From 2767d3383854a3a1f32a76045a7c93386be19662 Mon Sep 17 00:00:00 2001
From: Marwin Baumann <mbaumann@schubergphilis.com>
Date: Tue, 24 Dec 2024 10:46:58 +0100
Subject: [PATCH] docs: improve upgrade guide to v5

---
 UPGRADING.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/UPGRADING.md b/UPGRADING.md
index cd23b4a..4a71fb6 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -107,6 +107,14 @@ The following variables have been removed:
 
 If all steps are completed and the issue persists, review AWS Control Tower settings and logs for additional troubleshooting.
 
+### Known Issues
+
+**Issue:** The AWS Security Hub control "AWS Config should be enabled and use the service-linked role for resource recording" fails for the core-management account after the upgrade.
+
+**Cause:** AWS Control Tower does not enable AWS Config in the core-management account. While this module enables AWS Config in the home region of the core-management account, it does not cover the linked regions.
+
+**Workaround:** Suppress these findings or enable AWS Config yourself in the linked regions for the core-management account.
+
 
 ## Upgrading to v4.0.0