Introducing resource control policies (RCPs), a new type of authorization policy in AWS Organizations
AWS News Blog
This article introduces resource control policies (RCPs), a new type of authorization policy in AWS Organizations that can restrict external access to resources at scale.
Specifically, the article covers:
- What RCPs are and how they differ from service control policies (SCPs)
- How to enable and create RCPs in the AWS Organizations console
- An example of creating an RCP to restrict access to S3 buckets to only principals within the organization
- How to attach and test RCPs
- Using RCPs with AWS Control Tower for large-scale deployment and drift detection
- The role of RCPs in establishing a data perimeter and comprehensive security baseline alongside SCPs
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 13
2024
2024
Introducing resource control policies (RCPs) to centrally restrict access to AWS resources
Jun 19
2025
2025
AWS expands resource control policies (RCPs) support to two additional services
Feb 12
2026
2026
AWS expands Resource Control Policies support to Amazon DynamoDB
May 15
2026
2026
AWS Organizations now supports higher quotas for service control policies (SCPs)
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.