Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Implementing AWS: Design, Build, and Manage your Infrastructure.

You're reading from   Implementing AWS: Design, Build, and Manage your Infrastructure. Leverage AWS features to build highly secure, fault-tolerant, and scalable cloud environments

Arrow left icon
Product type Course
Published in Jan 2019
Publisher Packt
ISBN-13 9781788835770
Length 690 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Authors (4):
Arrow left icon
Yohan Wadia Yohan Wadia
Author Profile Icon Yohan Wadia
Yohan Wadia
Lucas Chan Lucas Chan
Author Profile Icon Lucas Chan
Lucas Chan
Udita Gupta Udita Gupta
Author Profile Icon Udita Gupta
Udita Gupta
Rowan Udell Rowan Udell
Author Profile Icon Rowan Udell
Rowan Udell
Arrow right icon
View More author details
Toc

Table of Contents (29) Chapters Close

Title Page
Copyright and Credits
About Packt
Contributors
Preface
1. What is New in AWS? FREE CHAPTER 2. Managing EC2 with Systems Manager 3. Introducing Elastic Beanstalk and Elastic File System 4. Securing Workloads Using AWS WAF 5. Governing Your Environments Using AWS CloudTrail and AWS Config 6. Access Control Using AWS IAM and AWS Organizations 7. Transforming Application Development Using the AWS Code Suite 8. Powering Analytics Using Amazon EMR and Amazon Redshift 9. Orchestrating Data using AWS Data Pipeline 10. Managing AWS Accounts 11. Using AWS Compute 12. Management Tools 13. Database Services 14. Introducing AWS Lambda 15. Writing Lambda Functions 16. Testing Lambda Functions 17. Event-Driven Model 18. Extending AWS Lambda with External Services 19. Build and Deploy Serverless Applications with AWS Lambda 20. Monitoring and Troubleshooting AWS Lambda 21. AWS Lambda - Use Cases 22. Next Steps with AWS Lambda 1. Other Books You May Enjoy Index

Adding a service control policy


Before we begin, we should talk through what SCPs are and how they apply to your organization.

An SCP consists of a policy document which defines (by way of filtering) the services and actions which are able to be used and performed within an OU or in an AWS account. If you've previously configured an IAM policy, then you will have more than enough background knowledge to get started with SCPs. Apart from a couple of minor exceptions, they look exactly the same.

SCPs can be applied at different levels throughout an organization. These are the levels, starting from the bottom and going up:

  • AWS account level: An SCP applied to an AWS account takes effect on only that account. It's important to note that the SCP is very separate from the IAM policies which live inside the account. For example, an SCP might allow full access to S3 for an AWS account but the IAM policies inside the account may deny it (for certain roles and/or users).
  • OU level: An SCP applied at the...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime