Hello, We would like to inform you about upcoming changes to 3 AWS Trusted Advisor checks that will take effect on April 25, 2024. These updates are designed to provide more accurate and relevant recommendations based on the latest best practices and service enhancements. - “IAM Use” (ID: ZXCkfM1nI3) is being phased out due to changes in its underlying best practices. - “Security Groups - Specific Ports Unrestricted” (ID: HCP4007jGY) and “Security Groups - Unrestricted Access” (ID: 1iG5NDGVre) are being replaced as they did not account for customer-managed prefix lists being used to grant access in security groups. If you have AWS Security Hub enabled, we recommend using the updated checks “Security groups should only allow unrestricted incoming traffic for authorized ports” (TA Check ID: Hs4Ma3G178, Security Hub Control ID: EC2.18) and “Security groups should not allow unrestricted access to ports with high risk” (TA Check ID: Hs4Ma3G204, Security Hub Control ID: EC2.19). These checks account for prefix lists and provide comprehensive security group monitoring. To view these AWS Security Hub controls (EC2.18 and EC2.19) in Trusted Advisor, you must have a Business, Enterprise On-Ramp, or Enterprise Support plan. You can find your support plan from the AWS Support Center [1]. For more information, see Compare AWS Support plans [2]. If you have any questions or concerns regarding these changes, please don’t hesitate to contact AWS support [1]. [1] https://aws.amazon.com/support [2] https://aws.amazon.com/premiumsupport/plans Sincerely, Amazon Web Services Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210 --- Reference: https://health.aws.amazon.com/health/home?region=us-east-1#/event-log?eventI...