AWS Cloud Operations & Migrations Blog
Category: AWS CloudFormation
Integrate across the Three Lines Model (Part 2): Transform AWS Config conformance packs into AWS Audit Manager assessments
The Three Lines Model developed by the Institute of Internal Auditors (IIA) helps organizations identify structures and processes to facilitate strong governance and risk management. In that model, the first-line function manages risk. The second-line function oversees risk. The third-line function provides objective and independent assurance of risk management. According to Deloitte analysis, modernizing the […]
Automating shared VPC deployments with AWS CloudFormation
VPC sharing allows customers to share subnets from a central AWS account with other AWS accounts in the same organization created in AWS Organizations. Centralized control of your virtual private cloud (VPC) structure allows you to maintain separation of duties through AWS account boundaries. A best practice for creating VPCs and other resources in the AWS […]
Introducing AWS CloudFormation Guard 2.0
In their blog post published last year, Write preventive compliance rules for AWS CloudFormation templates the cfn-guard way, Luis, Raisa, and Josh showed you how to use CloudFormation Guard, an open source tool that helps validate your AWS CloudFormation templates against a rule set to keep AWS resources in compliance with company guidelines. Since the […]
GoDaddy’s journey to the cloud and their Public Cloud Portal
Get to the Cloud. Make awesome happen! This blog post explores GoDaddy’s journey to the cloud and the GoDaddy Public Cloud Portal, an application used by engineering teams to onboard to AWS. GoDaddy started their journey to the cloud in early 2018 when they announced their partnership with AWS. This post will outline the project […]
GoDaddy’s journey to the cloud and their Standard Cloud Platform
In this blog post, we explore GoDaddy’s journey to the cloud and their Public Cloud Portal, an application created to onboard engineering teams to AWS. GoDaddy started this journey in early 2018 when they announced their partnership with AWS. We’ll focus on how GoDaddy created a service to enable thousands of employees and hundreds of […]
Delete Amazon CloudWatch Synthetics dependent resources when you delete a CloudFormation stack
Amazon CloudWatch Synthetics allows you to monitor application endpoints more easily. It runs tests on your endpoints every minute, and alerts you if your application endpoints don’t behave as expected. These tests can be customized to check for availability, latency, transactions, broken or dead links, page load errors, load latencies for UI assets, complex wizard […]
Using an AWS Service Catalog service action to allow end users to update resources after deployment
Enterprise customers with multiple users want to manage policies on cloud resources like AWS Key Management Service (AWS KMS) and Amazon Simple Storage Service (Amazon S3) to grant access to additional users after the product has been deployed through, for example, AWS CloudFormation templates. In addition, customers want to accomplish this task in a self-service […]
How managed service providers can use AWS Control Tower to provide services
AWS Control Tower is a managed AWS service that automates the creation of a multi-account AWS environment based upon the AWS Well-Architected Framework. It builds the environment using AWS best practices for security and management services. In this blog post, we’ll show how a managed service provider can use AWS Control Tower and AWS Service […]
Integrate across the Three Lines Model (Part 1): Build a custom automation of AWS Audit Manager with AWS Security Hub
The Three Lines Model developed by the Institute of Internal Auditors (IIA) helps organizations identify structures and processes to facilitate strong governance and risk management. In that model, the first-line function manages risk, the second-line function oversees risk and the third-line function provides objective and independent assurance of risk management. According to a Deloitte analysis […]
Using AWS CodePipeline to deploy AWS Config conformance packs created with the Rule Development Kit
As consultants, we often help customers manage AWS services using infrastructure as code (IaC). We follow DevOps practices for building, versioning, testing, and deploying services. We also use AWS Config custom and managed rules to evaluate the configuration settings of AWS resources. AWS Config continuously tracks the configuration changes that occur among AWS resources and […]