本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# 資源
<a name="resources"></a>

## AWS 文件
<a name="resources-aws-documentation"></a>
+ [AWS 安全參考架構 (AWS SRA)](https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/)
+ [AWS CAF 安全觀點 ](https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/aws-caf-security-perspective.html)
+ [安全、身分和合規的最佳實務](https://aws.amazon.com/architecture/security-identity-compliance/)
+  AWS (AWS 解決方案） 上的自動化安全回應
  + [解決方案登陸頁面](https://aws.amazon.com/solutions/implementations/automated-security-response-on-aws/)
  + [實作指南](https://docs.aws.amazon.com/solutions/latest/automated-security-response-on-aws/welcome.html)

## AWS 部落格文章
<a name="resources-aws-blog"></a>
+ [身分指南 – 使用 AWS 身分的預防性控制 – SCPs](https://aws.amazon.com/blogs/mt/identity-guide-preventive-controls-with-aws-identity-scps)
+ [如何為 AWS Organizations中的帳戶實作唯讀服務控制政策 (SCP)](https://aws.amazon.com/blogs/mt/implement-read-only-service-control-policy-in-aws-organizations/)
+ [多帳戶環境中 AWS Organizations 服務控制政策的最佳實務](https://aws.amazon.com/blogs/industries/best-practices-for-aws-organizations-service-control-policies-in-a-multi-account-environment/)
+ [使用服務控制政策維護合規並確保永遠將其套用](https://aws.amazon.com/blogs/mt/maintain-compliance-using-service-control-policies-and-ensure-they-are-always-applied/)
+ [何時何地使用 IAM 許可界限](https://aws.amazon.com/blogs/security/when-and-where-to-use-iam-permissions-boundaries/)
+ [主動確保資源安全並符合 AWS CloudFormation 勾點要求](https://aws.amazon.com/blogs/mt/proactively-keep-resources-secure-and-compliant-with-aws-cloudformation-hooks/)

## 其他資源
<a name="resources-other"></a>
+ [雲端控制矩陣 (CCM)](https://cloudsecurityalliance.org/research/cloud-controls-matrix/) (雲端安全聯盟)
+ [許可界限範例](https://github.com/aws-samples/example-permissions-boundary) (GitHub)