aws-scps-for-sandbox-and-training-accounts

Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts. The SCPs deny API calls that

  • change baseline account settings (contacts, billing, tax settings, etc.),
  • have long-term financial effects (purchases and reservations) or
  • operate outside allow-listed AWS regions or services.

Notes