AWS Organizations Service Control Policies
Description
A repository of community generated Service control policies (SCPs) and reference links to ensure proper governance and access control guidelines across your entire organization. Please feel free to contribute or submit a pull request if you would like to improve an existing SCP or share additional ones.
Example Policies
-
us-regions-only - Deny actions unless performed in one of the US related regions
-
prevent-resourcesharing - Prevent account from creating or deleting resource shares within the organization
-
prevent-disabling-cloudtrail - Account cannot disable CloudTrail service
-
prevent-deletion-of-service-resources - Protect various organizational roles and resources curated for service and governance related purposes.
Reference Links
-
Service Control Policies - AWS Organizations - Service Control Policies Documentation