AWS config documentation change
Summary
Added 5 new managed rules to change-triggered rules section
Security assessment
Documents new security-focused rules (CloudFront key groups, ECS non-root/non-admin) as change-triggered configurations. Expands security feature documentation without addressing specific vulnerabilities.
Diff
diff --git a/config/latest/developerguide/managed-rules-by-trigger-type.md b/config/latest/developerguide/managed-rules-by-trigger-type.md index a2c3cc5b9..77c65564e 100644 --- a//config/latest/developerguide/managed-rules-by-trigger-type.md +++ b//config/latest/developerguide/managed-rules-by-trigger-type.md @@ -240,0 +241,2 @@ _Change-triggered rules_ are rules that AWS Config evaluates in response to conf + * [cloudformation-stack-service-role-check](./cloudformation-stack-service-role-check.html) + @@ -250,0 +253,2 @@ _Change-triggered rules_ are rules that AWS Config evaluates in response to conf + * [cloudfront-distribution-key-group-enabled](./cloudfront-distribution-key-group-enabled.html) + @@ -494,0 +499,2 @@ _Change-triggered rules_ are rules that AWS Config evaluates in response to conf + * [ecs-capacity-provider-termination-check](./ecs-capacity-provider-termination-check.html) + @@ -506,0 +513,2 @@ _Change-triggered rules_ are rules that AWS Config evaluates in response to conf + * [ecs-task-definition-linux-user-non-root](./ecs-task-definition-linux-user-non-root.html) + @@ -518,0 +527,2 @@ _Change-triggered rules_ are rules that AWS Config evaluates in response to conf + * [ecs-task-definition-windows-user-non-admin](./ecs-task-definition-windows-user-non-admin.html) +