AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-02-28 · Documentation low

File: cli/latest/reference/securityhub/batch-get-security-controls.md

Summary

Updated CLI version reference from 2.33.29 to 2.34.0, added --cli-error-format option documentation, and replaced 'Security Hub' with 'Security Hub CSPM' in multiple descriptions

Security assessment

Changes primarily update branding to CSPM (Cloud Security Posture Management) and add CLI error formatting options. No evidence of addressing vulnerabilities or security incidents. Updates to control descriptions maintain existing security context without introducing new security features.

Diff

diff --git a/cli/latest/reference/securityhub/batch-get-security-controls.md b/cli/latest/reference/securityhub/batch-get-security-controls.md
index 647063ae6..57ff52e9d 100644
--- a//cli/latest/reference/securityhub/batch-get-security-controls.md
+++ b//cli/latest/reference/securityhub/batch-get-security-controls.md
@@ -15 +15 @@
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »
@@ -88,0 +89 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
+    [--cli-error-format <value>]
@@ -141,0 +143 @@ The formatting style for command output.
+  * off
@@ -207,0 +210,13 @@ Disable automatically prompt for CLI input parameters.
+`--cli-error-format` (string)
+
+The formatting style for error output. By default, errors are displayed in enhanced format.
+
+  * legacy
+  * json
+  * yaml
+  * text
+  * table
+  * enhanced
+
+
+
@@ -274 +289 @@ SecurityControls -> (list)
->> A security control in Security Hub describes a security best practice related to a specific resource.
+>> A security control in Security Hub CSPM describes a security best practice related to a specific resource.
@@ -308 +323 @@ SecurityControls -> (list)
->>> The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn’t reference a specific standard.
+>>> The description of a security control across standards. This typically summarizes how Security Hub CSPM evaluates the control and the conditions under which it produces a failed finding. This parameter doesn’t reference a specific standard.
@@ -318 +333 @@ SecurityControls -> (list)
->>> A link to Security Hub documentation that explains how to remediate a failed finding for a security control.
+>>> A link to Security Hub CSPM documentation that explains how to remediate a failed finding for a security control.
@@ -328 +343 @@ SecurityControls -> (list)
->>> The severity of a security control. For more information about how Security Hub determines control severity, see [Assigning severity to control findings](https://docs.aws.amazon.com/securityhub/latest/userguide/controls-findings-create-update.html#control-findings-severity) in the _Security Hub User Guide_ .
+>>> The severity of a security control. For more information about how Security Hub CSPM determines control severity, see [Assigning severity to control findings](https://docs.aws.amazon.com/securityhub/latest/userguide/controls-findings-create-update.html#control-findings-severity) in the _Security Hub CSPM User Guide_ .
@@ -352 +367 @@ SecurityControls -> (list)
->>> Identifies whether customizable properties of a security control are reflected in Security Hub findings. A status of `READY` indicates that Security Hub uses the current control parameter values when running security checks of the control. A status of `UPDATING` indicates that all security checks might not use the current parameter values.
+>>> Identifies whether customizable properties of a security control are reflected in Security Hub CSPM findings. A status of `READY` indicates that Security Hub CSPM uses the current control parameter values when running security checks of the control. A status of `UPDATING` indicates that all security checks might not use the current parameter values.
@@ -379 +394 @@ SecurityControls -> (list)
->>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior.
+>>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub CSPM behavior.
@@ -381 +396 @@ SecurityControls -> (list)
->>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.
+>>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub CSPM default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub CSPM ignores user-provided input for the `Value` field.
@@ -524 +539 @@ UnprocessedIds -> (list)
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »