AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2026-07-13 · Documentation medium

File: securityhub/latest/userguide/securityhub-azure-prereqs.md

Summary

Added Microsoft Entra ID log availability requirements for resource recording

Security assessment

Documents critical prerequisites (audit/sign-in logs) for security monitoring. Missing logs cause security visibility gaps, but no specific vulnerability is addressed.

Diff

diff --git a/securityhub/latest/userguide/securityhub-azure-prereqs.md b/securityhub/latest/userguide/securityhub-azure-prereqs.md
index d19bfd00e..3b9cc8f95 100644
--- a//securityhub/latest/userguide/securityhub-azure-prereqs.md
+++ b//securityhub/latest/userguide/securityhub-azure-prereqs.md
@@ -65,0 +66,7 @@ You must have an Azure tenant in the Azure commercial cloud. Azure Government an
+Microsoft Entra ID log availability
+    
+
+Resource recording requires Microsoft Graph audit logs and sign-in logs from your Microsoft Entra ID tenant. Some Microsoft Entra ID logs require Microsoft Entra ID P1 or P2 licensing.
+
+If the tenant lacks required logs, resource recording might report partial failures. The app registration and Azure role assignments do not supply missing log data.
+