Category: AWS CloudFormation

This blog post was jointly contributed by Kanishk Mahajan, AWS and Dominic Medsker, Moody’s Customers routinely leverage 3rd party agent-based packages and vulnerability management tools, such as CrowdStrike, TrendMicro, and Tenable, to securetheir AWS environments. AWS supports distribution of third-party agents with AWS Systems Manager Distributor (Distributor). Distributor lets you package your own software or […]

AWS Config continuously monitors and records your AWS resource configurations. You can use the service to automate the evaluation and remediation of recorded configurations against desired configurations. You also can review changes in configurations and relationships between AWS resources and dive into the history of a resource configuration. AWS Config conformance packs provide a general-purpose compliance […]

The AWS CDK makes it easy to deploy an application to the AWS Cloud. But first you must “bootstrap” the target AWS account. You can bootstrap an AWS account by using the AWS CDK CLI and running cdk bootstrap. This is great for teams that have access to AWS accounts, or only need to bootstrap […]

AWS CloudFormation, an Infrastructure as Code (IaC) service that lets you model, provision, and manage AWS and third-party resources, recently released a new language transform that enhances the core CloudFormation language. For our first release, these enhancements are new intrinsic functions for JSON string conversion (Fn::ToJsonString), length (Fn::Length), and support for intrinsic functions and pseudo-parameter […]

Time to read 10 minutes Time to complete 1 hour Cost to complete $15 per day (WordPress Multi-AZ application, AWS ResilienceHub Application and recommendations Learning level 200 – Intermediate Services used AWS ResilienceHub, AWS CloudFormation, Amazon CloudWatch, AWS Fault Injection Simulator AWS Resilience Hub provides a central place to define, validate, and track the resiliency […]

Patch Management is a critical operation that every organization wants to prioritize. This becomes tedious and challenging if an enterprise operates on a platform-consumer or hub-spoke model. An example of this would be a multi-account environment with hundreds of accounts and thousands of users using applications hosted in AWS. Different application owners have different requirements […]

While working with many of our regulated industry customers, we have been posed the question: “How can we enable a local team to create AWS Control Tower managed accounts within their specific Organizational Units (OUs)?” The customers want to leverage the guardrails and baselines put in place by AWS Control Tower so that: They could […]

Many applications require monitoring, scaling, and alerting across multiple dimensions. This requirement adds operational complexity for Developer Operations (DevOps) teams, as they must track numerous discrete data points. Instead, you can use Amazon CloudWatch metric math to create composite metrics quickly and easily. In this post, you’ll learn to apply these concepts to monitoring dashboards, […]

Amazon Elastic Block Store (Amazon EBS) snapshots provide you with a mechanism to back-up your critical workloads. There are several ways that you can back up your workloads, including Amazon Data Lifecycle Manager and AWS Backup. You can use Amazon Data Lifecycle Manager to automate the creation, retention, and deletion of Amazon EBS snapshots and Amazon EBS-backed […]

In this post, we’ll demonstrate how Customers looking to maintain Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP) can get started evaluating their environments for the controls found in Title 21 of the Code of Federal regulations (CFR) Part 11, and remediate non-compliant resources via a change control process using native […]