AWS lambda documentation change
Summary
Simplified security group configuration by removing self-referencing rules and specifying port 443 requirements
Security assessment
Clarifies network security configuration best practices but doesn't indicate remediation of a specific security vulnerability.
Diff
diff --git a/lambda/latest/dg/process-mq-messages-with-lambda.md b/lambda/latest/dg/process-mq-messages-with-lambda.md index 0a8758b35..e9d0f59a4 100644 --- a/lambda/latest/dg/process-mq-messages-with-lambda.md +++ b/lambda/latest/dg/process-mq-messages-with-lambda.md @@ -49 +49 @@ Configure the security groups for the Amazon VPC containing your broker. By defa - * Inbound rules – Allow all traffic on the default broker port for the security group associated with your event source. Alternatively, you can use a self-referencing security group rule to allow access from instances within the same security group. + * Inbound rules – Allow all traffic on the default broker port for the security group associated with your event source. @@ -51 +51 @@ Configure the security groups for the Amazon VPC containing your broker. By defa - * Outbound rules – Allow all traffic on port `443` for external destinations if your function needs to communicate with AWS services. Alternatively, you can also use a self-referencing security group rule to limit access to the broker if you don't need to communicate with other AWS services. + * Outbound rules – Allow all traffic on port `443` for all destinations. Allow all traffic on the default broker port for the security group associated with your event source.