AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-06-07 · Documentation low

File: cli/latest/reference/auditmanager/get-evidence.md

Summary

Updated references from 'Security Hub' to 'Security Hub CSPM' in compliance evaluation documentation and updated CLI version references.

Security assessment

The change specifies the use of Security Hub CSPM (Cloud Security Posture Management) for compliance evaluations instead of generic Security Hub. This clarifies a security feature but doesn't address any vulnerability or incident. CSPM is a security capability focused on configuration compliance.

Diff

diff --git a/cli/latest/reference/auditmanager/get-evidence.md b/cli/latest/reference/auditmanager/get-evidence.md
index 4e2376a65..855f71110 100644
--- a//cli/latest/reference/auditmanager/get-evidence.md
+++ b//cli/latest/reference/auditmanager/get-evidence.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.61 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.63 Command Reference](../../index.html) »
@@ -360,3 +360,3 @@ evidence -> (structure)
->>>>   * Audit Manager classes the resource as non-compliant if Security Hub reports a _Fail_ result, or if Config reports a _Non-compliant_ result.
->>>>   * Audit Manager classes the resource as compliant if Security Hub reports a _Pass_ result, or if Config reports a _Compliant_ result.
->>>>   * If a compliance check isn’t available or applicable, then no compliance evaluation can be made for that resource. This is the case if a resource assessment uses Config or Security Hub as the underlying data source type, but those services aren’t enabled. This is also the case if the resource assessment uses an underlying data source type that doesn’t support compliance checks (such as manual evidence, Amazon Web Services API calls, or CloudTrail).
+>>>>   * Audit Manager classes the resource as non-compliant if Security Hub CSPM reports a _Fail_ result, or if Config reports a _Non-compliant_ result.
+>>>>   * Audit Manager classes the resource as compliant if Security Hub CSPM reports a _Pass_ result, or if Config reports a _Compliant_ result.
+>>>>   * If a compliance check isn’t available or applicable, then no compliance evaluation can be made for that resource. This is the case if a resource assessment uses Config or Security Hub CSPM as the underlying data source type, but those services aren’t enabled. This is also the case if the resource assessment uses an underlying data source type that doesn’t support compliance checks (such as manual evidence, Amazon Web Services API calls, or CloudTrail).
@@ -412,3 +412,3 @@ evidence -> (structure)
->>   * Audit Manager classes evidence as non-compliant if Security Hub reports a _Fail_ result, or if Config reports a _Non-compliant_ result.
->>   * Audit Manager classes evidence as compliant if Security Hub reports a _Pass_ result, or if Config reports a _Compliant_ result.
->>   * If a compliance check isn’t available or applicable, then no compliance evaluation can be made for that evidence. This is the case if the evidence uses Config or Security Hub as the underlying data source type, but those services aren’t enabled. This is also the case if the evidence uses an underlying data source type that doesn’t support compliance checks (such as manual evidence, Amazon Web Services API calls, or CloudTrail).
+>>   * Audit Manager classes evidence as non-compliant if Security Hub CSPM reports a _Fail_ result, or if Config reports a _Non-compliant_ result.
+>>   * Audit Manager classes evidence as compliant if Security Hub CSPM reports a _Pass_ result, or if Config reports a _Compliant_ result.
+>>   * If a compliance check isn’t available or applicable, then no compliance evaluation can be made for that evidence. This is the case if the evidence uses Config or Security Hub CSPM as the underlying data source type, but those services aren’t enabled. This is also the case if the evidence uses an underlying data source type that doesn’t support compliance checks (such as manual evidence, Amazon Web Services API calls, or CloudTrail).
@@ -496 +496 @@ evidence -> (structure)
-  * [AWS CLI 2.34.61 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.63 Command Reference](../../index.html) »