Advertisement · 728 × 90
#
Hashtag
#awsorganizations
Advertisement · 728 × 90
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
1 day ago
Amazon Bedrock Guardrails supports cross-account safeguards with centralized control and management Organizational safeguards are now generally available in Amazon Bedrock Guardrails, enabling centralized enforcement and management of safety controls across multiple AWS accounts within an AWS Organization.

Amazon Bedrock Guardrails supports cross-account safeguards with centralized control and management

Organizational safeguards are now ge...

#AWS #AmazonBedrock #AmazonBedrockGuardrails #AmazonMachineLearning #ArtificialIntelligence #AwsOrganizations #Launch #News #Security #Identity #&Compliance

1 0 0 0
AWS Community Builder Blog Posts
AWS Community Builder Blog Posts
@awscmblogposts.bsky.social
2 days ago
Preview
How AWS Multi-Account Architecture Cuts Costs by 20-40% Most organizations adopt multi-account architecture for security and governance. What they...

✍️ New blog post by Danny Steenman

How AWS Multi-Account Architecture Cuts Costs by 20-40%

#awsorganizations #costoptimization #multiaccount #savingsplans

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 weeks ago
Preview
Multi-party approval now supports approval team baselining Multi-party approval (MPA) now supports MPA administrators running test approvals to confirm that their approval team is set up correctly and that approvers are active and reachable. With this new capability, customers ensure their approval teams do not become unresponsive due to natural attrition, incorrect approver selection, or reduced engagement. MPA administrators and security teams can now proactively assess their approval configurations before relying on them for sensitive operations. The baseline feature enables proactive team health management by allowing manual initiation of test approval sessions through the AWS Organizations console. Customers can verify approver availability, identify inactive team members, and maintain compliance with internal governance requirements. Key use cases include regular team responsiveness verification, recommended every 90 days by AWS using the MPA Console, onboarding validation for new approval configurations, and operation health checks to ensure approval workflows function effectively when needed. This feature is available in all AWS commercial regions. To learn more about implementing baseline testing for your multi-party approval workflows, visit the Multi-party approval documentation.

🆕 AWS Multi-party approval now verifies approver availability and responsiveness for compliance and readiness, available in all commercial regions. It supports proactive health checks and onboarding validations. For details, see the Multi-party approval documentation.

#AWS #AwsOrganizations

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 weeks ago
Multi-party approval now supports approval team baselining Multi-party approval (MPA) now supports MPA administrators running test approvals to confirm that their approval team is set up correctly and that approvers are active and reachable. With this new capability, customers ensure their approval teams do not become unresponsive due to natural attrition, incorrect approver selection, or reduced engagement. MPA administrators and security teams can now proactively assess their approval configurations before relying on them for sensitive operations. The baseline feature enables proactive team health management by allowing manual initiation of test approval sessions through the AWS Organizations console. Customers can verify approver availability, identify inactive team members, and maintain compliance with internal governance requirements. Key use cases include regular team responsiveness verification, recommended every 90 days by AWS using the MPA Console, onboarding validation for new approval configurations, and operation health checks to ensure approval workflows function effectively when needed. This feature is available in all AWS commercial regions. To learn more about implementing baseline testing for your multi-party approval workflows, visit the https://docs.aws.amazon.com/mpa/latest/userguide/what-is.html.    

Multi-party approval now supports approval team baselining

Multi-party approval (MPA) now supports MPA administrators running test approvals to confirm that their approval team is set up correctly and that approvers are active and reachable. With this new capability, cu...

#AWS #AwsOrganizations

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
2 months ago
AWS Multi-party approval now requires one-time password verification for voting AWS Multi-Party Approval now requires approvers to verify their voting actions with a one-time password (OTP) sent to their registered AWS Identity Center email address. This additional security layer prevents AWS IAM Identity Center administrators from bypassing multi-party approval controls by impersonating approvers through credential resets or authentication endpoint modifications. When approvers access the Approval Portal and attempt to cast their vote on protected operations, the system generates a six-digit verification code and sends it to their email. Approvers enter this code within 10 minutes to complete their vote, with up to three attempts allowed. The OTP verification process activates only when approvers submit their vote decision, they can review all approval request details before verification is required. If approvers don't receive the email or the code expires, they can request a new code through the interface. AWS Multi-party approval with OTP verification for voting is available in all AWS Regions where Mulit-party approval is offered at no additional charge. To learn more, visit the AWS Multi-party approval documentation

AWS Multi-party approval now requires one-time password verification for voting

AWS Multi-Party Approval now requires approvers to verify their voting actions with a one-time password (OTP) sent to their registered AWS Identity Center email address. This additional secu...

