AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-11-16 · Documentation medium

File: solutions/latest/automated-security-response-on-aws/architecture-details.md

Summary

Expanded architecture details with added security components (WAF, Cognito), clarified Lambda/SQS roles, and new Web UI infrastructure documentation

Security assessment

Adds documentation for security features including AWS WAF protection, Cognito authentication, and secure storage of security findings. While these are security enhancements, there's no indication of addressing a specific vulnerability.

Diff

diff --git a/solutions/latest/automated-security-response-on-aws/architecture-details.md b/solutions/latest/automated-security-response-on-aws/architecture-details.md
index 53c7e4b98..51b5d4c9f 100644
--- a//solutions/latest/automated-security-response-on-aws/architecture-details.md
+++ b//solutions/latest/automated-security-response-on-aws/architecture-details.md
@@ -17 +17 @@ AWS service | Description
-[Amazon EventBridge](https://aws.amazon.com/eventbridge/) |  **Core**. Deploys events that will initiate the orchestator step function when a finding is being remediated.  
+[Amazon EventBridge](https://aws.amazon.com/eventbridge/) |  **Core**. EventBridge rules are used to listen and trigger on events emitted by AWS Security Hub and AWS Security Hub CSPM.  
@@ -19 +19 @@ AWS service | Description
-[AWS Lambda](https://aws.amazon.com/lambda/) |  **Core.** Deploys multiple lambda functions that will be used by the step function orchestator to remediate issues.  
+[AWS Lambda](https://aws.amazon.com/lambda/) |  **Core.** Deploys multiple lambda functions that will be used by the step function orchestator to remediate issues. Serves as the backend for the solution’s Web UI integrated with API Gateway.  
@@ -22 +22,2 @@ AWS service | Description
-[AWS Systems Manager](https://aws.amazon.com/systems-manager/) |  **Core**. Deploys System Manager Documents (link to doc) that contain the remediation logic that will be ran.  
+[AWS Systems Manager](https://aws.amazon.com/systems-manager/) |  **Core**. Deploys System Manager Automation Documents that contain the remediation logic to be executed by the solution. Uses Parameter Store to maintain solution metadata and configuration settings.  
+[AWS DynamoDB](https://aws.amazon.com/dynamodb/) |  **Core**. Stores the last run remediation in each account and Region to optimize scheduling of remediations. Stores findings generated by AWS Security Hub & AWS Security Hub CSPM. Stores remediation and solution configuration metadata. Stores data for users accessing the solution’s Web UI.  
@@ -25 +25,0 @@ AWS service | Description
-[AWS DynamoDB](https://aws.amazon.com/dynamodb/) |  **Supporting**. Stores the last run remediation in each account and Region to optimize scheduling of remediations.  
@@ -27 +27 @@ AWS service | Description
-[AWS SQS](https://aws.amazon.com/sqs/) |  **Supporting**. Assists with scheduling remediations so that the solution can run remediations in parallel.  
+[AWS SQS](https://aws.amazon.com/sqs/) |  **Supporting**. Assists with scheduling remediations so that the solution can run remediations in parallel. Buffers Lambda executions using Lambda EventSource Mappings.  
@@ -29,0 +30,5 @@ AWS service | Description
+[Amazon S3](https://aws.amazon.com/s3) |  **Supporting**. Stores exported remediation history and log data. Hosts the solution’s Web UI as a Single-page Application (SPA).  
+[Amazon CloudFront](https://aws.amazon.com/cloudfront) |  **Supporting**. Delivers the solution’s Web UI  
+[Amazon API Gateway](https://aws.amazon.com/apigateway) |  **Supporting**. Creates the solution’s REST API to support the user interface.  
+[AWS WAF](https://aws.amazon.com/waf) |  **Supporting**. Protects the solution’s Web UI.  
+[Amazon Cognito](https://aws.amazon.com/cognito) |  **Supporting**. Used to authenticate and authorize access to the solution’s Web UI.