Least privilege recommendations

Follow these recommendations to apply least privilege principles to your Next generation Resilience Hub configuration:

Use ExternalId for cross-account roles – The ExternalId condition in cross-account trust policies prevents confused deputy attacks.
Use Organizations Service-Linked Roles – Avoid manual cross-account role setup when possible. Service-Linked Roles provide automatically scoped, auditable access.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Generative AI data handling

Monitoring