AWS Security ChangesHomeSearch

AWS security-ir medium security documentation change

Service: security-ir · 2025-08-16 · Security-related medium

File: security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md

Summary

Added compliance updates (HITRUST coverage), visibility/control updates, billing clarifications, and a new service role policy with additional actions and resource account condition

Security assessment

The added service role policy condition (aws:ResourceAccount matching principal account) enforces resource isolation, preventing cross-account access risks. The HITRUST compliance update also adds security framework documentation.

Diff

diff --git a/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md b/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
index 1bcec73d6..48ca31d5f 100644
--- a//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
+++ b//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
@@ -8,0 +9,12 @@ Change  |  Description  |  Date
+Compliance and Billing Lanugage Updates |  Updated [Removed statement that AWS Security Incident Response is not covered under any frameworks. AWS Security Incident Response is now covered under HITRUST with more to come in the future.](https://docs.aws.amazon.com/security-ir/latest/userguide/compliance-validation.html) Updated [Visiblity and Control](https://docs.aws.amazon.com/security-ir/latest/userguide/visibility-and-alerting.html) to add AWS Security Incident Response Updated [Cancel Membership](https://docs.aws.amazon.com/security-ir/latest/userguide/cancel-membership.html) to clarify service billing periods. Added a video to [Getting Started](https://docs.aws.amazon.com/security-ir/latest/userguide/getting-started.html) that provides additional context for typical tasks to begin using AWS Security Incident Response. | August 15, 2025  
+Updated – [AWSSecurityIncidentResponseServiceRolePolicy](./aws-managed-policies.html#AWSSecurityIncidentResponseServiceRolePolicy) |  The policy now includes two new actions for `"organizations:DescribeAccount"`, `"organizations:ListDelegatedAdministrators"` and a new condition:
+    
+    
+    "Condition": {
+          "StringEquals": {
+            "aws:ResourceAccount": "${aws:PrincipalAccount}"
+          }
+        }
+                
+
+| TBD