AWS config high security documentation change
Summary
Added multiple new managed rules including security-focused checks (SSL policies, Cognito access, encryption, logging, public access controls)
Security assessment
Introduces documentation for new security rules like 'cloudfront-ssl-policy-check', 'cognito-identity-pool-unauth-access-check', and 'msk-cluster-public-access-disabled', which directly address encryption, access control, and exposure risks.
Diff
diff --git a/config/latest/developerguide/managed-rules-by-aws-config.md b/config/latest/developerguide/managed-rules-by-aws-config.md index 926250edb..b68091e64 100644 --- a//config/latest/developerguide/managed-rules-by-aws-config.md +++ b//config/latest/developerguide/managed-rules-by-aws-config.md @@ -246,0 +247,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [cloudfront-ssl-policy-check](./cloudfront-ssl-policy-check.html) + @@ -314,0 +317,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [cognito-identity-pool-unauth-access-check](./cognito-identity-pool-unauth-access-check.html) + @@ -426,0 +431,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [ec2-enis-source-destination-check-enabled](./ec2-enis-source-destination-check-enabled.html) + @@ -620,0 +627,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [elbv2-listener-encryption-in-transit](./elbv2-listener-encryption-in-transit.html) + @@ -846,0 +855,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [lambda-function-xray-enabled](./lambda-function-xray-enabled.html) + @@ -884,0 +895,4 @@ AWS Config currently supports the following managed rules. Before using these ru + * [msk-cluster-public-access-disabled](./msk-cluster-public-access-disabled.html) + + * [msk-connect-connector-logging-enabled](./msk-connect-connector-logging-enabled.html) + @@ -888,0 +903,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [msk-unrestricted-access-check](./msk-unrestricted-access-check.html) + @@ -1032,0 +1049,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [redshift-cluster-multi-az-enabled](./redshift-cluster-multi-az-enabled.html) + @@ -1072,0 +1091,2 @@ AWS Config currently supports the following managed rules. Before using these ru + * [s3express-dir-bucket-lifecycle-rules-check](./s3express-dir-bucket-lifecycle-rules-check.html) + @@ -1190,0 +1211,4 @@ AWS Config currently supports the following managed rules. Before using these ru + * [ssm-automation-block-public-sharing](./ssm-automation-block-public-sharing.html) + + * [ssm-automation-logging-enabled](./ssm-automation-logging-enabled.html) +