aws-samples/aws-secure-environment-accelerator aws-samples/aws-secure-environment-accelerator

  • Stars
    star
    653
  • Rank 66,644 (Top 2 %)
  • Language
    HTML
  • License
    Apache License 2.0
  • Created about 4 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
aws-samples/aws-secure-environment-accelerator
github

aws-samples

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

ATTENTION

The Landing Zone Accelerator (LZA) on AWS solution is now the recommended solution for organizations seeking to automate the deployment of a new high compliance AWS Environment.

The LZA v1.3 release (03/2023) focused on delivering AWS Secure Environment Accelerator (ASEA) feature parity and delivered both CCCS Cloud Medium and Trusted Secure Enclave Sensitive Edition sample configuration files. These samples deliver similar outcomes to the ASEA sample configuration file.

The LZA team is currently developing a semi-automated upgrade from ASEA to LZA. Upgrades from ASEA to LZA must occur before Q4 2024. Please monitor this site for a future LZA release that will support the ASEA to LZA semi-automated upgrade capability here.

Please reach out to your AWS Account Team with any questions.

AWS Secure Environment Accelerator

The AWS Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file that drives the architecture deployed by the tool. This enables extensive flexibility and for the completely automated deployment of a customized architecture within AWS without changing a single line of code.

While flexible, the AWS Accelerator is delivered with a sample configuration file which deploys an opinionated and prescriptive architecture designed to help meet the security and operational requirements of many governments around the world. Tuning the parameters within the configuration file allows for the deployment of customized architectures and enables the solution to help meet the multitude of requirements of a broad range of governments and public sector organizations.

The installation of the provided prescriptive architecture is reasonably simple, deploying a customized architecture does require extensive understanding of the AWS platform. The sample deployment specifically helps customers meet NIST 800-53 and/or CCCS Medium Cloud Control Profile (formerly PBMM).

Diagram

What specifically does the Accelerator deploy and manage?

A common misconception is that the AWS Secure Environment Accelerator only deploys security services, not true. The Accelerator is capable of deploying a complete end-to-end hybrid enterprise multi-region cloud environment.

Additionally, while the Accelerator is initially responsible for deploying a prescribed architecture, it more importantly allows for organizations to operate, evolve, and maintain their cloud architecture and security controls over time and as they grow, with minimal effort, often using native AWS tools. While the Accelerator helps with the deployment of technical security controls, it’s important to understand that the Accelerator is only part of your security and compliance effort. We encourage customers to work with their AWS account team, AWS Professional Services or an AWS Partner to determine how to best meet the remainder of your compliance requirements.

The Accelerator is designed to enable customers to upgrade across Accelerator versions while maintaining a customer’s specific configuration and customizations, and without the need for any coding expertise or for professional services. Customers have been able to seamlessly upgrade their AWS multi-account environment from the very first Accelerator beta release to the latest release (across more than 50 releases), gaining the benefits of bug fixes and enhancements while having the option to enable new features, without any loss of existing customization or functionality.

Specifically the accelerator deploys and manages the following functionality, both at initial accelerator deployment and as new accounts are created, added, or onboarded in a completely automated but customizable manner:

Creates AWS Account

  • Core Accounts - as many or as few as your organization requires, using the naming you desire. These accounts are used to centralize core capabilities across the organization and provide Control Panel like capabilities across the environment. Common core accounts include:
    • Shared Network
    • Operations
    • Perimeter
    • Log Archive
    • Security Tooling
  • Workload Accounts - automated concurrent mass account creation or use AWS organizations to scale one account at a time. These accounts are used to host a customer's workloads and applications.
  • Scalable to 1000's of AWS accounts
  • Supports AWS Organizations nested OU's and importing existing AWS accounts
  • Performs 'account warming' to establish initial limits, when required
  • Automatically submits limit increases, when required (complies with initial limits until increased)
  • Leverages AWS Control Tower

