AWS Management Tools Blog

We’re living in a golden age of AWS CloudFormation tooling. Tools like cfn_nag and taskcat make it easier to treat your infrastructure as code by performing testing and validation before you deploy a single resource into your accounts. In this blog post, I’ll show you how to use linters to validate your CloudFormation templates.

I want to take you on a quick look back at what we added for AWS CloudFormation in 2018. We added coverage for 18 new AWS services (up from 14 in 2017) and many new features for existing services, several available at launch. Highlights of the features and new content that CloudFormation introduced in 2018, […]

AWS Systems Manager Automation simplifies common administrative and maintenance tasks of AWS resources. Using Systems Manager Automation, you can execute predefined tasks/workflows in the form of AWS Systems Manager documents (SSM documents) that you can write yourself or use community published documents. A SSM document defines the actions that Systems Manager performs on your AWS […]

As an organization expands its use of AWS services, there is often a conversation about the need to create multiple AWS accounts to ensure separation of business processes or for security, compliance, and billing. Many of the customers we work with use separate AWS accounts for each business unit so they can meet the different […]

We have introduced an updated version of the AWS Config Rule Development Kit (RDK). The RDK helps you rapidly deploy custom AWS Config rules at scale across multiple AWS accounts and Regions. You can also create a centralized dashboard to view the AWS Config rule compliance status across various AWS accounts. This blog post is […]

Most AWS CloudFormation templates use parameters to enable customization. It’s important to validate parameters to ensure a good user experience. AWS CloudFormation gives you several ways to perform parameter validation. For example, you can specify AllowedValues or a Default, or you can assign Types. For more information on validating parameters, see the documentation. Often, developers […]

Patching Windows instances in private subnets could be challenging since those Amazon EC2 instances have no internet connectivity. In this blog post we explain how to use AWS Systems Manager and Windows Server Update Services (WSUS) to keep those instances updated. We’ll create a new VPC with the proper endpoints, security groups, and network access […]

One of the primary features of AWS Systems Manager is Run Command. Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any Amazon EC2 instance that has been configured for Systems Manager. Now that the service has released the ec2-instance-managed-by-ssm, this is a good time to […]

Point-and-click management randomizes servers with every single change made. It’s great to configure your servers with code. In addition, having automation to manage server configuration and compliance helps companies save time, improve availability, and lower the risks associated with up-time and security. However, the learning experience and administrative effort required to maintain such an environment […]

AWS Systems Manager Automation now supports multi-account and multi-Region actions enabling you to centrally manage your AWS resources. This feature reduces the time and overhead needed for enterprise-wide configuration, operational actions, and compliance remediation. In this blog post, I show you how to use AWS Systems Manager Automation to patch your managed instances across multiple […]