AWS Security ChangesHomeSearch

AWS config documentation change

Service: config · 2025-09-10 · Documentation low

File: config/latest/developerguide/operational-best-practices-for-acsc-ism.md

Summary

Updated title to 'Part 1', added Part 2 template reference, and made minor terminology corrections (e.g., expanding 'ELB' to 'Elastic Load Balancing (ELB)')

Security assessment

Changes emphasize security best practices (ELB logging, RDS auto-upgrades, encryption) but do not address specific vulnerabilities. Updates maintain existing security guidance documentation.

Diff

diff --git a/config/latest/developerguide/operational-best-practices-for-acsc-ism.md b/config/latest/developerguide/operational-best-practices-for-acsc-ism.md
index b232f54e1..8430f0e39 100644
--- a//config/latest/developerguide/operational-best-practices-for-acsc-ism.md
+++ b//config/latest/developerguide/operational-best-practices-for-acsc-ism.md
@@ -7 +7 @@ Template
-#  Operational Best Practices for ACSC ISM 
+#  Operational Best Practices for ACSC ISM - Part 1
@@ -20 +20 @@ Control ID  | AWS Config Rule  | Guidance
-261 | [elb-logging-enabled](https://docs.aws.amazon.com/config/latest/developerguide/elb-logging-enabled.html) | Elastic Load Balancing activity is a central point of communication within an environment. Ensure ELB logging is enabled. The collected data provides detailed information about requests sent to the ELB. Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses.  
+261 | [elb-logging-enabled](https://docs.aws.amazon.com/config/latest/developerguide/elb-logging-enabled.html) | Elastic Load Balancing (ELB) activity is a central point of communication within an environment. Ensure ELB logging is enabled. The collected data provides detailed information about requests sent to the ELB. Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses.  
@@ -25 +25 @@ Control ID  | AWS Config Rule  | Guidance
-298 | [rds-automatic-minor-version-upgrade-enabled](https://docs.aws.amazon.com/config/latest/developerguide/rds-automatic-minor-version-upgrade-enabled.html) | Enable automatic minor version upgrades on your Amazon Relational Database Service (RDS) instances to ensure the latest minor version updates to the Relational Database Management System (RDBMS) are installed, which may include security patches and bug fixes.  
+298 | [rds-automatic-minor-version-upgrade-enabled](https://docs.aws.amazon.com/config/latest/developerguide/rds-automatic-minor-version-upgrade-enabled.html) | Enable automatic minor version upgrades on your Amazon Relational Database Service (Amazon RDS) instances to ensure the latest minor version updates to the Relational Database Management System (RDBMS) are installed, which may include security patches and bug fixes.  
@@ -30,2 +30,2 @@ Control ID  | AWS Config Rule  | Guidance
-459 | [efs-encrypted-check](https://docs.aws.amazon.com/config/latest/developerguide/efs-encrypted-check.html) | Because sensitive data can exist and to help protect data at rest, ensure encryption is enabled for your Amazon Elastic File System (EFS).  
-459 | [encrypted-volumes](https://docs.aws.amazon.com/config/latest/developerguide/encrypted-volumes.html) | Because sensitive data can exist and to help protect data at rest, ensure encryption is enabled for your Amazon Elastic Block Store (Amazon EBS) volumes.  
+459 | [efs-encrypted-check](https://docs.aws.amazon.com/config/latest/developerguide/efs-encrypted-check.html) | Because sensitive data can exist and to help protect data at rest, ensure encryption is enabled for your Amazon Elastic File System (Amazon EFS).  
+459 | [encrypted-volumes](https://docs.aws.amazon.com/config/latest/developerguide/encrypted-volumes.html) | Because sensitive data can exist and to help protect data at rest, ensure encryption is enabled for your Amazon Elastic Block Store (Amazon EBS volumes.  
@@ -296 +296,8 @@ P11 | [iam-user-group-membership-check](https://docs.aws.amazon.com/config/lates
-The template is available on GitHub: [Operational Best Practices for ACSC ISM](https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-ACSC-ISM.yaml).
+These templates are available on GitHub:
+
+  * [Operational Best Practices for ACSC ISM - Part 1](https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-ACSC-ISM.yaml)
+
+  * [Operational Best Practices for ACSC ISM - Part 2](https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-ACSC-ISM-Part2.yaml)
+
+
+
@@ -306 +313 @@ Operational Best Practices for ACSC Essential 8
-Operational Best Practices for AI and ML
+Operational Best Practices for ACSC ISM - Part 2