AWS Cloud Operations Blog
Tag: Management and Governance
Centralize AWS Cost Anomaly Detection using Amazon Managed Grafana
AWS Cost Anomaly Detection uses advanced Machine Learning to identify anomalous spend and root causes, empowering the customers to take action quickly. Currently, in order to view the AWS Cost Anomalies in AWS Cost Explorer, it requires the user to have IAM user access privileges on the AWS Management Console. The ability to centrally monitor and […]
Setup memory metrics for Amazon EC2 instances using AWS Systems Manager
Amazon Elastic Compute Cloud (Amazon EC2) emits several metrics for your EC2 instance to Amazon CloudWatch. However, memory metrics isn’t one of the default metrics provided by Amazon EC2. Several memory heavy applications like Big Data Analytics, In-memory Databases, Real-time Streaming require you to monitor memory utilization on the instances for operational visibility. These applications […]
Automated Evidence Collection for Life Sciences continuous compliance solutions using AWS Audit Manager
In the first post of this two-part series, we highlighted how Life Sciences customers can implement a controlled change management process using AWS Systems Manager Change Manager and AWS Config. The solution in our first post, highlighted how a you can follow your Standard Operating Procedures (SOP’s) by implementing approval steps in order to make […]
Automating organizational policies with custom AWS Config Rules and evidence collection in AWS Audit Manager
AWS Config is a service that allows you to evaluate your AWS resources against a desired configuration state using AWS Config Rules. Two types of rules exist, managed rules which are meant to be used out-of-the-box and custom rules for which you define your desired configuration state via code. AWS Audit Manager can help you […]
Best practices for applying controls with AWS Control Tower
Enabling effective governance in a multi-account environment and aligning with AWS best practices and common compliance frameworks can be a complex endeavor. Many customers, particularly those operating in regulated industries, face the challenge of investing time and resources in identifying risks and developing their own controls to address service relationships and dependencies. This process can […]
How to audit the support level of your AWS accounts using AWS Config
At AWS, we offer a variety of tools to assist our customers during their cloud journey. From AWS re:POST where you can ask AWS related questions to the community, to AWS Skill Builder where customers can view on-demand video content and sign up to attend online and live training sessions. AWS also offers various support […]
Manage continuous compliance by using AWS Config Configuration Recorder resource type
AWS Config recently added support for configuration recorder as a resource type. The AWS::Config::ConfigurationRecorder resource is a configuration item (CI) for configuration recorder that tracks changes to the state of AWS Config configuration recorder (configuration recorder). You can use this CI to check if the state of the configuration recorder has changed (drifted), from its […]
Accelerate Your Enterprise On-Premises Migration to AWS Cloud
In this blog post, we will explore the top five guiding principles that you need to address before starting a large-scale migration from on-premises to the AWS cloud. As the AWS Professional Services team, the authors bring their combined experience in leading large migrations involving thousands of applications in datacenter exit projects across Healthcare & Life […]
Simplify analysis of AWS CloudTrail data leveraging Amazon CloudWatch machine learning and advanced capabilities
AWS CloudTrail tracks user and API activities across AWS environments for governance and auditing purposes and allows customers to centralize a record of these activities. Customers have the option to send AWS CloudTrail logs to Amazon CloudWatch that simplifies and streamlines the analysis and monitoring of AWS CloudTrail recorded activities. Amazon CloudWatch anomaly detection allows […]
Achieving operational excellence with design considerations for AWS Organizations SCPs
Service control policies (SCPs) are a set of policies that allow organizations to manage permissions using AWS Organizations. SCPs help control access to AWS services and resources provisioned across multiple accounts created within an organization. In addition, SCPs enable you to set up permission guardrails by defining the maximum available permissions for IAM principals in […]