AWS Cloud Operations Blog

Category: AWS Systems Manager

Automating Feature Release using AWS AppConfig Integration with AWS Codepipeline

Last year, we released AWS AppConfig a new capability within AWS Systems Manager to create, manage, and quickly deploy application configurations. AppConfig enables you to validate your application configuration before deployment and enables you to deploy configuration in a controlled and monitored way. AWS AppConfig enables you to deploy configuration changes independent of the application code […]

Software patching with AWS Systems Manager

Cloud computing adoption has been rapidly increasing with enterprises around the globe, opting for various migration patterns during their cloud journey. Taking monolithic legacy applications as-is and moving them to the cloud, is an approach also known as “lift-and-shift,” and is one of the main drivers for cloud migration. As customers become more knowledgeable about […]

Image showing associate license configuration dialog with AWS Systems Manager managed instance

Track IBM license usage with AWS License Manager

Introduction In this blog post, I show you how you can track and enforce licensing for your IBM software products running on AWS or on-premises. IBM licenses many of its products using a processor-based licensing approach by Processor Value Units (PVU). IBM defines a processor, for purposes of PVU-based licensing, to be each processor core […]

Overview of architecture: Multiple target accounts send info to master account

Managing aged access keys through AWS Config remediations

One of the security best practices that is time-consuming to manage is enforcing IAM access key rotation for IAM users. Access keys give IAM users the ability to connect to Amazon EC2 instances. Therefore rotating these regularly (for example, every 90 days) is one of the key steps in protecting your resources from unauthorized access. […]

One-Click access to servers and VMs with Session Manager and MontyCloud

IT administrators and DevOps engineers often perform routine operations to manage their cloud infrastructure, modern on-premises environment workloads, and applications. One such routine operation is the ability to manage Amazon EC2 instances, on-premises instances, and virtual machines (VM) through a remote session. Several tasks such as application and server log reviews, fine-tune configurations, or aborting […]

AWS Systems Manager patch compliance data to AWS Security Hub

Multi-Account patch compliance with Patch Manager and Security Hub

Update 10/2020 – Viewing patch compliance findings across AWS accounts in AWS Security Hub is supported natively. For more information please see What’s new announcement here. Introduction In this blog post, I discuss how to import critical patch compliance findings into Security Hub. Security Hub is a service that provides customers with a comprehensive view […]

Automating the discovery of licensed software using AWS License Manager

Software license management often comes with the challenges of staying compliant, controlling overages, and managing vendor audits. Significant time and manual effort go into making sure that software license inventories are updated and ready for auditing. Bringing cloud infrastructure into the picture, with the ability to spin up virtual servers in minutes, means that managing […]

Using State Manager over cfn-init in CloudFormation and its benefits

Introduction If you have deployed Amazon Elastic Compute Cloud (EC2) instances via AWS CloudFormation, you most likely want to install software or configure the operating system of the instance. To accomplish this, you may have used cfn-init, one of the CloudFormation helper scripts available to AWS customers since February 2012. However, since that time AWS […]

Manage your Oracle JDK licenses with AWS License Manager

You can use AWS License Manager to track Oracle Java/JDK usage on Amazon Elastic Compute Cloud (Amazon EC2) instances and on-premises servers. If you’re already running Amazon Corretto (Amazon’s distribution of the OpenJDK), then you can probably stop reading now. This blog explains how License Manager can track license usage of other applications in your […]

How to optimize assessment of cloud services

As my colleague Ilya Epshteyn introduced in his blog titled “How financial institutions can approve AWS services for highly confidential data,” common across the financial services industry is a formal assessment process for cloud services. These assessment processes vary in depth and breadth, striving to determine which cloud services will be best suited to fulfill […]