AWS Cloud Operations & Migrations Blog

Tag: Management and Governance

Best practices for applying controls with AWS Control Tower

Enabling effective governance in a multi-account environment and aligning with AWS best practices and common compliance frameworks can be a complex endeavor. Many customers, particularly those operating in regulated industries, face the challenge of investing time and resources in identifying risks and developing their own controls to address service relationships and dependencies. This process can […]

How to audit the support level of your AWS accounts using AWS Config

How to audit the support level of your AWS accounts using AWS Config

At AWS, we offer a variety of tools to assist our customers during their cloud journey. From AWS re:POST where you can ask AWS related questions to the community, to AWS Skill Builder where customers can view on-demand video content and sign up to attend online and live training sessions. AWS also offers various support […]

Manage continuous compliance by using AWS Config Configuration Recorder resource type

AWS Config recently added support for configuration recorder as a resource type. The AWS::Config::ConfigurationRecorder resource is a configuration item (CI) for configuration recorder that tracks changes to the state of AWS Config configuration recorder (configuration recorder). You can use this CI to check if the state of the configuration recorder has changed (drifted), from its […]

Accelerate Your Enterprise On-Premises Migration to AWS Cloud

In this blog post, we will explore the top five guiding principles that you need to address before starting a large-scale migration from on-premises to the AWS cloud. As the AWS Professional Services team, the authors bring their combined experience in leading large migrations involving thousands of applications in datacenter exit projects across Healthcare & Life […]

Simplify analysis of AWS CloudTrail data leveraging Amazon CloudWatch machine learning and advanced capabilities

AWS CloudTrail tracks user and API activities across AWS environments for governance and auditing purposes and allows customers to centralize a record of these activities. Customers have the option to send AWS CloudTrail logs to Amazon CloudWatch that simplifies and streamlines the analysis and monitoring of AWS CloudTrail recorded activities. Amazon CloudWatch anomaly detection allows […]

Achieving operational excellence with design considerations for AWS Organizations SCPs

Service control policies (SCPs) are a set of policies that allow organizations to manage permissions using AWS Organizations. SCPs help control access to AWS services and resources provisioned across multiple accounts created within an organization. In addition, SCPs enable you to set up permission guardrails by defining the maximum available permissions for IAM principals in […]

Improve your security posture with AWS Control Tower and AWS Security Hub integration

We are excited to announce the general availability (GA) of the integration between AWS Control Tower and AWS Security Hub. With this GA release, AWS Control Tower can detect control operations performed on the Security Hub detective controls from the Security Hub service. This includes the ability to detect if Security Hub controls enabled via […]

CfCt AWS SAM blog

Simplify infrastructure deployments using Customizations for AWS Control Tower and AWS Serverless Application Model

Customers want flexibility and simpler ways to manage their AWS accounts. There are several ways customers can choose to customize their AWS account deployments at scale with flexibility such as Account Factory Customization (AFC), a native solution within AWS Control Tower account factory, or Customizations for Control Tower (CfCT), which this blog focuses on. To […]

Announcing AWS CloudTrail Lake Dashboards – Visualize and Analyze CloudTrail data

In January 2022, AWS announced general availability of AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store and query activity logs for auditing, security investigation and operational troubleshooting. Since launch, thousands of customers have adopted this feature. We are excited to announce that CloudTrail Lake dashboards are now […]

How to test your AWS Elastic Disaster Recovery implementation

Maintaining application and data resilience in the face of an ever-evolving risk landscape is a challenge for applications with legacy architectures. These risks can include ransomware attacks, natural disasters, user error, hardware faults, and many others. Organizations want to recover workloads within appropriate timescales with minimal loss of data from an unforeseen event. Organizations seek […]