#AWS #AwsOrganizations

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
2 months ago
Preview
AWS Multi-party approval now requires one-time password verification for voting AWS Multi-Party Approval now requires approvers to verify their voting actions with a one-time password (OTP) sent to their registered AWS Identity Center email address. This additional security layer prevents AWS IAM Identity Center administrators from bypassing multi-party approval controls by impersonating approvers through credential resets or authentication endpoint modifications. When approvers access the Approval Portal and attempt to cast their vote on protected operations, the system generates a six-digit verification code and sends it to their email. Approvers enter this code within 10 minutes to complete their vote, with up to three attempts allowed. The OTP verification process activates only when approvers submit their vote decision, they can review all approval request details before verification is required. If approvers don't receive the email or the code expires, they can request a new code through the interface. AWS Multi-party approval with OTP verification for voting is available in all AWS Regions where Mulit-party approval is offered at no additional charge. To learn more, visit the AWS Multi-party approval documentation

🆕 AWS Multi-Party Approval now requires OTP verification for voting, adding a security layer to prevent impersonation and ensuring approvers verify their actions via a six-digit code sent to their email, available in all regions at no extra charge.

#AWS #AwsOrganizations

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
2 months ago
AWS introduces additional policy details to access denied error messages AWS now includes the https://aws.amazon.com/iam/ and https://docs.aws.amazon.com/organizations/ policy’s Amazon Resource Name (ARN) in access denied error messages in same account and same organization scenarios. This allows you to quickly identify the exact policy responsible for the denied access and take action to troubleshoot the issue. Before this launch, customers had to identify the root cause of access denied errors based only on the policy type in the  error message. This launch expedites troubleshooting when you have multiple policies of the same type, as you can  directly see which policy to address for explicit deny cases. The error message now includes the policy ARN for Service Control Policies (SCP), Resource Control Policies (RCP), identity-based policies, session policies, and permission boundaries. This additional context will gradually become available across AWS services in all AWS regions. To learn more, refer to https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_access-denied.html.

AWS introduces additional policy details to access denied error messages

AWS now includes the https://aws.amazon.com/iam/ and https://docs.aws.amazon.com/organizations/ policy’s Amazon Resource Name (ARN) in access denied error messages in same account and ...

#AWS #AwsIam #AwsOrganizations

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
2 months ago
Preview
AWS introduces additional policy details to access denied error messages AWS now includes the AWS Identity and Access Management (IAM) and AWS Organizations policy’s Amazon Resource Name (ARN) in access denied error messages in same account and same organization scenarios. This allows you to quickly identify the exact policy responsible for the denied access and take action to troubleshoot the issue. Before this launch, customers had to identify the root cause of access denied errors based only on the policy type in the  error message. This launch expedites troubleshooting when you have multiple policies of the same type, as you can  directly see which policy to address for explicit deny cases. The error message now includes the policy ARN for Service Control Policies (SCP), Resource Control Policies (RCP), identity-based policies, session policies, and permission boundaries. This additional context will gradually become available across AWS services in all AWS regions. To learn more, refer to IAM documentation.

🆕 AWS now lists IAM and Organizations policy ARNs in access denied messages to quickly identify and troubleshoot policy denials, especially with multiple similar policies. This update rolls out globally across AWS services. For more, check IAM documentation.

#AWS #AwsIam #AwsOrganizations

0 0 0 0
AWS Community Builder Blog Posts
AWS Community Builder Blog Posts
@awscmblogposts.bsky.social
3 months ago
Preview
Why AWS Delegated Administrators Are Essential for AWS Multi-Account Architectures The management account in your AWS Organization is your most privileged asset. It controls billing,...

