AWS Cloud Operations Blog
Tag: AWS Systems Manager
Improve governance and business agility using AWS Management and Governance videos – part 2
This blog post highlights newly published videos on the AWS Management and Governance YouTube channel that help you enable, provision, and operate your AWS environments effectively. The first part of this blog series was published last spring. The objective of these video-based, hands-on solutions is to enable you to innovate faster while maintaining control over […]
Using AWS Systems Manager OpsCenter and AWS Config for compliance monitoring
In this post, I show how AWS Systems Manager OpsCenter can be used to centrally record and mitigate alerts from AWS Config. When AWS Config detects a resource that is out of compliance, an OpsItem is created. This OpsItem is used to track details of the noncompliant resource, record investigative actions, and provide access to […]
Use AWS License Manager API operations to manage your software licenses in the cloud
Learn with Shree on how to use AWS License Manager public API operations to manage your software licenses in the cloud.
Deploying application configuration to serverless: Introducing the AWS AppConfig Lambda extension
At AWS, we feel strongly that separating application configuration from application code is a best practice. Being able to deploy configuration independently from code makes it possible to build services like Service Quotas and launch new services and features right as we announce them. If we didn’t separate these, even a simple configuration change would […]
Keep up on the latest from AWS Organizations- Summer 2020
This is our second installment of the latest news from AWS Organizations, which allows you to centrally manage and govern your AWS environment across accounts. We have had some exciting launches over the past few months, including new service integrations and Region expansions. Here’s the latest since April 2020: Create a backup policy that applies […]
Manage instances using AWS Systems Manager Quick Setup across AWS Organization
Are you an operations administrator trying to enable common configurations such as agent updates or patch scanning across your company? AWS Systems Manager Quick Setup now supports AWS Organizations. With this feature, Organization master accounts can now easily define configurations for Systems Manager to engage on your behalf across accounts in your Organization. You can […]
Keeping Ansible effortless with AWS Systems Manager
Ansible is a powerful tool because it lets you handle many complicated tasks with minimal effort. Some time ago, I published running Ansible playbooks using Systems Manager blog when the first version of the AWS Systems Manager (SSM) document was released, which enabled support for Ansible. In that blog, I discussed the tight integration of […]
Multi-Account patch compliance with Patch Manager and Security Hub
Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]
Setting up custom AWS Config rule that checks the OS CIS compliance
AWS announced that AWS Systems Manager’s Run Command now offers Chef InSpec audits through the AWS-RunInspecChecks document. This is a significant win for Systems Manager enthusiasts and other users who prefer an OS-based compliance check solution rather than using a whole new cloud service. This blog post is not about how to keep an OS […]
Applying managed instance policy best practices
Since AWS Systems Manager was launched, the service has continued to add new features for customers to use. Many features are enabled by granting your Amazon EC2 instances and on-premises servers access to Systems Manager using an AWS Identity and Access Management (IAM) role with the necessary permissions. To provide customers more flexible, fine-grained permission […]