• Unlimited Leave
  • Posts
  • ⚙️ AWS Systems Manager helps save you some money 💸

⚙️ AWS Systems Manager helps save you some money 💸

Widgets! We don't need no stink'n widgets

Merry Christmas. This is Unlimited Leave, the weekly newsletter about AWS Governance, Management, and Automation news you can read while you're significant other wraps all of the presents.

This week's topics

  • Oh so quiet regarding Management and Governance

  • Security Hub Automations (UPDATE)

  • Doubling down on email eh?

  • Use SQL to instantly query your cloud services (AWS, Azure, GCP and more)

Oh so quiet regarding Management and Governance

It's a stretch that these make the newsletter. In this role, we should care about these little advancements more than we do. Specifically when it comes to cost management.

Security Hub Automations (UPDATE)

Something happened. Like it always does. Just as I'm ready to pull the trigger on a consolidated Repo to help you manage your Security Hub (SH) controls across your AWS Organization(s), I start seeing strange issues.Lesson Learned: I officially need to stop talking about solutions before they are complete.

What I'm seeing

I'm running the global SH Disabler as mentioned a couple of weeks ago. However, my SH Dashboard isn't reflecting the correct status or count of my disabled checks.

I'm disabling some low-risk and high-friction Foundational Best Practices. Each check in the image above has been disabled in the SH Delegated Administrator.

In the Delegated Admin, as well as all of the child accounts across the organization, the checks reflect a "Disabled" status, with the correct Disabled Description.

The problem is the check itself as well as the individual Findings (an account/check pair) are still showing failure.

Did you check the result in the CLI?

Wouldn't you know? The Product owner and/or SAs for these services and solutions are out on holiday.

Doubling down on email

It's looking like you really like email. I plan on still sending emails. Don't worry.

However, I share some amazing tools I discover and use. See Steampipe below 👇.

I'm wondering if you would like access to a consolidated solution of these tools, code repositories, and tutorials put together by yours truly. Here is your chance to dictate what that looks like. I'm going to put something together regardless.

Vote now (and on the next issue) or forever hold your peace.

Use SQL to instantly query your cloud services (AWS, Azure, GCP and more)

Use SQL to query your cloud resources without all the backend configuration and/or custom scripts. If you know SQL you should be able to get the information you need out of your cloud accounts. "No DB required."

Steampipe.io is an Open Source CLI tool that allows you to do everything you'd expect out of that previous description, and then some. #notasponsor

Review past issues HERE | Share with others HERE
Disclaimer: The resources and topics shared within this newsletter are for informational use only. Any resources deployed or tools implemented are done so at your own risk. Do your own research and testing prior to the implementation of any resource or service deployed for any workload.