AWS Cloud Operations Blog

Category: Security, Identity, & Compliance

Best practices to optimize costs after mergers and acquisitions with AWS Organizations

Mergers and acquisitions (M&As) offer organizations the opportunity to scale operations, diversify product lines, and capture new markets. However, they come with a set of challenges, such as the nuances of integrating legacy IT systems, complying with stringent regulations, and maintaining business continuity, etc. Eliminating the redundancy of resources and optimizing processes to bring consistency […]

Identify AWS resources at risk across your multi-account environment with AWS Organizations integrations

Identify AWS resources at risk across your multi-account environment with AWS Organizations integrations

With numerous AWS accounts in an organization, receiving an external security finding like a vulnerability assessment or pen test report impacting multiple resources can be challenging. Without a centralized resource viewing and search capability, identifying the affected resources require switching and inspecting each account individually, which is time-consuming and inefficient. Security vulnerabilities are time-sensitive, and […]

Three Easy Steps to Make your Product More Accessible

Three Easy Steps to Make Your Product More Accessible

Today is Global Accessibility Awareness Day (GAAD); a day of awareness intended to draw attention to accessibility and inclusion for people with disabilities around the world. It is a perfect time to reflect on the importance of accessibility in the cloud. At Amazon Web Services (AWS), our guiding principle of customer obsession extends to our […]

Gain Insights with Natural Language Query into your AWS environment using Amazon CloudTrail and Amazon Q in QuickSight

AWS CloudTrail tracks user and API activities across your AWS environments for governance and auditing purposes. Large enterprises typically use multiple AWS accounts, and many of those accounts might need access to a data lake managed by a single AWS account. By using Lake Formation integration with CloudTrail Lake, you can securely aggregate the data […]

How to monitor AWS WAF logging centrally using Amazon Managed Grafana

It is important for cloud security operations teams to maintain a high level of cloud security and detect and respond to malicious web activity in near real-time. AWS WAF helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. However, as your cloud environment scales with […]

How SMBs can deploy a multi-account environment quickly using AWS Organizations and AWS CloudFormation StackSets

Small and Medium Businesses (SMBs) need to operate with high availability and mitigate security risks while keeping costs low. An AWS multi-account environment with workload isolation, robust access control, cost visualization, and integrated security mechanisms can help SMBs build a platform to support growth. SMBs want to deploy a multi-account environment on AWS quickly and […]

Securely share AWS CloudTrail Lake logs across accounts without replicating data

In 2022, we launched AWS CloudTrail Lake, an immutable managed data lake designed to simplify audit, security, and compliance investigations by capturing, storing, and analyze AWS user and API activities. By providing immutable storage for your activity logs, CloudTrail Lake protects the integrity of your audit data by providing read-only access. CloudTrail Lake integrates seamlessly […]

Enhance your AWS cloud infrastructure security with AWS Managed Services (AMS)

Introduction A security or data loss incident can lead to both financial and reputational losses. Maintaining security and compliance is a shared responsibility between AWS and you (our customer), where AWS is responsible for “Security of the Cloud” and you are responsible for “Security in the Cloud”. However, security in the cloud has a much […]

VMware’s Cloud Journey: AWS Account Management at Scale

This post was co-authored with Thiru Bhat, Director CSO-CM, Office of the CTO, VMware VMware has been developing virtualization software since 1998. Headquartered in Palo Alto, California, the company is known for its application modernization, cloud, networking, security, and digital workspace offerings. They require a thorough and all-encompassing approach to ensure that corporate controls and […]

Implementing automated and centralized tagging controls with AWS Config and AWS Organizations

Introduction This blog post is for customers who want to implement automated tagging controls and strategy for cost allocation. Customers want to centralize and maintain consistency for tags across AWS Organizations so they are available outside their AWS environment (e.g. in build scripts, etc.) or enforce centralized conditional tagging on existing and new AWS resources […]