# Document history Republished Republished guide with significant updates throughout, including adding cost considerations.Amazon S3 bucket settings We updated the [ACCT.08 Prevent public access to private Amazon S3 buckets](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/acct-08.html) section to reflect that Amazon S3 buckets created after April 28, 2023 have the **Block Public Access** setting enabled by default.IAM security best practices We updated this guide for alignment with the latest AWS Identity and Access Management (IAM) best practices. For more information, see [Security best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the IAM documentation.IAM roles We provided additional links to AWS service documentation in the [WKLD.01 Use IAM roles for compute environment permissions](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/wkld-01.html) section.Password policy We updated the recommendations for strong passwords to use the latest guidance from the Center for Internet Security (CIS).Initial publication — The following table describes significant changes to this guide. If you want to be notified about future updates, you can subscribe to an [RSS feed](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/aws-startup-security-baseline.rss). | Change | Description | Date | | --- |--- |--- | | [Republished](#doc-history) | Republished guide with significant updates throughout, including adding cost considerations. | April 6, 2026 | | [Amazon S3 bucket settings](#doc-history) | We updated the [ACCT.08 Prevent public access to private Amazon S3 buckets](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/acct-08.html) section to reflect that Amazon S3 buckets created after April 28, 2023 have the **Block Public Access** setting enabled by default. | May 18, 2023 | | [IAM security best practices](#doc-history) | We updated this guide for alignment with the latest AWS Identity and Access Management (IAM) best practices. For more information, see [Security best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the IAM documentation. | February 1, 2023 | | [IAM roles](#doc-history) | We provided additional links to AWS service documentation in the [WKLD.01 Use IAM roles for compute environment permissions](https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/wkld-01.html) section. | September 22, 2022 | | [Password policy](#doc-history) | We updated the recommendations for strong passwords to use the latest guidance from the Center for Internet Security (CIS). | May 10, 2022 | | [Initial publication](#doc-history) | — | April 13, 2022 |