AWS Security ChangesHomeSearch

AWS systems-manager documentation change

Service: systems-manager · 2025-12-10 · Documentation low

File: systems-manager/latest/userguide/cross-service-confused-deputy-prevention.md

Summary

Changed encryption policy references from 'AWS Security Hub' to 'AWS Security Hub CSPM'

Security assessment

Adjusts policy examples for a specific security service but doesn't address vulnerabilities. Enhances documentation of encryption controls without indicating security fixes.

Diff

diff --git a/systems-manager/latest/userguide/cross-service-confused-deputy-prevention.md b/systems-manager/latest/userguide/cross-service-confused-deputy-prevention.md
index 76c1ccde8..4fd6df829 100644
--- a//systems-manager/latest/userguide/cross-service-confused-deputy-prevention.md
+++ b//systems-manager/latest/userguide/cross-service-confused-deputy-prevention.md
@@ -93 +93 @@ JSON
-The ARN in the policy example enables the system to encrypt OpsData from all sources except AWS Security Hub. If you need to encrypt Security Hub data, for example if you use Explorer to collect Security Hub data, then you must attach an additional policy that specifies the following ARN:
+The ARN in the policy example enables the system to encrypt OpsData from all sources except AWS Security Hub CSPM. If you need to encrypt Security Hub CSPM data, for example if you use Explorer to collect Security Hub CSPM data, then you must attach an additional policy that specifies the following ARN: