AWS cli documentation change
Summary
Updated documentation to reflect Security Hub CSPM branding, added '--cli-error-format' parameter, adjusted policy behavior descriptions to specify CSPM scope, updated user guide references to CSPM, and added error format options.
Security assessment
The changes primarily add CSPM (Cloud Security Posture Management) branding and clarify configuration behaviors for Security Hub CSPM. While this relates to security features (CSPM being a security tool), there is no evidence of addressing a specific vulnerability or incident. The updates enhance documentation about existing security controls but do not indicate remediation of a security issue.
Diff
diff --git a/cli/latest/reference/securityhub/create-configuration-policy.md b/cli/latest/reference/securityhub/create-configuration-policy.md index c836576ed..d237f20cc 100644 --- a//cli/latest/reference/securityhub/create-configuration-policy.md +++ b//cli/latest/reference/securityhub/create-configuration-policy.md @@ -15 +15 @@ - * [AWS CLI 2.33.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.0 Command Reference](../../index.html) » @@ -60 +60 @@ First time using the AWS CLI? See the [User Guide](https://docs.aws.amazon.com/c -Creates a configuration policy with the defined configuration. Only the Security Hub delegated administrator can invoke this operation from the home Region. +Creates a configuration policy with the defined configuration. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region. @@ -91,0 +92 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi + [--cli-error-format <value>] @@ -118 +119 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi -> An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls). +> An object that defines how Security Hub CSPM is configured. It includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls). @@ -130 +131 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi ->>> Indicates whether Security Hub is enabled in the policy. +>>> Indicates whether Security Hub CSPM is enabled in the policy. @@ -150 +151 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi ->>>> A list of security controls that are enabled in the configuration policy. Security Hub disables all other controls (including newly released controls) other than the listed controls. +>>>> A list of security controls that are enabled in the configuration policy. Security Hub CSPM disables all other controls (including newly released controls) other than the listed controls. @@ -162 +163 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi ->>>> A list of security controls that are disabled in the configuration policy. Security Hub enables all other controls (including newly released controls) other than the listed controls. +>>>> A list of security controls that are disabled in the configuration policy. Security Hub CSPM enables all other controls (including newly released controls) other than the listed controls. @@ -208 +209 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi ->>>>>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior. +>>>>>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub CSPM behavior. @@ -210 +211 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi ->>>>>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field. +>>>>>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub CSPM default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub CSPM ignores user-provided input for the `Value` field. @@ -328 +329 @@ JSON Syntax: -> User-defined tags associated with a configuration policy. For more information, see [Tagging Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the _Security Hub user guide_ . +> User-defined tags associated with a configuration policy. For more information, see [Tagging Security Hub CSPM resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the _Security Hub CSPM user guide_ . @@ -398,0 +400 @@ The formatting style for command output. + * off @@ -464,0 +467,13 @@ Disable automatically prompt for CLI input parameters. +`--cli-error-format` (string) + +The formatting style for error output. By default, errors are displayed in enhanced format. + + * legacy + * json + * yaml + * text + * table + * enhanced + + + @@ -579 +594 @@ ConfigurationPolicy -> (tagged union structure) -> An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If the request included a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If the request included a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls). +> An object that defines how Security Hub CSPM is configured. It includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If the request included a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If the request included a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls). @@ -591 +606 @@ ConfigurationPolicy -> (tagged union structure) ->>> Indicates whether Security Hub is enabled in the policy. +>>> Indicates whether Security Hub CSPM is enabled in the policy. @@ -611 +626 @@ ConfigurationPolicy -> (tagged union structure) ->>>> A list of security controls that are enabled in the configuration policy. Security Hub disables all other controls (including newly released controls) other than the listed controls. +>>>> A list of security controls that are enabled in the configuration policy. Security Hub CSPM disables all other controls (including newly released controls) other than the listed controls. @@ -623 +638 @@ ConfigurationPolicy -> (tagged union structure) ->>>> A list of security controls that are disabled in the configuration policy. Security Hub enables all other controls (including newly released controls) other than the listed controls. +>>>> A list of security controls that are disabled in the configuration policy. Security Hub CSPM enables all other controls (including newly released controls) other than the listed controls. @@ -669 +684 @@ ConfigurationPolicy -> (tagged union structure) ->>>>>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior. +>>>>>>>> Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub CSPM behavior. @@ -671 +686 @@ ConfigurationPolicy -> (tagged union structure) ->>>>>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field. +>>>>>>>> When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub CSPM default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub CSPM ignores user-provided input for the `Value` field. @@ -762 +777 @@ ConfigurationPolicy -> (tagged union structure) - * [AWS CLI 2.33.29 Command Reference](../../index.html) » + * [AWS CLI 2.34.0 Command Reference](../../index.html) »