Sold by: AltimetrikÂ
An automated platform designed to enforce tagging policies and security controls across your AWS resources. By leveraging Service Control Policies (SCPs), AWS Lambda functions, and AWS Config, CloudGuard ensures that all resources are properly tagged and meet security best practices. It automatically terminates untagged resources, restricts certain ports for EC2, RDS, and other security-sensitive resources, and generates real-time security alerts when violations occur. This service provides enhanced governance and security for AWS environments while automating compliance and incident response.
Overview
Key Offerings:
-
Enforced Tagging Compliance: Use SCPs to enforce mandatory tagging policies for all AWS resources across multiple accounts, preventing the creation of untagged resources.
-
Automated Resource Cleanup: Leverage AWS Lambda to automatically delete resources (e.g., EC2, S3) that are created without the required tags.
-
Security Control with AWS Config: Restrict certain ports for sensitive resources like EC2 and RDS by using AWS Config rules, ensuring that resources are not created with unauthorized security settings.
-
Real-Time Security Alerts: Receive immediate alerts via Amazon SNS or CloudWatch when resources are created using restricted ports or fail to meet compliance requirements.
-
Automated Incident Response: Integrate with Lambda to trigger actions such as resource termination or alerts when violations occur, ensuring fast response to security threats.
-
Governance Reporting: Centralized logs and reports for compliance auditing and incident management, stored in Amazon S3.
Used AWS Tools and Services:
IAM (Identity and Access Management): For defining and controlling access to security and governance tools.
Amazon S3: For storing logs and compliance reports related to security incidents and tag compliance.
AWS Lambda: For automating the deletion of non-compliant resources and executing incident response actions.
Amazon EC2 & RDS: For managing and enforcing security policies related to compute and database instances.
AWS Config: For monitoring resource configurations and enforcing security policies related to port restrictions.
Amazon EventBridge: For triggering automated workflows in response to security incidents or policy violations.
AWS CloudWatch: For real-time monitoring, alerting, and logging of security events and resource actions.
AWS Organizations & SCPs: To enforce organizational-level governance policies for tagging compliance and access restrictions.
Highlights
- Overview: The Solution simplifies security and compliance management by automating the enforcement of mandatory tagging and security controls. With integrated SCP-based policies to enforce tagging and Lambda-based automation to delete non-compliant resources, ensures compliance without manual intervention. It also uses AWS Config to monitor and restrict certain ports, triggering security alerts whenever resources are created with restricted configurations.
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Our Enforced Tagging and Security Incident Management services are customized based on the scope and complexity of each engagement. [Contact us](<https://aws.amazon.com/marketplace/management/products/prod-lqnv7jms75csi/overview/ awsmarketplacesales@altimetrik.com >) for a personalized quote that fits your specific needs.