Category: Enterprise governance and control

Today, we are making it easier for you to manage the alternate contacts (billing, operations, and security) on your member accounts in AWS Organizations. You can now programmatically manage your account alternate contact information in addition to the existing experience in the AWS console. This launch ensures that the right individuals receive important AWS notifications […]

AWS allows customers to assign metadata to their AWS resources in the form of tags. Each tag consists of a customer-defined key and an optional value. Tags can make it easier to manage, search for, and filter resources by purpose, owner, environment, or other criteria. AWS tags can be used for many purposes like organizing […]

Today, most enterprises adopt a multi-account strategy on AWS as their workloads scale and become more complex. Because the number of AWS accounts can grow quickly when you use a multi-account strategy, you need mechanisms to govern these accounts and standard guardrails to enforce controls across them. In this blog post, we are going to […]

In this blog post, I share my observations as an AMS Solutions Architect on how achieving operational excellence can help organizations realize their cloud business objectives while migrating to AWS. I dive deep into the five design principles that AWS Managed Services (AMS) uses to achieve operational excellence. Amazon is guided by four principles: customer […]

The AWS Well-Architected Framework describes key concepts and architectural best practices that help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads in the cloud. An AWS Well-Architected Review includes questions around the AWS Well-Architected Framework that can help application owners ensure that their workloads are following best practices. The […]

Enterprise customers often ask how they can minimize risk when they’re developing and testing a landing zone configuration. They also want to know how they can promote code between multiple landing zones. ­AWS Control Tower provides the easiest way to set up and govern a secure, multi-account AWS environment, called a landing zone. Customers who […]

Solutions providers who engage with their end customers in a resale arrangement must manage different business models and support delivery models. AWS Organizations makes it possible to build the right account structure to support a resale arrangement. Monthly end-customer invoicing often poses a huge challenge in a shared resale arrangement, where you need to know […]

Administrators and developers are always balancing the need for security with the need to move quickly. Recently, AWS published the Management and Governance Lens, an extension of the AWS Well-Architected Framework. The M&G Lens provides a set of prescriptive guidance to help customers build both securely and with speed. From this work, we learn about how to […]

Most of my enterprise customers have the need to allow their users to execute self-service operational tasks while restricting access to a minimum set of services. With AWS Service Catalog, you can provision pre-approved products, when combined with AWS Service Catalog service actions, you can provide simple predefined actions associated with the AWS Service Catalog […]

This is the third post in our series about multi-account management. In the first post, Governance, risk, and compliance when establishing your cloud presence, we focus on design considerations for managing in a cloud environment. Our second post, Best Practices for Organizational Units with AWS Organizations, provides guidance for a production-ready organizational unit (OU) structure when creating […]