Skip to content

amediomediagroup/terraform-aws-scps

 
 

Repository files navigation

AWS SCPs with Terraform

An efficient way to deploy Service Control Policies (SCPs) with Terraform.

Prerequisites

Limitations

Deployment

This pattern defaults to SCPs for Root, Sandbox, and Workload OUs. If the pattern is not edited, it will deploy example SCPs to these OUs. This is obviously not recommended.

Customize to your OU structure

Using the default code and policies as a guide rail:

  1. Add or edit the variables in config.auto.tfvars and variables.tf.
  2. Add or edit the module blocks in main.tf.
  3. Add or edit the directories in the policies directory to align with your OUs.

Deploy SCPs

  1. Drag + drop your SCP json templates in the correct directory in policies.
  2. Initialize the directory and apply.

... thats it. The module does the undifferentiated heavy lifting and applies it to the specified OUs.

Example SCPs

There are a series of example SCPs available in the policies directory. Before you edit and deploy them, ensure that you carefully consider the requirements of your organization and the impact that these controls may have.

Related Resources

Contributors

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.

About

AWS Service Control Policies (SCPs) with Terraform

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • HCL 100.0%