AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-04-16 · Documentation low

File: securityhub/latest/userguide/cloudformation-controls.md

Summary

Updated parameter constraints for requiredTagKeys to specify a maximum of 6 items

Security assessment

The change clarifies documentation formatting and parameter limits but does not introduce new security controls or address specific vulnerabilities. Tagging requirements are a best practice but this update is a technical specification refinement.

Diff

diff --git a/securityhub/latest/userguide/cloudformation-controls.md b/securityhub/latest/userguide/cloudformation-controls.md
index e72eb719e..f25e4e80b 100644
--- a//securityhub/latest/userguide/cloudformation-controls.md
+++ b//securityhub/latest/userguide/cloudformation-controls.md
@@ -57 +57 @@ Parameter | Description | Type | Allowed custom values | Security Hub default va
-`requiredTagKeys` | List of non-system tag keys that the evaluated resource must contain. Tag keys are case sensitive.  | StringList  | List of tags that meet [AWS requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions) | No default value   
+`requiredTagKeys` | List of non-system tag keys that the evaluated resource must contain. Tag keys are case sensitive.  | StringList (maximum of 6 items)  | 1–6 tag keys that meet [AWS requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions).  | No default value