Programmatic Governance in AWS
Multicloud.7 Using CloudFormation, Accounts, OUs, and Service Control Policies for governance on AWS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: Multi-Cloud Security | AWS Security
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In the last post I wrote about programmatic governance in GCP.
In this post, I’m going to summarize programmatic governance in AWS. I’ve covered most of this in my other series on automating cloud security so I’ll mostly be referencing that series.
In AWS you can use something called CloudFormation to define resources in files called templates and deploy them programmatically. I already explained in my posts on Azure and GCP programmatic governance that these files should be static and something you can always check into your own source control system, so you can monitor for unauthorized changes and drift.
