You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Deny-changes-to-security-services/README.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@
3
3
AWS offers security services that help you monitor access, security posture, and activity within your organization. Enforce guardrails to restrict member accounts from disabling these tools that are used to govern and comply, in operational auditing, and risk auditing of your AWS accounts.
4
4
5
5
6
-
| Included Policy |Rational|
6
+
| Included Policy |Rationale|
7
7
|------|-------------|
8
8
|[Deny users from disabling Amazon CloudWatch or altering its configuration](Deny-users-from-disabling-or-altering-CloudWatch.json)| Restrict delete or configuration change to your critical dashboards or alarms to a privileged role.|
9
9
|[Deny enabling and disabling AWS Config](Deny-enabling-and-disabling-AWS-Config.json)|Restrict enabling/disabling AWS Config to a privileged role. If you use AWS Control Tower, refer to [Disallow Changes to AWS Config Rules Set Up by AWS Control Tower](https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-controls.html#config-rule-disallow-changes) applied by default.|
0 commit comments