AWS Management and Governance

Business agility and governance control

In the past, organizations have had to choose between innovating faster and maintaining control over cost, compliance, and security. With AWS Management and Governance services, customers don’t have to choose between innovation and control—they can have both. Customers choose AWS to help manage and govern their AWS and non-AWS resources. With AWS, customers can enable, provision, and operate their environment for both business agility and governance control. AWS provides services for end-to-end IT lifecycle management, helping customers control and secure their environments, reduce costs, simplify compliance, and enhance operational efficiency.

“We wanted to ruthlessly automate everything... We're able to move at a much faster pace than if all the businesses were rolling their own solutions into AWS.”

– Eric Schneider, CTO, Verisk Analytics

1 quadrillion

Metric observations monitored each month by Amazon CloudWatch


Software listings ready to be deployed in AWS Marketplace

$100s of millions

Customer savings every year with AWS Trusted Advisor


Active customers of Amazon CloudWatch per week

Why AWS Management and Governance

On behalf of our customers, AWS is focused on addressing some of the most challenging requirements for IT management and governance. There are six key reasons customers choose AWS.


AWS Management and Governance services are built to manage highly dynamic cloud resources at massive scale.


AWS Management and Governance services have been deployed with over a million customers, more than any other cloud provider.


AWS reduces complexity, offering a single control plane for customers to manage and govern their resources in AWS, on-premises, and other clouds.


AWS offers the most complete set of cloud native capabilities for management and governance.

Third-Party Solutions

AWS offers the broadest partner ecosystem for customers to extend and augment their management and governance system.

Cost Savings

Customers can use AWS Management and Governance services to assess their resource utilization and identify ways to reduce costs.

Three Stages to Managing and Governing with AWS

  • Enable
  • Provision
  • Operate
  • Enable
  • Enable the organization with governance built-in

    Automate set-up of a baseline environment for running secure and scalable workloads in AWS based on best practices using AWS Control Tower. AWS Control Tower abstracts multiple AWS services under the covers so you can automate set-up of your environment with just a few clicks. You can also establish granular control over your AWS accounts using AWS Organizations. You can create a custom hierarchy of accounts, manage access to AWS services across multiple accounts from a single place, and share resources between accounts.

  • Provision
  • Automate provisioning

    Automate resource provisioning using AWS CloudFormation’s infrastructure-as-code templates. Provision over 300 types of AWS resources across all AWS regions and accounts, and build and rebuild your infrastructure and applications without having to perform manual actions or write custom scripts, improving time-to-market and alignment with compliance rules. Using AWS Service Catalog, you can also offer users self-service access only to resources that have been pre-approved for deployment. This gives users not familiar with AWS the ability to self-provision resources with just a few clicks. The catalog can include AWS and third-party IT services such as virtual machine images, servers, software, databases, and even multi-tier application architectures.

  • Operate
  • Operate efficiently

    You can use AWS services for end-to-end IT lifecycle management. First, improve visibility into resources using Amazon CloudWatch to monitor AWS resources, applications and services. Second, improve compliance auditing and security analysis using AWS CloudTrail to record user activity. Third, you can evaluate and monitor the compliance posture of your AWS resource configurations, as well as remediate noncompliant resources, using AWS Config. Additionally, when it comes to managing operational tasks, instead of using different toolsets in hybrid cloud environments, you can use AWS Systems Manager to centralize tasks in an “operations cockpit” using a common toolset. Finally, you can use AWS Trusted Advisor for recommendations to reduce underutilized resources and save costs, as well as improve your environment’s security and fault tolerance.


Use Cases

End-to-end IT lifecycle management

AWS helps IT teams simplify end-to-end IT lifecycle management with a complete set of services to manage and govern resources and applications. Customers can manage dynamic and highly scalable cloud resources, automate and configure easily, and meet interoperability expectations of the modern workforce.

Cost management

To manage costs, customers can plan service usage and spend, and actively manage licenses, entitlements, and procurement. They can save money by optimizing resource utilization, and consolidate billing across multiple accounts to qualify for usage discounts.

