Document history
The following table describes significant changes to this guide. If you want to be notified about future updates, you can subscribe to an RSS feed.
| Change | Description | Date |
|---|---|---|
Centralized egress best practices | We updated the best practices for securing egress traffic. | May 6, 2024 |
Organization best practices | We updated the best practices for creating an organization in AWS Organizations. | December 4, 2023 |
Billing considerations | We added the Billing considerations section. | September 20, 2023 |
Resource migration, application connectivity, and Amazon VPC Lattice | We added the Resource migration and Connecting applications sections. We also added information about a new AWS service, Amazon Virtual Private Cloud (Amazon VPC) Lattice. | April 27, 2023 |
Account history and ABAC | We revised the Create a landing zone section to add information about how to make sure your new AWS accounts have usage history so that you can add them to to your AWS Control Tower landing zone. We also revised the Add initial users section to add information about how you can use attribute-based access control (ABAC) to pass the authentication method from an external SAML-based IdP to AWS IAM Identity Center. | January 6, 2023 |
Egress traffic networking | We revised the Centralized egress section to add information about using Amazon Route 53 Resolver DNS Firewall to to limit egress traffic to specific domain names. | October 13, 2022 |
Security of egress traffic | October 6, 2022 | |
Permissions boundaries | We improved the definition of a permissions boundary, and in the Resources section, we added a new link for more information about this topic. | September 22, 2022 |
Initial publication | — | September 6, 2022 |
