AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-07-01 · Documentation low

File: securityhub/latest/userguide/standards-reference-nist-800-171.md

Summary

Removed IAM.17 control from NIST SP 800-171 Rev. 2 supported controls list

Security assessment

Removal of password expiration control from NIST standard mapping indicates compliance scope change, not a security vulnerability fix. No evidence this addresses a security weakness.

Diff

diff --git a/securityhub/latest/userguide/standards-reference-nist-800-171.md b/securityhub/latest/userguide/standards-reference-nist-800-171.md
index 3ae58c399..bec0f49c0 100644
--- a//securityhub/latest/userguide/standards-reference-nist-800-171.md
+++ b//securityhub/latest/userguide/standards-reference-nist-800-171.md
@@ -153,2 +152,0 @@ The following list specifies the controls that support NIST SP 800-171 Revision
-  * [[IAM.17] Ensure IAM password policy expires passwords within 90 days or less](./iam-controls.html#iam-17)
-