AWS securityhub documentation change
Summary
Updated terminology to 'Azure role assignments' and clarified service principal permissions
Security assessment
Terminology update and permission clarification mirroring earlier changes. No security impact or vulnerability remediation.
Diff
diff --git a/securityhub/latest/userguide/securityhub-v2-azure-setup-azure.md b/securityhub/latest/userguide/securityhub-v2-azure-setup-azure.md index 6dd079ae3..1b1f6d185 100644 --- a//securityhub/latest/userguide/securityhub-v2-azure-setup-azure.md +++ b//securityhub/latest/userguide/securityhub-v2-azure-setup-azure.md @@ -30 +30 @@ When you run the script, it performs a series of tasks. The following sections d -Steps 1–7 configure the shared foundation that all Security Hub capabilities use: the application registration, federated credentials, RBAC roles, Microsoft Graph permissions, Event Hub, and log export. Steps 8–10 configure the additional Azure resources for specific capabilities: +Steps 1–7 configure the shared foundation that all Security Hub capabilities use: the application registration, federated credentials, Azure role assignments, Microsoft Graph permissions, Event Hub, and log export. Steps 8–10 configure the additional Azure resources for specific capabilities: @@ -79 +79 @@ Note the **Application (client) ID** from the output (the `appId` attribute). Yo -Create a service principal for the registered application. The service principal is the identity that receives RBAC role assignments and performs actions in your Azure environment. +Create a service principal for the registered application. You use Azure role assignments to grant permissions to the service principal. The service principal performs actions in your Azure environment.