AWS Cloud Operations Blog

Introduction AWS Organizations provides the capability to centrally manage and govern your AWS environment. As an organization, you can delegate administration of specific AWS services integrated with AWS Organizations to authorized individuals or teams. Implementing effective controls for these delegated administrators is essential to ensuring the security, compliance, and operational efficiency of your AWS environment. […]

December 24, 2024: This post was republished to update terminology for AWS RAM resource shares and to update links. AWS customers use AWS Organizations as the basis of a multi-account AWS environment as defined by the Organizing Your AWS Environment Using Multiple Accounts AWS Whitepaper. Organizations is an AWS service that enables you to centrally […]

This blog post will guide you through a quick start on using Amazon Q Developer for operational investigations on AWS. We’ll walk you through the step-by-step process of setting up this powerful AI-assisted troubleshooting tool . You’ll discover how to configure user permissions, manage data access, set up encryption, and start your first investigation. We […]

Today, we are excited to announce a significant enhancement to AWS Resource Explorer that delivers a unified view of centralized resource insights and properties from AWS services. With the enhanced Resource Explorer experience, relevant data and insights from multiple AWS services is centralized for supported resource types. Customers use keyword-based search to return a list […]

Keeping your AWS infrastructure up-to-date and secure is a critical part of maintaining a robust and reliable cloud environment. AWS Systems Manager’s patching capabilities are a powerful tool in this effort, allowing you to automatically apply the latest security updates and bug fixes to your managed nodes, including Amazon Elastic Compute Cloud (EC2) instances, on-premises […]

While protection of data is critical, equally important is observing who accesses it.  AWS services allow you to control your data by determining where it’s stored, who has access, and how it’s secured. AWS CloudTrail provides an effective way to track data access activities.  You can detect access attempts, and identify potential unauthorized attempts. CloudTrail, […]

In this post, we explore how you can incorporate HashiCorp Terraform to manage your Amazon Web Services (AWS) application infrastructure after using AWS Control Tower with Landing Zone Accelerator on AWS (LZA) to manage your AWS ecosystem. The LZA deploys a cloud foundation that is architected to align with AWS best practices and multiple global […]

Security is “job zero” at AWS. It’s crucial to gain deeper insights into your AWS infrastructure’s security posture to respond quickly to threats. The ability to centrally monitor and visualize the security findings make it easier for you to identify any security threats or gaps and also keep the principle of least privilege in focus. […]

As organizations increasingly adopt cloud services, they often face the challenge of hosting diverse workloads with varying cost structures and budget constraints. To establish a solid foundation for cost optimization without compromising operational efficiency in your cloud operations, it’s essential to manage your cloud expenses efficiently. This aligns with the AWS Well-Architected Cost Optimization pillar, […]

AWS Control Tower makes it easy to create and manage a secure, multi-account AWS environment, ready for immediate use. However, for more customized setups, particularly using Terraform, customers can use AWS Control Tower Account Factory for Terraform (AFT). Account Factory for Terraform (AFT) sets up a Terraform pipeline to help you provision and customize accounts […]