AWS organizations documentation change
Summary
Added encryption-in-transit enforcement example for VPC traffic.
Security assessment
Enhances documentation with security control example (encryption enforcement) but doesn't fix specific vulnerabilities.
Diff
diff --git a/organizations/latest/userguide/orgs_manage_policies_declarative_policies.md b/organizations/latest/userguide/orgs_manage_policies_declarative_policies.md index 7a422059c..5f0278534 100644 --- a//organizations/latest/userguide/orgs_manage_policies_declarative_policies.md +++ b//organizations/latest/userguide/orgs_manage_policies_declarative_policies.md @@ -13 +13 @@ Declarative policies enable you to centrally configure and manage AWS services a -Declarative policies allow you to centrally declare and enforce your desired configuration for a given AWS service at scale across an organization. Once attached, the configuration is always maintained when the service adds new features or APIs. Use declarative policies to prevent noncompliant actions. For example, you can block public internet access to Amazon VPC resources across your organization. +Declarative policies allow you to centrally declare and enforce your desired configuration for a given AWS service at scale across an organization. Once attached, the configuration is always maintained when the service adds new features or APIs. Use declarative policies to prevent noncompliant actions. For example, you can block public internet access to Amazon VPC resources, or enforce encryption in transit for VPC traffic, across your organization.