✍️ New blog post by Danny Steenman

Why AWS Delegated Administrators Are Essential for AWS Multi-Account Architectures

#awsorganizations #governance #security #multiaccount

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
AWS Organizations now supports upgrade rollout policy for Amazon Aurora and Amazon RDS Today, AWS Organizations announces support for upgrade rollout policy, a new capability that helps customers stagger automatic upgrades across their Amazon Aurora (MySQL-Compatible Edition and PostgreSQL-Compatible Edition) and Amazon Relational Database Service (Amazon RDS) including RDS for MySQL, RDS for PostgreSQL, RDS for MariaDB, RDS for SQL Server, RDS for Oracle, and RDS for Db2 databases. This capability eliminates the operational overhead of coordinating automatic minor version upgrades either manually or through custom tools across hundreds of resources and accounts, while giving customers peace of mind by ensuring upgrades are first tested in less critical environments before being rolled out to production. With upgrade rollout policy, you can define upgrade sequences using simple orders (first, second, last) applied through account-level policies or resource tags. When new minor versions become eligible for automatic upgrade, the policy ensures upgrades start with development environments, allowing you to validate changes before proceeding to more critical environments. AWS Health notifications between phases and built-in validation periods help you monitor progress and ensure stability throughout the upgrade process. You can also disable automatic progression at any time if issues are detected, giving you complete control over the upgrade journey. This feature is available in all AWS commercial Regions and AWS GovCloud (US) Regions, supporting automatic minor version upgrades for Amazon Aurora and Amazon RDS database engines. You can manage upgrade policies using the AWS Management Console, AWS CLI, AWS SDKs, AWS CloudFormation, or AWS CDK. For Amazon RDS for Oracle, the upgrade rollout policy supports automatic minor version upgrades for engine versions released after January 2026. To learn more about automatic minor version upgrades, see the https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/RDS.Maintenance.AMVU.UpgradeRollout.htmland https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Maintenance.AMVU.UpgradeRollout.htmluser guide. For more information about upgrade rollout policy, see https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_upgrade_rollout.html

AWS Organizations now supports upgrade rollout policy for Amazon Aurora and Amazon RDS

Today, AWS Organizations announces support for upgrade rollout policy, a new capability that helps customers stagger automatic upgrades across their Amazon Aurora (MySQL-Co...

#AWS #AmazonRds #AwsOrganizations

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
AWS Organizations now supports upgrade rollout policy for Amazon Aurora and Amazon RDS Today, AWS Organizations announces support for upgrade rollout policy, a new capability that helps customers stagger automatic upgrades across their Amazon Aurora (MySQL-Compatible Edition and PostgreSQL-Compatible Edition) and Amazon Relational Database Service (Amazon RDS) including RDS for MySQL, RDS for PostgreSQL, RDS for MariaDB, RDS for SQL Server, RDS for Oracle, and RDS for Db2 databases. This capability eliminates the operational overhead of coordinating automatic minor version upgrades either manually or through custom tools across hundreds of resources and accounts, while giving customers peace of mind by ensuring upgrades are first tested in less critical environments before being rolled out to production. With upgrade rollout policy, you can define upgrade sequences using simple orders (first, second, last) applied through account-level policies or resource tags. When new minor versions become eligible for automatic upgrade, the policy ensures upgrades start with development environments, allowing you to validate changes before proceeding to more critical environments. AWS Health notifications between phases and built-in validation periods help you monitor progress and ensure stability throughout the upgrade process. You can also disable automatic progression at any time if issues are detected, giving you complete control over the upgrade journey. This feature is available in all AWS commercial Regions and AWS GovCloud (US) Regions, supporting automatic minor version upgrades for Amazon Aurora and Amazon RDS database engines. You can manage upgrade policies using the AWS Management Console, AWS CLI, AWS SDKs, AWS CloudFormation, or AWS CDK. For Amazon RDS for Oracle, the upgrade rollout policy supports automatic minor version upgrades for engine versions released after January 2026. To learn more about automatic minor version upgrades, see the Amazon RDS and Aurora user guide. For more information about upgrade rollout policy, see Managing organization policies with AWS Organizations (Upgrade rollout policy).

🆕 AWS Organizations now supports upgrade rollout policy for Amazon Aurora and RDS, helping stagger automatic upgrades across multiple databases, ensuring stability and control over the upgrade process. Available in all commercial regions.

