AWS dms medium security documentation change
Summary
Updated VPC endpoint security group configuration instructions
Security assessment
Change specifies stricter security group ingress rules requiring HTTPS traffic from replication instances, improving security posture
Diff
diff --git a/dms/latest/userguide/security_iam_secretsmanager.md b/dms/latest/userguide/security_iam_secretsmanager.md index a0e22242d..c761e9c70 100644 --- a//dms/latest/userguide/security_iam_secretsmanager.md +++ b//dms/latest/userguide/security_iam_secretsmanager.md @@ -285 +285 @@ Here, ``region-name`` is the name of your region, such as `us-east-1`. Thus, an - 2. Attach the replication instance security group to the secret manager VPC endpoint. + 2. For the VPC endpoint security group ingress rules, allow HTTPS traffic from replication instance's private ip address or security groups that is attached to replication instances.