AWS controltower documentation change
Summary
Updated documentation links to include double slashes in URLs for proper formatting
Security assessment
The changes are purely URL formatting corrections (adding double slashes after domain). No security-related content was added or modified beyond link structure. References to security controls and CloudTrail monitoring were already present in previous documentation.
Diff
diff --git a/controltower/latest/userguide/2022-all.md b/controltower/latest/userguide/2022-all.md index 54cac2737..191badaaf 100644 --- a//controltower/latest/userguide/2022-all.md +++ b//controltower/latest/userguide/2022-all.md @@ -78 +78 @@ Over 130 new proactive controls assist you with meeting specific policy objectiv -The AWS Control Tower controls library classifies these controls according to the associated AWS services and resources. For more details, see [Proactive controls](https://docs.aws.amazon.com/controltower/latest/controlreference/proactive-controls.html). +The AWS Control Tower controls library classifies these controls according to the associated AWS services and resources. For more details, see [Proactive controls](https://docs.aws.amazon.com//controltower/latest/controlreference/proactive-controls.html). @@ -80 +80 @@ The AWS Control Tower controls library classifies these controls according to th -With this release, AWS Control Tower also is integrated with AWS Security Hub, by means of the new Security Hub **Service-Managed Standard: AWS Control Tower** , which supports the AWS Foundational Security Best Practices (FSBP) standard. You can view over 160 Security Hub controls alongside AWS Control Tower controls in the console, and you can obtain an Security Hub security score for your AWS Control Tower environment. For more information, see [Security Hub controls](https://docs.aws.amazon.com/controltower/latest/controlreference/security-hub-controls.html). +With this release, AWS Control Tower also is integrated with AWS Security Hub, by means of the new Security Hub **Service-Managed Standard: AWS Control Tower** , which supports the AWS Foundational Security Best Practices (FSBP) standard. You can view over 160 Security Hub controls alongside AWS Control Tower controls in the console, and you can obtain an Security Hub security score for your AWS Control Tower environment. For more information, see [Security Hub controls](https://docs.aws.amazon.com//controltower/latest/controlreference/security-hub-controls.html). @@ -115 +115 @@ These APIs allow you to enable, disable, and view the application status of cont -To view a list of control names for optional controls, see [Resource identifiers for APIs and controls](https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html), in the _AWS Control Tower User Guide_. +To view a list of control names for optional controls, see [Resource identifiers for APIs and controls](https://docs.aws.amazon.com//controltower/latest/userguide/control-identifiers.html), in the _AWS Control Tower User Guide_. @@ -204 +204 @@ The path that AWS Control Tower creates for your organization-level CloudTrail t -For more information about CloudTrail path naming, see [Finding your CloudTrail log files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html ). +For more information about CloudTrail path naming, see [Finding your CloudTrail log files](https://docs.aws.amazon.com//awscloudtrail/latest/userguide/cloudtrail-find-log-files.html ). @@ -228 +228 @@ As part of the change to organization-level AWS CloudTrail trails, AWS Control T -**Mandatory control:** [Detect whether shared accounts under the Security organizational unit have AWS CloudTrail or CloudTrail Lake enabled](https://docs.aws.amazon.com/controltower/latest/controlreference/mandatory-controls.html#ensure-cloudtrail-enabled-mandatory) +**Mandatory control:** [Detect whether shared accounts under the Security organizational unit have AWS CloudTrail or CloudTrail Lake enabled](https://docs.aws.amazon.com//controltower/latest/controlreference/mandatory-controls.html#ensure-cloudtrail-enabled-mandatory) @@ -230 +230 @@ As part of the change to organization-level AWS CloudTrail trails, AWS Control T -**Strongly recommended control:** [Detect whether an account has AWS CloudTrail or CloudTrail Lake enabled](https://docs.aws.amazon.com/controltower/latest/controlreference/strongly-recommended-controls.html#ensure-cloudtrail-enabled-recommended) +**Strongly recommended control:** [Detect whether an account has AWS CloudTrail or CloudTrail Lake enabled](https://docs.aws.amazon.com//controltower/latest/controlreference/strongly-recommended-controls.html#ensure-cloudtrail-enabled-recommended) @@ -232 +232 @@ As part of the change to organization-level AWS CloudTrail trails, AWS Control T -For more information about the new controls, see [The AWS Control Tower controls library](https://docs.aws.amazon.com/controltower/latest/controlreference/controls-reference.html). +For more information about the new controls, see [The AWS Control Tower controls library](https://docs.aws.amazon.com//controltower/latest/controlreference/controls-reference.html). @@ -317 +317 @@ You can experience these control concurrency improvements in all released versio -When you apply preventive controls to nested OUs, the preventive controls affect all accounts and OUs nested under the target OU, even if those accounts and OUs are not registered with AWS Control Tower. Preventive controls are implemented using Service Control Policies (SCPs), which are part of AWS Organizations. Detective controls are implemented using AWS Config rules. Guardrails remain in effect as you create new accounts or make changes to your existing accounts, and AWS Control Tower provides a summary report of how each account conforms to your enabled policies. For a full list of available controls, see [The AWS Control Tower controls library](https://docs.aws.amazon.com/controltower/latest/controlreference/controls-reference.html). +When you apply preventive controls to nested OUs, the preventive controls affect all accounts and OUs nested under the target OU, even if those accounts and OUs are not registered with AWS Control Tower. Preventive controls are implemented using Service Control Policies (SCPs), which are part of AWS Organizations. Detective controls are implemented using AWS Config rules. Guardrails remain in effect as you create new accounts or make changes to your existing accounts, and AWS Control Tower provides a summary report of how each account conforms to your enabled policies. For a full list of available controls, see [The AWS Control Tower controls library](https://docs.aws.amazon.com//controltower/latest/controlreference/controls-reference.html). @@ -337 +337 @@ Limitation: If you plan to bring existing AWS accounts into AWS Control Tower as -AWS Control Tower landing zone version 2.9 updates the notification forwarder Lambda to use the Python version 3.9 runtime. This update addresses the deprecation of Python version 3.6, which is planned for July of 2022. For the latest information, see [the Python deprecation page](https://docs.aws.amazon.com/lambda/latest/dg/runtime-support-policy.html). +AWS Control Tower landing zone version 2.9 updates the notification forwarder Lambda to use the Python version 3.9 runtime. This update addresses the deprecation of Python version 3.6, which is planned for July of 2022. For the latest information, see [the Python deprecation page](https://docs.aws.amazon.com//lambda/latest/dg/runtime-support-policy.html). @@ -345 +345 @@ AWS Control Tower landing zone version 2.9 updates the notification forwarder La -AWS Control Tower landing zone version 2.8 adds functionality that aligns with recent updates to the [AWS Foundational Security Best Practices](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html). +AWS Control Tower landing zone version 2.8 adds functionality that aligns with recent updates to the [AWS Foundational Security Best Practices](https://docs.aws.amazon.com//securityhub/latest/userguide/securityhub-standards-fsbp.html).