#AWS #AmazonRds #AwsOrganizations

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon Inspector supports organization-wide management through AWS Organizations policies Amazon Inspector can now be enabled, configured and managed across your organization using AWS Org policies. With this new capability, you can centrally configure and manage scan types—such as Amazon EC2 scanning, ECR scanning, Lambda standard and Code Scanning, and Code Security — across all the accounts in your organization, selected organizational units (OUs), or individual accounts. The new Inspector policy type within AWS Organization simplifies your service onboarding, management, and ensures consistent, organization-wide vulnerability scanning coverage. This feature helps you maintain a uniform security baseline by automating Inspector enablement through a single AWS Organization policy. To get started, designate a delegated admin within Amazon Inspector, enable the “Inspector policies” policy type in the AWS Organizations console, and create a policy that specifies the desired scan types and Regions. Once attached to your organization root or OUs, Inspector will automatically be enabled for all the specified scan-types across covered accounts . When the Inspector policy is created and attached, all in-scope accounts automatically are aligned with your Organization-wide policy definition. New accounts that join the organization or are moved into an OU with an attached policy, inherit Inspector enablement automatically—reducing operational overhead and eliminating coverage gaps. https://aws.amazon.com/inspector/ is a vulnerability management service that continuously scans AWS workloads including Amazon EC2 instances, container images, AWS Lambda functions, and code repositories for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS organization. The AWS Organizations Inspector policy for organization-wide enablement is available at no additional cost to Amazon Inspector customers in all AWS commercial, China, and AWS GovCloud (US) Regions where https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/. To learn more about Amazon Inspector policies within AWS Organization, visit: https://docs.aws.amazon.com/inspector/latest/user/getting_started_tutorial.html https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html

Amazon Inspector supports organization-wide management through AWS Organizations policies

Amazon Inspector can now be enabled, configured and managed across your organization using AWS Org policies. With this new capability, you can centr...

#AWS #AwsGovcloudUs #AwsOrganizations #AmazonInspector

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
AWS Organizations introduces direct account transfers between organizations AWS Organizations now provides customers the ability to directly transfer an account to a different organization without first having to remove the account from their current organization. This new capability streamlines the process of transferring accounts between organizations, whether those transfers are part of ongoing operations or an acquisition integration project. Allowing direct transfers of accounts between organizations eliminates the previous requirement for the account to temporarily operate as a standalone account. With the standalone step removed, customers no longer need to manually configure the account's payment method, contact information, and support plan as part of the transfer. Direct transfers of accounts also ensure the account maintains access to the governance features and consolidated billing benefits of the AWS organization they are in before and after the transfer process. The updated process is simpler and uses the same AWS Organizations console experience and APIs as before: an organization invites an account, and the account accepts the invite. Direct account transfers between organizations are now available in all commercial AWS Regions and the AWS GovCloud (US) Regions. To learn more about directly transferring accounts between AWS organizations, see https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_invites.html from the AWS user guide, or review the https://docs.aws.amazon.com/organizations/latest/APIReference/

AWS Organizations introduces direct account transfers between organizations

AWS Organizations now provides customers the ability to directly transfer an account to a different organization without first having to remove the account from their current orga...

#AWS #AwsGovcloudUs #AwsOrganizations

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
AWS launches Billing Transfer for multi-organization billing and cost management Today AWS announces Billing Transfer, a new feature that allows customers to centrally manage and pay bills across multiple AWS organizations. With Billing Transfer, customers operating in multi-organization environments can designate a single management account to centrally manage and pay for bills for multiple organizations, including invoice collection, payment processing, and detailed cost analysis. Billing Transfer makes billing and cost management operations more efficient and scalable, while ensuring individual management accounts maintain complete security autonomy over their organizations. To protect proprietary pricing information, Billing Transfer is integrated with AWS Billing Conductor. This integration enables billing administrators to control how the cost data will be seen by their AWS organizations and implement advanced cost allocation strategies across multiple AWS organizations. For AWS Billing Transfer customers, there is no cost to use AWS Billing Conductor when they choose an AWS managed pricing plan. If they choose a Customer managed pricing plan, there will be a fee of $50 per AWS Organization. AWS offers a free trial for Billing Transfer through May 31, 2026. During this period, both AWS managed and Customer managed pricing plans in Billing Conductor are available at no charge. Starting June 1, 2026, Billing Transfer customers will be charged by the number of AWS organizations with Customer managed pricing plan attached to it. If you’re using Billing Conductor on its own without Billing Transfer, you will still follow the standard per-account pricing model regardless of the type of pricing plan used (see https://aws.amazon.com/aws-cost-management/aws-billing-conductor/pricing/ details). Billing Transfer is available today in all public AWS Regions, excluding the GovCloud, China (Beijing) and China (Ningxia) Regions. To learn more about using Billing Transfer to centralize billing and cost management across your multi-organization environment, visit https://aws.amazon.com/aws-cost-management/aws-billing-transfer/, https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/orgs_transfer_billing.html, https://docs.aws.amazon.com/cost-management/latest/userguide/what-is-costmanagement.html, and https://aws.amazon.com/blogs/aws/new-aws-billing-transfer-for-centrally-managing-aws-billing-and-costs-across-multiple-organizations.

AWS launches Billing Transfer for multi-organization billing and cost management

Today AWS announces Billing Transfer, a new feature that allows customers to centrally manage and pay bills across multiple AWS organizations.

With Billing Transfer, customers operating...

#AWS #AwsOrganizations

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
AWS Control Tower introduces a Controls Dedicated experience AWS Control Tower now offers Control Only Experience, enabling faster governance setup for established multi-account environments by providing access to AWS managed controls without requiring a full landing zone implementation.

AWS Control Tower introduces a Controls Dedicated experience

AWS Control Tower now offers Control Only Experience, enabling faster governance setup for established multi-account environments by providing access to AWS managed...

#AWS #AwsConfig #AwsControlTower #AwsOrganizations #ManagementTools

1 0 0 0
AWS Community Builder Blog Posts
AWS Community Builder Blog Posts
@awscmblogposts.bsky.social
4 months ago
Preview
AWS Multi-Account Strategy: The Right Architecture for Your Growth Stage You're running everything in a single AWS account. It worked fine when you started, but now you're...

✍️ New blog post by Danny Steenman

AWS Multi-Account Strategy: The Right Architecture for Your Growth Stage

#awsorganizations #multiaccount #landingzone #governance

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
AWS Organizations supports full IAM policy language for service control policies (SCPs) AWS Organizations now offers full IAM policy language support for service control policies (SCPs), enabling you to write SCPs with the same flexibility as IAM managed policies. With this launch, SCPs now support use of conditions, individual resource ARNs, and the NotAction element with Allow statements. Additionally, you can now use wildcards at the beginning or middle of Action element strings and the NotResource element. With these policy language enhancements, you can now create more concise and precise policies to implement sophisticated permissions guardrails across your organization. For example, you can restrict access to specific resources with condition statements. The enhanced functionality maintains backward compatibility with existing SCPs, so no changes to current policies are required. This feature is now available in all AWS commercial and AWS GovCloud (US) Regions. To learn more about the enhanced SCP capabilities, see https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.htmlin the AWS Organizations User Guide and https://aws.amazon.com/blogs/security/unlock-new-possibilities-aws-organizations-service-control-policy-now-supports-full-iam-language/.

AWS Organizations supports full IAM policy language for service control policies (SCPs)

AWS Organizations now offers full IAM policy language support for service control policies (SCPs), enabling you to write SCPs with the same flexibility as IAM managed ...

#AWS #AwsOrganizations #AwsGovcloudUs

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
6 months ago
Preview
AWS Organizations supports full IAM policy language for service control policies (SCPs) AWS Organizations now offers full IAM policy language support for service control policies (SCPs), enabling you to write SCPs with the same flexibility as IAM managed policies. With this launch, SCPs now support use of conditions, individual resource ARNs, and the NotAction element with Allow statements. Additionally, you can now use wildcards at the beginning or middle of Action element strings and the NotResource element. With these policy language enhancements, you can now create more concise and precise policies to implement sophisticated permissions guardrails across your organization. For example, you can restrict access to specific resources with condition statements. The enhanced functionality maintains backward compatibility with existing SCPs, so no changes to current policies are required. This feature is now available in all AWS commercial and AWS GovCloud (US) Regions. To learn more about the enhanced SCP capabilities, see service control policies in the AWS Organizations User Guide and AWS blog.

🆕 AWS Organizations now supports full IAM policy language for SCPs, allowing more precise permissions guardrails with conditions, resource ARNs, and wildcards. Available in all commercial and GovCloud regions.

#AWS #AwsOrganizations #AwsGovcloudUs

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
AWS Organizations now provides account state information for member accounts https://aws.amazon.com/organizations/ provides a new State field in the AWS Organizations Console and APIs (DescribeAccount, ListAccounts, and ListAccountsForParent) to enhance AWS account lifecycle visibility. With this launch, the account state, a new State field replaced the existing account status, Status field in the AWS Organizations Console, however both Status and State fields will remain available in the APIs until September 9, 2026. This launch allows you to have a more granular account state information such as, 'SUSPENDED' for AWS-enforced suspension, 'PENDING_CLOSURE' for in-process closure requests, and 'CLOSED' for accounts in their 90-day reinstatement window, and more. After September, 2026 the Status field will be fully deprecated. Customers using account vending pipelines should update their implementations to reference the State field before the Status field deprecation date. This feature is available in all AWS commercial and AWS GovCloud (US) Regions. To get started managing your accounts, please see the https://aws.amazon.com/blogs/mt/updates-to-account-status-information-in-aws-organizations/ and https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_account_state.html.

AWS Organizations now provides account state information for member accounts

https://aws.amazon.com/organizations/ provides a new State field in the AWS Organizations Console and APIs (DescribeAccount, ListAccounts, and ListAccountsForParent) to enhance A...

#AWS #AwsOrganizations #AwsGovcloudUs

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
6 months ago
Preview
AWS Organizations now provides account state information for member accounts AWS Organizations provides a new State field in the AWS Organizations Console and APIs (DescribeAccount, ListAccounts, and ListAccountsForParent) to enhance AWS account lifecycle visibility. With this launch, the account state, a new State field replaced the existing account status, Status field in the AWS Organizations Console, however both Status and State fields will remain available in the APIs until September 9, 2026. This launch allows you to have a more granular account state information such as, 'SUSPENDED' for AWS-enforced suspension, 'PENDING_CLOSURE' for in-process closure requests, and 'CLOSED' for accounts in their 90-day reinstatement window, and more. After September, 2026 the Status field will be fully deprecated. Customers using account vending pipelines should update their implementations to reference the State field before the Status field deprecation date. This feature is available in all AWS commercial and AWS GovCloud (US) Regions. To get started managing your accounts, please see the blog post and documentation.

🆕 AWS Organizations updates account state info with a new State field by Sept 2026, replacing Status. It includes 'SUSPENDED' and 'PENDING_CLOSURE'. Update pipelines to use State now; available in all regions.

#AWS #AwsOrganizations #AwsGovcloudUs

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
9 months ago
AWS Backup adds new Multi-party approval for logically air-gapped vaults Multi-party approval for AWS Backup logically air-gapped vaults enables organizations to recover their backup data even when their AWS account is compromised, by creating approval teams of trusted individuals who can authorize vault sharing with a recovery account through a separate authentication path.

AWS Backup adds new Multi-party approval for logically air-gapped vaults

Multi-party approval for AWS Backup logically air-gapped vaults enab...

#AWS #Announcements #AwsBackup #AwsCloudtrail #AwsIamIdentityCenter #AwsOrganizations #Featured #Launch #News #Security #Identity #&Compliance #Storage

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
10 months ago
AWS Organizations now supports Internet Protocol Version 6 (IPv6) AWS Organizations customers can now use Internet Protocol version 6 (IPv6) addresses, via our new dual-stack endpoints to connect to AWS Organizations over the public internet using IPv6, IPv4, or dual-stack clients. The existing AWS Organizations endpoints supporting IPv4 will remain available for backwards compatibility. To learn more on best practices for configuring IPv6 in your environment, visit the https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/internet-protocol-version-6.html. Support for IPv6 on AWS Organizations is available in the https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/, the AWS GovCloud (US) Regions, and the China Regions.

AWS Organizations now supports Internet Protocol Version 6 (IPv6)

AWS Organizations customers can now use Internet Protocol version 6 (IPv6) addresses, via our new dual-stack endpoints to connect to AWS Organizations over the public internet using IPv6, I...

#AWS #AwsGovcloudUs #AwsOrganizations

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
10 months ago
Preview
AWS Organizations now supports Internet Protocol Version 6 (IPv6) AWS Organizations customers can now use Internet Protocol version 6 (IPv6) addresses, via our new dual-stack endpoints to connect to AWS Organizations over the public internet using IPv6, IPv4, or dual-stack clients. The existing AWS Organizations endpoints supporting IPv4 will remain available for backwards compatibility. To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on IPv6 in AWS. Support for IPv6 on AWS Organizations is available in the AWS Commercial Regions, the AWS GovCloud (US) Regions, and the China Regions.

🆕 AWS Organizations now supports IPv6 via dual-stack endpoints, allowing IPv6, IPv4, or dual-stack clients. Existing IPv4 endpoints remain for compatibility. Best practices in AWS whitepaper. Available in Commercial, GovCloud (US), and China regions.

#AWS #AwsGovcloudUs #AwsOrganizations

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
11 months ago
Resource control policies (RCPs) are now available in the AWS GovCloud (US) Regions Today, AWS Organizations is making resource control policies (RCPs) available in both AWS GovCloud (US-West) and AWS GovCloud (US-East) Regions. RCPs help you centrally establish a https://aws.amazon.com/identity/data-perimeters-on-aws/ across your AWS environment. With RCPs, you can centrally restrict external access to your AWS resources at scale. RCPs are a type of authorization policy in AWS Organizations that you can use to centrally enforce the maximum available permissions for resources in your organization. For example, an RCP can help enforce the requirement that “no principal outside my organization can access Amazon S3 buckets in my organization,” regardless of the permissions granted through individual S3 bucket policies. For an updated list of AWS services that support RCPs, refer to the https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_rcps.html#rcp-supported-services. To learn more, visit the https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_rcps.html.

Resource control policies (RCPs) are now available in the AWS GovCloud (US) Regions

Today, AWS Organizations is making resource control policies (RCPs) available in both AWS GovCloud (US-West) and AWS GovCloud (US-East) Regions. RCPs help you centrally es...

#AWS #AwsOrganizations #AwsGovcloudUs

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
11 months ago
Preview
Resource control policies (RCPs) are now available in the AWS GovCloud (US) Regions Today, AWS Organizations is making resource control policies (RCPs) available in both AWS GovCloud (US-West) and AWS GovCloud (US-East) Regions. RCPs help you centrally establish a data perimeter across your AWS environment. With RCPs, you can centrally restrict external access to your AWS resources at scale. RCPs are a type of authorization policy in AWS Organizations that you can use to centrally enforce the maximum available permissions for resources in your organization. For example, an RCP can help enforce the requirement that “no principal outside my organization can access Amazon S3 buckets in my organization,” regardless of the permissions granted through individual S3 bucket policies. For an updated list of AWS services that support RCPs, refer to the list of services supporting RCPs. To learn more, visit the RCPs documentation.

🆕 AWS Organizations now offers resource control policies (RCPs) in AWS GovCloud (US) to centrally restrict external access to resources, enforcing maximum permissions across your organization. For more details, see the RCPs documentation.

#AWS #AwsOrganizations #AwsGovcloudUs

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
11 months ago
AWS Account Management now supports IAM-based account name updates Today, we are introducing a new account management API that enables customers to update the account name via authorized IAM principals and more efficiently manage account names. This new API is added to the AWS account management APIs that enable AWS Organizations customers to centrally and programmatically manage primary email addresses, primary contact information, alternate contact information, and AWS Regions for their accounts. Using the new API, customers will no longer need root access to manage their account names, and they will be able to use authorized IAM principals within the account. Additionally, customers using AWS Organizations in all-features mode can now update member account names via authorized IAM principals in the management and delegated admin accounts, providing a centralized and secure way to manage account names across their organization at scale. Customers can also use the new API via the AWS Command Line Interface (CLI) and AWS Software Development Kit (SDK) to update account names. The ability to manage account names via authorized IAM principals is available at no additional charge in all commercial AWS Regions and the China Regions. To get started managing your account names via IAM principals, see the https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-acct-name.html.  

AWS Account Management now supports IAM-based account name updates

Today, we are introducing a new account management API that enables customers to update the account name via authorized IAM principals and more efficiently manage account names. This new API is added to ...

#AWS #AwsOrganizations

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
11 months ago
Preview
AWS Account Management now supports IAM-based account name updates Today, we are introducing a new account management API that enables customers to update the account name via authorized IAM principals and more efficiently manage account names. This new API is added to the AWS account management APIs that enable AWS Organizations customers to centrally and programmatically manage primary email addresses, primary contact information, alternate contact information, and AWS Regions for their accounts. Using the new API, customers will no longer need root access to manage their account names, and they will be able to use authorized IAM principals within the account. Additionally, customers using AWS Organizations in all-features mode can now update member account names via authorized IAM principals in the management and delegated admin accounts, providing a centralized and secure way to manage account names across their organization at scale. Customers can also use the new API via the AWS Command Line Interface (CLI) and AWS Software Development Kit (SDK) to update account names. The ability to manage account names via authorized IAM principals is available at no additional charge in all commercial AWS Regions and the China Regions. To get started managing your account names via IAM principals, see the documentation.

