AWS Organizations now offers full IAM policy language support for service control policies (SCPs), enabling you to write SCPs with the same flexibility as IAM managed policies. With this launch, SCPs now support use of conditions, individual resource ARNs, and the NotAction element with Allow statements. Additionally, you can now use wildcards at the beginning or middle of Action element strings and the NotResource element.
With these policy language enhancements, you can now create more concise and precise policies to implement sophisticated permissions guardrails across your organization. For example, you can restrict access to specific resources with condition statements. The enhanced functionality maintains backward compatibility with existing SCPs, so no changes to current policies are required.
This feature is now available in all AWS commercial and AWS GovCloud (US) Regions.
To learn more about the enhanced SCP capabilities, see service control policies in the AWS Organizations User Guide and AWS blog.
Categories: general:products/aws-organizations,general:products/aws-govcloud-us,marketing:marchitecture/security-identity-and-compliance
Source: Amazon Web Services
Latest Posts
- Dynamics 365 Project Operations – View approvals of different types more clearly by using the enhanced UI [MC1239651]
- GCP Release Notes: February 25, 2026
- Microsoft Purview: Data Security Investigations – AI analysis enhancements [MC1239175]
- SharePoint: Backend migration for Weather, World Clock, and Events web parts [MC1239181]
![(Updated) Microsoft 365 Copilot | PowerPoint now supports enterprise image libraries via SharePoint OAL or Templafy [MC1120269]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-207489-150x150.webp "(Updated) Microsoft 365 Copilot | PowerPoint now supports enterprise image libraries via SharePoint OAL or Templafy [MC1120269] 6")
![(Updated) Microsoft Teams: New user setting to view incoming calls in a small window [MC1045221]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-pixabay-144243-96x96.webp "(Updated) Microsoft Teams: New user setting to view incoming calls in a small window [MC1045221] 7")