AWS Security ChangesHomeSearch

AWS config high security documentation change

Service: config · 2025-10-22 · Security-related high

File: config/latest/developerguide/root-account-mfa-enabled.md

Summary

Excluded 'AWS Secret - West' from root account MFA checks

Security assessment

Allows root accounts without MFA in excluded region, significantly increasing security risks

Diff

diff --git a/config/latest/developerguide/root-account-mfa-enabled.md b/config/latest/developerguide/root-account-mfa-enabled.md
index ae166a576..b4bf51d1c 100644
--- a//config/latest/developerguide/root-account-mfa-enabled.md
+++ b//config/latest/developerguide/root-account-mfa-enabled.md
@@ -29 +29 @@ To avoid unnecessary evaluations, you should only deploy periodic rules that rep
-**AWS Region:** All supported AWS regions except China (Beijing), Asia Pacific (Thailand), Middle East (UAE), Asia Pacific (Malaysia), AWS GovCloud (US-East), AWS GovCloud (US-West), Mexico (Central), Israel (Tel Aviv), Asia Pacific (Taipei), Canada West (Calgary), China (Ningxia) Region
+**AWS Region:** All supported AWS regions except China (Beijing), Asia Pacific (Thailand), Middle East (UAE), AWS Secret - West, Asia Pacific (Malaysia), AWS GovCloud (US-East), AWS GovCloud (US-West), Mexico (Central), Israel (Tel Aviv), Asia Pacific (Taipei), Canada West (Calgary), China (Ningxia) Region