AWS Resource Control Policies - Making Compliance Proactive (AWS UG Nbg 05/25)

Hey fellow Nuremberg AWS enthusiasts! ✨

This evening Vasil Sofroni, Senior Cloud Consultant and CISM is joining us to share his experience and thoughts about AWS Resource Policies (RCP). Maybe you remember RCPs when talking mentioning them in our AWS re:Invent re:Cap this January They are fresh new and we finally have a session including a demo in Nuremberg's UG!

Thanks to superluminar for sponsoring food, drinks and thanks to coworking nue for opening their office for us!

📆 Tonight's Agenda
19:00 - Welcome and UG Intro
19:10 - AWS RCPs - Making Compliance Proactive
20:00 - Dinks, Food & Networking
Looking forward to see you 👋🏻
---

The talk ⤵️
In an era where cloud security and compliance are paramount, organizations often grapple with the limitations of reactive approaches to governance. This talk introduces AWS Resource Control Policies (RCPs) as a proactive solution to these challenges.

By preventing misconfigurations and non-compliant actions at the resource creation stage, RCPs empower organizations to shift from costly post-incident fixes to preemptive measures. The session explores how RCPs fit into the broader AWS policy landscape, complementing Service Control Policies (SCPs) and IAM policies while addressing specific provisioning risks.

The discussion delves into the unique benefits of RCPs, including reduced risk exposure, improved security posture, and streamlined compliance with regulations like GDPR and DORA.
Through a live demo, we illustrate how RCPs enforce policies at the point of resource creation - such as preventing unencrypted S3 buckets or restricting resource creation in unauthorized regions.

This talk provides actionable insights on implementing RCPs effectively, emphasizing best practices such as starting small, testing thoroughly, and integrating monitoring tools like CloudTrail. It also addresses concerns about balancing governance with developer productivity, framing RCPs as guardrails that enable agility while preventing costly mistakes. By the end of this session, attendees will understand how to leverage RCPs to transform their approach to cloud governance and compliance.