AWS wellarchitected documentation change
Summary
Updated reference to AWS Security Hub Security Standards to specify 'CSPM Security Standards'
Security assessment
The change specifies CSPM as part of the security standards but does not indicate a security vulnerability fix. It improves clarity about security posture management features.
Diff
diff --git a/wellarchitected/2023-04-10/framework/sec_identities_audit.md b/wellarchitected/2023-04-10/framework/sec_identities_audit.md index 08540a938..ea32be18e 100644 --- a//wellarchitected/2023-04-10/framework/sec_identities_audit.md +++ b//wellarchitected/2023-04-10/framework/sec_identities_audit.md @@ -32 +32 @@ Periodic validation, preferably through an automated tool, is necessary to verif -We also recommend that you enforce and monitor MFA in your identity provider. You can set up [AWS Config Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html), or use [AWS Security Hub Security Standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-iam-3), to monitor if users have configured MFA. Consider using IAM Roles Anywhere to provide temporary credentials for machine identities. In situations when using IAM roles and temporary credentials is not possible, frequent auditing and rotating access keys is necessary. +We also recommend that you enforce and monitor MFA in your identity provider. You can set up [AWS Config Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html), or use [AWS Security Hub CSPM Security Standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-iam-3), to monitor if users have configured MFA. Consider using IAM Roles Anywhere to provide temporary credentials for machine identities. In situations when using IAM roles and temporary credentials is not possible, frequent auditing and rotating access keys is necessary.