AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2026-07-10 · Documentation low

File: prescriptive-guidance/latest/aws-kms-best-practices/monitoring.md

Summary

Enhanced monitoring section with specific AWS service names

Security assessment

Added explicit references to CloudTrail, IAM Access Analyzer, AWS Config, and EventBridge. Improves documentation of security monitoring features but doesn't address vulnerabilities.

Diff

diff --git a/prescriptive-guidance/latest/aws-kms-best-practices/monitoring.md b/prescriptive-guidance/latest/aws-kms-best-practices/monitoring.md
index ef95cbba0..28e23eacd 100644
--- a//prescriptive-guidance/latest/aws-kms-best-practices/monitoring.md
+++ b//prescriptive-guidance/latest/aws-kms-best-practices/monitoring.md
@@ -7 +7 @@
-Monitoring AWS KMS operationsMonitoring key accessMonitoring encryption settingsConfiguring CloudWatch alarmsAutomating responses
+Monitoring AWS KMS operations with AWS CloudTrailMonitoring access to KMS keys with IAM Access AnalyzerMonitoring the encryption settings of other AWS services with AWS ConfigMonitoring KMS keys with Amazon CloudWatch alarmsAutomating responses with Amazon EventBridge
@@ -13 +13 @@ Detection and monitoring are an important part of understanding the availability
-###### This section discusses the following detection and monitoring topics:
+**This section discusses the following detection and monitoring topics:**