2 Respostas
- Mais recentes
- Mais votos
- Mais comentários
1
We can consider to create an 'exceptions' OU. For AWS accounts (not at bucket level) that requires exception, we can place them in this OU. For more details, refers to: https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/exceptions-ou.html
respondido há 10 meses
0
Using the standard Control Tower control, unfortunately no there isn't. The best option would be to use a similar control (it's a Cloudformation guard rule). But define it yourself to have the exceptions required, following the guidance here: https://docs.aws.amazon.com/cfn-guard/latest/ug/writing-rules.html
As this is a CloudFormation guard rule, it's a proactive control, so will run against Cloudformation stacks when processes try to deploy them.
respondido há 10 meses
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos