From 65f98fe8dd9704f1271c533aa06cff826c4736f3 Mon Sep 17 00:00:00 2001 From: Kay Hau Date: Wed, 18 Dec 2024 06:29:58 +1100 Subject: [PATCH] Added RCP examples --- Organizations/README.md | 8 ++++++-- Security.md | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/Organizations/README.md b/Organizations/README.md index 06d3918..bb7421d 100644 --- a/Organizations/README.md +++ b/Organizations/README.md @@ -1,9 +1,13 @@ # Notes -## SCP +## RCP (Resource Control Policy) + +- [aws-samples/resource-control-policy-examples](https://github.com/aws-samples/resource-control-policy-examples) +- https://github.com/aws-samples/data-perimeter-policy-examples/blob/main/resource_control_policies/identity_perimeter_rcp.json +## SCP - [Prevent Expensive AWS API Actions with SCPs](https://hackingthe.cloud/aws/general-knowledge/block-expensive-actions-with-scps/), July 30, 2024 - Example: Denies access to AWS based on the requested Region https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_deny-requested-region.html -- [matthewdfuller/safer-scps](https://github.com/matthewdfuller/safer-scps) - Safer SCPs: Real-Time SCP Error Monitor \ No newline at end of file +- [matthewdfuller/safer-scps](https://github.com/matthewdfuller/safer-scps) - Safer SCPs: Real-Time SCP Error Monitor diff --git a/Security.md b/Security.md index 0f3914e..e0b84fd 100644 --- a/Security.md +++ b/Security.md @@ -8,6 +8,8 @@ - [Options for granular control on TLS cipher suites](#options-for-granular-control-on-tls-cipher-suites) - [Firewall Manager, WAF, Shield](./WAF-FirewallManager-Shield/README.md) - [IAM](./IAM/) +- [RCP](./Organizations/) +- [SCP](./Organizations/) - [Instance Metadata Service (IMDS)](./Security/aws_metadata/) - [GuardDuty](./GuardDuty/) - [Security Hub](./SecurityHub/)