AWS Config

Writing an SCP in AWS: An Introduction

by Michael McCarthy
November 14, 2022November 14, 2022

Preventive guardrails are a key component of cloud governance. (Cloud governance is the process of defining and creating policies to control costs, minimize security risks, and improve efficiency.) In AWS, preventive guardrails are SCPs (Service Control Policies). Eventually you may need a preventive guardrail in AWS that is not already available. In this case, writing an SCP is an option. Beware, SCPs do have logical limitations on what you can… Read More »Writing an SCP in AWS: An Introduction

How to use AWS Systems Manager for Remediation

by Michael McCarthy
October 24, 2022October 24, 2022

Remediating non-compliant AWS resources is a key component of cloud governance. One of the goals of cloud governance is creating policies to control costs and minimize security risks. Automated remediation is the best way to enforce policies, or guardrails. AWS Systems Manager is one tool that AWS provides to automatically remediate non-compliant resources. What is AWS Systems Manager? AWS Systems Manager, formerly called Amazon Simple Systems Manager or SSM, is… Read More »How to use AWS Systems Manager for Remediation

Cloud Governance and Cloud Security using AWS Config

by Michael McCarthy
October 4, 2022October 18, 2022

Cloud Governance is the process of defining and creating policies to control costs, minimize security risks, and improve efficiency. On AWS, cloud security often starts with preventive and detective guardrails. We will be discussing cloud security using AWS Config here, otherwise known as detective guardrails. What is AWS Config? AWS Config is a service that records configuration changes to your AWS resources. This includes recording how resources are connected to… Read More »Cloud Governance and Cloud Security using AWS Config