AWS Management Tools
Complete Control for Your Cloud Environment
AWS provides a set of management tools that allows you to programmatically provision, monitor, and automate all the components of your cloud environment. Using these tools, you can maintain consistent controls without restricting development velocity. AWS provides four kinds of management tools that all work together and are integrated with every part of the AWS platform, from Amazon EC2 to Amazon DynamoDB, in order for you to easily control all parts of your cloud infrastructure.
Categories of Tools
Provisioning
AWS CloudFormation is a service that provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. Once everything is modelled, this text file serves as the single source of truth of your cloud environment. You can also create a collection of approved CloudFormation files in AWS Service Catalog to allow your organization to only deploy approved and compliant resources.
Monitoring and Logging
Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. CloudWatch can monitor AWS resources such as Amazon EC2 instances, DynamoDB tables, and RDS DB instances, as well as any custom metrics or log files generated by your applications. CloudWatch also provides a stream of events describing changes to your AWS resources that you can use to react to changes in your applications.
Operations Management
AWS provides a set of services for systems and operations management that allows you to control your infrastructure resources with proper governance and compliance. You can use AWS Systems Manager to quickly view and monitor all your resources and automate common operational tasks, such as patching or state management. Systems Manager provides a unified user interface, enabling you to easily manage your cloud operations activities in one place. You can also use AWS CloudTrail for logging user activities within your organization and AWS Config for inventorying all configurations across your resources.
Managed Services for Configuration Management
AWS OpsWorks is a fully-managed configuration management service that hosts and scales Chef Automate and Puppet Enterprise servers. OpsWorks eliminates the need to install and operate your own configuration management systems or worry about scaling its infrastructure. It also works seamlessly with your existing Chef and Puppet tools. OpsWorks will automatically patch, update, and backup your Chef and Puppet servers as well as maintain the availability of them. OpsWorks is great choice if you are an existing user of Chef or Puppet.
Customer Testimonials
CSS Corp is a global professional services company providing IT and technology support services driven by automation and analytics for enterprises. CSS Corp uses AWS Management Tools to meet their compliance requirements and facilitate their disaster recovery processes. With AWS Config, CSS is able to quickly detect changes in their AWS infrastructure and cross-reference these changes against AWS CloudTrail logs for security and risk auditing. The inventory of AWS resources recorded by Config allows them to identify important infrastructure components and maintain critical service maps. CSS also leverages AWS CloudFormation to rapidly provision resources in multiple AWS regions for their disaster recovery processes. “Prior to using AWS Management Tools our compliance and disaster recovery processes required significant human effort. With Config, CloudTrail, and CloudFormation we were able to automate many of our processes and easily achieve our recovery and compliance audit requirements.” – Troy Lewis, IT Manager, CSS
GE Appliances, acquired by Haier in 2016, has been a leader in designing, building, and servicing appliances for 125 years. GE Appliances has been steadily building out their use of AWS Management Tools since the company adopted a ‘cloud first’ policy in 2016 for any new deployments. AWS CloudTrail helped GE Appliances gain visibility into API and non-API actions across AWS accounts, simplifying compliance and risk auditing and enabling automated monitoring and alerting. AWS Config added the ability to centrally define resource configurations and other company-defined best practices, with alerts generated when these are violated. GE Appliances also uses AWS Systems Manager to manage about 700 on-premises and Amazon EC2 instances. AWS Management Tools have given GE Appliances total visibility into their hybrid-cloud environment, and they allow GE Appliances to heighten their security by automatically enforcing rules and guardrails. “Before we had access to AWS tools, we had to do lots of configuration and process logging and then absorb everything into a centralized platform to understand security events after the fact. By using AWS Systems Manager and the other AWS tools, we’ve gone from zero to 100 percent real-time visibility, a night-and-day contrast with our prior security posture.” – Rafael Garrido, DevSecOps leader at GE Appliances
Verisk Analytics is a data-analytics provider that offers predictive analytics and decision-support solutions. Verisk Analytics uses AWS CloudFormation, AWS CloudTrail, and AWS OpsWorks for Chef Automate (each a service within AWS Management Tools), to automate and scale its operations. AWS CloudFormation is the core of Verisk’s automation framework. Verisk separates the foundational network infrastructure code from the application components, but built an abstraction layer that provides a convenient way for application owners to reference the underlying infrastructure. AWS OpsWorks for Chef Automate is a key part of automating stack deployments, and AWS CloudTrail is used to audit and troubleshoot in the company’s complex environment. AWS Management Tools enable Verisk’s small centralized team to automate more than 20 globally distributed businesses at scale. “We wanted to ruthlessly automate everything. Since starting to use these tools, we are up to 64 accounts, 300 VPCs, and 20 Chef instances. We're able to move at a much faster pace than if all the businesses were rolling their own solutions into AWS.” – Eric Schneider, CTO, Verisk Analytics
AWS Management Tools Services
AWS CloudFormation
MODEL AND PROVISION ALL YOUR CLOUD INFRASTRUCTURE RESOURCES
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This file serves as the single source of truth for your cloud environment.
For more information visit the AWS CloudFormation Product Page.
AWS Service Catalog
CREATE AND USE STANDARDIZED PRODUCTS
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog allows you to centrally manage commonly deployed IT services, and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need.
For more information visit the AWS Service Catalog Product Page.
Amazon CloudWatch
MONITOR RESOURCES AND APPLICATIONS
Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. You can use these insights to react and keep your application running smoothly.
For more information visit the Amazon CloudWatch Product Page.
AWS Systems Manager
GAIN OPERATIONAL INSIGHTS AND TAKE ACTION ON AWS RESOURCES
AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. With Systems Manager, you can group resources, like Amazon EC2 instances, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, and take action on your groups of resources. Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easy to operate and manage your infrastructure securely at scale.
For more information visit the AWS Systems Manager Product Page.
AWS CloudTrail
TRACK USER ACTIVITY AND API USAGE
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting.
For more information visit the AWS CloudTrail Product Page.
AWS Config
TRACK RESOURCE INVENTORY AND CHANGES
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.
For more information visit the AWS Config Product Page.
AWS OpsWorks
AUTOMATE OPERATIONS WITH CHEF AND PUPPET
AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments. OpsWorks has three offerings, AWS Opsworks for Chef Automate, AWS OpsWorks for Puppet Enterprise, and AWS OpsWorks Stacks.
For more information visit the AWS OpsWorks
AWS Trusted Advisor
OPTIMIZE PERFORMANCE AND SECURITY
AWS Trusted Advisor is an online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment, Trusted Advisor provides real time guidance to help you provision your resources following AWS best practices.
For more information visit the AWS Trusted Advisor Product Page.
Blog Posts & Articles
Visit us on the Management Tools Blog to read more on AWS Management Tools services.
