AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-07-01 · Documentation medium

File: securityhub/latest/userguide/pci-standard.md

Summary

Updated PCI DSS documentation to add IAM controls (IAM.3, IAM.5, IAM.6, IAM.7, IAM.8, IAM.9) and reorganize existing entries. Removed IAM.13 reference.

Security assessment

Added controls relate to security best practices (MFA enforcement, access key rotation, password policies). However, this appears to be documentation reorganization/expansion rather than addressing a specific disclosed vulnerability. The changes improve visibility of existing security controls but don't indicate a newly fixed issue.

Diff

diff --git a/securityhub/latest/userguide/pci-standard.md b/securityhub/latest/userguide/pci-standard.md
index f2b248877..10364037d 100644
--- a//securityhub/latest/userguide/pci-standard.md
+++ b//securityhub/latest/userguide/pci-standard.md
@@ -19 +19 @@ The following sections specify which controls apply to PCI DSS v3.2.1 and PCI DS
-The following list specifies which AWS Security Hub Cloud Security Posture Management (CSPM) controls apply to PCI DSS v3.2.1. To review the details of a control, choose the control.
+The following list specifies which Security Hub CSPM controls apply to PCI DSS v3.2.1. To review the details of a control, choose the control.
@@ -111 +111 @@ The following list specifies which AWS Security Hub Cloud Security Posture Manag
-The following list specifies which AWS Security Hub Cloud Security Posture Management (CSPM) controls apply to PCI DSS v4.0.1. To review the details of a control, choose the control.
+The following list specifies which Security Hub CSPM controls apply to PCI DSS v4.0.1. To review the details of a control, choose the control.
@@ -266,0 +267,12 @@ The following list specifies which AWS Security Hub Cloud Security Posture Manag
+[[IAM.3] IAM users' access keys should be rotated every 90 days or less](./iam-controls.html#iam-3)
+
+[[IAM.5] MFA should be enabled for all IAM users that have a console password](./iam-controls.html#iam-5)
+
+[[IAM.6] Hardware MFA should be enabled for the root user](./iam-controls.html#iam-6)
+
+[[IAM.7] Password policies for IAM users should have strong configurations](./iam-controls.html#iam-7)
+
+[[IAM.8] Unused IAM user credentials should be removed](./iam-controls.html#iam-8)
+
+[[IAM.9] MFA should be enabled for the root user](./iam-controls.html#iam-9)
+
@@ -271,2 +282,0 @@ The following list specifies which AWS Security Hub Cloud Security Posture Manag
-[[IAM.13] Ensure IAM password policy requires at least one symbol](./iam-controls.html#iam-13)
-
@@ -283,12 +292,0 @@ The following list specifies which AWS Security Hub Cloud Security Posture Manag
-[[IAM.3] IAM users' access keys should be rotated every 90 days or less](./iam-controls.html#iam-3)
-
-[[IAM.5] MFA should be enabled for all IAM users that have a console password](./iam-controls.html#iam-5)
-
-[[IAM.6] Hardware MFA should be enabled for the root user](./iam-controls.html#iam-6)
-
-[[IAM.7] Password policies for IAM users should have strong configurations](./iam-controls.html#iam-7)
-
-[[IAM.8] Unused IAM user credentials should be removed](./iam-controls.html#iam-8)
-
-[[IAM.9] MFA should be enabled for the root user](./iam-controls.html#iam-9)
-