Preventive controls with AWS Organizations and VPC endpoint policies
How to layer AWS Organizations SCPs with VPC endpoint policies to enforce preventive security controls at scale.
How to import existing AWS Organizations SCPs and RCPs to CloudFormation
Step-by-step guidance for importing existing AWS Organizations service control policies and resource control policies into CloudFormation for infrastructure-as-code management.
Design a scalable service control policy strategy
A framework for designing and scaling AWS Organizations service control policies for enterprise-wide cloud governance.
Get more out of service control policies in a multi account environment
Best practices for maximizing the effectiveness of service control policies across a multi-account AWS Organizations environment.
Achieving operational excellence with design considerations for AWS Organizations SCPs
Design principles and operational best practices for building maintainable, scalable service control policy frameworks in AWS Organizations.
Identity guide: Preventive controls with AWS Identity SCPs
A comprehensive guide to implementing preventive controls using AWS Identity service control policies at enterprise scale.
Enforcing enterprise-wide preventive controls with AWS Organizations
Patterns and reference architectures for deploying enterprise-wide preventive controls using AWS Organizations service control policies.
Getting more out of your service control policies, featuring Morgan Stanley
Advanced SCP patterns and governance strategies at enterprise scale, featuring Morgan Stanley's approach to multi-account identity governance.