AWS solutions documentation change
Summary
Updated the configuration steps for SSL certificate validation and DNS record creation, and fixed formatting in CloudWatch Logs group name
Security assessment
The changes are procedural updates for certificate validation and DNS configuration, but do not address specific security vulnerabilities or introduce new security features
Diff
diff --git a/solutions/latest/prebid-server-deployment-on-aws/configure-the-solution.md index 43cfd71f9..5db472713 100644 --- a/solutions/latest/prebid-server-deployment-on-aws/configure-the-solution.md +++ b/solutions/latest/prebid-server-deployment-on-aws/configure-the-solution.md @@ -27 +27 @@ For users who decide not to use CloudFront and AWS WAF with this solution, follo - 1. Obtain an SSL server certificate for your domain by [requesting](https://docs.aws.amazon.com/acm/latest/userguide/acm-public-certificates.html) or [importing](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate-api-cli.html) it in AWS Certificate Manager in the same Region where you plan to launch your stack. + 1. Obtain an SSL server certificate for your domain by [requesting](https://docs.aws.amazon.com/acm/latest/userguide/acm-public-certificates.html) or [importing](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate-api-cli.html) it in AWS Certificate Manager (ACM) in the same Region where you plan to launch your stack. @@ -29 +29 @@ For users who decide not to use CloudFront and AWS WAF with this solution, follo - 2. When launching the stack, set the AWS CloudFormation template parameter **CloudFrontWafDeployment** to `No`. + 2. Validate the ACM certificate request by adding the required DNS CNAME record. @@ -31 +31 @@ For users who decide not to use CloudFront and AWS WAF with this solution, follo - 3. Enter the SSL certificate ARN in AWS CloudFormation template parameter **SSLCertificate**. + 3. When launching the stack, set the AWS CloudFormation template parameter **CloudFrontWafDeployment** to `No`. @@ -33 +33 @@ For users who decide not to use CloudFront and AWS WAF with this solution, follo - 4. After you deploy the stack, access the ALB DNS name from the [AWS CloudFormation console](https://console.aws.amazon.com/cloudformation/), on the **Outputs** tab, from the value for **PrebidALBDNSName**. + 4. Enter the SSL certificate ARN in AWS CloudFormation template parameter **SSLCertificate** . @@ -35 +35,3 @@ For users who decide not to use CloudFront and AWS WAF with this solution, follo - 5. Update your domain’s DNS settings to route traffic to the Prebid Application Load Balancer. + 5. After you deploy the stack, access the ALB DNS name from the [AWS CloudFormation console](https://console.aws.amazon.com/cloudformation/), on the **Outputs** tab, from the value for **PrebidALBDNSName**. + + 6. Update your domain’s public hosted zone by creating a CNAME record that points to the ALB’s Fully Qualified Domain Name (FQDN) obtained in step 5. @@ -180 +182 @@ Review the logs or errors generated during deployment. You can access logs throu - * Check **CloudWatch Logs** in the log group named ``<STACK-NAME>`-PrebidContainerLogGroup`<ID>``. Use [Log Insights](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html) or [Live Tail](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html) to observe and search the logs. + * Check **CloudWatch Logs** in the log group named ` <STACK-NAME>-PrebidContainerLogGroup[.red]_< ID>_ `. Use [Log Insights](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html) or [Live Tail](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html) to observe and search the logs.