Where do the “AWS Best Practices” for AWS Guard come from? https://github.com/pulumi/pulumi-policy-aws Is there a more thorough explanation or reference for these best practices?

Most of the current rules are inspired by AWS’s managed config rules. https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html

Thank you