aws-samples / policy-as-code
☆23Updated 8 months ago
Alternatives and similar repositories for policy-as-code:
Users that are interested in policy-as-code are comparing it to the libraries listed below
- SSH-Restricted deploys an SSH compliance rule (AWS Config) with auto-remediation via AWS Lambda if SSH access is public.☆30Updated 4 years ago
- Sample CloudFormation templates and architecture for AWS Control Tower☆28Updated last year
- A solution designed to simplify AWS Identity Center (SSO) management using simple JSON/YAML inputs.☆13Updated 2 months ago
- ☆39Updated 3 years ago
- Use Cloud Control API to remediate drift that was detected on a CloudFormation stackUpdated 10 months ago
- Terraform module to provision Service Control Policies (SCP) for AWS Organizations, Organizational Units, and AWS accounts☆51Updated last week
- This project provides a solution to AWS customers for reporting on what tags exists, the resources they are applied to, and what resource…☆21Updated last year
- ☆21Updated 2 years ago
- ☆17Updated last month
- The open source version of the AWS Control Tower docs. You can submit feedback & requests for changes by submitting issues in this repo o…☆27Updated last year
- This repository shows how to setup Centralized CloudWatch Observability Manager using Terraform☆17Updated 4 months ago
- Implements OPA-based preventive security controls for AWS Infrastructure using Terraform Infrastructure as Code (IaC), that can establish…☆40Updated last year
- Example code for setting up CIS Benchmarks using EventBridge☆19Updated 3 years ago
- ☆36Updated 10 months ago
- Useful scripts for maintaining multiple AWS Accounts☆45Updated 2 weeks ago
- ☆21Updated last year
- CloudCustodian Rules engine for cloud security and governance, DSL in yaml for policies to query, filter, and take actions on resources☆19Updated last year
- Centralized Network Inspection on AWS configures the AWS resources needed to filter network traffic. This solution saves you time by auto…☆43Updated last month
- ☆35Updated last year
- ☆31Updated 4 years ago
- ☆27Updated 5 months ago
- Workshop exercise materials for re:Invent 2017 - SID 341: Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection☆52Updated 6 years ago
- Demonstration that AWS IAM policy evaluation docs are incorrect☆15Updated 3 years ago
- Account Assessment for AWS Organizations programmatically scans all AWS accounts in an AWS Organization for identity-based and resource-b…☆35Updated 2 months ago
- AWS CloudFormation and CDK Construct Library for IAM Roles for EKS Service Accounts☆18Updated 11 months ago
- Example container image re-scan with Amazon ECR☆50Updated 3 years ago
- ☆12Updated 2 months ago
- Sample code for integrating AWS CloudFormation templates security tests (using CFN-Nag and CFN-Guard) with both AWS Security Hub and AWS …☆24Updated last year
- AWS-CFN-Control is an interface that provides a way to quickly deploy and redeploy CloudFormation stacks from the command line. The cfnct…☆45Updated last year
- A collection of useful queries that can be used to verify compliance/security across your AWS assets☆31Updated 5 years ago