AWS Governance Lab

Hands-on lab showing how to implement AWS governance controls in a sandbox environment.

Identity Center Configuration

AWS Identity Center assignments view with users and groups mapped to accounts
Identity Center assignments — mapping users and groups to AWS accounts.
AWS Identity Center MFA required setting enabled
Multi-Factor Authentication required — enforcing stronger account protection.
AWS SSO portal tiles showing available accounts for a user
SSO Portal tiles — users only see accounts they are assigned to.
User account info panel in AWS Identity Center
User account metadata — audit evidence for account ownership and attributes.

IAM Guardrails

Billing IAM access restricted with least privilege applied
Billing IAM access restricted — enforcing separation of duties and least privilege.

Outcomes