Posted On: Apr 30, 2024

Today, AWS Security Hub announces the release of the AWS Resource Tagging standard. The standard contains 85 new controls which can be used to identify if any of your AWS Resources are missing tag keys required by your organization. With the release of this standard, Security Hub now offers 386 security controls that automatically check the compliance of your AWS resources against pre-defined security principles and best practices.

To quickly enable the new standard across your AWS environment, you should use central configuration. This will allow you to enable the standard in some or all of your organization accounts and across all of AWS Regions that are linked to Security Hub with a single action. Furthermore, you can use central configuration to centrally define the requiredTagKeys parameter that specifies the tag keys that the new controls check for. Alternatively, if you are not using central configuration, you may enable the standard and define the tags that the controls will check for on an account-by-account and Region-by-Region basis. To learn more about using central configuration, visit the AWS security blog.

To get started with Security Hub, consult the following list of resources: