aws AWS What's New ·

AWS Organizations adds default security controls for new orgs

securitygovernanceawsengineer
feature

AWS Organizations now automatically applies security controls by default when creating new organizations via the console. This feature safeguards multi-account environments by preventing unintended member account departures, providing immediate protection from day one for CloudOps administrators and security teams. These lightweight controls help establish strong governance patterns for new or migrating enterprises, with the ability to modify or disable them at any time.

  • Default security controls applied to new AWS Organizations
  • Default controls aid governance and can be modified
  • Availability in specific AWS regions
Features (1)
  • Default security controls applied to new AWS Organizations

    New AWS Organizations created via the console now automatically apply core security controls, including Service Control Policies (SCPs), to prevent member accounts from leaving or closing. This simplifies initial security configuration and provides immediate protection against unintended account departures.

Notes (2)
  • Default controls aid governance and can be modified

    These lightweight, default security controls help enterprises establish strong governance patterns without requiring deep security expertise. Administrators retain full control to modify or disable these settings at any time.

  • Availability in specific AWS regions

    This feature is available in US East (N. Virginia), AWS GovCloud (US-East), AWS GovCloud (US-West), China (Beijing), and China (Ningxia).

Read the original announcement →

https://aws.amazon.com/about-aws/whats-new/2026/07/aws-organizations-security-controls-new-orgs-console