AWS controltower documentation change
Summary
Added a note requiring AWSControlTowerBaseline to be enabled for CfCT target OUs and updated URL formatting
Security assessment
The added note emphasizes enabling AWSControlTowerBaseline, a security-related configuration, but does not address a specific security vulnerability. The URL changes are formatting fixes. The documentation addition reinforces security best practices but does not indicate a new security feature or resolved security issue.
Diff
diff --git a/controltower/latest/userguide/customize-landing-zone.md b/controltower/latest/userguide/customize-landing-zone.md index 7f8d7f410..851782b04 100644 --- a//controltower/latest/userguide/customize-landing-zone.md +++ b//controltower/latest/userguide/customize-landing-zone.md @@ -22,0 +23,4 @@ Unlike Account Factory and AFT, CfCT is not specifically intended to create new +###### Note + +The target organizational unit (OU) configured in CfCT must have AWSControlTowerBaseline enabled in AWS Control Tower. + @@ -38 +42 @@ Unlike Account Factory and AFT, CfCT is not specifically intended to create new - * An example networking use case with _Customizations for AWS Control Tower_ (CfCT) is given in the AWS Architecture blog post, [Deploy consistent DNS with Service Catalog and AWS Control Tower customizations](https://aws.amazon.com/blogs/architecture/deploy-consistent-dns-with-aws-service-catalog-and-aws-control-tower-customizations/). + * An example networking use case with _Customizations for AWS Control Tower_ (CfCT) is given in the AWS Architecture blog post, [Deploy consistent DNS with Service Catalog and AWS Control Tower customizations](https://aws.amazon.com/blogs//architecture/deploy-consistent-dns-with-aws-service-catalog-and-aws-control-tower-customizations/). @@ -47 +51 @@ Unlike Account Factory and AFT, CfCT is not specifically intended to create new -For more information about the AWS Security Reference Architecture, see the [AWS Prescriptive Guidance pages](https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/welcome.html). +For more information about the AWS Security Reference Architecture, see the [AWS Prescriptive Guidance pages](https://docs.aws.amazon.com//prescriptive-guidance/latest/security-reference-architecture/welcome.html).