AWS securityhub documentation change
Summary
Added entries for June 30, 2026 updates to AWSSecurityHubV2ServiceRolePolicy and AWSSecurityHubServiceRolePolicy managed policies regarding third-party integration permissions.
Security assessment
Documents expanded permissions for third-party integrations in managed policies, but shows no evidence of addressing a security vulnerability. The changes enhance security documentation for integration features.
Diff
diff --git a/securityhub/latest/userguide/doc-history.md b/securityhub/latest/userguide/doc-history.md index 67378718d..54970b2dc 100644 --- a//securityhub/latest/userguide/doc-history.md +++ b//securityhub/latest/userguide/doc-history.md @@ -14,0 +15,2 @@ Change| Description| Date +Updates to a managed policy – AWSSecurityHubV2ServiceRolePolicy| Security Hub updated the [AWS managed policy](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-v2-security-iam-awsmanpol.html) named `AWSSecurityHubV2ServiceRolePolicy`. The updates added permissions to support third-party integrations, including managing third-party configuration recorders, creating and managing connectors, and obtaining web identity tokens for federation.| June 30, 2026 +Updates to a managed policy – AWSSecurityHubServiceRolePolicy| Security Hub CSPM updated the [AWS managed policy](https://docs.aws.amazon.com/securityhub/latest/userguide/security-iam-awsmanpol.html) named `AWSSecurityHubServiceRolePolicy`. The updates added permissions to support third-party integrations. These include managing third-party configuration recorders and retrieving Connector health metrics.| June 30, 2026