PinnedOleksii BebychMoving to AWS Graviton. Why and How?AWS continuously improves cloud services and introduces new hardware for processing power, but customers usually do not rush to move to…Mar 152Mar 152
PinnedOleksii BebychControl Tower Guardrails overview (Preventive, Detective, and Proactive)A Guardrail (or Control) is a high-level rule that provides ongoing governance for your overall AWS environment. It’s expressed in plain…Apr 1Apr 1
PinnedOleksii BebychBuilding a Landing zone with AWS Control Tower (part 1)Since 2021, I have built ~20 AWS Landing Zones for different customers, big and small, enterprises and startups, and in this series of…May 6May 6
PinnedOleksii BebychBuilding a Landing zone with AWS Control Tower (part 2)In the previous post, I explained what a Landing Zone is, what the preconditions for a Landing Zone to appear, and why and when you should…May 9May 9
Oleksii BebychAWS CodeCommit deprecated. What to do with Control Tower Customizations?Just a couple of weeks ago, I published the article AWS Control Tower Customization with CloudFormation and CodePipeline, where I…Aug 2Aug 2
Oleksii BebychAutomatically connect VPC to shared AWS Transit Gateway in Landing Zone.In my previous posts, I briefly showed how we build centralized networking in the Landing Zone and how we can automate the customization of…Jul 221Jul 221
Oleksii BebychAWS Control Tower Customization with CloudFormation and CodePipelineIn the previous four posts, I explained AWS Landing Zone in general, the structure of AWS organization, and basic security configurations:Jul 17Jul 17
Oleksii BebychLeast privilege and DB access audit with Aurora IAM authenticationUnfortunately, there are many companies that don’t worry about access to their databases; many employees and applications use the same DB…Jul 6Jul 6
Oleksii BebychCost optimization for AWS ConfigAWS Config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are…Jun 301Jun 301
Oleksii BebychBuilding a Landing zone with AWS Control Tower (part 3)In the previous post, I demonstrated three foundational AWS accounts (Management, Log Archive, and Audit), baseline resources, and possible…May 20May 20