Today, AWS Identity and Access Management (IAM) launched two new global condition keys for IAM policies that enable you to scalably allow AWS services to access your resources only on your behalf. With this new IAM capability, you can simplify management of your resource-based policies to require that AWS services access your resources only when the request originates from your organization or organizational unit (OU) in AWS Organizations.
Source:: Amazon AWS