AWS cli documentation change
Summary
Added AWS::SecurityHub::HubV2 resource type and AllowFieldUpdates parameter documentation for configuration drift remediation
Security assessment
The change documents a feature that maintains telemetry resource configurations, which supports security monitoring. No evidence this fixes a specific security vulnerability.
Diff
diff --git a/cli/latest/reference/observabilityadmin/get-telemetry-rule.md b/cli/latest/reference/observabilityadmin/get-telemetry-rule.md index 1676ea341..148427bc8 100644 --- a//cli/latest/reference/observabilityadmin/get-telemetry-rule.md +++ b//cli/latest/reference/observabilityadmin/get-telemetry-rule.md @@ -15 +15 @@ - * [AWS CLI 2.34.32 Command Reference](../../index.html) » + * [AWS CLI 2.34.34 Command Reference](../../index.html) » @@ -273,0 +274 @@ TelemetryRule -> (structure) +>> * `AWS::SecurityHub::HubV2` @@ -620,0 +622,4 @@ TelemetryRule -> (structure) +> AllowFieldUpdates -> (boolean) +> +>> If set to `true` , Amazon CloudWatch Observability Admin detects and remediates configuration drift in telemetry resources that it manages. For example, if a VPC flow log’s format, traffic type, or aggregation interval no longer matches the rule’s destination configuration, the flow log is replaced with one that matches. Only Observability Admin-managed resources are updated; customer-created resources are never modified. Currently supported for `AWS::EC2::VPC` resources (VPC flow logs). +> @@ -705 +710 @@ RegionStatuses -> (list) - * [AWS CLI 2.34.32 Command Reference](../../index.html) » + * [AWS CLI 2.34.34 Command Reference](../../index.html) »