AWS privateca medium security documentation change
Summary
Modified Active Directory access rule from 'None' to 'All' in PowerShell script
Security assessment
Change modifies security permissions for certificate authority access control, potentially addressing improper access restrictions
Diff
diff --git a/privateca/latest/userguide/connector-for-ad-getting-started-prerequisites.md b/privateca/latest/userguide/connector-for-ad-getting-started-prerequisites.md index 324fab3b2..7142025be 100644 --- a/privateca/latest/userguide/connector-for-ad-getting-started-prerequisites.md +++ b/privateca/latest/userguide/connector-for-ad-getting-started-prerequisites.md @@ -103 +103 @@ You can use this PowerShell script to delegate the additional permissions. It wi - $CAAccessRule = New-Object -TypeName 'System.DirectoryServices.ActiveDirectoryAccessRule' $AccountSid, 'ReadProperty,WriteProperty,CreateChild,DeleteChild', 'Allow', $CertificationAuthorityGuid, 'None' + $CAAccessRule = New-Object -TypeName 'System.DirectoryServices.ActiveDirectoryAccessRule' $AccountSid, 'ReadProperty,WriteProperty,CreateChild,DeleteChild', 'Allow', $CertificationAuthorityGuid, 'All'