AWS Cloud Operations Blog

Category: Security, Identity, & Compliance

Operational Best Practices for FedRAMP Compliance in AWS GovCloud with AWS Config

AWS Config is a fully managed service that provides customers with resource inventory, configuration monitoring, and configuration change notifications to support security, governance, and compliance for workloads in AWS. An AWS Config rule represents desired configurations for a resource and evaluates changes in near real-time and records the compliance history in AWS Config. Using AWS […]

Title image that says managing access to AWS accounts from Microsoft Teams and Slack at scale using AWS Organizations and AWS Chatbot

Managing access to AWS accounts from Microsoft Teams and Slack at scale using AWS Organizations and AWS Chatbot

Customers use chat collaboration applications like Microsoft Teams and Slack to collaborate and manage their AWS applications. AWS Chatbot is a ChatOps service that enables customers to monitor, troubleshoot issues, and manage AWS applications from chat channels. AWS Chatbot provides autonomy and customizability to DevOps teams operating their AWS environments on the go from chat […]

Centrally detect and investigate security findings with AWS Organizations integrations

Detecting security risks and investigating the corresponding findings is essential for protecting your AWS environment from potential threats, ensuring the confidentiality, integrity, and availability of your data and resources for your business needs. AWS provides a range of governance and security services such as AWS Organizations, AWS Control Tower, and AWS Config along with many others, […]

Serverless Governance of Software Deployed with AWS Service Catalog

AWS Service Catalog (Service Catalog) is a powerful tool that empowers organizations to manage and govern approved services and resources. It significantly benefits platform engineering by standardizing environments, accelerating service delivery, and enhancing security. With its automated provisioning and resource management, Service Catalog supports infrastructure as code, enabling scalable, reliable deployments. Platform engineering teams are […]

Using AWS CloudTrail data events to audit your Amazon SNS and Amazon SQS workloads

Customers in highly regulated industries, such as Financial Services or Healthcare and Life Sciences, often need to audit every action made in environments with sensitive data. Regulations like HIPAA or FFIEC, and industry frameworks like the PCI DSS, require granular log entries that record user and administrative actions within an environment containing sensitive data, and […]

Protect your AWS resources from unauthorized access using AWS Organizations integrations

In today’s digital landscape, customers have complex and distributed workloads running on AWS, involving a large number of AWS resources across multiple services. Tackling security risks across numerous resources can seem daunting, but with the right approach following best practices, can be addressed in a timely manner. AWS offers tools and services designed to help […]

Introducing AWS Audit Manager Common Controls Library

AWS Audit Manager introduced the AWS common controls library to help Governance, Risk and Compliance (GRC) teams efficiently map their enterprise controls into Audit Manager for evidence collection. The common controls library provides customers with a simpler way to collect evidence that supports overlapping controls across multiple compliance standards, streamlining the evidence collection process, reducing […]

Configuring machine to machine Authentication with Amazon Cognito and Amazon API Gateway - Part 2

Configuring machine to machine Authentication with Amazon Cognito and Amazon API Gateway – Part 2

This blog is the second part to a 2 part series on how to secure your Amazon API Gateway with Amazon Cognito, in machine to machine (M2M) communication use cases. In the previous blog post, we dove deep into the different use cases involving M2M communication and how it contributes to business modernization, and why […]

Configuring machine to machine Authentication with Amazon Cognito and Amazon API Gateway – Part 1

Introduction When we think about modernization, we’re used to think about the process of breaking down a monolithic application, or moving to a microservices architecture. But let’s think for a moment on the business side. For example, think about the challenges and risks involved in moving information over phone calls or emails. We want to […]

Best practices to optimize costs after mergers and acquisitions with AWS Organizations

Mergers and acquisitions (M&As) offer organizations the opportunity to scale operations, diversify product lines, and capture new markets. However, they come with a set of challenges, such as the nuances of integrating legacy IT systems, complying with stringent regulations, and maintaining business continuity, etc. Eliminating the redundancy of resources and optimizing processes to bring consistency […]