What is Account Factory for Terraform (AFT) Account Factory for Terraform (AFT) is a solution provided by AWS that leverages Terraform to automate and manage the creation and configuration of AWS accounts. It is designed to streamline the account provisioning process, enforce consistent configurations, and ensure governance and compliance across multiple AWS accounts. It may … Continue reading Uninstalling Account Factory for Terraform (AFT)
When you deploy an AWS Organization using Control Tower, an AWSSSO IdP is created in every account. It's name ends with DO_NOT_DELETE. What happens if you delete it? Background I recently had someone reach out to me asking what happens if the auto-created AWS SSO IdP Provider that integrates with IAM Identity Center in Control … Continue reading You deleted the “DO_NOT_DELETE” IdP?
In their eagerness to launch a cloud initiative, there are still organizations that deploy new environments and resources from the AWS console. While they may believe it leads to a quick win, the reality is different. Background I spoke with an organization recently that had deployed all of their AWS resources from the console. I … Continue reading Using AWS’s IaC Generator to Rescue Manual Deployments
Use AWS Skill Builder Digital Badges to showcase your skills! AWS Digital Badges AWS has introduced Digital Badges as a means for you to enhance, and then showcase your knowledge and skills in specific AWS technologies and services. Digital Badges are obtained within AWS Skill Builder, include a pre-built learning path containing training content relevant … Continue reading Get your AWS Digital Badges
If you need an easy and secure method to provide a hardened browser to your end users, AWS's fully managed WorkSpaces Web may be the service you've been waiting for. What is Amazon WorkSpaces Web? To give the textbook definition, Amazon WorkSpaces Web is "a low cost, fully managed WorkSpace built specifically to facilitate secure, … Continue reading Introduction to Amazon WorkSpaces Web
Do you need a quick and easy way to inventory EC2 Instances across your organization? Have you tried an Advanced Query for AWS Config? I can't remember if I was on a call or "heard" this over email but a comment like this was made, "I'm updating the EC2 inventory spreadsheet.".....Not knowing anything beyond this … Continue reading A Quick and Easy EC2 Inventory using AWS Config
Overview Earlier this month, AWS announced that the Amazon WorkSpaces API could now be used to modify the appearance of the WorkSpaces client to enhance the end user experience. The updated API allows you to add a logo, login message, forgot password, and support links unique to your organization. What aspects of the WorkSpaces client … Continue reading Customizing the Amazon WorkSpaces Client
Overview There may come a time when you wish to add an AWS Amazon Linux 2 EC2 instance as a managed server in Veeam Backup and Recovery. In this specific case, I was simply playing around with Veeam backup job settings with a Veeam Backup and Replication Server hosted on a VMware Cloud on AWS … Continue reading Adding an Amazon Linux 2 Instance to Veeam using Private Key Credentials
With this post, we'll conclude this series covering the most common AWS Security Event Root Causes. To recap, the six most common AWS security incident root causes are: Unintended disclosure of security credentials and secretsCustomer does not ensure the complete accuracy of their AWS account informationInsecure AWS resource configurationInactive response to GuardDuty and other detective controls and … Continue reading Common AWS Security Event Root Causes – Notes – Part #3
As part of a potential new "segment" to the site, we thought it may be fun to share with you those labs and/or workshops that we have found to be interesting. Thus the "Lab Spotlight" is born! If you look through the history of the site, you'll find several posts regarding Amazon AppStream, AWS's fully … Continue reading virtualBonzo “Lab Spotlight” – AppStream SaaS Portal