Creates Networking

  • Transit Gateways and TGW route tables (incl. inter-region TGW peering)
  • Centralized and/or Local (bespoke) VPC's
  • Subnets, Route tables, NACLs, Security groups, NATGWs, IGWs, VGWs, CGWs
  • NEW Outpost, Local Zone and Wavelength support
  • VPC Endpoints (Gateway and Interface, Centralized or Local)
  • Route 53 Private and Public Zones, Resolver Rules and Endpoints, VPC Endpoint Overloaded Zones
  • All completely and individually customizable (per account, VPC, subnet, or OU)
  • Layout and customize your VPCs, subnets, CIDRs and connectivity the way you want
  • Static or Dynamic VPC and subnet CIDR assignments
  • Deletes default VPC's (worldwide)
  • AWS Network Firewall

Cross-Account Object Sharing

  • VPC and Subnet sharing, including account level re-tagging (Per account security group 'replication')
  • VPC attachments and peering (local and cross-account)
  • Zone sharing and VPC associations
  • Managed Active Directory sharing, including R53 DNS resolver rule creation/sharing
  • Automated TGW inter-region peering
  • Populate Parameter Store with all user objects to be used by customers' IaC
  • Deploy and share SSM documents (4 provided out-of-box, ELB Logging, S3 Encryption, Instance Profile remediation, Role remediation)
    • customer can provide their own SSM documents for automated deployment and sharing

Identity

  • Creates Directory services (Managed Active Directory and Active Directory Connectors)
  • Creates Windows admin bastion host auto-scaling group
  • Set Windows domain password policies
  • Set IAM account password policies
  • Creates Windows domain users and groups (initial installation only)
  • Creates IAM Policies, Roles, Users, and Groups
  • Fully integrates with and leverages AWS SSO for centralized and federated login

Cloud Security Services

  • Enables and configures the following AWS services, worldwide w/central designated admin account:
    • GuardDuty w/S3 protection
    • Security Hub (Enables designated security standards, and disables individual controls)
    • Firewall Manager
    • CloudTrail w/Insights and S3 data plane logging
    • Config Recorders/Aggregator
    • Conformance Packs and Config rules (95 out-of-box NIST 800-53 rules, 2 custom rules, customizable per OU)
    • Macie
    • IAM Access Analyzer
    • CloudWatch access from central designated admin account (and setting Log group retentions)

Other Security Capabilities

  • Creates, deploys and applies Service Control Policies
  • Creates Customer Managed KMS Keys (SSM, EBS, S3), EC2 key pairs, and secrets
  • Enables account level default EBS encryption and S3 Block Public Access
  • Configures Systems Manager Session Manager w/KMS encryption and centralized logging
  • Configures Systems Manager Inventory w/centralized logging
  • Creates and configures AWS budgets (customizable per OU and per account)
  • Imports or requests certificates into AWS Certificate Manager
  • Deploys both perimeter and account level ALB's w/Lambda health checks, certificates and TLS policies
  • Deploys & configures 3rd party firewall clusters and management instances (leverages marketplace)
    • Gateway Load Balancer w/auto-scaling and VPN IPSec BGP ECMP deployment options
  • Protects Accelerator deployed and managed objects
  • Sets Up SNS Alerting topics (High, Medium, Low, Blackhole priorities)
  • Deploys CloudWatch Log Metrics and Alarms
  • Deploys customer provided custom config rules (2 provided out-of-box, no EC2 Instance Profile/Permissions)

Centralized Logging and Alerting

  • Deploys an rsyslog auto-scaling cluster behind a NLB, all syslogs forwarded to CloudWatch Logs
  • Centralized access to "Cloud Security Service" Consoles from designated AWS account
  • Centralizes logging to a single centralized S3 bucket (enables, configures and centralizes)
    • VPC Flow logs w/Enhanced metadata fields (also sent to CWL)
    • Organizational Cost and Usage Reports
    • CloudTrail Logs including S3 Data Plane Logs (also sent to CWL)
    • All CloudWatch Logs (includes rsyslog logs)
    • Config History and Snapshots
    • Route 53 Public Zone Logs (also sent to CWL)
    • GuardDuty Findings
    • Macie Discovery results
    • ALB Logs
    • SSM Inventory
    • Security Hub findings
    • SSM Session Logs (also sent to CWL)
    • Resolver Query Logs (also sent to CWL)
  • Email alerting for CloudTrail Metric Alarms, Firewall Manager Events, Security Hub Findings incl. GuardDuty Findings
  • NEW Optionally collect Organization and ASEA configuration and metadata in a new restricted log archive bucket

Relationship with AWS Landing Zone Solution (ALZ)

The ALZ was an AWS Solution designed to deploy a multi-account AWS architecture for customers based on best practices and lessons learned from some of AWS' largest customers. The AWS Accelerator draws on design patterns from the Landing Zone, and re-uses several concepts and nomenclature, but it is not directly derived from it, nor does it leverage any code from the ALZ. The Accelerator is a standalone solution with no dependence on ALZ.

