AWS managedservices documentation change
Summary
Added a markdown link and corrected two Security Hub control mappings (Neptune.4 and DocumentDB.3) and their associated remediation actions
Security assessment
The change corrects documentation errors in mapping Security Hub controls to remediation actions. While this improves accuracy of security documentation, there is no evidence of a specific security vulnerability being addressed. The corrections ensure that the correct remediation actions are associated with the appropriate security controls, which can help prevent misconfigurations.
Diff
diff --git a/managedservices/latest/accelerate-guide/tr-supported-checks.md b/managedservices/latest/accelerate-guide/tr-supported-checks.md index 9eddcf3ca..4766ca078 100644 --- a//managedservices/latest/accelerate-guide/tr-supported-checks.md +++ b//managedservices/latest/accelerate-guide/tr-supported-checks.md @@ -0,0 +1,2 @@ +[View a markdown version of this page](tr-supported-checks.md) + @@ -86 +88 @@ Hs4Ma3G217 - CodeBuild project environments should have a logging AWS configurat -Hs4Ma3G306 - Neptune DB clusters should have deletion protection enabled Corresponding AWS Security Hub CSPM check: [DocumentDB.3](https://docs.aws.amazon.com/securityhub/latest/userguide/documentdb-controls.html#documentdb-3) | **AWSManagedServices-TrustedRemediatorDisablePublicAccessOnDocumentDBSnapshot** Removes public access from Amazon DocumentDB manual cluster snapshot. | No preconfigured parameters are allowed. No constraints +Hs4Ma3G306 - Neptune DB clusters should have deletion protection enabled Corresponding AWS Security Hub CSPM check: [Neptune.4](https://docs.aws.amazon.com/securityhub/latest/userguide/neptune-controls.html#neptune-4) | **AWSManagedServices-TrustedRemediatorEnableNeptuneDBClusterDeletionProtection** Enables deletion protection for Amazon Neptune cluster. | No preconfigured parameters are allowed. No constraints @@ -138 +140 @@ Hs4Ma3G135 - AWS KMS keys should not be deleted unintentionally Corresponding AW -Hs4Ma3G299 - Amazon DocumentDB manual cluster snapshots should not be public Corresponding AWS Security Hub CSPM check: [Neptune.4](https://docs.aws.amazon.com/securityhub/latest/userguide/neptune-controls.html#neptune-4) | **AWSManagedServices-TrustedRemediatorEnableNeptuneDBClusterDeletionProtection** Enables deletion protection for Amazon Neptune cluster. | No preconfigured parameters are allowed. No constraints +Hs4Ma3G299 - Amazon DocumentDB manual cluster snapshots should not be public Corresponding AWS Security Hub CSPM check: [DocumentDB.3](https://docs.aws.amazon.com/securityhub/latest/userguide/documentdb-controls.html#documentdb-3) | **AWSManagedServices-TrustedRemediatorDisablePublicAccessOnDocumentDBSnapshot** Removes public access from Amazon DocumentDB manual cluster snapshot. | No preconfigured parameters are allowed. No constraints