AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-12-10 · Documentation low

File: wellarchitected/latest/security-pillar/sec_protect_data_rest_key_mgmt.md

Summary

Changed 'Security Hub' to 'Security Hub CSPM' in key management monitoring recommendation

Security assessment

The update clarifies the specific service module but doesn't modify security practices for key policy validation, rotation, or deletion alerts. No security vulnerability is addressed.

Diff

diff --git a/wellarchitected/latest/security-pillar/sec_protect_data_rest_key_mgmt.md b/wellarchitected/latest/security-pillar/sec_protect_data_rest_key_mgmt.md
index b820d16f9..5147532fc 100644
--- a//wellarchitected/latest/security-pillar/sec_protect_data_rest_key_mgmt.md
+++ b//wellarchitected/latest/security-pillar/sec_protect_data_rest_key_mgmt.md
@@ -70 +70 @@ Most AWS services use AWS KMS in a way that is transparent to you \- your only r
-  6. Enable [Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html) to receive notifications if there are misconfigured key policies, keys scheduled for deletion, or keys without automated rotation enabled. 
+  6. Enable [Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html) to receive notifications if there are misconfigured key policies, keys scheduled for deletion, or keys without automated rotation enabled.