<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>service control policies &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/service-control-policies/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Thu, 28 Aug 2025 22:13:26 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Use scalable controls to help prevent access from unexpected networks</title>
		<link>https://noise.getoto.net/2025/08/29/use-scalable-controls-to-help-prevent-access-from-unexpected-networks/</link>
		
		<dc:creator><![CDATA[Sowjanya Rajavaram]]></dc:creator>
		<pubDate>Thu, 28 Aug 2025 22:13:26 +0000</pubDate>
				<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=eab114dcf17e513abdca48c756a9ec43</guid>

					<description><![CDATA[As your organization grows, the amount of data you own and the number of data sources to store and process your data across multiple Amazon Web Services (AWS) accounts increases. Enforcing consistent access controls that restrict access to known networks might become a key part in protecting your organization’s sensitive data. Previously, AWS customers could […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to import existing AWS Organizations SCPs and RCPs to CloudFormation</title>
		<link>https://noise.getoto.net/2025/04/23/how-to-import-existing-aws-organizations-scps-and-rcps-to-cloudformation/</link>
		
		<dc:creator><![CDATA[Swara Gandhi]]></dc:creator>
		<pubDate>Wed, 23 Apr 2025 20:02:03 +0000</pubDate>
				<category><![CDATA[AWS CloudFormation]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=b223e547604ba11daf5437a00caad85b</guid>

					<description><![CDATA[Many AWS Organizations customers begin by creating and manually applying service control policies (SCPs) and resource control policies (RCPs) through the AWS Management Console or AWS Command Line Interface (AWS CLI) when they first set up their environments. However, as the organization grows and the number of policies increases, this manual approach can become cumbersome. It can […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Establishing a data perimeter on AWS: Analyze your account activity to evaluate impact and refine controls</title>
		<link>https://noise.getoto.net/2024/05/29/establishing-a-data-perimeter-on-aws-analyze-your-account-activity-to-evaluate-impact-and-refine-controls/</link>
		
		<dc:creator><![CDATA[Achraf Moussadek-Kabdani]]></dc:creator>
		<pubDate>Wed, 29 May 2024 20:19:27 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Network security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=1a818414ddb7b9b0c4de45e932f5ec79</guid>

					<description><![CDATA[A data perimeter on Amazon Web Services (AWS) is a set of preventive controls you can use to help establish a boundary around your data in AWS Organizations. This boundary helps ensure that your data can be accessed only by trusted identities from within networks you expect and that the data cannot be transferred outside […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Establishing a data perimeter on AWS: Allow access to company data only from expected networks</title>
		<link>https://noise.getoto.net/2023/09/05/establishing-a-data-perimeter-on-aws-allow-access-to-company-data-only-from-expected-networks/</link>
		
		<dc:creator><![CDATA[Laura Reith]]></dc:creator>
		<pubDate>Tue, 05 Sep 2023 13:34:00 +0000</pubDate>
				<category><![CDATA[Best practices]]></category>
		<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Network security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=7082a2a7696ede9a68adbb7047106355</guid>

					<description><![CDATA[A key part of protecting your organization’s non-public, sensitive data is to understand who can access it and from where. One of the common requirements is to restrict access to authorized users from known locations. To accomplish this, you should be familiar with the expected network access patterns and establish organization-wide guardrails to limit access […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Establishing a data perimeter on AWS: Allow only trusted resources from my organization</title>
		<link>https://noise.getoto.net/2023/03/09/establishing-a-data-perimeter-on-aws-allow-only-trusted-resources-from-my-organization/</link>
		
		<dc:creator><![CDATA[Laura Reith]]></dc:creator>
		<pubDate>Thu, 09 Mar 2023 16:24:35 +0000</pubDate>
				<category><![CDATA[Best practices]]></category>
		<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Network security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6ae19d9ee37dfa69a58bd25ea597dcd8</guid>

					<description><![CDATA[Companies that store and process data on Amazon Web Services (AWS) want to prevent transfers of that data to or from locations outside of their company’s control. This is to support security strategies, such as data loss prevention, or to comply with the terms and conditions set forth by various regulatory and privacy agreements. On […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Establishing a data perimeter on AWS: Allow only trusted identities to access company data</title>
		<link>https://noise.getoto.net/2022/11/23/establishing-a-data-perimeter-on-aws-allow-only-trusted-identities-to-access-company-data/</link>
		
