AWS Partner Network (APN) Blog
Tag: CloudWatch Logs
Scaling AWS multi-region and account logs delivery to Grafana Cloud
This blog post explores a scalable architecture for centralized log monitoring in multi-region, multi-account AWS environments. The proposed solution leverages AWS CloudWatch account-level subscription filters to efficiently deliver logs from various sources to Grafana Cloud, a unified platform for log analysis, visualization, and alerting. By consolidating logs from disparate sources, organizations can gain improved visibility, streamline troubleshooting, enhance security and compliance, and optimize performance across their cloud infrastructure. The article provides a detailed overview of the architecture, highlighting the benefits of this approach and guiding readers on implementing this scalable log delivery solution.
Thinknum Gains Valuable Benefits Through the AWS Foundational Technical Review
By undergoing a Foundational Technical Review (FTR), AWS Partners can gain valuable technical and business benefits by addressing important requirements and managing ongoing compliance. Thinknum, an Advanced Tier Services Partner, engaged in the AWS FTR to identify key opportunities for improvement in its AWS account configuration and receive guidance on how to implement improvements to its security, reliability, and operational posture.
Securely Using External ID for Accessing AWS Accounts Owned by Others
It’s often required for a partner solution running on Amazon Web Services to access AWS accounts owned by their customers (third-party AWS accounts). This kind of access is known as cross-account access. In such scenarios, a cross-account AWS Identity and Access Management (IAM) role with external ID should be used. Explore the best practices for using external ID to avoid the confused deputy problem it is designed to solve.
Integrating Amazon S3 Malware Scanning into Your Application Workflow with Cloud Storage Security
A wide range of solutions ingest data, store it in Amazon S3 buckets, and share it with downstream users. Often, the ingested data is coming from third-party sources, opening the door to potentially malicious files. This post explores how Antivirus for Amazon S3 by Cloud Storage Security allows you to quickly and easily deploy a multi-engine anti-malware scanning solution to manage file protection and malware findings.
How HCLTech Centralized a Customer’s Log Management Solution Within a Hybrid Environment
Many customers operate in a hybrid environment with on-premises infrastructure interconnected with a cloud provider’s infrastructure. This post details how HCLTech used the AWS Centralized Log Management Reference Architecture, and discusses how HCLTech removed the requirements for Amazon Kinesis Data Streams. We also explore how HCLTech used Amazon Kinesis Data Firehose to stream from an Amazon CloudWatch Logs destination in a centralized logging account.
Data Tokenization with Amazon Athena and Protegrity
Data security has always been an important consideration for organizations when complying with data protection regulations. Protegrity, an AWS ISV Partner and global leader in data security, has released a serverless User Defined Function (UDF) that adds external data tokenization capabilities to the Amazon Athena platform. Learn how customers can use the Protection Athena Protector UDF to tokenize or detokenize data at scale.
How TalaTek Uses Amazon CloudWatch for Security Information and Event Management
Learn how TalaTek uses Amazon CloudWatch as an alternative to traditional SIEM solutions with the same functionality. CloudWatch gives TalaTek system-wide visibility, allowing them to monitor their AWS-based SaaS solution, the TalaTek Intelligent Governance and Risk Integrated Solution (TiGRIS). CloudWatch helps TalaTek keep TiGRIS running efficiently while allowing us to meet FedRAMP logging requirements.
Preventing Malware in Serverless Web Applications with SophosLabs Intelix
Building web applications in a serverless environment has brought many advantages, but with every big shift there are certain practices such as malware protection that need to be reinvented. Organizations need a solution that’s easy to query from web application via API with no infrastructure required. Learn how SophosLabs Intelix offers a suite of APIs which provide specific, actionable intelligence about files.
How to Automate Cost and Performance Improvement Through gp3 Upgrades Using AWS Systems Manager
Automatically identifying and upgrading existing SSD volumes to take advantage of the new gp3 general purpose volumes for Amazon EBS can help organizations reduce storage costs. Learn how to upgrade your existing gp2 volumes, without interruption, to the next generation of general purpose SSD volumes using AWS Systems Manager. This a core component of nubeGo’s Cloud Managed Service (NCMS) which helps customers automate cost savings, security guardrails, and compliance requirements with minimal effort.
Data Tokenization with Amazon Redshift and Protegrity
Many companies are using Amazon Redshift to analyze and transform their data. As data continues to grow and become even more important, they are looking for more ways to extract valuable insights. One use case we’re especially excited to support is that of data tokenization and masking. Amazon Redshift has collaborated with Protegrity, an AWS Advanced Technology Partner, to enable organizations with strict security requirements to protect their data while being able to obtain the powerful insights.