AWS Security ChangesHomeSearch

AWS vpn documentation change

Service: vpn · 2025-04-03 · Documentation low

File: vpn/latest/s2svpn/VPC_VPN.md

Summary

Clarified default network communication limitations for VPC instances and Site-to-Site VPN use case

Security assessment

The change provides clearer documentation about network isolation behavior but does not introduce or address security features/vulnerabilities. It's a descriptive improvement rather than security-related.

Diff

diff --git a/vpn/latest/s2svpn/VPC_VPN.md b/vpn/latest/s2svpn/VPC_VPN.md
index 88b1db8b7..504a5a8e3 100644
--- a//vpn/latest/s2svpn/VPC_VPN.md
+++ b//vpn/latest/s2svpn/VPC_VPN.md
@@ -9 +9 @@ ConceptsSite-to-Site VPN featuresSite-to-Site VPN limitationsSite-to-Site VPN re
-By default, an instance that you launch within an Amazon VPC can't communicate with your own (remote) network. You can enable access to your remote network from your VPC by creating an AWS Site-to-Site VPN (Site-to-Site VPN) connection, and configuring routing to pass traffic through the connection.
+By default, an instance that you launch within an Amazon VPC can't communicate with a local (AWS Cloud) network and a remote device — for example, this might be a site or an on-premises device. You can enable access to your remote devices from your VPC by creating an AWS Site-to-Site VPN (Site-to-Site VPN) connection, and configuring routing to pass traffic through the connection.