AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-07-01 · Documentation medium

File: securityhub/latest/userguide/iam-controls.md

Summary

Updated compliance requirement mappings for multiple IAM controls (NIST/PCI references added/removed)

Security assessment

Changes update compliance framework mappings but don't introduce new security features or address vulnerabilities. Improves documentation accuracy for security standards alignment.

Diff

diff --git a/securityhub/latest/userguide/iam-controls.md b/securityhub/latest/userguide/iam-controls.md
index c212ccf51..265b11d89 100644
--- a//securityhub/latest/userguide/iam-controls.md
+++ b//securityhub/latest/userguide/iam-controls.md
@@ -222 +222 @@ We are offering a free MFA security key to eligible customers. To determine whet
-**Related requirements:** NIST.800-53.r5 AC-2(1), NIST.800-53.r5 AC-2(3), NIST.800-53.r5 AC-3(15), NIST.800-53.r5 IA-5(1), NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.6, PCI DSS v4.0.1/8.3.7
+**Related requirements:** NIST.800-53.r5 AC-2(1), NIST.800-53.r5 AC-2(3), NIST.800-53.r5 AC-3(15), NIST.800-53.r5 IA-5(1), NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, PCI DSS v4.0.1/8.3.6, PCI DSS v4.0.1/8.3.7, PCI DSS v4.0.1/8.3.9, PCI DSS v4.0.1/8.3.10.1, PCI DSS v4.0.1/8.6.3
@@ -334 +334 @@ For information about enabling MFA for the root user of an AWS account, see [Mul
-**Related requirements:** NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v3.2.1/8.1.4, PCI DSS v3.2.1/8.2.3, PCI DSS v3.2.1/8.2.4, PCI DSS v3.2.1/8.2.5
+**Related requirements:** NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, PCI DSS v3.2.1/8.1.4, PCI DSS v3.2.1/8.2.3, PCI DSS v3.2.1/8.2.4, PCI DSS v3.2.1/8.2.5
@@ -377 +377 @@ To update your password policy to use the recommended configuration, see [Settin
-**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.5, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.6
+**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.5, NIST.800-171.r2 3.5.7, PCI DSS v4.0.1/8.3.6, PCI DSS v4.0.1/8.6.3
@@ -401 +401 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.6, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.6
+**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.6, NIST.800-171.r2 3.5.7, PCI DSS v4.0.1/8.3.6, PCI DSS v4.0.1/8.6.3
@@ -423 +423 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.7, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.6
+**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.7, NIST.800-171.r2 3.5.7
@@ -447 +447 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.8, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.6
+**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.8, NIST.800-171.r2 3.5.7, PCI DSS v4.0.1/8.3.6, PCI DSS v4.0.1/8.6.3
@@ -471 +471 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v3.0.0/1.8, CIS AWS Foundations Benchmark v1.4.0/1.8, CIS AWS Foundations Benchmark v1.2.0/1.9, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9
+**Related requirements:** CIS AWS Foundations Benchmark v3.0.0/1.8, CIS AWS Foundations Benchmark v1.4.0/1.8, CIS AWS Foundations Benchmark v1.2.0/1.9, NIST.800-171.r2 3.5.7
@@ -495 +495 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v3.0.0/1.9, CIS AWS Foundations Benchmark v1.4.0/1.9, CIS AWS Foundations Benchmark v1.2.0/1.10, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.7
+**Related requirements:** CIS AWS Foundations Benchmark v3.0.0/1.9, CIS AWS Foundations Benchmark v1.4.0/1.9, CIS AWS Foundations Benchmark v1.2.0/1.10, NIST.800-171.r2 3.5.8, PCI DSS v4.0.1/8.3.7
@@ -521 +521 @@ To change your password policy, see [Setting an account password policy for IAM
-**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.11, NIST.800-171.r2 3.5.2, NIST.800-171.r2 3.5.7, NIST.800-171.r2 3.5.8, NIST.800-171.r2 3.5.9, PCI DSS v4.0.1/8.3.9
+**Related requirements:** CIS AWS Foundations Benchmark v1.2.0/1.11, PCI DSS v4.0.1/8.3.9, PCI DSS v4.0.1/8.3.10.1