Category: Configuration, compliance, and auditing

AWS customers use AWS CloudTrail Lake to aggregate and analyze their AWS activity for security, operational troubleshooting, and compliance purposes. However, when investigating security incidents or conducting compliance audits, customers often need additional business context beyond the basic event details – like which team or project owns the affected resources, or what where the properties […]

We are incredibly excited to see you at AWS re:Inforce, in Philadelphia, Pennsylvania, on June 16-18, 2025. This year’s Governance, Risk, and Compliance track features sessions on automating compliance, enhancing risk visibility, using generative AI for business growth, and maintaining security at scale, including 5 breakout sessions, 8 builder sessions, 7 chalk talks, 2 code […]

Introduction Organizations face unique compliance requirements across their AWS resources and accounts. While AWS Config provides managed rules, many organizations need custom rules and automated remediation capabilities that can scale across their AWS Organization. This blog post demonstrates how to use AWS Config custom conformance pack to deploy and manage custom rules with remediation actions […]

In this post, we will highlight how AWS Config can be used to help organizations implement capabilities related to management and governance, security, and more. Have you ever wondered how to maintain a centralized inventory of resources across your AWS accounts? Do you need to quickly identify the unencrypted resources in your AWS environment? Do you […]

Overview A key benefit of using the Amazon Web Services (AWS) cloud is the ability to pay only for the services you consume. This granular control and elastic model enables you to achieve substantial savings compared to on-premise infrastructure. The practice of ensuring you are getting the most value for your investment, and a foundational pillar […]

At AWS, we are committed to running our business in the most environmentally friendly way possible. We also work to enable our customers to use the benefits of the cloud to better monitor and optimize their IT infrastructure. As reported in The Carbon Reduction Opportunity of Moving to Amazon Web Services, our infrastructure is 3.6 […]

Introduction AWS Organizations provides the capability to centrally manage and govern your AWS environment. As an organization, you can delegate administration of specific AWS services integrated with AWS Organizations to authorized individuals or teams. Implementing effective controls for these delegated administrators is essential to ensuring the security, compliance, and operational efficiency of your AWS environment. […]

While protection of data is critical, equally important is observing who accesses it.  AWS services allow you to control your data by determining where it’s stored, who has access, and how it’s secured. AWS CloudTrail provides an effective way to track data access activities.  You can detect access attempts, and identify potential unauthorized attempts. CloudTrail, […]

AWS Config is a fully managed service that provides customers with resource inventory, configuration monitoring, and configuration change notifications to support security, governance, and compliance for workloads in AWS. An AWS Config rule represents desired configurations for a resource and evaluates changes in near real-time and records the compliance history in AWS Config. Using AWS […]

Customers in highly regulated industries, such as Financial Services or Healthcare and Life Sciences, often need to audit every action made in environments with sensitive data. Regulations like HIPAA or FFIEC, and industry frameworks like the PCI DSS, require granular log entries that record user and administrative actions within an environment containing sensitive data, and […]