We are excited to announce the launch of 28 new proactive controls in AWS Control Tower. This launch enhances AWS Control Tower’s governance capabilities, allowing you to implement controls at scale across your multi-account AWS environments by blocking non-compliant resources before they are provisioned for services such as Amazon CloudWatch, Amazon Neptune, Amazon ElastiCache, AWS Step Functions, and Amazon DocumentDB. These new controls help you meet control objectives such as establish logging and monitoring, encrypt data at rest, or improve resiliency. To see a full list of the new controls, see the controls reference guide.
Source:: Amazon AWS