AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-04-03 · Documentation low

File: IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-reqcontext.md

Summary

Added 'AWS' qualifier to Organizations RCPs and SCPs definitions in policy evaluation context documentation.

Security assessment

Terminology clarification for AWS service names. No security-related content changes detected.

Diff

diff --git a/IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-reqcontext.md b/IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-reqcontext.md
index 25cbf359d..25ddd9b5b 100644
--- a//IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-reqcontext.md
+++ b//IAM/latest/UserGuide/reference_policies_evaluation-logic_policy-eval-reqcontext.md
@@ -26 +26 @@ How AWS evaluates policies depends on the types of policies that apply to the re
-  * **AWS Organizations resource control policies (RCPs)** – Organizations RCPs specify the maximum available permissions for resources within accounts in an organization or organizational unit (OU). RCPs apply to resources in member accounts and impact the effective permissions for principals, including the AWS account root user, regardless of whether the principals belong to your organization. RCPs don't apply to resources in the organization management account and to calls made by service-linked roles.
+  * **AWS Organizations resource control policies (RCPs)** – AWS Organizations RCPs specify the maximum available permissions for resources within accounts in an organization or organizational unit (OU). RCPs apply to resources in member accounts and impact the effective permissions for principals, including the AWS account root user, regardless of whether the principals belong to your organization. RCPs don't apply to resources in the organization management account and to calls made by service-linked roles.
@@ -28 +28 @@ How AWS evaluates policies depends on the types of policies that apply to the re
-  * **AWS Organizations service control policies (SCPs)** – Organizations SCPs specify the maximum available permissions for principals within accounts in an organization or organizational unit (OU). SCPs apply to principals in member accounts, including each AWS account root user. If an SCP is present, permissions granted by identity-based and resource-based policies to principals in your member accounts are only effective if the SCP allows the action. The only exceptions are principals in the organization management account and service-linked roles.
+  * **AWS Organizations service control policies (SCPs)** – AWS Organizations SCPs specify the maximum available permissions for principals within accounts in an organization or organizational unit (OU). SCPs apply to principals in member accounts, including each AWS account root user. If an SCP is present, permissions granted by identity-based and resource-based policies to principals in your member accounts are only effective if the SCP allows the action. The only exceptions are principals in the organization management account and service-linked roles.