AWS Security ChangesHomeSearch

AWS general documentation change

Service: general · 2025-03-10 · Documentation low

File: general/latest/gr/ssm.md

Summary

Added important note about OpsItems created by Security Hub integration not being subject to 500,000 quota limit and recommending limiting Security Hub findings to high severity

Security assessment

The change addresses quota management and cost considerations rather than directly addressing a security vulnerability or weakness. While Security Hub is a security service, the documentation update focuses on usage limits and billing implications.

Diff

diff --git a/general/latest/gr/ssm.md
index 3ff62ea9b..fc7f6fcef 100644
--- a/general/latest/gr/ssm.md
+++ b/general/latest/gr/ssm.md
@@ -247,0 +248,4 @@ Maximum number of OpsItems (including Open _and_ Resolved OpsItems) |  500,000
+
+###### Important
+
+OpsItems that are created by an integration with AWS Security Hub are _not_ currently limited by this maximum quota. It is therefore possible for Security Hub alerts to create more than 500,000 chargeable OpsItems in an account.For high-production environments, we therefore recommend limiting the scope of Security Hub findings to high severity issues only.For more information about OpsCenter integration with Security Hub and OpsItems pricing in AWS Systems Manager, see [Understanding OpsCenter integration with AWS Security Hub](https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-applications-that-integrate.html#OpsCenter-integrate-with-security-hub) in the _AWS Systems Manager User Guide_.