Enabling Cost and Usage
ACM.204 Monitoring for security issues by watching account spending
Part of my series on Automating Cybersecurity Metrics. Cloud Governance. AWS Organizations. The Code.
Free Content on Jobs in Cybersecurity | Sign up for the Email List
In the last post I wrote about using incremental rollouts to prevent issues with Service Control Policy deployments. Service Control Policies (SCPs) in an AWS cloud environment help you maintain cloud governance.
Let’s do something now that you should do in your AWS Organizations account if you haven’t already.
I always recommend that security teams monitor costs in cloud accounts. Monitoring will allow you to see a spike in cost that may be indicative of cryptominers, for example, spinning up massive instance sizes to have your resources mine crypt on their behalf.
There are a couple of things we can do to monitor costs. The first thing we need to do is enable AWS Cost Management.
If you’ve been following along you know we set up our organizational root account and an OrgRoot user for initial deployment. While logged into my AWS account as my OrgRoot user, I see that there is a…
