an easy way to manage compliance policy definitions across their organization. […]

Read More