AWS Security ChangesHomeSearch

AWS lambda documentation change

Service: lambda · 2025-12-10 · Documentation low

File: lambda/latest/dg/governance-observability.md

Summary

Updated references from 'Security Hub' to 'Security Hub CSPM' in section headers, image captions, and text body to reflect CSPM (Cloud Security Posture Management) branding

Security assessment

The change adds specificity about Security Hub's CSPM capabilities but does not address a specific security vulnerability. It enhances documentation clarity about existing security posture management features.

Diff

diff --git a/lambda/latest/dg/governance-observability.md b/lambda/latest/dg/governance-observability.md
index 90093bd95..4565f159b 100644
--- a//lambda/latest/dg/governance-observability.md
+++ b//lambda/latest/dg/governance-observability.md
@@ -73 +73 @@ For more information on actions that you can take, see the Addressing the observ
-## Visibility into Lambda function boundaries using Security Hub
+## Visibility into Lambda function boundaries using Security Hub CSPM
@@ -75 +75 @@ For more information on actions that you can take, see the Addressing the observ
-![Diagram of example AWS Security Hub inputs for Lambda, such as resource policy, runtime, and code](/images/lambda/latest/dg/images/governance-observability-4.png)
+![Diagram of example AWS Security Hub CSPM inputs for Lambda, such as resource policy, runtime, and code](/images/lambda/latest/dg/images/governance-observability-4.png)
@@ -77 +77 @@ For more information on actions that you can take, see the Addressing the observ
-To ensure that AWS services including Lambda are used securely, AWS introduced the Foundational Security Best Practices v1.0.0. This set of best practices provides clear guidelines for securing resources and data in the AWS environment, emphasizing the importance of maintaining a strong security posture. The AWS Security Hub complements this by offering a unified security and compliance center. It aggregates, organizes, and prioritizes security findings from multiple AWS services like Amazon Inspector, AWS Identity and Access Management Access Analyzer, and Amazon GuardDuty.
+To ensure that AWS services including Lambda are used securely, AWS introduced the Foundational Security Best Practices v1.0.0. This set of best practices provides clear guidelines for securing resources and data in the AWS environment, emphasizing the importance of maintaining a strong security posture. The AWS Security Hub CSPM complements this by offering a unified security and compliance center. It aggregates, organizes, and prioritizes security findings from multiple AWS services like Amazon Inspector, AWS Identity and Access Management Access Analyzer, and Amazon GuardDuty.
@@ -79 +79 @@ To ensure that AWS services including Lambda are used securely, AWS introduced t
-If you have Security Hub, Amazon Inspector, IAM Access Analyzer, and GuardDuty enabled within your AWS organization, Security Hub automatically aggregates findings from these services. For instance, let's consider Amazon Inspector. Using Security Hub, you can efficiently identify code and package vulnerabilities in Lambda functions. In the Security Hub console, navigate to the bottom section labeled **Latest findings from AWS integrations**. Here, you can view and analyze findings sourced from various integrated AWS services.
+If you have Security Hub CSPM, Amazon Inspector, IAM Access Analyzer, and GuardDuty enabled within your AWS organization, Security Hub CSPM automatically aggregates findings from these services. For instance, let's consider Amazon Inspector. Using Security Hub CSPM, you can efficiently identify code and package vulnerabilities in Lambda functions. In the Security Hub CSPM console, navigate to the bottom section labeled **Latest findings from AWS integrations**. Here, you can view and analyze findings sourced from various integrated AWS services.
@@ -81 +81 @@ If you have Security Hub, Amazon Inspector, IAM Access Analyzer, and GuardDuty e
-![Security Hub console "Latest findings from AWS integrations" section](/images/lambda/latest/dg/images/governance-observability-5.png)
+![Security Hub CSPM console "Latest findings from AWS integrations" section](/images/lambda/latest/dg/images/governance-observability-5.png)
@@ -120 +120 @@ While tags can provide immediate context, maintaining a centralized CMDB can pro
-As the landscape of serverless infrastructure continually evolves, it's essential to adopt a proactive stance towards monitoring. With tools like AWS Config, Security Hub, and Amazon Inspector, potential anomalies or non-compliant configurations can be swiftly identified. However, tools alone cannot ensure total compliance or optimal configurations. It's crucial to pair these tools with well-documented processes and best practices.
+As the landscape of serverless infrastructure continually evolves, it's essential to adopt a proactive stance towards monitoring. With tools like AWS Config, Security Hub CSPM, and Amazon Inspector, potential anomalies or non-compliant configurations can be swiftly identified. However, tools alone cannot ensure total compliance or optimal configurations. It's crucial to pair these tools with well-documented processes and best practices.