Relationship with AWS Control Tower

The AWS Secure Environment Accelerator now leverages AWS Control Tower!

With the release of v1.5.0, the AWS Accelerator adds the capability to be deployed on top of AWS Control Tower. Customers get the benefits of the fully managed capabilities of AWS Control Tower combined with the power and flexibility of the Accelerators Networking and Security orchestration.

Accelerator Installation Process (Summary)

This summarizes the installation process, the full installation document can be found in the documentation section below.

  • Create a config.json (or config.yaml) file to represent your organizations requirements (several samples provided)
  • Create a Secrets Manager Secret which contains a GitHub token that provides access to the Accelerator code repository
  • Create a unique S3 input bucket in the management account of the region you wish to deploy the solution and place your config.json and any additional custom config files in the bucket
  • Download and execute the latest release installer CloudFormation template in your management accounts preferred 'primary' / 'home' region
  • Wait for:
    • CloudFormation to deploy and start the Code Pipeline (~5 mins)
    • Code Pipeline to download the Accelerator codebase and install the Accelerator State Machine (~10 mins)
    • The Accelerator State Machine to finish execution (~1.25 hrs Standalone version, ~2.25 hrs Control Tower Version)
  • Perform required one-time post installation activities (configure AWS SSO, set firewall passwords, etc.)
  • On an ongoing basis:
    • Use AWS Organizations to create new AWS accounts, which will automatically be guardrailed by the Accelerator
    • Update the config file in CodeCommit and run the Accelerator State Machine to:
      • deploy, configure and guardrail multiple accounts at the same time (~25 min Standalone, ~50 min/account Control Tower)
      • change Accelerator configuration settings (~25 min)

Documentation

The latest version of the Accelerator documentation can be found here.

More Repositories

1

aws-cdk-examples

Example projects using the AWS CDK
Python
4,121
star
2

aws-serverless-workshops

Code and walkthrough labs to set up serverless applications for Wild Rydes workshops
JavaScript
3,977
star
3

aws-workshop-for-kubernetes

AWS Workshop for Kubernetes
Shell
2,618
star
4

aws-machine-learning-university-accelerated-nlp

Machine Learning University: Accelerated Natural Language Processing Class
Jupyter Notebook
2,080
star
5

aws-serverless-airline-booking

Airline Booking is a sample web application that provides Flight Search, Flight Payment, Flight Booking and Loyalty points including end-to-end testing, GraphQL and CI/CD. This web application was the theme of Build on Serverless Season 2 on AWS Twitch running from April 24th until end of August in 2019.
Vue
1,967
star
6

ecs-refarch-cloudformation

A reference architecture for deploying containerized microservices with Amazon ECS and AWS CloudFormation (YAML)
Makefile
1,673
star
7

lambda-refarch-webapp

The Web Application reference architecture is a general-purpose, event-driven, web application back-end that uses AWS Lambda, Amazon API Gateway for its business logic. It also uses Amazon DynamoDB as its database and Amazon Cognito for user management. All static content is hosted using AWS Amplify Console.
JavaScript
1,561
star
8

aws-modern-application-workshop

A tutorial for developers that want to learn about how to build modern applications on top of AWS. You will build a sample website that leverages infrastructure as code, containers, serverless code functions, CI/CD, and more.
1,445
star
9

aws-machine-learning-university-accelerated-cv

Machine Learning University: Accelerated Computer Vision Class
Jupyter Notebook
1,409
star
10

aws-glue-samples

AWS Glue code samples
Python
1,277
star
11

aws-deepracer-workshops

DeepRacer workshop content
Jupyter Notebook
1,086
star
12

serverless-patterns

Serverless patterns. Learn more at the website: https://serverlessland.com/patterns.
Python
1,036
star
13

aws-refarch-wordpress

This reference architecture provides best practices and a set of YAML CloudFormation templates for deploying WordPress on AWS.
PHP
1,001
star
14

aws-machine-learning-university-accelerated-tab

Machine Learning University: Accelerated Tabular Data Class
Jupyter Notebook
955
star
15

aws-serverless-ecommerce-platform

Serverless Ecommerce Platform is a sample implementation of a serverless backend for an e-commerce website. This sample is not meant to be used as an e-commerce platform as-is, but as an inspiration on how to build event-driven serverless microservices on AWS.
Python
947
star
16

aws-big-data-blog

Java
897
star
17

machine-learning-samples

Sample applications built using AWS' Amazon Machine Learning.
Python
867
star
18

eks-workshop

AWS Workshop for Learning EKS
CSS
777
star
19

startup-kit-templates

CloudFormation templates to accelerate getting started on AWS.
Python
760
star
20

aws-incident-response-playbooks

756
star
21

aws-genai-llm-chatbot

A modular and comprehensive solution to deploy a Multi-LLM and Multi-RAG powered chatbot (Amazon Bedrock, Anthropic, HuggingFace, OpenAI, Meta, AI21, Cohere) using AWS CDK on AWS
TypeScript
736
star
22

aws-security-reference-architecture-examples

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.
Python
731
star
23

lambda-refarch-imagerecognition

The Image Recognition and Processing Backend reference architecture demonstrates how to use AWS Step Functions to orchestrate a serverless processing workflow using AWS Lambda, Amazon S3, Amazon DynamoDB and Amazon Rekognition.
JavaScript
662
star
24

simple-websockets-chat-app

This SAM application provides the Lambda functions, DynamoDB table, and roles to allow you to build a simple chat application based on API Gateway's new WebSocket-based API feature.
JavaScript
632
star
25

aws-codedeploy-samples

Samples and template scenarios for AWS CodeDeploy
Shell
627
star
26

emr-bootstrap-actions

This repository hold the Amazon Elastic MapReduce sample bootstrap actions
Shell
612
star
27

aws-lex-web-ui

Sample Amazon Lex chat bot web interface
JavaScript
607
star
28

hardeneks

Runs checks to see if an EKS cluster follows EKS Best Practices.
Python
603
star
29

aws-bookstore-demo-app

AWS Bookstore Demo App is a full-stack sample web application that creates a storefront (and backend) for customers to shop for fictitious books. The entire application can be created with a single template. Built on AWS Full-Stack Template.
TypeScript
591
star
30

lambda-refarch-mobilebackend

Serverless Reference Architecture for creating a Mobile Backend
Objective-C
584
star
31

retail-demo-store

AWS Retail Demo Store is a sample retail web application and workshop platform demonstrating how AWS infrastructure and services can be used to build compelling customer experiences for eCommerce, retail, and digital marketing use-cases
Jupyter Notebook
579
star
32

kubernetes-for-java-developers

A Day in Java Developer’s Life, with a taste of Kubernetes
Java
562
star
33

aws-serverless-workshop-innovator-island

Welcome to the Innovator Island serverless workshop! This repo contains all the instructions and code you need to complete the workshop. Questions? Contact @jbesw.
JavaScript
552
star
34

amazon-personalize-samples

Notebooks and examples on how to onboard and use various features of Amazon Personalize
Jupyter Notebook
551
star
35

aws-iot-chat-example

💬 Chat application using AWS IoT platform via MQTT over the WebSocket protocol
JavaScript
534
star
36

aws-amplify-graphql

Sample using AWS Amplify and AWS AppSync together for user login and authorization when making GraphQL queries and mutations. Also includes complex objects for uploading and downloading data to and from S3 with a React app.
JavaScript
521
star
37

aws-mobile-appsync-chat-starter-angular

GraphQL starter progressive web application (PWA) with Realtime and Offline functionality using AWS AppSync
TypeScript
520
star
38

aws-dynamodb-examples

DynamoDB Examples
Java
511
star
39

aws-serverless-security-workshop

In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
JavaScript
505
star
40

amazon-forecast-samples

Notebooks and examples on how to onboard and use various features of Amazon Forecast.
Jupyter Notebook
471
star
41

lambda-refarch-fileprocessing

Serverless Reference Architecture for Real-time File Processing
Python
450
star
42

