AWS Cloud Operations Blog

Operational Best Practices for FedRAMP Compliance in AWS GovCloud with AWS Config

AWS Config is a fully managed service that provides customers with resource inventory, configuration monitoring, and configuration change notifications to support security, governance, and compliance for workloads in AWS. An AWS Config rule represents desired configurations for a resource and evaluates changes in near real-time and records the compliance history in AWS Config. Using AWS […]

Introducing AWS Fault Injection Service Actions to Inject Chaos in Lambda functions

Usage of serverless technology in regulated industries like financial services is growing. This growth demands robust resilience validation. Chaos engineering for Serverless has become crucial for ensuring reliable and available serverless applications. By purposefully injecting failures and stresses into serverless components, teams can uncover hidden weaknesses and validate the fault tolerance of their systems. Previously, […]

Streamlining the Correction of Errors process using Amazon Bedrock

Generative AI can streamline the Correction of Errors process, saving time and resources. By using generative AI to leverage large language models, combined with the Correction of Errors process, businesses can expedite the identification and documentation of the cause of errors, while saving time and resources. Purpose and set-up The purpose of this blog is […]

Scaling AWS Control Tower controls using Amazon Bedrock Agents

Scaling AWS Control Tower controls using Amazon Bedrock Agents

AWS Control Tower is the easiest way to set up and govern a security, multi-account AWS environment. A key feature of AWS Control Tower is to deploy and manage controls at scale across an entire AWS Organizations. These controls are categorized based on their behavior and guidance. The behavior of each control is one of […]

How Stripe architected massive scale observability solution on AWS

This post is co-written with Cody Rioux, Staff Engineer at Stripe and Michael Cowgill, Staff engineer at Stripe Stripe powers online and in-person payment processing and provides financial solutions for businesses of all sizes. Stripe operates a sophisticated microservice environment built on top of AWS. In this blog post we will cover the journey and […]

Strengthen application resilience with myApplications and AWS Resilience Hub

Introduction Today, organizations prioritize managing their applications over infrastructure, focusing on business outcomes while leveraging automation and cloud services to handle the underlying infrastructure. They seek to consolidate key application metrics like health, security, cost, and performance from AWS services such as AWS Security Hub or Amazon CloudWatch. These organizations also need to ensure their […]

Sign-in to AWS Console Mobile Application with an AWS Access Portal or third-party IdP URL

AWS customers rely on the AWS Console Mobile Application to monitor, manage, and receive notifications to stay informed about their AWS resources while away from their desktop devices. Customers who use Single-Sign-On (SSO) can face a unique set of challenges while signing into the AWS Console Mobile Application. While SSO can offer enhanced security and […]

Exploring AWS Config data using Amazon Athena and Amazon Managed Grafana

This post is co-written with Jacob Rickerd, Principal Security Engineer at Attentive. The post walks through an example dashboard that Attentive, an AI-powered mobile marketing platform, uses for resource inventory, serving as a starting point for you to build comprehensive dashboards tailored to your environment and tag policies. Attentive is the AI-powered SMS and email […]

Support for Amazon CloudWatch Evidently ending soon

After careful consideration, we have made the decision to discontinue CloudWatch Evidently, effective 10/17/2025. Active customers will be able to use the service as normal until 10/17/2025, when support for the service will end. During this period, we will continue to provide critical security patches, but will no longer support any limit increase requests. On […]

Streamline change processes ­and improve governance with AWS Well-Architected

The AWS Well-Architected Framework (WA Framework) is designed to help cloud architects build secure, resilient, high-performing, and efficient workloads on AWS. It is structured around six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. Figure 1. The pillars of AWS Well-Architected Framework This post provides insights on how to streamline your change-management […]