AWS config documentation change
Summary
Added multiple new managed rules including security-related ones like 'ecr-repository-cmk-encryption-enabled', 'elbv2-predefined-security-policy-ssl-check', and 'sqs-queue-no-public-access'
Security assessment
Documents new security-focused managed rules but doesn't indicate response to specific vulnerabilities
Diff
diff --git a/config/latest/developerguide/managed-rules-by-aws-config.md index d9d8d2987..01f5650e2 100644 --- a/config/latest/developerguide/managed-rules-by-aws-config.md +++ b/config/latest/developerguide/managed-rules-by-aws-config.md @@ -312,0 +313,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [connect-instance-logging-enabled](./connect-instance-logging-enabled.html) + @@ -480,0 +483,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [ecr-repository-cmk-encryption-enabled](./ecr-repository-cmk-encryption-enabled.html) + @@ -584,0 +589,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [elbv2-predefined-security-policy-ssl-check](./elbv2-predefined-security-policy-ssl-check.html) + @@ -662,0 +669,6 @@ AWS Config currently supports the following managed rules. Before using these ru + * [glue-spark-job-supported-version](./glue-spark-job-supported-version.html) + + * [guardduty-ec2-protection-runtime-enabled](./guardduty-ec2-protection-runtime-enabled.html) + + * [guardduty-ecs-protection-runtime-enabled](./guardduty-ecs-protection-runtime-enabled.html) + @@ -676,0 +689,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [guardduty-runtime-monitoring-enabled](./guardduty-runtime-monitoring-enabled.html) + @@ -850,0 +865,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [netfw-subnet-change-protection-enabled](./netfw-subnet-change-protection-enabled.html) + @@ -1072,0 +1089,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [sqs-queue-no-public-access](./sqs-queue-no-public-access.html) + @@ -1094,0 +1113,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [transfer-connector-logging-enabled](./transfer-connector-logging-enabled.html) +