Unlock new possibilities: AWS Organizations service control policy now supports full IAM language
AWS Organizations SCPs now support the full IAM policy language — new capabilities, patterns, and what this means for enterprise governance.
How to import existing AWS Organizations SCPs and RCPs to CloudFormation
Step-by-step guidance for importing existing AWS Organizations service control policies and resource control policies into CloudFormation for infrastructure-as-code management.
Streamlining AWS Organizations cleanup strategies
Strategies and automation patterns for cleaning up and rationalizing AWS Organizations structures, SCPs, and account hierarchies at scale.
Deploy AWS Organizations resources by using CloudFormation
How to manage and deploy AWS Organizations resources including SCPs and RCPs using CloudFormation as infrastructure-as-code.
How to prioritize IAM Access Analyzer findings
Strategies and workflows for triaging and prioritizing IAM Access Analyzer findings to focus remediation efforts on the highest-risk issues.
Get more out of service control policies in a multi account environment
Best practices for maximizing the effectiveness of service control policies across a multi-account AWS Organizations environment.
Validate IAM policies with Access Analyzer using AWS Config rules
How to use AWS Config custom rules alongside IAM Access Analyzer to continuously validate IAM policies for compliance and security posture.
Achieving operational excellence with design considerations for AWS Organizations SCPs
Design principles and operational best practices for building maintainable, scalable service control policy frameworks in AWS Organizations.
Identity guide: Preventive controls with AWS Identity SCPs
A comprehensive guide to implementing preventive controls using AWS Identity service control policies at enterprise scale.
Automate AWS Config reporting for noncompliant resources that have been non-compliant for a period of time
Automating compliance reporting workflows for AWS Config findings to track and remediate resources that remain non-compliant over time.
Enforcing enterprise-wide preventive controls with AWS Organizations
Patterns and reference architectures for deploying enterprise-wide preventive controls using AWS Organizations service control policies.