Cloud access control is harder than it should be—third-party vendors, overpermissioned identities, and unused access create security risks that traditional IAM policies don’t fully address. AWS’s Resource Control Policies (RCPs) and Service Control Policies (SCPs) introduce new ways to enforce least privilege and lock down access, but many teams aren’t using them effectively. In this session, we’ll explore how SmithRx used RCPs and SCPs with Sonrai’s Cloud Permissions Firewall to regain control of their cloud environment. Attendees will leave with practical strategies to apply these policies in their own AWS environments to strengthen security and reduce risk.
Slides: NA