AWS prescriptive-guidance documentation change
Summary
Reformatted SCP note section and added list formatting to policy description
Security assessment
Changes are formatting improvements only. The security content about blocking public access remains unchanged.
Diff
diff --git a/prescriptive-guidance/latest/data-perimeter-for-amazon-bedrock/vpc-endpoint-configuration.md b/prescriptive-guidance/latest/data-perimeter-for-amazon-bedrock/vpc-endpoint-configuration.md index 3ca2b76a8..aea3b4668 100644 --- a//prescriptive-guidance/latest/data-perimeter-for-amazon-bedrock/vpc-endpoint-configuration.md +++ b//prescriptive-guidance/latest/data-perimeter-for-amazon-bedrock/vpc-endpoint-configuration.md @@ -41 +41 @@ Enforce that all Amazon Bedrock operations must originate from Amazon VPC endpoi -**DenyBedrockPublicAccess** – Blocks Amazon Bedrock API calls that don't originate from an Amazon VPC endpoint, ensuring all AI workload traffic flows through private network paths. + * **DenyBedrockPublicAccess** – Blocks Amazon Bedrock API calls that don't originate from an Amazon VPC endpoint, ensuring all AI workload traffic flows through private network paths. @@ -43 +43,6 @@ Enforce that all Amazon Bedrock operations must originate from Amazon VPC endpoi -**Note –** SCPs do not apply to the management account. Test enforcement using member accounts. + + + +###### Note + +SCPs do not apply to the management account. Test enforcement using member accounts.