Security Zone policies for File Storage

Security Zones offers policies to restrict File Storage operations so that your resources comply with File Storage security best practices. For example:

  • You can't export a file system in the security zone through a mount target that isn't in the same security zone.
  • File systems in the security zone must use a customer-managed master encryption key in the Vault service.

You can enable these new policies in your custom security zone recipes.The new policies are not enabled in the Maximum Security Recipe.