AWS Cloud Operations Blog
Tag: AWS CloudFormation
How AWS Control Tower users can proactively verify compliance in AWS CloudFormation stacks
AWS Control Tower customers leverage infrastructure as code (IaC) to consistently deploy resources within their AWS multi-account setup. Enterprises want their developers to create and manage resources that they need to build applications while maintaining compliance with the organizations’ security, operational, and cost optimization best practices. Most solutions today inform customers about non-compliant resources only […]
Deploying Custom AWS Config Rules in an AWS Organization Environment
In this post, we will show how you can deploy AWS Config custom rules across accounts in your organization, leveraging the Rules Development Kit (RDK), an open source development kit designed to support intuitive and efficient “Compliance-as-Code” workflows. With AWS Config custom rules, you can define custom logic for the desired configuration state of your […]
How Thomson Reuters used Amazon CloudWatch to improve availability and operational efficiency of Directory Services
Thomson Reuters Corporation (TR) is a Canadian multinational media company that provides critical online and print information, know-how, decision making tools, software, and services for the legal industry. TR’s Tax and Accounting business serves law firms, tax and accounting firms, global trade organizations, educational institutions, and more. Thomson Reuters operates in more than 100 countries […]
How to import migrated Amazon EC2 instances into infrastructure code
Modeling Infrastructure as Code (IaC) enables you to automate the lifecycle of AWS resources. However, the timing for IaC adoption can vary. AWS customers often move quickly in the beginning by performing block-level replication of their servers to the cloud. This is suitable when hundreds or thousands of servers need to exit their data center […]
AWS Service Catalog Account Factory-Enhanced
Many enterprise customers who use AWS Control Tower to create accounts want an uncomplicated way to extend the next steps in the account creation process. These next steps cover common business use cases, including creating networks, security profiles, governance, and compliance. Executing these processes for every new account created manually is cumbersome and challenging to […]
Introducing new language extensions in AWS CloudFormation
AWS CloudFormation, an Infrastructure as Code (IaC) service that lets you model, provision, and manage AWS and third-party resources, recently released a new language transform that enhances the core CloudFormation language. For our first release, these enhancements are new intrinsic functions for JSON string conversion (Fn::ToJsonString), length (Fn::Length), and support for intrinsic functions and pseudo-parameter […]
Monitoring Data Ingestion Tasks with Amazon CloudWatch Metrics and Alarms
Data is produced every day in increasing volumes and varieties in on-premises and cloud environments. Data ingestion into AWS is a common task and there are many services and architecture patterns that customers use to bring in data. In this post, we provide a guide for establishing monitoring and alerting on a data ingestion workload […]
Create speech-enabled products using AWS Service Catalog and Amazon Polly
In this post, we’ll show how enterprises can use AWS Service Catalog to create AWS Service Catalog products based on AWS machine learning (ML) services, such as Amazon Polly and Amazon Rekognition. These products are packaged in AWS Service Catalog portfolios that customers can use for their use cases. These portfolios can generate revenue for […]
A self-service patching solution for multi-account organizations
Patch Management is a critical operation that every organization wants to prioritize. This becomes tedious and challenging if an enterprise operates on a platform-consumer or hub-spoke model. An example of this would be a multi-account environment with hundreds of accounts and thousands of users using applications hosted in AWS. Different application owners have different requirements […]
Delegate account factory creation to parts of your organization with AWS Control Tower
While working with many of our regulated industry customers, we have been posed the question: “How can we enable a local team to create AWS Control Tower managed accounts within their specific Organizational Units (OUs)?” The customers want to leverage the guardrails and baselines put in place by AWS Control Tower so that: They could […]