AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-06-19 · Documentation low

File: securityhub/latest/userguide/security_iam_service-with-iam.md

Summary

Updated documentation links, corrected section headers, standardized 'AWS Security Hub' naming, fixed typos, and clarified policy resource references. Added 'CSPM' reference in tagging section.

Security assessment

Changes focus on documentation consistency, naming standardization, and typo fixes rather than addressing security vulnerabilities or introducing new security features. The addition of 'CSPM' relates to existing resource tagging documentation but does not introduce new security controls or address vulnerabilities.

Diff

diff --git a/securityhub/latest/userguide/security_iam_service-with-iam.md b/securityhub/latest/userguide/security_iam_service-with-iam.md
index aa5f8553a..d8c809183 100644
--- a//securityhub/latest/userguide/security_iam_service-with-iam.md
+++ b//securityhub/latest/userguide/security_iam_service-with-iam.md
@@ -3 +3 @@
-[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html)
+[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html)
@@ -5 +5 @@
-Identity-based policies for Security HubResource-based policiesPolicy actionsResourcesPolicy condition keysAccess control lists (ACLs) in Security HubAttribute-based access control (ABAC)Temporary credentialsForward access sessionsService rolesService-linked roles
+Identity-based policies for Security HubResource-based policiesPolicy actionsPolicy resources for Security HubPolicy condition keysAccess control lists (ACLs) in Security HubAttribute-based access control (ABAC)Temporary credentialsForward access sessionsService rolesService-linked roles
@@ -7 +7 @@ Identity-based policies for Security HubResource-based policiesPolicy actionsRes
-# How AWS Security Hub works with IAM
+# How Security Hub works with IAM
@@ -35 +35 @@ With IAM identity-based policies, you can specify allowed or denied actions and
-Security Hub supports identity-based policies. For more information, see [Identity-based policy examples for Security Hub](./security_iam_id-based-policy-examples.html).
+Security Hub supports identity-based policies. For more information, see [Identity-based policy examples for AWS Security Hub](./security_iam_id-based-policy-examples.html).
@@ -37 +37 @@ Security Hub supports identity-based policies. For more information, see [Identi
-## Resource=based policies for Security Hub
+## Resource-based policies for Security Hub
@@ -86 +86 @@ The user must have access to the `UpdateStandardsControls` operation in order to
-For a list of Security Hub actions, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions) in the _Service Authorization Reference_. For examples of policies that specify Security Hub actions, see [Identity-based policy examples for Security Hub](./security_iam_id-based-policy-examples.html).
+For a list of Security Hub actions, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions) in the _Service Authorization Reference_. For examples of policies that specify Security Hub actions, see [Identity-based policy examples for AWS Security Hub](./security_iam_id-based-policy-examples.html).
@@ -88 +88 @@ For a list of Security Hub actions, see [Actions defined by AWS Security Hub](ht
-## Resources
+## Policy resources for Security Hub
@@ -118 +118 @@ You can specify these types of resources in policies by using ARNs.
-For a list of Security Hub resource types and the ARN syntax for each one, see [Resource types defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-resources-for-iam-policies) in the _Service Authorization Reference_. To learn which actions you can specify for each type of resource, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions) in the _Service Authorization Reference_. For examples of policies that specify resources, see [Identity-based policy examples for Security Hub](./security_iam_id-based-policy-examples.html).
+For a list of Security Hub resource types and the ARN syntax for each one, see [Resource types defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-resources-for-iam-policies) in the _Service Authorization Reference_. To learn which actions you can specify for each type of resource, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions) in the _Service Authorization Reference_. For examples of policies that specify resources, see [Identity-based policy examples for AWS Security Hub](./security_iam_id-based-policy-examples.html).
@@ -134 +134 @@ AWS supports global condition keys and service-specific condition keys. To see a
-For a list of Security Hub condition keys, see [Condition keys for AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-policy-keys) in the _Service Authorization Reference_. To learn which actions and resources you can use a condition key with, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions). For examples of policies that use condition keys, see [Identity-based policy examples for Security Hub](./security_iam_id-based-policy-examples.html).
+For a list of Security Hub condition keys, see [Condition keys for AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-policy-keys) in the _Service Authorization Reference_. To learn which actions and resources you can use a condition key with, see [Actions defined by AWS Security Hub](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html#awssecurityhub-actions-as-permissions). For examples of policies that use condition keys, see [Identity-based policy examples for AWS Security Hub](./security_iam_id-based-policy-examples.html).
@@ -160 +160 @@ You can attach tags to Security Hub resources. You can also control access to re
-For information about tagging Security Hub resources, see [Tagging Security Hub resources](./tagging-resources.html). For an example of an identity-based policy that controls access to a resource based on tags, see [Identity-based policy examples for Security Hub](./security_iam_id-based-policy-examples.html).
+For information about tagging Security Hub resources, see [Tagging Security Hub CSPM resources](./tagging-resources.html). For an example of an identity-based policy that controls access to a resource based on tags, see [Identity-based policy examples for AWS Security Hub](./security_iam_id-based-policy-examples.html).
@@ -182 +182 @@ When you use an IAM user or role to perform actions in AWS, you are considered a
-For example, Security Hub makes FAS requests to downstream AWS services when you integrate Security Hub with AWS Organizations and when you designate the delegated Security Hub administrator account for an organization in Organizations..
+For example, Security Hub makes FAS requests to downstream AWS services when you integrate Security Hub with AWS Organizations and when you designate the delegated Security Hub administrator account for an organization in Organizations.
@@ -184 +184 @@ For example, Security Hub makes FAS requests to downstream AWS services when you
-For other tasks, Security Hub uses a service-linked role to perform actions on your behalf. For details about this role, see [Service-linked roles for Security Hub](./using-service-linked-roles.html).
+For other tasks, Security Hub uses a service-linked role to perform actions on your behalf. For details about this role, see [Service-linked roles for AWS Security Hub](./using-service-linked-roles.html).
@@ -188 +188 @@ For other tasks, Security Hub uses a service-linked role to perform actions on y
-Security Hub doesn't assume or use service roles. To perform actions on your behalf, Security Hub uses a service-linked role. For details about this role, see [Service-linked roles for Security Hub](./using-service-linked-roles.html).
+Security Hub doesn't assume or use service roles. To perform actions on your behalf, Security Hub uses a service-linked role. For details about this role, see [Service-linked roles for AWS Security Hub](./using-service-linked-roles.html).
@@ -200 +200 @@ A service-linked role is a type of service role that is linked to an AWS service
-Security Hub uses a service-linked role to perform actions on your behalf. For details about this role, see [Service-linked roles for Security Hub](./using-service-linked-roles.html).
+Security Hub uses a service-linked role to perform actions on your behalf. For details about this role, see [Service-linked roles for AWS Security Hub](./using-service-linked-roles.html).