How to import existing AWS Organizations SCPs and RCPs to CloudFormation
Security Blog
This article provides a comprehensive guide on importing existing AWS Organizations Service Control Policies (SCPs) and Resource Control Policies (RCPs) into CloudFormation using a command-line tool.
- The solution helps streamline policy management by enabling:
- History tracking
- Policy validation
- Rollback capabilities
- Key features of the tool include:
- Identifying SCPs and RCPs in the organization
- Detecting AWS Control Tower policies
- Finding policies without targets
- Generating CloudFormation templates
- Recommended next steps:
- Store templates in a Git repository
- Set up a CI/CD pipeline
- Incorporate CloudFormation Hooks for policy validation
The solution aims to centralize and automate AWS governance, making policy management more efficient and reducing configuration risks.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Feb 2
2024
2024
Import entire applications into AWS CloudFormation
Feb 10
2025
2025
Announcing AWS CloudFormation support for AWS Transfer Family web apps
May 23
2024
2024
AWS CloudFormation streamlines deployment troubleshooting with AWS CloudTrail integration
Feb 6
2024
2024
Use AWS CloudFormation for Amazon RDS for SQL Server deployments
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.