🆕 AWS now lets you update account names via IAM principals, removing root access need. Available in all regions, this new API enhances account management efficiency for AWS Organizations users. Manage via CLI or SDK. No extra charge.

#AWS #AwsOrganizations

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
1 year ago
AWS IAM Identity Center is now available in the Asia Pacific (Malaysia) AWS Region You can now deploy AWS IAM Identity Center in the Asia Pacific (Malaysia) AWS Region. With the addition of this AWS Region, IAM Identity Center is now available in 34 AWS Regions globally. IAM Identity Center is the recommended service for managing workforce access to AWS applications and multiple AWS accounts. Use IAM Identity Center with your existing identity source or create a new directory, and manage workforce access to part or all of your AWS environment. With IAM Identity Center, you can manage and audit user access more easily and consistently, your workforce has single sign-on access and unified experience across AWS services, and your data owners can authorize and log data access by user. IAM Identity Center is available to you at no additional cost. For more information about the AWS Regions where IAM Identity Center is available, see the http://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/ table. To learn more about IAM Identity Center, https://aws.amazon.com/iam/identity-center/. To get started, see the https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html.  

AWS IAM Identity Center is now available in the Asia Pacific (Malaysia) AWS Region

You can now deploy AWS IAM Identity Center in the Asia Pacific (Malaysia) AWS Region. With the addition of this AWS Region, IAM Identity Center is now available in 3...

#AWS #AwsOrganizations #AwsIamIdentityCenter

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
1 year ago
Preview
AWS IAM Identity Center is now available in the Asia Pacific (Malaysia) AWS Region You can now deploy AWS IAM Identity Center in the Asia Pacific (Malaysia) AWS Region. With the addition of this AWS Region, IAM Identity Center is now available in 34 AWS Regions globally. IAM Identity Center is the recommended service for managing workforce access to AWS applications and multiple AWS accounts. Use IAM Identity Center with your existing identity source or create a new directory, and manage workforce access to part or all of your AWS environment. With IAM Identity Center, you can manage and audit user access more easily and consistently, your workforce has single sign-on access and unified experience across AWS services, and your data owners can authorize and log data access by user. IAM Identity Center is available to you at no additional cost. For more information about the AWS Regions where IAM Identity Center is available, see the AWS Region table. To learn more about IAM Identity Center, visit the product detail page. To get started, see the IAM Identity Center user guide.

🆕 AWS IAM Identity Center now in Asia Pacific (Malaysia), expanding to 34 regions. Manage access to AWS apps with single sign-on, no extra cost. For details, see AWS Region table and product page.

#AWS #AwsOrganizations #AwsIamIdentityCenter

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
1 year ago
Announcing general availability of AWS Managed Notifications Amazon Web Services (AWS) is announcing the general availability of AWS Managed Notifications, a new feature of AWS User Notifications that enhances how customers receive and manage AWS Health notifications. This feature allows you to view and modify default AWS Health notifications in the Console Notifications Center, alongside your custom notifications such as CloudWatch alarms. A dedicated user interface is now available to manage notification subscriptions, including the ability to unsubscribe the primary or alternate contact emails from specific notification categories like 'Operational events'. You can easily subscribe to Health Notifications through additional delivery channels. Supported channels include push notifications to the AWS Console Mobile App, AWS Chatbot (for Slack and Microsoft Teams integrations), and email. Configuring and viewing notifications in the Console Notifications Center is offered at no additional cost. This new capability is available in all https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/ where AWS User Notifications is available. For more information, visit the https://aws.amazon.com/notifications/ product page and https://docs.aws.amazon.com/notifications/latest/userguide/what-is-service.html. To get started, go to the https://console.aws.amazon.com/notifications/home#/notifications.

Announcing general availability of AWS Managed Notifications

Amazon Web Services (AWS) is announcing the general availability of AWS Managed Notifications, a new feature of AWS User Notifications that enhances how customers receive and manage AWS Health notif...

#AWS #AwsHealth #AwsOrganizations

0 0 0 0