AWS Organizations now offers full IAM policy language support for service control policies (SCPs), enabling you to write SCPs with the same flexibility as IAM managed policies. With this launch, SCPs now support use of conditions, individual resource ARNs, and the NotAction element with Allow statements. Additionally, you can now use wildcards at the beginning or middle of Action element strings and the NotResource element.
With these policy language enhancements, you can now create more concise and precise policies to implement sophisticated permissions guardrails across your organization. For example, you can restrict access to specific resources with condition statements. The enhanced functionality maintains backward compatibility with existing SCPs, so no changes to current policies are required.
This feature is now available in all AWS commercial and AWS GovCloud (US) Regions.
To learn more about the enhanced SCP capabilities, see service control policies in the AWS Organizations User Guide and AWS blog.
Categories: general:products/aws-organizations,general:products/aws-govcloud-us,marketing:marchitecture/security-identity-and-compliance
Source: Amazon Web Services
Latest Posts
- (Updated) Microsoft Copilot Chat: AI disclaimer updates [MC1181766]
- Microsoft SharePoint: eSignature now available in Türkiye [MC1182690]
- Microsoft Teams Rooms: Front-of-room view control for Town Halls on Android [MC1182706]
- Microsoft 365 Copilot for Admins – Teams admin center skills are now generally available [MC1182708]
![(Updated) Microsoft 365 Copilot | PowerPoint now supports enterprise image libraries via SharePoint OAL or Templafy [MC1120269]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-207489-150x150.webp "(Updated) Microsoft 365 Copilot | PowerPoint now supports enterprise image libraries via SharePoint OAL or Templafy [MC1120269] 6")
![(Updated) Microsoft Teams: New user setting to view incoming calls in a small window [MC1045221]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-pixabay-144243-96x96.webp "(Updated) Microsoft Teams: New user setting to view incoming calls in a small window [MC1045221] 7")