diff --git a/aws/whats-new/architecture/README.md b/aws/whats-new/architecture/README.md
index 88cf201c..b4a8414a 100644
--- a/aws/whats-new/architecture/README.md
+++ b/aws/whats-new/architecture/README.md
@@ -1,5 +1,12 @@
 # What's New with our AWS Architecture
 
+## 2026-01-07: SCP to restrict access to permitted Bedrock models only
+
+We have implemented a service control policy in lab-gov and ent-ew to restrict access to only the permitted Bedrock models.
+More details on the models and this change [here](https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/documentation/services/bedrock/scp.md),
+and Bedrock [here](https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/documentation/services/bedrock/).  It is expected
+this change to be applied to ent-gov shortly afterwards.
+
 ## 2026-01-02: Stop all non-organization CloudTrail
 
 We have taken action and stopped all CloudTrail logging other than the `inf-org-cloudtrail` trail, which is already capturing all events.