# Document history
<a name="doc-history"></a>

The following table describes significant changes to this guide. If you want to be notified about future updates, you can subscribe to an [RSS feed](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/aws-startup-security-baseline.rss).

| Change | Description | Date | 
| --- |--- |--- |
| [Republished](#doc-history) | Republished guide with significant updates throughout, including adding cost considerations. | April 6, 2026 | 
| [Amazon S3 bucket settings](#doc-history) | We updated the [ACCT.08 Prevent public access to private Amazon S3 buckets](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/acct-08.html) section to reflect that Amazon S3 buckets created after April 28, 2023 have the **Block Public Access** setting enabled by default. | May 18, 2023 | 
| [IAM security best practices](#doc-history) | We updated this guide for alignment with the latest AWS Identity and Access Management (IAM) best practices. For more information, see [Security best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the IAM documentation. | February 1, 2023 | 
| [IAM roles](#doc-history) | We provided additional links to AWS service documentation in the [WKLD.01 Use IAM roles for compute environment permissions](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/wkld-01.html) section. | September 22, 2022 | 
| [Password policy](#doc-history) | We updated the recommendations for strong passwords to use the latest guidance from the Center for Internet Security (CIS). | May 10, 2022 | 
| [Initial publication](#doc-history) | — | April 13, 2022 |