Category: Security, Identity, & Compliance

The purpose of this narrative is to provide guidance for Mergers & Acquisitions (M&A) Due Diligence stakeholders on how to leverage AWS Audit Manager to support compliance and risk assessments during technical due diligence. The target audience of this guidance includes practitioners that support diligence, integration, corporate development (CorpDev), technology/IT, auditing, and advisory activities during […]

In 2022 Amazon Web Services (AWS) released AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store, visualize, and query your activity logs for auditing, security investigation, and operational troubleshooting.  Working backwards from our customers we have added capabilities to CloudTrail Lake such as the ability to copy CloudTrail events into […]

As we all know, using multiple accounts on your AWS environment is one of the recommended best practices when organizing your workloads and your environment. Using multiple accounts brings multiple benefits allowing you to better leverage AWS services. However, AWS accounts are additional resources that you need to manage. In this blog post, you will […]

Customers may have different processes for image building across virtual machines, containers, or both. This variation in processes introduces operational overhead in managing images, including the initial configuration and the ongoing updates. From the AWS Well-Architected Operational Excellence Pillar, section “Document and share lessons learned”, these images should be standardized, configured with the latest patches, […]

AWS Trusted Advisor inspects your AWS infrastructure and provides best practice recommendations when opportunities exist to reduce cost, optimize your AWS infrastructure, improve system availability and performance, help close security gaps and monitor service quotas. Trusted Advisor recommendations are based on best practices identified by AWS services experts and learnings from serving thousands of customers […]

AWS Control Tower offers the easiest way to set up and govern a secure, compliant, and multi-account AWS environment based on best practices established by working with thousands of enterprises. Organizations can leverage built-in preventive, proactive, and detective controls as a starting point to address the customer part of the AWS Shared Responsibility Model. Control […]

Introduction Many of my customers use AWS CloudFormation to streamline provisioning operations for AWS and third-party resources, that they describe with code in JSON- or YAML-formatted CloudFormation templates. Some workloads require custom logic or inputs beyond standard parameter values. For these scenarios, an often overlooked and useful CloudFormation feature lies in AWS Lambda-backed custom resources. With Lambda-backed custom […]

Many customers have successfully migrated on-premises or cloud-based applications to AWS using the AWS Application Migration Service (AWS MGN). Customers commonly migrate their applications to a number of different AWS Accounts that are part of an AWS Organization, in line with the best practices of establishing a multi-account AWS environment. When using AWS MGN, the […]

In the first post of this two-part series, we highlighted how Life Sciences customers can implement a controlled change management process using AWS Systems Manager Change Manager and AWS Config. The solution in our first post, highlighted how a you can follow your Standard Operating Procedures (SOP’s) by implementing approval steps in order to make […]

AWS Config is a service that allows you to evaluate your AWS resources against a desired configuration state using AWS Config Rules. Two types of rules exist, managed rules which are meant to be used out-of-the-box and custom rules for which you define your desired configuration state via code.  AWS Audit Manager can help you […]