Tag: Management and Governance

We are excited to announce the general availability (GA) of the integration between AWS Control Tower and AWS Security Hub. With this GA release, AWS Control Tower can detect control operations performed on the Security Hub detective controls from the Security Hub service. This includes the ability to detect if Security Hub controls enabled via […]

Customers want flexibility and simpler ways to manage their AWS accounts. There are several ways customers can choose to customize their AWS account deployments at scale with flexibility such as Account Factory Customization (AFC), a native solution within AWS Control Tower account factory, or Customizations for Control Tower (CfCT), which this blog focuses on. To […]

In January 2022, AWS announced general availability of AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store and query activity logs for auditing, security investigation and operational troubleshooting. Since launch, thousands of customers have adopted this feature. We are excited to announce that CloudTrail Lake dashboards are now […]

Maintaining application and data resilience in the face of an ever-evolving risk landscape is a challenge for applications with legacy architectures. These risks can include ransomware attacks, natural disasters, user error, hardware faults, and many others. Organizations want to recover workloads within appropriate timescales with minimal loss of data from an unforeseen event. Organizations seek […]

Do you have thousands of Amazon CloudWatch alarms across AWS Regions and want to quickly identify which ones are low-value alarms or misconfigured alarms across regions? Are you looking for ways to identify alarms which are in ‘ALARM’ or ‘IN_SUFFICIENT’ state for several days and need to be revisited? Do you need a cleanup mechanism […]

AWS Systems Manager Automation runbooks let you deploy, configure, and manage AWS resources safely and at scale. You can use AWS-published runbooks or build your own to enable AWS resource management across multiple accounts and regions. The AWS Cloud Development Kit (AWS CDK v2) is an open-source framework that can build applications with the expressive power of […]

Operations Teams (Ops Teams) across enterprises typically rely on documented architecture diagrams to understand the dependencies of various workloads deployed on AWS. As enterprises continue to deploy large-scale multi-tiered workloads, it can become challenging for Ops Teams to track the ever changing relationships between the deployed resources, often meaning that documentation can’t keep up with […]

AWS Organizations simplifies multi-account governance for customers with tools to centrally manage their AWS accounts and offers two feature modes all features and consolidated billing. With all features enabled, the default and preferred approach, customers can centrally manage other AWS services that are integrated with AWS Organizations and apply organization-wide controls with the management policies. […]

Many customers that use Amazon Managed Grafana have a need to restrict the Grafana workspace public access and enable fine-grained control to allow which traffic sources can reach the Grafana workspace. Today, we are announcing Amazon Managed Grafana’s new feature that supports inbound network access control. This enables you to secure Grafana workspaces using VPC […]

This blog post covers best practices to manage and reverse technical debt by prudently leveraging and operating cloud services. Technical debt is a metaphor coined by Ward Cunningham, to deal with the cost of making tradeoffs in software development to meet near-term business needs. In the case of financial debt, you take a loan to […]