Service Control Policies Disabled
- Query id: 5ba6229c-8057-433e-91d0-21cf13569ca9
- Query name: Service Control Policies Disabled
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 284
- URL: Github
Description¶
Check if the Amazon Organizations ensure that all features are enabled to achieve full control over the use of AWS services and actions across multiple AWS accounts using Service Control Policies (SCPs).
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_organizations_organization" "positive1" {
aws_service_access_principals = [
"cloudtrail.amazonaws.com",
"config.amazonaws.com",
]
feature_set = "CONSOLIDATED_BILLING"
}