AWS securityhub documentation change
Summary
Updated documentation to specifically reference Security Hub Cloud Security Posture Management (CSPM) integration with AWS Organizations, including updated terminology and service principal references
Security assessment
The changes clarify documentation around CSPM integration management but do not address any specific vulnerability. CSPM is a security feature, so updating its documentation enhances security guidance without fixing an existing issue.
Diff
diff --git a/securityhub/latest/userguide/disable-orgs-integration.md b/securityhub/latest/userguide/disable-orgs-integration.md index 9ac5b0c2a..4b62a486e 100644 --- a//securityhub/latest/userguide/disable-orgs-integration.md +++ b//securityhub/latest/userguide/disable-orgs-integration.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -5 +5 @@ -# Disabling Security Hub integration with AWS Organizations +# Disabling Security Hub CSPM integration with AWS Organizations @@ -7 +7 @@ -After an AWS Organizations organization is integrated with AWS Security Hub, the Organizations management account can subsequently disable the integration. As a user of the Organizations management account, you can do this by disabling trusted access for Security Hub in AWS Organizations. +After an AWS Organizations organization is integrated with AWS Security Hub Cloud Security Posture Management (CSPM), the Organizations management account can subsequently disable the integration. As a user of the Organizations management account, you can do this by disabling trusted access for Security Hub CSPM in AWS Organizations. @@ -9 +9 @@ After an AWS Organizations organization is integrated with AWS Security Hub, the -When you disable trusted access for Security Hub, the following occurs: +When you disable trusted access for Security Hub CSPM, the following occurs: @@ -11 +11 @@ When you disable trusted access for Security Hub, the following occurs: - * Security Hub loses its status as a trusted service in AWS Organizations. + * Security Hub CSPM loses its status as a trusted service in AWS Organizations. @@ -13 +13 @@ When you disable trusted access for Security Hub, the following occurs: - * The Security Hub delegated administrator account loses access to Security Hub settings, data, and resources for all Security Hub member accounts in all AWS Regions. + * The Security Hub CSPM delegated administrator account loses access to Security Hub CSPM settings, data, and resources for all Security Hub CSPM member accounts in all AWS Regions. @@ -15 +15 @@ When you disable trusted access for Security Hub, the following occurs: - * If you were using [central configuration](./central-configuration-intro.html), Security Hub automatically stops using it for your organization. Your configuration policies and policy associations are deleted. Accounts retain the configurations that they had before you disabled trusted access. + * If you were using [central configuration](./central-configuration-intro.html), Security Hub CSPM automatically stops using it for your organization. Your configuration policies and policy associations are deleted. Accounts retain the configurations that they had before you disabled trusted access. @@ -17 +17 @@ When you disable trusted access for Security Hub, the following occurs: - * All Security Hub member accounts become standalone accounts and retain their current settings. If Security Hub was enabled for a member account in one or more Regions, Security Hub continues to be enabled for the account in those Regions. Enabled standards and controls are also unchanged. You can change these settings separately in each account and Region. However, the account is no longer associated with a delegated administrator in any Region. + * All Security Hub CSPM member accounts become standalone accounts and retain their current settings. If Security Hub CSPM was enabled for a member account in one or more Regions, Security Hub CSPM continues to be enabled for the account in those Regions. Enabled standards and controls are also unchanged. You can change these settings separately in each account and Region. However, the account is no longer associated with a delegated administrator in any Region. @@ -24 +24 @@ For additional information about the results of disabling trusted service access -To disable trusted access, you can use the AWS Organizations console, Organizations API, or the AWS CLI. Only a user of the Organizations management account can disable trusted service access for Security Hub. For details about the permissions that you need, see [Permissions required to disable trusted access](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_trusted_access_disable_perms) in the _AWS Organizations User Guide_. +To disable trusted access, you can use the AWS Organizations console, Organizations API, or the AWS CLI. Only a user of the Organizations management account can disable trusted service access for Security Hub CSPM. For details about the permissions that you need, see [Permissions required to disable trusted access](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_trusted_access_disable_perms) in the _AWS Organizations User Guide_. @@ -26 +26 @@ To disable trusted access, you can use the AWS Organizations console, Organizati -Before you disable trusted access, we recommend working with the delegated administrator for your organization to disable Security Hub in member accounts and to clean up Security Hub resources in those accounts. +Before you disable trusted access, we recommend working with the delegated administrator for your organization to disable Security Hub CSPM in member accounts and to clean up Security Hub CSPM resources in those accounts. @@ -28 +28 @@ Before you disable trusted access, we recommend working with the delegated admin -Choose your preferred method, and follow the steps to disable trusted access for Security Hub. +Choose your preferred method, and follow the steps to disable trusted access for Security Hub CSPM. @@ -33 +33 @@ Organizations console -###### To disable trusted access for Security Hub +###### To disable trusted access for Security Hub CSPM @@ -41 +41 @@ Organizations console - 4. Under **Integrated services** , choose **AWS Security Hub**. + 4. Under **Integrated services** , choose **AWS Security Hub Cloud Security Posture Management (CSPM)**. @@ -53 +53 @@ Organizations API -**To disable trusted access for Security Hub** +**To disable trusted access for Security Hub CSPM** @@ -55 +55 @@ Organizations API -Invoke the [DisableAWSServiceAccess](https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisableAWSServiceAccess.html) operation of the AWS Organizations API. For the `ServicePrincipal` parameter, specify the Security Hub service principal (`securityhub.amazonaws.com`). +Invoke the [DisableAWSServiceAccess](https://docs.aws.amazon.com/organizations/latest/APIReference/API_DisableAWSServiceAccess.html) operation of the AWS Organizations API. For the `ServicePrincipal` parameter, specify the Security Hub CSPM service principal (`securityhub.amazonaws.com`). @@ -60 +60 @@ AWS CLI -**To disable trusted access for Security Hub** +**To disable trusted access for Security Hub CSPM** @@ -62 +62 @@ AWS CLI -Run the [disable-aws-service-access](https://docs.aws.amazon.com/cli/latest/reference/organizations/disable-aws-service-access.html) command of the AWS Organizations API. For the `service-principal` parameter, specify the Security Hub service principal (`securityhub.amazonaws.com`). +Run the [disable-aws-service-access](https://docs.aws.amazon.com/cli/latest/reference/organizations/disable-aws-service-access.html) command of the AWS Organizations API. For the `service-principal` parameter, specify the Security Hub CSPM service principal (`securityhub.amazonaws.com`). @@ -77 +77 @@ Removing or changing the delegated administrator -Automatically enabling Security Hub in new accounts +Automatically enabling Security Hub CSPM in new accounts