Management & Governance Flashcards
AWS Config
Resource inventory - creates configuration history for your resources in AWS; can also alert you if resources change
fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance
you can discover existing AWS resources, export a complete inventory of your AWS resources w/ all confirmation details, and determine how a resource was configured at any point in time
these capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting
allow you to assess, audit, and evaluate configurations of your AWS resources
Very useful for Configuration Management as part of an ITIL program
AWS Config vs. AWS CloudTrail
CloudTrail - records user API activity on you account and allows you to access information about this activity
“Who made an API call to modify this resource?”
AWS Config - records point-in-time configuration details for your AWS resources as Configuration Items (CIs)
“What did my AWS resource look like?” at a point in time
AWS OpsWorks
Configuration management service that provides manages instances of Chef and Puppet (3rd party software vendors for configure management)
Updates include patching, updating, backup, configuration, and compliance management
configuration changes are submitted to OpsWorks
instances are configured by OpsWorks using Chef/Puppet
AWS Systems Manager
helps you safely manage and operate your resources at scale
use this for compliance information
path management function - you can automate this
run command - you can run commands on your EC2 instances
How it Works:
group resources - create groups of resources across different AWS services, such as applications or different layers of an application stack
visualize data - view aggregated operational data by resource group
take action - respond to insights and automate operational actions across resource groups
Trusted Advisor
online resource that helps to reduce cost, increase performance, and improve security by optimizing your AWS environment
provides real time guidance to help you provision your resources following best practices
Advisor will advise you on Cost Optimization, Performance, Security, and Fault Tolerance
provide checks, warning notifications, etc.
AWS Service Catalog
Allows organizations to create and manage catalogs of IT services that are approved for use on AWS
these IT services can include everything from virtual machine imagines, servers, software, and databases to complete multi-tier application architectures
AWS Service Catalog allows you to centrally manage commonly deployed IT services
helps to achieve consistent governance and meet compliance requirements
AWS Personal Health Dashboard
provides alerts and remediation guidance when AWS is experiencing events that may impact you
gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources
dashboard displays relevant and timely information to help you manage events in progress
provides proactive notification to help you plan for scheduled activities
alerts are triggered by changes in the health of AWS resources, giving you event visibility, and guidance to help quickly diagnose and resolve issues
you get a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you
Service Health Dashboard
different from Personal Health Dashboard
shows current status information on service availability
not personalized info so may not be relevant to you
no proactive notification of scheduled activities
quick look at what is going right now in AWS
Personal Health Dashboard vs. Service Health Dashboard
Personal - you get a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you
Service - only tells you what is happening in AWS right now, and separated by region (a resource for everyone, not just you)
