AWS Security ChangesHomeSearch

AWS AmazonRDS medium security documentation change

Service: AmazonRDS · 2025-04-11 · Security-related medium

File: AmazonRDS/latest/AuroraUserGuide/Aurora.VersionPolicy.Upgrading.md

Summary

Added clarification about automatic minor version upgrades potentially being applied for critical security issues even when auto-upgrade is disabled

Security assessment

Explicitly states that critical security issues may trigger forced minor version upgrades regardless of user settings

Diff

diff --git a/AmazonRDS/latest/AuroraUserGuide/Aurora.VersionPolicy.Upgrading.md b/AmazonRDS/latest/AuroraUserGuide/Aurora.VersionPolicy.Upgrading.md
index a58609a82..5caa460cf 100644
--- a//AmazonRDS/latest/AuroraUserGuide/Aurora.VersionPolicy.Upgrading.md
+++ b//AmazonRDS/latest/AuroraUserGuide/Aurora.VersionPolicy.Upgrading.md
@@ -12,0 +13,4 @@ With Amazon Aurora, you can control and test upgrades to your DB clusters. Amazo
+Automatic minor version upgrades periodically update your database to recent database engine versions. However, the upgrade might not always include the latest database engine version. If you need to keep your databases on specific versions at particular times, we recommend that you manually upgrade to the database versions that you need according to your required schedule. In cases of critical security issues or when a version reaches its end-of-support date, Amazon Aurora might apply a minor version upgrade even if you haven't enabled the **Auto minor version upgrade** option. For more information, see the upgrade documentation for your specific database engine.
+
+See [Upgrading the minor version or patch level of an Aurora MySQL DB cluster](./AuroraMySQL.Updates.Patching.html) and [Performing a minor version upgrade](./USER_UpgradeDBInstance.PostgreSQL.MinorUpgrade.html).
+