AWS Cloud Operations & Migrations Blog

Tag: Management and Governance

Using AWS Launch Wizard, AWS Marketplace, and AWS Service Management Connector for ServiceNow to deploy SAP HANA based applications on AWS

More than 5,000 of our customers run SAP on AWS and more than half of them have deployed SAP HANA-based solutions on AWS. Since 2008, when SAP became an AWS customer, customers have been bringing their SAP landscapes to AWS and using it as their platform for innovation. AWS Launch Wizard helps customers to deploy […]

Example Dashboard

View AWS Trusted Advisor recommendations at scale with AWS Organizations

Since 2014, AWS Trusted Advisor has been providing customers with visibility into an individual AWS account and providing recommendations based on known AWS best practices. Trusted Advisor makes recommendations to help customers achieve a better security posture, control their costs, optimize application performance, design better fault tolerance, and maintain control over their AWS service limits […]

Successful creation of canary shows the status, previous canary runs and the list of canaries for the user.

Secure monitoring of user workflow experience using Amazon CloudWatch Synthetics and AWS Secrets Manager

Customers often need an easy way to monitor the URLs, API endpoints, and critical GUI workflows of their web applications in a secure fashion. Monitoring helps keep the service available by detecting performance bottlenecks and operational issues as soon as they arise. Customers also want to be alerted when availability and latency issues occur so […]

Improve governance and business agility using AWS Management and Governance videos – part 2

This blog post highlights newly published videos on the AWS Management and Governance YouTube channel that help you enable, provision, and operate your AWS environments effectively. The first part of this blog series was published last spring. The objective of these video-based, hands-on solutions is to enable you to innovate faster while maintaining control over […]

AWS CloudFormation StackSet Orchestration: Automated deployment using AWS Step Functions

We often use AWS CloudFormation StackSets to automatically deploy infrastructure into many different accounts. Whether they are managed by AWS Control Tower or AWS Organizations, StackSets provide a simple and automated way to handle the creation of resources and infrastructure right after provisioning a new account. You can automatically deploy StackSets to accounts that belong […]

Write preventive compliance rules for AWS CloudFormation templates the cfn-guard way

Continuous delivery pipelines, combined with infrastructure as code tools like AWS CloudFormation, allow our customers to manage applications in a safe and predictable way. CloudFormation helps customers model and provision their AWS and third-party application resources, with features such as rollback to provide automation and safety. Together with tools such as AWS CodeBuild, AWS CodePipeline, […]

Configure Session Manager access for federated users using SAML session tags

In this blog post, we show you how to configure Attribute-Based Access Control (ABAC) permissions to federate users into AWS Systems Manager Session Manager. We demonstrate how you can use attributes defined in external identity systems as part of the ABAC decisions within AWS, with SAML session tags. For example, you can grant access to […]

AWS Systems Manager patch compliance data to AWS Security Hub

Multi-Account patch compliance with Patch Manager and Security Hub

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Automating the discovery of licensed software using AWS License Manager

Software license management often comes with the challenges of staying compliant, controlling overages, and managing vendor audits. Significant time and manual effort go into making sure that software license inventories are updated and ready for auditing. Bringing cloud infrastructure into the picture, with the ability to spin up virtual servers in minutes, means that managing […]