AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated "Security" account to give their security engineers the ability to delete IAM roles or apply a highly restrictive service control policy (SCP) on any account in their organization.
The actions you take with this tool are one-way operations. Do not test/experiment in production. Any SCPs applied or IAM roles deleted will remain in this state until manual action is taken to remove the SCP or recreate deleted role and/or policies. Ensure that you have the the ability to reverse these changes and incorporate the appropriate steps in your incident response playbooks.
If you need to lock down and lock out an AWS environment, this will do it for you, but it's the nuclear option.
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
A foss clone of AWS Lambda. Build serverless functions using Docker and Kubernetes automagicaklly. Web control panel. CLI available. Upload your script and any deps, and turn it loose. Turn any Docker container into a function.