AWS organizations documentation change
Summary
Added section for deleting Security Hub policies with console instructions
Security assessment
The change documents deletion procedures for Security Hub policies, which are security-related controls. However, this is routine policy management documentation rather than addressing a specific security vulnerability.
Diff
diff --git a/organizations/latest/userguide/orgs_policies_delete.md b/organizations/latest/userguide/orgs_policies_delete.md index e491f1940..523682f17 100644 --- a//organizations/latest/userguide/orgs_policies_delete.md +++ b//organizations/latest/userguide/orgs_policies_delete.md @@ -165,0 +166,18 @@ AI services opt-out policies + + + + +Security Hub policies + + +###### To delete a Security Hub policy + + 1. Sign in to the [AWS Organizations console](https://console.aws.amazon.com/organizations/v2). You must sign in as an IAM user, assume an IAM role, or sign in as the root user ([not recommended](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials)) in the organization’s management account. + + 2. On the **[Security Hub policies](https://console.aws.amazon.com/organizations/v2/home/policies/securityhub-policy)** page, choose the name of the policy that you want to delete. + + 3. You must first detach the policy that you want to delete from all roots, OUs, and accounts. Choose the **Targets** tab, choose the radio button next to each root, OU, or account that is shown in the **Targets** list, and then choose **Detach**. In the confirmation dialog box, choose **Detach**. Repeat until you remove all targets. + + 4. Choose **Delete** at the top of the page. + + 5. On the confirmation dialog box, enter the name of the policy, and then choose **Delete**.