From 978361fe14bd4de947bf5085c297e5fd0c98bcac Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 8 Jan 2026 09:48:32 -0500 Subject: [PATCH] add scp --- aws/whats-new/architecture/README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/aws/whats-new/architecture/README.md b/aws/whats-new/architecture/README.md index 88cf201c..b4a8414a 100644 --- a/aws/whats-new/architecture/README.md +++ b/aws/whats-new/architecture/README.md @@ -1,5 +1,12 @@ # What's New with our AWS Architecture +## 2026-01-07: SCP to restrict access to permitted Bedrock models only + +We have implemented a service control policy in lab-gov and ent-ew to restrict access to only the permitted Bedrock models. +More details on the models and this change [here](https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/documentation/services/bedrock/scp.md), +and Bedrock [here](https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/documentation/services/bedrock/). It is expected +this change to be applied to ent-gov shortly afterwards. + ## 2026-01-02: Stop all non-organization CloudTrail We have taken action and stopped all CloudTrail logging other than the `inf-org-cloudtrail` trail, which is already capturing all events.