Category: Configuration, compliance, and auditing

AWS CloudTrail allows tracking of user and API activities across your AWS infrastructure. AWS CloudTrail best practices recommend AWS customers set up separate trails for different use cases such as operational troubleshooting, auditing, security monitoring, etc. Once the use case is accomplished, customers might permanently delete some of the trails but choose to retain their […]

With 2022 behind us, we want to take the opportunity to highlight our readers and the top blog posts from 2022. A big thank you to all our readers but also our authors who continue to work on delighting our customers with their blog posts. #1 Announcing AWS CloudTrail Lake – a managed audit and […]

In this post, we will show how you can deploy AWS Config custom rules across accounts in your organization, leveraging the Rules Development Kit (RDK), an open source development kit designed to support intuitive and efficient “Compliance-as-Code” workflows. With AWS Config custom rules, you can define custom logic for the desired configuration state of your […]

As organizations scale by moving more of their workloads to the cloud, they are looking to manage their cloud operations securely and to be prepared for compliance and auditing. AWS Cloud Operations aims to improve the compliance and auditing process in the cloud through best-in-class services by the scale and security of AWS infrastructure, per […]

AWS Config continuously monitors and records your AWS resource configurations. You can use the service to automate the evaluation and remediation of recorded configurations against desired configurations. You also can review changes in configurations and relationships between AWS resources and dive into the history of a resource configuration. AWS Config conformance packs provide a general-purpose compliance […]

Many of our customers who run Oracle databases need help with managing their Oracle licenses on AWS and ensuring that they have not fallen out of compliance with Oracle’s licensing rules. They must be prepared to provide relevant evidence in an auditor-friendly format during an Oracle license audit. Gathering evidence in a timely manner to […]

[Update on Sep/21/2024] AWS Config recorder has recently provided support for periodic recording, this captures the latest configuration changes of your resources once every 24 hours, reducing the number of changes delivered. This blog has been updated to incorporate that. [Update on May/14/2024] Minor update to the services that depend on AWS Config recorder and […]

Microsoft SCCM (System Center Configuration Manager) enables the management, deployment, and security of devices and applications. Compliance settings in Configuration Manager lets you manage configuration and compliance in your organization. As customers migrate their traditional workloads, they’re also looking for an AWS native solution that provides the flexibility to manage compliance and configuration management on […]

Backup compliance in AWS includes defining and enforcing backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. AWS Backup Audit Manager, a feature within the AWS Backup service, provides built-in compliance controls for these areas. […]

Many of our customers manage multiple AWS accounts in AWS Organizations and utilize Service Control Policies (SCPs) to centrally manage permissions in their organization. SCPs offer central control over the maximum available permissions for every account in your organization and can be applied to an account, organization units (OUs), or the organization as a whole […]