		<dc:creator><![CDATA[Tatyana Yatskevich]]></dc:creator>
		<pubDate>Wed, 23 Nov 2022 17:28:01 +0000</pubDate>
				<category><![CDATA[Best practices]]></category>
		<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Network security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=b0f5f725f3fad1eafa5b3d06710dbe17</guid>

					<description><![CDATA[As described in an earlier blog post, Establishing a data perimeter on AWS, Amazon Web Services (AWS) offers a set of capabilities you can use to implement a data perimeter to help prevent unintended access. One type of unintended access that companies want to prevent is access to corporate data by users who do not […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Get more out of service control policies in a multi-account environment</title>
		<link>https://noise.getoto.net/2022/06/06/get-more-out-of-service-control-policies-in-a-multi-account-environment/</link>
		
		<dc:creator><![CDATA[Omar Haq]]></dc:creator>
		<pubDate>Mon, 06 Jun 2022 19:03:18 +0000</pubDate>
				<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[policies]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=1f0249567d946dc368e06f67244eb820</guid>

					<description><![CDATA[Many of our customers use AWS Organizations to manage multiple Amazon Web Services (AWS) accounts. There are many benefits to using multiple accounts in your organization, such as grouping workloads with a common business purpose, complying with regulatory frameworks, and establishing strong isolation barriers between applications based on ownership. Customers are even using distinct accounts […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Establishing a data perimeter on AWS</title>
		<link>https://noise.getoto.net/2022/05/11/establishing-a-data-perimeter-on-aws/</link>
		
		<dc:creator><![CDATA[Ilya Epshteyn]]></dc:creator>
		<pubDate>Tue, 10 May 2022 21:14:07 +0000</pubDate>
				<category><![CDATA[Data protection]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Network security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=47d376e9335f00ddfaa798ddfd94e456</guid>

					<description><![CDATA[For your sensitive data on AWS, you should implement security controls, including identity and access management, infrastructure security, and data protection. Amazon Web Services (AWS) recommends that you set up multiple accounts as your workloads grow to isolate applications and data that have specific security requirements. AWS tools can help you establish a data perimeter […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to restrict IAM roles to access AWS resources from specific geolocations using AWS Client VPN</title>
		<link>https://noise.getoto.net/2021/07/20/how-to-restrict-iam-roles-to-access-aws-resources-from-specific-geolocations-using-aws-client-vpn/</link>
		
		<dc:creator><![CDATA[Artem Lovan]]></dc:creator>
		<pubDate>Tue, 20 Jul 2021 17:48:19 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[Amazon VPC]]></category>
		<category><![CDATA[AWS Client VPN]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[AWS Lambda]]></category>
		<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[Geo-restriction]]></category>
		<category><![CDATA[SCPs]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<category><![CDATA[VPC]]></category>
		<category><![CDATA[vpn]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=c87af14d2ea50b847700e4ba0c27440b</guid>

					<description><![CDATA[You can improve your organization’s security posture by enforcing access to Amazon Web Services (AWS) resources based on IP address and geolocation. For example, users in your organization might bring their own devices, which might require additional security authorization checks and posture assessment in order to comply with corporate security requirements. Enforcing access to AWS […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Control VPC sharing in an AWS multi-account setup with service control policies</title>
		<link>https://noise.getoto.net/2021/01/08/control-vpc-sharing-in-an-aws-multi-account-setup-with-service-control-policies/</link>
		
		<dc:creator><![CDATA[Anandprasanna Gaitonde]]></dc:creator>
		<pubDate>Fri, 08 Jan 2021 16:27:21 +0000</pubDate>
				<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[AWS RAM]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Management and Governance]]></category>
		<category><![CDATA[networking]]></category>
		<category><![CDATA[Resource Access Manager (RAM)]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[service control policies]]></category>
		<category><![CDATA[VPC sharing]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=4b8100fa2feee0790eef8b51dc333e6c</guid>

					<description><![CDATA[Amazon Web Services (AWS) customers who establish shared infrastructure services in a multi-account environment through AWS Organizations and AWS Resource Access Manager (RAM) may find that the default permissions assigned to the management account are too broad. This may allow organizational accounts to share virtual private clouds (VPCs) with other accounts that shouldn’t have access. […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 38/235 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-11 17:49:16 by W3 Total Cache
-->