AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-04-22 · Documentation low

File: cli/latest/reference/observabilityadmin/get-telemetry-rule-for-organization.md

Summary

Added AWS::SecurityHub::HubV2 resource type and AllowFieldUpdates parameter documentation for configuration drift remediation

Security assessment

The change documents a new feature that automatically fixes configuration drift in telemetry resources, which helps ensure security monitoring tools remain properly configured. No evidence of addressing a specific security vulnerability.

Diff

diff --git a/cli/latest/reference/observabilityadmin/get-telemetry-rule-for-organization.md b/cli/latest/reference/observabilityadmin/get-telemetry-rule-for-organization.md
index 82c3180bc..789539556 100644
--- a//cli/latest/reference/observabilityadmin/get-telemetry-rule-for-organization.md
+++ b//cli/latest/reference/observabilityadmin/get-telemetry-rule-for-organization.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.32 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.34 Command Reference](../../index.html) »
@@ -273,0 +274 @@ TelemetryRule -> (structure)
+>>   * `AWS::SecurityHub::HubV2`
@@ -620,0 +622,4 @@ TelemetryRule -> (structure)
+> AllowFieldUpdates -> (boolean)
+>
+>> If set to `true` , Amazon CloudWatch Observability Admin detects and remediates configuration drift in telemetry resources that it manages. For example, if a VPC flow log’s format, traffic type, or aggregation interval no longer matches the rule’s destination configuration, the flow log is replaced with one that matches. Only Observability Admin-managed resources are updated; customer-created resources are never modified. Currently supported for `AWS::EC2::VPC` resources (VPC flow logs).
+> 
@@ -705 +710 @@ RegionStatuses -> (list)
-  * [AWS CLI 2.34.32 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.34 Command Reference](../../index.html) »