aws-iam-permissions-guardrails
aws-iam-permissions-guardrails copied to clipboard
aws-samples
AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/
Issue number: https://github.com/aws-samples/aws-iam-permissions-guardrails/issues/7 Description: Adds SCP for SecurityHub which denies access to disable security hub and dissociate member acocunts Branch name: master File/folder affected : https://github.com/aws-samples/aws-iam-permissions-guardrails/blob/sechub-scp/guardrails/securityhub/SCP-SECHUB-1.json Changes proposed: Added a...
Issue number: 14 Description: Adds SCP which prevents unencrypted Neptune DB to be created Branch name: master File/folder affected : https://github.com/aws-samples/aws-iam-permissions-guardrails/blob/neptune-scp/guardrails/neptune/SCP-NEPTUNE-1.json Changes proposed: New file was added
Issue number: 29 Description: Vault Lock Policy that prevent Users from Deleting Glacier Archives Less Than 365 Days Old. Suppose that you have a regulatory requirement to retain archives for...
Issue number: 27 Description: AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software...
Issue number: #3 Description: Protect emr:PutBlockPublicAccessConfiguration Branch name: Master Changes proposed: Add SCP for EMR Block Public Access
Issue number: 32 Description: To prevent users from adding themselves as an administrator with an extract, transform, and load (ETL) script, make sure that all non-administrator users and roles are...
This SCP will enforce IMDSv2 to access instance metadata for an EC2 instance Description: Instance metadata is data about your instance that you can use to configure or manage the...
Issue number: #39 Description: Add SCP for preventing Deletion or Disassociation of Members and Invitations from Security Hub Branch name: master File/folder affected : guardrails/securityhub/ Changes proposed: Adds SecurityHub SCP-2...
Issue number: #18 Description: SCP to protect disabling/deleting Macie Branch name: master File/folder affected : /guardrails/macie/ Changes proposed: Adds SCP json for protecting Macie
Issue number: #42 Description: Refer to issue #42 for more details Branch name: master File/folder affected : /guardrails/iam Changes proposed: Add SCP .json to prevent creation of any IAM users...
Metadata
Owner
Metadata
AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/