AWS Management & Governance Blog

Tag: AWS Systems Manager

Setting up custom AWS Config rule that checks the OS CIS compliance

AWS announced that AWS Systems Manager’s Run Command now offers Chef InSpec audits through the AWS-RunInspecChecks document. This is a significant win for Systems Manager enthusiasts and other users who prefer an OS-based compliance check solution rather than using a whole new cloud service. This blog post is not about how to keep an OS […]

Read More

Applying managed instance policy best practices

Since AWS Systems Manager was launched, the service has continued to add new features for customers to use. Many features are enabled by granting your Amazon EC2 instances and on-premises servers access to Systems Manager using an AWS Identity and Access Management (IAM) role with the necessary permissions. To provide customers more flexible, fine-grained permission […]

Read More
Solution architecture for the proposed solution

Automate RDS Aurora Snapshots for disaster recovery

It is important to have a well-defined proactive disaster recovery strategy for efficient and uninterrupted flow of data across an organization. This applies to all components of your application architecture, including the database layer. While Amazon Aurora database clusters are fault-tolerant and highly available by design, for disaster recovery use cases, customers prefer to keep […]

Read More

How to execute Chef recipes using AWS Systems Manager

It’s exciting to see how many AWS customers are taking advantage of AWS Systems Manager to manage and deploy infrastructure configuration at scale. I have previously blogged about the benefits of using AWS Systems Manager with configuration management tools, including Ansible and Salt. Recent improvements to the configuration management functionality, has made the service even […]

Read More

Deploy Conformance Packs across an Organization with Automatic Remediation

AWS Config conformance packs help you manage configuration compliance of your AWS resources at scale – from policy definition to auditing and aggregated reporting using a common framework and packaging model. Many enterprises have multiple AWS accounts to manage their AWS infrastructure and demand an easy way to manage compliance policy definitions across their organization. […]

Read More

Providing temporary instance permissions with AWS Systems Manager Automations

Instances might have to call certain API actions or access certain resources during an AWS Systems Manager Automation execution. What if you don’t want to apply the additional permissions to the instance’s existing instance profile? In this post, I show you how to provide temporary permissions to instances when executing an Automation within the document […]

Read More
EMR Cluster

Using AWS Systems Manager Run Command to submit Spark/Hadoop jobs on Amazon EMR

Many customers use Amazon EMR with Apache Spark to build scalable big data pipelines. For large-scale production pipelines, a common use case is to read complex data from a variety of sources. This data must be transformed to make it useful to downstream applications, such as machine learning pipelines, analytics dashboards, and business reports. Such […]

Read More

Using AWS Systems Manager Change Calendar to prevent changes during critical events

When applications and their development teams grow or evolve around service-specific independent teams, coordination and visibility among projects, deployments and operational events become a critical issue. AWS customers use multiple AWS accounts for many different reasons, adding guardrails around resources and increasing the need for collaboration between different AWS account owners and teams. Previously, these […]

Read More

Controlling your AWS costs by deleting unused Amazon EBS volumes

Customers across industries and verticals consider cost management as one of their top priorities. Limited visibility into a volume’s lifecycle can result in costs for unutilized resources. AWS builds cost-management products to access, organize, understand, control, and optimize costs on AWS. Unused and overlooked Amazon EBS volumes contribute to AWS costs. The lifecycle of EBS […]

Read More

Amazon S3 bucket compliance using AWS Config Auto Remediation feature

AWS Config keeps track of the configuration of your AWS resources and their relationships to your other resources. It can also evaluate those AWS resources for compliance. This service uses rules that can be configured to evaluate AWS resources against desired configurations. For example, there are AWS Config rules that check whether or not your […]

Read More