Self-service creation and deletion of sandbox-style accounts.

IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in Git.

Example AWS Service control policies to get started or mature your usage of AWS SCPs.

The Network Orchestration for AWS Transit Gateway solution automates the process of setting up and managing transit networks in distributed AWS environments. It creates a web interface to help control, audit, and approve (transit) network changes.

Deploy Service Control Policies (SCPs) with Terraform

This repository describes how to use AWS Control Tower controls, HashiCorp Terraform, and infrastructure as code (IaC) to implement and administer preventive, detective, and proactive security controls. A control (also known as a guardrail) is a high-level rule that provides ongoing governance for your overall AWS Control Tower environment.

This is my summarised note on how I prepared for my Cloud practioner exam and Passed, with over 570 practice questions and answers. If you are looking to take this exam then this repo is for you.

Using Terraform to enable Amazon GuardDuty for accounts in AWS Organizations.

Combines AWS Organizations Service Control Policies (SCP)

automate the control, the purge and the management of AWS accounts assigned permanently to selected employees - foster innovation from cloud teams

Whole-infrastructure automation tooling for AWS

This pattern describes how to use AWS Control Tower Controls, AWS Cloud Development Kit (CDK) and infrastructure as code to implement and administer preventive, detective and proactive security on AWS.

AWS CloudFormation templates and Python code for AWS blog post on how to automate centralized backup at scale across AWS services using AWS Backup.

Automated deployment and testing for AWS Service Control Policies

Account Assessment for AWS Organizations programmatically scans all AWS accounts in an AWS Organization for identity-based and resource-based policies with Organization-based conditions.

An reference implementation for managing AWS multi-account environments with Terraform

This solution will help you automate user group assignment to permission sets in AWS IAM Identity center for accessing any or all AWS accounts in your organization via federated access following principles of least privilege.

Manage AWS Organizations as Code

Terraform module to perform security assessment in AWS Organizations using Prowler on AWS Fargate.

Enables AWS Organizations Service Control Policies (SCP) with good defaults