Locking Down An SCP to Only Allow Modifications From the Management Account— Dynamically

ACM.401 Overcoming CloudFormation limitations for dynamic SCPs and challenges with delegated admins with IAM Permissions

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: AWS Security | Secure Code

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last post, I paused to write about some code I’m using to generate code — without generative AI :) It was my 400th post in this particular series and I thought this was kind of cool and a special post for this monumental number.

My goal throughout this series has been to minimize the time I have to spend writing code to deploy new resources and I am getting closer and closer to that objective — while implementing a governed infrastructure to help limit misconfigurations and unauthorized access. Ultimately, I want to report on my own infrastructure and configurations.