AWS Cloud Operations & Migrations Blog

Tag: AWS Organizations

AWS Systems Manager patch compliance data to AWS Security Hub

Multi-Account patch compliance with Patch Manager and Security Hub

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Read More

Deploy AWS Config Rules and Conformance Packs using a delegated admin

AWS Config Rules allow customers to evaluate the configuration of resources against best practices and perform remediation when specified configuration policies are not being followed. Using AWS Config Conformance Packs, customers can create a collection of AWS Config rules and remediation actions in a single pack that can be deployed across AWS Organizations. This provides […]

Read More

Automate account creation and resource provisioning for AWS GovCloud(US), using AWS Service Catalog, AWS Organizations, and AWS Lambda

Public and private sector customers are now often working to automate their account creation and operations into the AWS GovCloud (US) Regions. These customers use the AWS GovCloud (US) Regions to access FedRamp certified services and ITAR-governed datasets for multiple accounts. Managing this type of multi-account enterprise footprint with AWS Organizations helps reduce operational costs […]

Read More

Keep up on the latest from AWS Organizations–Spring 2020

The team here at AWS Organizations has been busy developing new features to make it easier for you to manage multiple AWS accounts, whether you are automating new account creation, consolidating resources into a single bill, or maintaining access safeguards around your resources. There are many new announcements at AWS, so we’re starting this quarterly […]

Read More

Manage custom AWS Config rules with remediations using conformance packs

Different organizations have different compliance and security requirements for their resources and accounts. AWS Config makes it easier for customers to implement these controls. While AWS Config offers customers a wide selection of managed AWS Config rules that help them comply with their requirements, there are customers who require more customized control and can take […]

Read More
ahova architecture diagram

Send Organizational AWS Health Events to Amazon Chime or Slack

There’s now a much easier solution! Please see our blog post on AWS Health Aware – Customize AWS Health Alerts for Organizational and Personal AWS Accounts.  Receiving notifications for AWS Health events can be done in multiple ways depending on your desired platform, from email notifications with Amazon SNS to account-specific chat notifications with AWS […]

Read More

Deploy Conformance Packs across an Organization with Automatic Remediation

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale – from policy definition to auditing and aggregated reporting using a common framework and packaging model. Many enterprises have multiple AWS accounts to manage their AWS infrastructure and demand an easy way to manage compliance policy definitions across their organization. […]

Read More

Introducing AWS Config Multi-Account, Multi-Region support for Advanced Query

I’m excited to introduce you to our latest feature addition, AWS Config Advanced Query. Advanced query, launched last year, makes it easy to query the resource configuration properties of your AWS resources for audit, compliance, or operational troubleshooting using simple SQL-like queries. With our latest release, you can now use Advanced query with configuration aggregators, enabling you […]

Read More

Enabling self-service provisioning of AWS resources with AWS Control Tower

Customers provision new accounts in AWS Control Tower whenever they are on-boarding new business units or setting up application workloads. In some cases, organizations also want their cloud users, developers, and data scientists to deploy self-service standardized and secure patterns and architectures with the new account. Here are a few examples: A developer or cloud […]

Read More

Simplifying setup for new accounts using Service Quotas

Service Quotas enables you to view and manage your quotas for AWS services from a central location. You can currently view and manage over 100 services, such as Amazon VPC, Amazon DynamoDB, and Amazon RDS. Recently, we made it easier to manage quotas for Amazon EC2 with vCPU-based On-Demand Instance limits, which reduce the number […]

Read More