Secure management at scale

Even with extremely large workloads, customers can improve their security posture and manage for desired state by applying resource configurations at scale. When there is a configuration change, customers don’t need to change source code. They can also limit resource access across the organization as a whole or in part, and closely restrict privileges for managing resources and resource groups.

IT compliance and audit readiness

AWS customers can ensure that usage and user activity across all AWS accounts is properly recorded for IT compliance, auditing, and analysis. When provisioning resources, developers can stay in line with compliance rules by using infrastructure-as-code templates, and IT can provide self-service access while applying constraints.

Operational visibility and troubleshooting

With AWS, organizations can monitor their resources and log all related activity, to help them understand and resolve the root cause of issues and speed up operational troubleshooting. They can quickly investigate their AWS API call history as well as identify recent configuration changes to their resources that may be causing operational issues.

Detect and remediate noncompliant resources

Customers can detect noncompliant resources, and trigger corrective action. They can also remediate noncompliant resources, and create their own remediation actions.

Management and Governance Services

Amazon CloudWatch

Amazon CloudWatch provides you with data and actionable insights to monitor your applications, understand and respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. 

Learn more »

AWS CloudFormation

AWS CloudFormation provides a common language for you to describe and provision all the resources in your cloud environment using a simple text file, in an automated and secure manner. Available at no additional charge. 

Learn more »

AWS CloudTrail

AWS CloudTrail is a service that enables compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure

Learn more »


AWS Control Tower

AWS Control Tower automates the set-up of a baseline environment, or landing zone, that is a secure, well-architected multi-account AWS environment, based on best practices that have been established by working with thousands of enterprise customers. 

Learn more »

AWS Organizations

Whether you are a growing startup or a large enterprise, Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts.

Learn more »

AWS Config

AWS Config enables you to assess, audit, and evaluate the configurations of your AWS resources. It continuously monitors and records your AWS resource configurations and allows you to automate evaluation against desired configurations.

Learn more »

AWS Systems Manager

AWS Systems Manager gives you visibility and control of your infrastructure on AWS, with a unified user interface so you can view operational data from multiple AWS services and automate operational tasks across your AWS resources.

Learn more »

AWS Marketplace

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.

Learn more »

AWS Trusted Advisor

AWS Trusted Advisor is an online tool that provides real time guidance to help you provision your resources following AWS best practices, whether that’s establishing new workflows, developing applications, or as part of ongoing improvement.

Learn more »

Partners and Third-Party Solutions

Extend the management and governance of your AWS environment with third-party software. Leverage the wide network of certified AWS Partner Network partners with deep AWS integrations and expertise. Or deploy from more than 4,500 software listings on AWS Marketplace.

Learn more »

Latest Blog Posts

Query your resource configuration state using the advanced query feature of AWS Config
by Sid Gupta, April 12, 2019
Create a metric math alarm using Amazon CloudWatch
by Javier Martin, April 2, 2019
Enable self-service, secured data science using Amazon SageMaker notebooks and AWS Service Catalog
by Sanjay Garje, March 29, 2019
Git pre-commit validation of AWS CloudFormation templates with cfn-lint
by Chuck Meyer, March 7, 2019
Gain Visibility into the Execution of Your AWS Lambda functions with AWS CloudTrail
by Kyle Somers, November 30, 2017
Automate account creation, and resource provisioning using AWS Service Catalog, AWS Organizations, and AWS Lambda
by Sandeep Kashyap, January 27, 2019
Using AWS Systems Manager Parameter Store Secure String parameters in AWS CloudFormation templates
by Luis Colon, October 5, 2018
Running Ansible Playbooks using EC2 Systems Manager Run Command and State Manager
by Andres Silva, May 25, 2017
Read the blog

Learn more about Management and Governance on our blog

Read »

Sign up for a free account

Instantly get access to the AWS Free Tier

Get started for free »