AWS organizations documentation change
Summary
Added new example SCP policies for Amazon Bedrock including model access restrictions and API key management controls
Security assessment
The changes add documentation for service control policies that enforce security controls around Amazon Bedrock API key lifecycle management and model access restrictions. While these are security-related controls, there is no evidence they address a specific disclosed vulnerability or incident.
Diff
diff --git a/organizations/latest/userguide/orgs_manage_policies_scps_examples.md b/organizations/latest/userguide/orgs_manage_policies_scps_examples.md index 9ec059539..e51d392f4 100644 --- a//organizations/latest/userguide/orgs_manage_policies_scps_examples.md +++ b//organizations/latest/userguide/orgs_manage_policies_scps_examples.md @@ -47,0 +48,10 @@ Each of the following policies is an example of a [deny list policy](./orgs_mana + * [Example SCPs for Amazon Bedrock](./orgs_manage_policies_scps_examples_bedrock.html) + + * [Deny access to specific Amazon Bedrock models](./orgs_manage_policies_scps_examples_bedrock.html#example-bedrock-1) + + * [Restrict access to specific Amazon Bedrock models or model families across an entire organization](./orgs_manage_policies_scps_examples_bedrock.html#example-bedrock-2) + + * [Restrict creation and use of Amazon Bedrock API keys](./orgs_manage_policies_scps_examples_bedrock.html#example-bedrock-3) + + * [Restrict creation of long-term Amazon Bedrock API keys valid beyond 30 days](./orgs_manage_policies_scps_examples_bedrock.html#example-bedrock-4) +