This free Open Source tool, Cloud Custodian, is an interesting program that can be used help manage your AWS environment(s), ensuring compliance via policies written using YAML.
Thinking about this more, it seems like you could execute the polices via Lambda, or even a local Jenkins instance via a reoccurring schedule.
I would suggest storing your YAML policy files in Git and pulling them from there as needed.
Useful Links:
- Python Home Instance – https://pypi.python.org/pypi/c7n
- Capital One Custodian Home – https://developer.capitalone.com/opensource-projects/cloud-custodian/
- Capital One Custodian Docs – http://www.capitalone.io/cloud-custodian/docs/overview/index.html
- Git Location – https://github.com/capitalone/cloud-custodian/blob/master/README.rst
DevOps Unleashed 