AWS Security ChangesHomeSearch

AWS securityhub medium security documentation change

Service: securityhub · 2026-05-22 · Security-related medium

File: securityhub/latest/userguide/what-is-securityhub-v2.md

Summary

Added new 'Unused access analysis' section explaining automated identification of unused IAM resources and least-privilege recommendations. Also added IAM Access Analyzer to the list of integrated services.

Security assessment

The change documents proactive security capabilities for identifying excessive permissions (violating least-privilege principle) and reducing attack surface. It directly addresses security risks from over-privileged accounts by enabling unused access detection and policy hardening recommendations.

Diff

diff --git a/securityhub/latest/userguide/what-is-securityhub-v2.md b/securityhub/latest/userguide/what-is-securityhub-v2.md
index daa76b6c3..8bd041a64 100644
--- a//securityhub/latest/userguide/what-is-securityhub-v2.md
+++ b//securityhub/latest/userguide/what-is-securityhub-v2.md
@@ -30,0 +31,4 @@ Security Hub correlates findings from Security Hub CSPM control checks, Amazon I
+###### Unused access analysis
+
+Security Hub automatically identifies IAM roles, users, access keys, and permissions that have not been used within a 90-day lookback period. When you enable Security Hub, the service creates a service-linked IAM Access Analyzer in your account. Unused access findings help you implement least-privilege access by highlighting over-provisioned IAM principals. For unused permissions findings, Security Hub can generate least-privilege policy recommendations that show you a scoped-down replacement policy. 
+
@@ -63,0 +68,2 @@ Security Hub receives findings from the following AWS services.
+  * IAM Access Analyzer 
+