AWS securityhub documentation change
Summary
Updated parameter constraints for requiredTagKeys to specify a maximum of 6 items
Security assessment
The change clarifies documentation formatting and parameter limits but does not introduce new security controls or address specific vulnerabilities. Tagging requirements are a best practice but this update is a technical specification refinement.
Diff
diff --git a/securityhub/latest/userguide/cloudformation-controls.md b/securityhub/latest/userguide/cloudformation-controls.md index e72eb719e..f25e4e80b 100644 --- a//securityhub/latest/userguide/cloudformation-controls.md +++ b//securityhub/latest/userguide/cloudformation-controls.md @@ -57 +57 @@ Parameter | Description | Type | Allowed custom values | Security Hub default va -`requiredTagKeys` | List of non-system tag keys that the evaluated resource must contain. Tag keys are case sensitive. | StringList | List of tags that meet [AWS requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions) | No default value +`requiredTagKeys` | List of non-system tag keys that the evaluated resource must contain. Tag keys are case sensitive. | StringList (maximum of 6 items) | 1–6 tag keys that meet [AWS requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions). | No default value