Declarative VPC Encryption Controls for AWS Organizations
🔐 You can now use declarative policies to enable VPC Encryption Controls in monitor or enforce mode across all VPCs in your environment. This capability lets security teams centrally define and apply consistent encryption-in-transit settings for an account, organization, or specific organizational unit. The feature provides centralized visibility into Encryption Controls status for all accounts and VPCs and is available in all AWS regions that support VPC Encryption Controls. There is no additional charge to use declarative policies in AWS Organizations.