ecs-blue-green-deployment

Reference architecture for doing blue green deployments on ECS.
Python
442
star
43

cloudfront-authorization-at-edge

Protect downloads of your content hosted on CloudFront with Cognito authentication using cookies and Lambda@Edge
TypeScript
439
star
44

aws-service-catalog-reference-architectures

Sample CloudFormation templates and architecture for AWS Service Catalog
JavaScript
423
star
45

siem-on-amazon-opensearch-service

A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
Python
409
star
46

aws-microservices-deploy-options

This repo contains a simple application that consists of three microservices. Each application is deployed using different Compute options on AWS.
Jsonnet
407
star
47

aws-cost-explorer-report

Python SAM Lambda module for generating an Excel cost report with graphs, including month on month cost changes. Uses the AWS Cost Explorer API for data.
Python
406
star
48

aws-security-workshops

A collection of the latest AWS Security workshops
Jupyter Notebook
401
star
49

aws-sam-java-rest

A sample REST application built on SAM and DynamoDB that demonstrates testing with DynamoDB Local.
Java
400
star
50

amazon-elasticsearch-lambda-samples

Data ingestion for Amazon Elasticsearch Service from S3 and Amazon Kinesis, using AWS Lambda: Sample code
JavaScript
393
star
51

amazon-cloudfront-functions

JavaScript
388
star
52

aws-saas-factory-bootcamp

SaaS on AWS Bootcamp - Building SaaS Solutions on AWS
JavaScript
376
star
53

aws-lambda-extensions

A collection of sample extensions to help you get started with AWS Lambda Extensions
Go
376
star
54

amazon-sagemaker-notebook-instance-lifecycle-config-samples

A collection of sample scripts to customize Amazon SageMaker Notebook Instances using Lifecycle Configurations
Shell
366
star
55

non-profit-blockchain

Builds a blockchain network and application to track donations to non-profit organizations, using Amazon Managed Blockchain
SCSS
360
star
56

amazon-textract-code-samples

Amazon Textract Code Samples
Jupyter Notebook
355
star
57

lambda-refarch-streamprocessing

Serverless Reference Architecture for Real-time Stream Processing
JavaScript
349
star
58

amazon-neptune-samples

Samples and documentation for using the Amazon Neptune graph database service
JavaScript
348
star
59

amazon-ecs-java-microservices

This is a reference architecture for java microservice on Amazon ECS
Java
345
star
60

sessions-with-aws-sam

This repo contains all the SAM templates created in the Twitch series #SessionsWithSAM. The show is every Thursday on Twitch at 10 AM PDT.
JavaScript
343
star
61

amazon-rekognition-video-analyzer

A working prototype for capturing frames off of a live MJPEG video stream, identifying objects in near real-time using deep learning, and triggering actions based on an objects watch list.
JavaScript
343
star
62

amazon-textract-textractor

Analyze documents with Amazon Textract and generate output in multiple formats.
Jupyter Notebook
341
star
63

aws-eks-accelerator-for-terraform

The AWS EKS Accelerator for Terraform is a framework designed to help deploy and operate secure multi-account, multi-region AWS environments. The power of the solution is the configuration file which enables the users to provide a unique terraform state for each cluster and manage multiple clusters from one repository. This code base allows users to deploy EKS add-ons using Helm charts.
HCL
338
star
64

aws-deepcomposer-samples

Jupyter Notebook
336
star
65

aws-iot-examples

Examples using AWS IoT (Internet of Things). Deprecated. See README for updated guidance.
JavaScript
331
star
66

amazon-ecs-mythicalmysfits-workshop

A tutorial for developers who want to learn about how to containerized applications on top of AWS using AWS Fargate. You will build a sample website that leverages infrastructure as code, containers, CI/CD, and more! If you're planning on running this, let us know @ [email protected]. At re:Invent 2018, these sessions were run as CON214/CON321/CON322.
HTML
329
star
67

aws-media-services-simple-vod-workflow

Lab that covers video conversion workflow for Video On Demand using AWS MediaConvert.
Python
328
star
68

php-examples-for-aws-lambda

Demo serverless applications, examples code snippets and resources for PHP
PHP
324
star
69

