AWS securityhub documentation change
Summary
Added reference entries for new security controls: CloudFormation.4, CloudFront.17, ECS.19, ECS.20, ECS.21 with MEDIUM severity
Security assessment
Expands security controls catalog without evidence of patching vulnerabilities. Documents new preventive security features for infrastructure management.
Diff
diff --git a/securityhub/latest/userguide/securityhub-controls-reference.md b/securityhub/latest/userguide/securityhub-controls-reference.md index 1a16f3477..d7dc1e124 100644 --- a//securityhub/latest/userguide/securityhub-controls-reference.md +++ b//securityhub/latest/userguide/securityhub-controls-reference.md @@ -80,0 +81 @@ Security control ID | Security control title | Applicable standards | Severity | +[CloudFormation.4](./cloudformation-controls.html#cloudformation-4) | CloudFormation stacks should have associated service roles | AWS Foundational Security Best Practices | MEDIUM | No | Change triggered @@ -94,0 +96 @@ Security control ID | Security control title | Applicable standards | Severity | +[CloudFront.17](./cloudfront-controls.html#cloudfront-17) | CloudFront distributions should use trusted key groups for signed URLs and cookies | AWS Foundational Security Best Practices v1.0.0 | MEDIUM | No | Change triggered @@ -251,0 +254,3 @@ Security control ID | Security control title | Applicable standards | Severity | +[ECS.19](./ecs-controls.html#ecs-19) | ECS capacity providers should have managed termination protection enabled | AWS Foundational Security Best Practices | MEDIUM | No | Change triggered +[ECS.20](./ecs-controls.html#ecs-20) | ECS Task Definitions should configure non-root users in Linux container definitions | AWS Foundational Security Best Practices | MEDIUM | No | Change triggered +[ECS.21](./ecs-controls.html#ecs-21) | ECS Task Definitions should configure non-administrator users in Windows container definitions | AWS Foundational Security Best Practices | MEDIUM | No | Change triggered