AWS Cloud Operations Blog
Your Essential Guide to Cloud Governance at AWS re:Invent 2025
With organizations increasingly recognizing governance as a strategic enabler rather than a compliance burden, this year’s Cloud Governance under AWS Cloud Ops track delivers cutting-edge sessions that bridge the gap between operational excellence and business innovation.
The governance landscape is evolving rapidly, and this year’s sessions are organized around four critical themes that reflect the most pressing challenges and opportunities facing cloud governance professionals today.
Plan Your Cloud Governance Track Experience
This year there are four key themes to Cloud Governance under AWS Cloud Ops track. It offers something for everyone, from hands-on workshops to expert-level discussions. To make the most of your re:Invent experience, we recommend:
- Focus on your priorities: Select sessions that align with your organization’s immediate operational challenges
- Mix formats: Combine lecture-style sessions with interactive workshops and builders’ sessions
- Plan for skill development: Choose sessions that match your current skill level and those that stretch your capabilities
- Reserve early: Popular sessions fill up quickly, so reserve your spot as soon as registration opens
Key Themes at re:invent for Cloud Governance
Cloud Governance under AWS Cloud Ops track at re:Invent 2025 is organized around four key themes that address today’s most pressing operational challenges:
1. Generative AI & Intelligent Governance
The integration of generative AI into governance workflows is revolutionizing how organizations manage compliance, controls, and operational oversight. From using Amazon Q to analyze CloudTrail logs to leveraging AI for automated control validation, these technologies are transforming reactive governance into proactive, intelligent systems that can predict issues, automate responses, and provide context-aware insights at scale.
2. Operational Efficiency & Cost Optimization
Effective governance isn’t just about security and compliance; it’s about enabling business agility while optimizing resources. Modern governance frameworks must balance robust controls with operational efficiency, implementing cost-effective monitoring strategies, streamlining account management, and automating routine tasks to free teams for strategic initiatives.
3. Secure Operations & Automation
Security governance is evolving from checkbox compliance to automated, continuous protection that enables rather than constrains business operations. Through policy-as-code, automated compliance validation, and proactive security controls, organizations can build governance frameworks that scale with their growth while maintaining strong security postures.
4. Multicloud & Sovereign Cloud Requirements
As organizations expand globally and across multiple cloud environments, governance must address complex requirements around data sovereignty, regional compliance, and cross-border operations. These sessions explore how to maintain consistent governance across diverse environments while meeting country-specific regulations and maintaining operational flexibility.
Choose Your Learning Path
Here are the must-attend Cloud Governance sessions organized by theme to help you build your personalized agenda:
Generative AI & Intelligent Governance
Transform your governance approach with AI-powered automation and intelligent insights that reduce manual effort while strengthening compliance.
COP350 | Building and validating cloud controls with generative AI | Breakout session
Location: Wednesday, Dec 3 | 4:00 PM – 5:00 PM PST | Caesars Forum
This technical session demonstrates how to leverage generative AI to automate and enhance compliance monitoring and validation processes. Learn how GenAI can accelerate AWS account customization through AWS Control Tower, author AWS Config rules, and analyze AWS CloudTrail logs.
COP411 | Intelligent automation for managing cloud governance and compliance | Builders session
Location: Thursday, Dec 4 | 11:30 AM – 12:30 PM PST | Mandalay Bay
Learn how to create smart workflows that analyze data from AWS compliance tools, including AWS Config, AWS Security Hub, and AWS Audit Manager, to provide context-aware insights for efficient policy enforcement and risk management. Through hands-on exercises, build an automated solution that processes compliance queries and implements interfaces for complex governance investigations.
Operational Efficiency & Cost Optimization
Master strategies for building governance frameworks that enable business agility while optimizing operational costs and resource utilization.
COP355 | A practical guide to implement cost-effective governance controls |Chalk talk
Location: Monday, Dec 1 | 3:00 PM – 4:00 PM PST | Mandalay Bay
This chalk talk shows you how to reduce operational costs while maintaining robust security and compliance monitoring. Learn proven strategies to optimize your implementations without compromising governance. Through real-world scenarios, discover how organizations successfully reduced monitoring costs while meeting compliance requirements using services like AWS Config and AWS CloudTrail.
COP351 | Innovation Sandbox on AWS: Automating Temporary Cloud Environments| Lightning Talk
Location: Monday, Dec 1 | 4:30 PM – 4:50 PM PST | Venetian
Cloud administrators face challenges in efficiently managing temporary sandbox environments while maintaining security and cost control. Innovation Sandbox on AWS automates deployment and management of short-lived environments, implementing service control policies, spend controls, and account recycling mechanisms that save weeks of administration time.
COP324 | Moving AWS Accounts seamlessly at scale | Chalk talk
Location: Monday, Dec 1 | 12:00 PM – 1:00 PM PST | MGM
Mergers and acquisitions, divestitures, and other business transitions often require organizations to migrate AWS accounts securely and precisely to prevent operational disruptions and address security gaps. Multi-account best practices can help you migrate AWS accounts like a maestro during business changes and transitions. You can simplify scaling of your workloads and promote agility while saving time and mitigating risks. Learn how you can assess dependencies and perform additional checks to execute a quick, secure, and efficient migration.
Secure Operations & Automation
Build proactive security governance through automation, policy-as-code, and continuous compliance validation.
COP347 | Actionable controls for improving governance and compliance | Breakout session
Location: Monday, Dec 1 | 8:30 AM – 9:30 AM PST | Wynn
Learn how to transform compliance frameworks into actionable AWS controls through effective gap analysis and control mapping. This session shows how to leverage AWS Control Tower, AWS Security Hub, AWS Config, and AWS Audit Manager to build and maintain a scalable governance strategy. We’ll explore real-world examples of mapping common controls across multiple frameworks, implementing automated compliance checks, and creating custom control deployments.
COP352 |From Reactive to Proactive: Infrastructure governance by design | Code talk
Location: Thursday, Dec 4 | 3:30 PM – 4:30 PM PST | MGM
This code talk will discuss security best practices using AWS CloudFormation Hooks and AWS CloudFormation Guard, demonstrating how to prevent non-compliant infrastructure deployments before they occur. You will learn how to write CloudFormation Guard domain-specific language (DSL) rules for static template validation and integrate them with CloudFormation Hooks, including managed hooks, to enforce security standards proactively across your organization.
COP406 | Build and automate policy as code | Builders session
Location: Wednesday, Dec 3 | 10:00 AM – 11:00 AM PST | MGM
In this hands-on session, you will build a complete policy as code pipelines, learn to implement security checks, pre-commit hooks, and implement custom organizational rules that catch issues early. Through guided exercises, you will understand shift-left security practices and create automated feedback loops that enhance infrastructure governance.
COP310 | Automating compliance and auditing at scale | Workshop
Location: Wednesday, Dec 3 | 9:00 AM – 11:00 AM PST | Mandalay Bay
This hands-on workshop demonstrates how to build automated compliance controls using AWS Config, Systems Manager, and Audit Manager at scale. Implement automated security assessments and remediation workflows while leveraging Amazon Q CLI and CloudTrail Lake for intelligent investigation.
COP353 | Building your data protection strategy with governance controls | Chalk talk
Location: Thursday, Dec 4 | 2:30 PM – 3:30 PM PST | Mandalay Bay
This interactive session explores an effective data protection strategy using governance policies and controls. We’ll work through real-world scenarios demonstrating how to prevent unauthorized access, enforce security policies, and maintain consistent resource configurations at scale. Discover how authorization and management policies work together to create automated controls for your organization’s data.
COP348 | Scaling Compliance Controls and Risk Assessment | Chalk talk
Location: Thursday, Dec 4 | 4:00 PM – 5:00 PM PST | Wynn
Learn how to assess risk and enable AWS policies to integrate with AWS Audit Manager for evidence collection. The session equips risk owners and technical teams with practical tools for privacy management, compliance automation, and audit documentation, delivering immediate value for securing sensitive data environments.
Multicloud & Sovereign Cloud Requirements
Navigate complex sovereignty requirements and build governance frameworks that work across diverse cloud environments.
COP409 | Building Sovereign Cloud Environments | Code talk
Location: Wednesday, Dec 3 | 10:30 AM – 11:30 AM PST | Mandalay Bay
This session explores how AWS Control Tower and Landing Zone Accelerator on AWS support key sovereignty requirements, including country-specific compliance frameworks, regional service selection, automated controls for data movement, and cross-border transfers.
COP349 | Balancing agility and compliance feat. The Japan Digital Agency | Breakout session
Location: Wednesday, Dec 3 | 9:00 AM – 10:00 AM PST | Mandalay Bay
In this session, learn how the Japanese government successfully implemented a centralized governance model for cloud adoption across 30 ministries and 1,700 local government, enabling over 5,000 accounts to be managed seamlessly. With AWS Cloud Governance services like AWS Control Tower, AWS Config, and AWS Security Hub, regulated and public sector industries can streamline operations, enhance governance, and meet evolving compliance requirements to strike a balance between central control and local autonomy.
COP346 | Governance that Enables Innovation at Scale feat. Eli Lilly | Breakout session
Location: Thursday, Dec 4 | 1:00 PM – 2:00 PM PST | Caesars Forum
By modernizing cloud governance with AWS Control Tower, customers can experiment, innovate, and scale more quickly in a secure and resilient manner. Learn how Eli Lilly, an American medicine company, successfully modernized their governance structure by migrating to AWS Control Tower with zero downtime for critical workloads. Learn how they implemented controls to meet compliance requirements and integrated Account Factory for Terraform to automate provisioning, enhance agility, improve security posture, and innovate faster, so they can focus on improving lives and communities.
Looking forward for Cloud Governance
These sessions represent more than just technical training; they showcase cloud governance from a compliance necessity to a strategic business enabler. Organizations that implement AI-driven governance, controls, and automate security operations will gain significant competitive advantages in speed, security, and operational excellence.
The integration of generative AI into governance workflows, the emphasis on policy-as-code automation, and the focus on proactive rather than reactive controls signal a fundamental shift in how we approach cloud operations.
At re:Invent 2025, you’ll gain the knowledge and practical skills to lead this transformation in your organization.
Haven’t registered? There’s still time to attend! Registered through the re:Invent portal.