AWS Security ChangesHomeSearch

AWS config documentation change

Service: config · 2025-04-03 · Documentation low

File: config/latest/developerguide/managed-rules-by-evaluation-mode.md

Summary

Added new managed rules for tagging compliance (Cognito User Pools, ECR repositories, S3 buckets, SageMaker domains, and SageMaker feature groups)

Security assessment

The added rules enforce resource tagging policies, which are security best practices for resource management and access control, but there's no evidence of addressing a specific security vulnerability.

Diff

diff --git a/config/latest/developerguide/managed-rules-by-evaluation-mode.md b/config/latest/developerguide/managed-rules-by-evaluation-mode.md
index 349572f1e..b2662d97e 100644
--- a//config/latest/developerguide/managed-rules-by-evaluation-mode.md
+++ b//config/latest/developerguide/managed-rules-by-evaluation-mode.md
@@ -371,0 +372,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [cognito-user-pool-tagged](./cognito-user-pool-tagged.html)
+
@@ -573,0 +576,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [ecr-repository-tagged](./ecr-repository-tagged.html)
+
@@ -1163,0 +1168,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [s3-bucket-tagged](./s3-bucket-tagged.html)
+
@@ -1185,0 +1192,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [sagemaker-domain-tagged](./sagemaker-domain-tagged.html)
+
@@ -1189,0 +1198,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [sagemaker-feature-group-tagged](./sagemaker-feature-group-tagged.html)
+