AWS securityhub documentation change
Summary
Removed the word 'Custom' to clarify that AWS Config rules created by Security Hub (not just custom ones) don't count toward quotas
Security assessment
The change clarifies quota rules for AWS Config managed rules but does not address security vulnerabilities or introduce security features. It relates to service limits, not security controls.
Diff
diff --git a/securityhub/latest/userguide/securityhub-setup-prereqs.md b/securityhub/latest/userguide/securityhub-setup-prereqs.md index 341a1c53e..a4a431a62 100644 --- a//securityhub/latest/userguide/securityhub-setup-prereqs.md +++ b//securityhub/latest/userguide/securityhub-setup-prereqs.md @@ -96 +96 @@ These service-linked rules are specific to Security Hub. Security Hub creates th -There are quotas for the number of AWS Config managed rules that can be used to evaluate controls. Custom AWS Config rules that Security Hub creates don't count towards those quotas. You can enable a security standard even if you've already reached the AWS Config quota for managed rules in your account. To learn more about quotas for AWS Config rules, see [Service limits for AWS Config](https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html) in the _AWS Config Developer Guide_. +There are quotas for the number of AWS Config managed rules that can be used to evaluate controls. AWS Config rules that Security Hub creates don't count towards those quotas. You can enable a security standard even if you've already reached the AWS Config quota for managed rules in your account. To learn more about quotas for AWS Config rules, see [Service limits for AWS Config](https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html) in the _AWS Config Developer Guide_.