AWS Security ChangesHomeSearch

AWS security-ir documentation change

Service: security-ir · 2025-11-22 · Documentation low

File: security-ir/latest/userguide/deploy-configure.md

Summary

Removed 'Enable proactive response' step and associated note about service-linked roles for CIRT access.

Security assessment

Removal of documentation about service-linked roles could impact user awareness of permissions, but no evidence of addressing a specific security vulnerability.

Diff

diff --git a/security-ir/latest/userguide/deploy-configure.md b/security-ir/latest/userguide/deploy-configure.md
index cc5e90d35..936927e5e 100644
--- a//security-ir/latest/userguide/deploy-configure.md
+++ b//security-ir/latest/userguide/deploy-configure.md
@@ -27 +26,0 @@
-  6. Enable proactive response
@@ -31,7 +29,0 @@
-
-###### Note
-
-Enabling proactive response creates a service-linked role allowing our CIRT to ingest GuardDuty findings and create proactive investigation cases.
-
-![AWS services send events to the EventBridge default event bus. If the event matches a rule's event pattern, EventBridge sends the event to the targets specified for that rule.](/images/security-ir/latest/userguide/images/Permissions_for_Proactive_Response.png)
-