AWS securityhub documentation change
Summary
Updated the allowed range for the 'temporaryPasswordValidity' parameter from 7-365 days to 1-365 days in a security control.
Security assessment
This change expands the configurability of a security control (Cognito password policy) by allowing shorter temporary password validity periods. While this relates to security configuration, there's no evidence it addresses a specific security vulnerability or incident.
Diff
diff --git a/securityhub/latest/userguide/cognito-controls.md b/securityhub/latest/userguide/cognito-controls.md index d11f15411..ef08c675c 100644 --- a//securityhub/latest/userguide/cognito-controls.md +++ b//securityhub/latest/userguide/cognito-controls.md @@ -82 +82 @@ Parameter | Description | Type | Allowed custom values | Security Hub CSPM defau -`temporaryPasswordValidity` | The maximum number of days that a password can exist before it expires. | Integer | `7` to `365` | `7` +`temporaryPasswordValidity` | The maximum number of days that a password can exist before it expires. | Integer | `1` to `365` | `7`