AWS solutions documentation change
Summary
Updated remediation mechanism reference from EventBridge rule to Remediation Configuration DynamoDB table
Security assessment
The change documents an architectural shift in how automated remediation is enabled (EventBridge to DynamoDB), but doesn't address any security vulnerability or weakness. It's a procedural update without security implications.
Diff
diff --git a/solutions/latest/automated-security-response-on-aws/solution-overview.md b/solutions/latest/automated-security-response-on-aws/solution-overview.md index a6743daa3..bf86e2d63 100644 --- a//solutions/latest/automated-security-response-on-aws/solution-overview.md +++ b//solutions/latest/automated-security-response-on-aws/solution-overview.md @@ -28 +28 @@ You can select specific playbooks to deploy in your Security Hub primary account -Remediation is intended for emergent situations that require immediate action. This solution makes changes to remediate findings only when initiated by you via the AWS Security Hub Management console, or when automated remediation has been enabled using the Amazon EventBridge rule for a specific control. To revert these changes, you must manually put resources back in their original state. +Remediation is intended for emergent situations that require immediate action. This solution makes changes to remediate findings only when initiated by you via the AWS Security Hub Management console, or when automated remediation has been enabled using the Remediation Configuration DynamoDB table. To revert these changes, you must manually put resources back in their original state.