Category: Technical How-to

Managing security across multiple cloud accounts can be complicated and error-prone if you’re taking a manual, piecemeal approach. As you scale, misconfigurations and missed accounts and services can leave you exposed. Automation can help you maintain speed and agility for DevOps and security teams. To quickly onboard and manage security for multiple accounts in AWS, […]

For enterprise organizations, managing security and governance across hundreds or thousands of accounts can be challenging. AWS Control Tower and Lacework make this task much easier and enable seamless multi-account cloud security. By using Lacework in your AWS Control Tower environment, you can automatically and consistently apply security best practices and monitoring to new accounts […]

The customers who operate in multi-account AWS environments often ask me for ways to simplify accessing critical business files and share content with their employees. While my customers share the content between business groups or external business partners, it is important to gain visibility and controls with minimum operational overhead. Dropbox, available in AWS Marketplace, […]

Application code changes often depend on database schema changes. Developers rely on database administrators (DBAs) to perform database code deployments. When the number of databases and releases is small, this solution works well. As organizations move to the cloud, the number of different databases increases, both in type and usage. Along with the increase in […]

As data becomes ubiquitous and data environments grow more complex, my customers ask for scalable solutions for managing their data flows. Accessing data from different vendors and data sources can be complicated, and transformations and checkpoints require the expertise of data engineers. Custom in-house solutions present a cost in both development and management time. Businesses […]

You have an awesome application running on AWS, and now your customers and partners want a private network connection to it. Great! Except for one problem: their site is using the same private IP address range as the one in your Amazon Virtual Private Cloud (Amazon VPC). This will prevent any communication until you resolve […]

AWS Data Exchange recently released support for API-based datasets, a new feature that enables customers to find, subscribe to, and use third-party API products from providers on AWS Data Exchange. With AWS Data Exchange for APIs, customers can use AWS-native authentication and governance, explore consistent API documentation and use supported AWS Software Development Kits (SDKs) […]

Introduction Packet capture plays a vital role in forensic investigation, incident response, and threat hunting. By integrating with Amazon VPC Traffic Mirroring, ExtraHop Packet Basics (EPB) provides incident responders and forensic investigators with copies of network packets as soon as they are deployed in an AWS environment. In this post, Daniel and I will show […]

Upfront contract pricing models in AWS Marketplace AWS Marketplace now enables you to create AMI and container listings with upfront contract pricing. With this pricing model, your customers can buy your application directly through AWS Marketplace or through a private offer from a reseller, initiated by paying upfront for a monthly, annual, or multiyear contract. […]

Having a multi-account strategy is a best practice for achieving higher isolation of resources in AWS. It helps you to meet regulatory and compliance needs, track operational costs, and add an extra layer of security. AWS Control Tower uses AWS best practices to establish a well-architected, multi-account baseline across your AWS accounts. For more information […]