AWS cli documentation change
Summary
Added numerous AWS resource types to supported configurations and updated CLI version references
Security assessment
The change adds documentation for security-related services like AWS::GuardDuty::MalwareProtectionPlan, AWS::OpenSearchServerless::SecurityConfig, and AWS::Connect::SecurityProfile. While these additions document security features, there's no evidence they address specific vulnerabilities.
Diff
diff --git a/cli/latest/reference/configservice/associate-resource-types.md b/cli/latest/reference/configservice/associate-resource-types.md index df824408d..5bdf0683c 100644 --- a//cli/latest/reference/configservice/associate-resource-types.md +++ b//cli/latest/reference/configservice/associate-resource-types.md @@ -15 +15 @@ - * [AWS CLI 2.32.21 Command Reference](../../index.html) » + * [AWS CLI 2.32.23 Command Reference](../../index.html) » @@ -555,0 +556,91 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/config +>> * `AWS::CloudFormation::StackSet` +>> * `AWS::MediaPackageV2::Channel` +>> * `AWS::S3::AccessGrantsLocation` +>> * `AWS::S3::AccessGrant` +>> * `AWS::S3::AccessGrantsInstance` +>> * `AWS::EMRServerless::Application` +>> * `AWS::Config::AggregationAuthorization` +>> * `AWS::Bedrock::ApplicationInferenceProfile` +>> * `AWS::ApiGatewayV2::Integration` +>> * `AWS::SageMaker::MlflowTrackingServer` +>> * `AWS::SageMaker::ModelBiasJobDefinition` +>> * `AWS::SecretsManager::RotationSchedule` +>> * `AWS::Deadline::QueueFleetAssociation` +>> * `AWS::ECR::RepositoryCreationTemplate` +>> * `AWS::CloudFormation::LambdaHook` +>> * `AWS::EC2::SubnetNetworkAclAssociation` +>> * `AWS::ApiGateway::UsagePlan` +>> * `AWS::AppConfig::Extension` +>> * `AWS::Deadline::Fleet` +>> * `AWS::EMR::Studio` +>> * `AWS::S3Tables::TableBucket` +>> * `AWS::CloudFront::RealtimeLogConfig` +>> * `AWS::BackupGateway::Hypervisor` +>> * `AWS::BCMDataExports::Export` +>> * `AWS::CloudFormation::GuardHook` +>> * `AWS::CloudFront::PublicKey` +>> * `AWS::CloudTrail::EventDataStore` +>> * `AWS::EntityResolution::IdMappingWorkflow` +>> * `AWS::EntityResolution::SchemaMapping` +>> * `AWS::IoT::DomainConfiguration` +>> * `AWS::PCAConnectorAD::DirectoryRegistration` +>> * `AWS::RDS::Integration` +>> * `AWS::Config::ConformancePack` +>> * `AWS::RolesAnywhere::Profile` +>> * `AWS::CodeArtifact::Domain` +>> * `AWS::Backup::RestoreTestingPlan` +>> * `AWS::Config::StoredQuery` +>> * `AWS::SageMaker::DataQualityJobDefinition` +>> * `AWS::SageMaker::ModelExplainabilityJobDefinition` +>> * `AWS::SageMaker::ModelQualityJobDefinition` +>> * `AWS::SageMaker::StudioLifecycleConfig` +>> * `AWS::SES::DedicatedIpPool` +>> * `AWS::SES::MailManagerTrafficPolicy` +>> * `AWS::SSM::ResourceDataSync` +>> * `AWS::BedrockAgentCore::Runtime` +>> * `AWS::BedrockAgentCore::BrowserCustom` +>> * `AWS::ElasticLoadBalancingV2::TargetGroup` +>> * `AWS::EMRContainers::VirtualCluster` +>> * `AWS::EntityResolution::MatchingWorkflow` +>> * `AWS::IoTCoreDeviceAdvisor::SuiteDefinition` +>> * `AWS::EC2::SecurityGroupVpcAssociation` +>> * `AWS::EC2::VerifiedAccessInstance` +>> * `AWS::KafkaConnect::CustomPlugin` +>> * `AWS::NetworkManager::TransitGatewayPeering` +>> * `AWS::OpenSearchServerless::SecurityConfig` +>> * `AWS::Redshift::Integration` +>> * `AWS::RolesAnywhere::TrustAnchor` +>> * `AWS::Route53Profiles::ProfileAssociation` +>> * `AWS::SSMIncidents::ResponsePlan` +>> * `AWS::Transfer::Server` +>> * `AWS::Glue::Database` +>> * `AWS::Organizations::OrganizationalUnit` +>> * `AWS::EC2::IPAMPoolCidr` +>> * `AWS::EC2::VPCGatewayAttachment` +>> * `AWS::Bedrock::Prompt` +>> * `AWS::Comprehend::Flywheel` +>> * `AWS::DataSync::Agent` +>> * `AWS::MediaTailor::LiveSource` +>> * `AWS::MSK::ServerlessCluster` +>> * `AWS::IoTSiteWise::Asset` +>> * `AWS::B2BI::Capability` +>> * `AWS::CloudFront::KeyValueStore` +>> * `AWS::Deadline::Monitor` +>> * `AWS::GuardDuty::MalwareProtectionPlan` +>> * `AWS::Location::APIKey` +>> * `AWS::MediaPackageV2::OriginEndpoint` +>> * `AWS::PCAConnectorAD::Connector` +>> * `AWS::S3Tables::TableBucketPolicy` +>> * `AWS::SecretsManager::ResourcePolicy` +>> * `AWS::SSMContacts::Contact` +>> * `AWS::IoT::ThingGroup` +>> * `AWS::ImageBuilder::LifecyclePolicy` +>> * `AWS::GameLift::Build` +>> * `AWS::ECR::ReplicationConfiguration` +>> * `AWS::EC2::SubnetCidrBlock` +>> * `AWS::Connect::SecurityProfile` +>> * `AWS::CleanRoomsML::TrainingDataset` +>> * `AWS::AppStream::AppBlockBuilder` +>> * `AWS::Route53::DNSSEC` +>> * `AWS::SageMaker::UserProfile` +>> * `AWS::ApiGateway::Method` @@ -720 +811 @@ ConfigurationRecorder -> (structure) ->> If you use an Amazon Web Services service that uses Config, such as Security Hub or Control Tower, and an IAM role has already been created, make sure that the IAM role that you use when setting up Config keeps the same minimum permissions as the pre-existing IAM role. You must do this to ensure that the other Amazon Web Services service continues to run as expected. +>> If you use an Amazon Web Services service that uses Config, such as Security Hub CSPM or Control Tower, and an IAM role has already been created, make sure that the IAM role that you use when setting up Config keeps the same minimum permissions as the pre-existing IAM role. You must do this to ensure that the other Amazon Web Services service continues to run as expected. @@ -1264,0 +1356,91 @@ ConfigurationRecorder -> (structure) +>>>> * `AWS::CloudFormation::StackSet` +>>>> * `AWS::MediaPackageV2::Channel` +>>>> * `AWS::S3::AccessGrantsLocation` +>>>> * `AWS::S3::AccessGrant` +>>>> * `AWS::S3::AccessGrantsInstance` +>>>> * `AWS::EMRServerless::Application` +>>>> * `AWS::Config::AggregationAuthorization` +>>>> * `AWS::Bedrock::ApplicationInferenceProfile` +>>>> * `AWS::ApiGatewayV2::Integration` +>>>> * `AWS::SageMaker::MlflowTrackingServer` +>>>> * `AWS::SageMaker::ModelBiasJobDefinition` +>>>> * `AWS::SecretsManager::RotationSchedule` +>>>> * `AWS::Deadline::QueueFleetAssociation` +>>>> * `AWS::ECR::RepositoryCreationTemplate` +>>>> * `AWS::CloudFormation::LambdaHook` +>>>> * `AWS::EC2::SubnetNetworkAclAssociation` +>>>> * `AWS::ApiGateway::UsagePlan` +>>>> * `AWS::AppConfig::Extension` +>>>> * `AWS::Deadline::Fleet` +>>>> * `AWS::EMR::Studio` +>>>> * `AWS::S3Tables::TableBucket` +>>>> * `AWS::CloudFront::RealtimeLogConfig` +>>>> * `AWS::BackupGateway::Hypervisor` +>>>> * `AWS::BCMDataExports::Export` +>>>> * `AWS::CloudFormation::GuardHook` +>>>> * `AWS::CloudFront::PublicKey` +>>>> * `AWS::CloudTrail::EventDataStore` +>>>> * `AWS::EntityResolution::IdMappingWorkflow` +>>>> * `AWS::EntityResolution::SchemaMapping` +>>>> * `AWS::IoT::DomainConfiguration` +>>>> * `AWS::PCAConnectorAD::DirectoryRegistration` +>>>> * `AWS::RDS::Integration` +>>>> * `AWS::Config::ConformancePack` +>>>> * `AWS::RolesAnywhere::Profile` +>>>> * `AWS::CodeArtifact::Domain` +>>>> * `AWS::Backup::RestoreTestingPlan` +>>>> * `AWS::Config::StoredQuery` +>>>> * `AWS::SageMaker::DataQualityJobDefinition` +>>>> * `AWS::SageMaker::ModelExplainabilityJobDefinition` +>>>> * `AWS::SageMaker::ModelQualityJobDefinition` +>>>> * `AWS::SageMaker::StudioLifecycleConfig` +>>>> * `AWS::SES::DedicatedIpPool` +>>>> * `AWS::SES::MailManagerTrafficPolicy` +>>>> * `AWS::SSM::ResourceDataSync` +>>>> * `AWS::BedrockAgentCore::Runtime` +>>>> * `AWS::BedrockAgentCore::BrowserCustom` +>>>> * `AWS::ElasticLoadBalancingV2::TargetGroup` +>>>> * `AWS::EMRContainers::VirtualCluster` +>>>> * `AWS::EntityResolution::MatchingWorkflow` +>>>> * `AWS::IoTCoreDeviceAdvisor::SuiteDefinition` +>>>> * `AWS::EC2::SecurityGroupVpcAssociation` +>>>> * `AWS::EC2::VerifiedAccessInstance` +>>>> * `AWS::KafkaConnect::CustomPlugin` +>>>> * `AWS::NetworkManager::TransitGatewayPeering` +>>>> * `AWS::OpenSearchServerless::SecurityConfig` +>>>> * `AWS::Redshift::Integration` +>>>> * `AWS::RolesAnywhere::TrustAnchor` +>>>> * `AWS::Route53Profiles::ProfileAssociation` +>>>> * `AWS::SSMIncidents::ResponsePlan` +>>>> * `AWS::Transfer::Server` +>>>> * `AWS::Glue::Database` +>>>> * `AWS::Organizations::OrganizationalUnit` +>>>> * `AWS::EC2::IPAMPoolCidr` +>>>> * `AWS::EC2::VPCGatewayAttachment` +>>>> * `AWS::Bedrock::Prompt` +>>>> * `AWS::Comprehend::Flywheel` +>>>> * `AWS::DataSync::Agent` +>>>> * `AWS::MediaTailor::LiveSource` +>>>> * `AWS::MSK::ServerlessCluster` +>>>> * `AWS::IoTSiteWise::Asset` +>>>> * `AWS::B2BI::Capability` +>>>> * `AWS::CloudFront::KeyValueStore` +>>>> * `AWS::Deadline::Monitor` +>>>> * `AWS::GuardDuty::MalwareProtectionPlan` +>>>> * `AWS::Location::APIKey` +>>>> * `AWS::MediaPackageV2::OriginEndpoint` +>>>> * `AWS::PCAConnectorAD::Connector` +>>>> * `AWS::S3Tables::TableBucketPolicy` +>>>> * `AWS::SecretsManager::ResourcePolicy` +>>>> * `AWS::SSMContacts::Contact` +>>>> * `AWS::IoT::ThingGroup` +>>>> * `AWS::ImageBuilder::LifecyclePolicy` +>>>> * `AWS::GameLift::Build` +>>>> * `AWS::ECR::ReplicationConfiguration` +>>>> * `AWS::EC2::SubnetCidrBlock` +>>>> * `AWS::Connect::SecurityProfile` +>>>> * `AWS::CleanRoomsML::TrainingDataset` +>>>> * `AWS::AppStream::AppBlockBuilder` +>>>> * `AWS::Route53::DNSSEC` +>>>> * `AWS::SageMaker::UserProfile` +>>>> * `AWS::ApiGateway::Method` @@ -1727,0 +1910,91 @@ ConfigurationRecorder -> (structure) +>>>>> * `AWS::CloudFormation::StackSet` +>>>>> * `AWS::MediaPackageV2::Channel` +>>>>> * `AWS::S3::AccessGrantsLocation` +>>>>> * `AWS::S3::AccessGrant` +>>>>> * `AWS::S3::AccessGrantsInstance`