PinnedOleksii BebychMoving to AWS Graviton. Why and How?AWS continuously improves cloud services and introduces new hardware for processing power, but customers usually do not rush to move to…Mar 151Mar 151
PinnedOleksii BebychControl Tower Guardrails overview (Preventive, Detective, and Proactive)A Guardrail (or Control) is a high-level rule that provides ongoing governance for your overall AWS environment. It’s expressed in plain…Apr 1Apr 1
PinnedOleksii BebychBuilding a Landing zone with AWS Control Tower (part 1)Since 2021, I have built ~20 AWS Landing Zones for different customers, big and small, enterprises and startups, and in this series of…May 6May 6
PinnedOleksii BebychBuilding a Landing zone with AWS Control Tower (part 2)In the previous post, I explained what a Landing Zone is, what the preconditions for a Landing Zone to appear, and why and when you should…May 9May 9
Oleksii BebychAWS Control Tower Customization with CloudFormation and CodePipelineIn the previous four posts, I explained AWS Landing Zone in general, the structure of AWS organization, and basic security configurations:2d ago2d ago
Oleksii BebychLeast privilege and DB access audit with Aurora IAM authenticationUnfortunately, there are many companies that don’t worry about access to their databases; many employees and applications use the same DB…Jul 6Jul 6
Oleksii BebychCost optimization for AWS ConfigAWS Config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are…Jun 301Jun 301
Oleksii BebychBuilding a Landing zone with AWS Control Tower (part 3)In the previous post, I demonstrated three foundational AWS accounts (Management, Log Archive, and Audit), baseline resources, and possible…May 20May 20
Oleksii BebychImplementing “for each” logic in the CloudFormation template for dynamic input parametersProblem statementMar 12Mar 12