aws-serverless-cicd-workshop

Learn how to build a CI/CD pipeline for SAM-based applications
CSS
319
star
70

create-react-app-auth-amplify

Implements a basic authentication flow for signing up/signing in users as well as protected client side routing using AWS Amplify.
JavaScript
314
star
71

api-gateway-secure-pet-store

Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda
Objective-C
309
star
72

aws-etl-orchestrator

A serverless architecture for orchestrating ETL jobs in arbitrarily-complex workflows using AWS Step Functions and AWS Lambda.
Python
307
star
73

amazon-textract-serverless-large-scale-document-processing

Process documents at scale using Amazon Textract
Python
302
star
74

lambda-go-samples

An example of using AWS Lambda with Go
Go
302
star
75

amazon-cloudfront-secure-static-site

Create a secure static website with CloudFront for your registered domain.
JavaScript
300
star
76

aws-nodejs-sample

Sample project to demonstrate usage of the AWS SDK for Node.js
JavaScript
299
star
77

aws-cognito-apigw-angular-auth

A simple/sample AngularV4-based web app that demonstrates different API authentication options using Amazon Cognito and API Gateway with an AWS Lambda and Amazon DynamoDB backend that stores user details in a complete end to end Serverless fashion.
JavaScript
297
star
78

lambda-ecs-worker-pattern

This example code illustrates how to extend AWS Lambda functionality using Amazon SQS and the Amazon EC2 Container Service (ECS).
POV-Ray SDL
291
star
79

aws-lambda-fanout

A sample AWS Lambda function that accepts messages from an Amazon Kinesis Stream and transfers the messages to another data transport.
JavaScript
289
star
80

aws-saas-factory-ref-solution-serverless-saas

Python
286
star
81

aws-mlu-explain

Visual, Interactive Articles About Machine Learning: https://mlu-explain.github.io/
JavaScript
285
star
82

aws-serverless-shopping-cart

Serverless Shopping Cart is a sample implementation of a serverless shopping cart for an e-commerce website.
Python
282
star
83

aws-serverless-samfarm

This repo is full CI/CD Serverless example which was used in the What's New with AWS Lambda presentation at Re:Invent 2016.
JavaScript
280
star
84

eb-node-express-sample

Sample Express application for AWS Elastic Beanstalk
EJS
279
star
85

amazon-ecs-firelens-examples

Sample logging architectures for FireLens on Amazon ECS and AWS Fargate.
274
star
86

eb-py-flask-signup

HTML
270
star
87

codepipeline-nested-cfn

CloudFormation templates, CodeBuild build specification & Python scripts to perform unit tests of a nested CloudFormation template.
Python
269
star
88

aws-amplify-auth-starters

Starter projects for developers looking to build web & mobile applications that have Authentication & protected routing
269
star
89

aws-proton-cloudformation-sample-templates

Sample templates for AWS Proton
262
star
90

aws2tf

aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.
Shell
261
star
91

aws-containers-task-definitions

Task Definitions for running common applications Amazon ECS
261
star
92

aws-cdk-changelogs-demo

This is a demo application that uses modern serverless architecture to crawl changelogs from open source projects, parse them, and provide an API and website for viewing them.
JavaScript
260
star
93

designing-cloud-native-microservices-on-aws

Introduce a fluent way to design cloud native microservices via EventStorming workshop, this is a hands-on workshop. Contains such topics: DDD, Event storming, Specification by example. Including the AWS product : Serverless Lambda , DynamoDB, Fargate, CloudWatch.
Java
257
star
94

aws-secrets-manager-rotation-lambdas

Contains Lambda functions to be used for automatic rotation of secrets stored in AWS Secrets Manager
Python
256
star
95

lambda-refarch-iotbackend

Serverless Reference Architecture for creating an IoT Backend
Python
251
star
96

aws-health-aware

AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
Python
250
star
97

amazon-cognito-example-for-external-idp

An example for using Amazon Cognito together with an external IdP
TypeScript
247
star
98

mlops-amazon-sagemaker

Workshop content for applying DevOps practices to Machine Learning workloads using Amazon SageMaker
Jupyter Notebook
247
star
99

generative-ai-use-cases-jp

Generative AI を活用したビジネスユースケースのデモンストレーション
TypeScript
245
star
100

serverless-test-samples

This repository is designed to provide guidance for implementing comprehensive test suites for serverless applications.
C#
244
star