AWS Security ChangesHomeSearch

AWS AmazonCloudWatch documentation change

Service: AmazonCloudWatch · 2026-04-22 · Documentation low

File: AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.md

Summary

Added AWS Security Hub as a supported log source that sends vended logs to CloudWatch Logs.

Security assessment

The change adds documentation for integrating AWS Security Hub, a core security service, with CloudWatch Logs. This enables centralized logging and monitoring of security findings, which is a security best practice. However, the change itself is a feature documentation update, not a fix for a specific security vulnerability.

Diff

diff --git a/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.md b/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.md
index 22fbc404d..dfb721337 100644
--- a//AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.md
+++ b//AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.md
@@ -79,0 +80 @@ Log source | Log type | [Logs sent to CloudWatch Logs](./AWS-logs-infrastructure
+[AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub-v2.html) | Vended logs | [Supported [V2 Permissions]](./AWS-vended-logs-permissions-V2.html) |  |  |