AWS drs documentation change
Summary
Clarified security responsibilities by specifying 'recovery instances' in port exposure and hardening requirements
Security assessment
Changes refine existing security guidance by explicitly scoping requirements to recovery instances, but do not address a specific vulnerability or add new security features. The modifications improve clarity rather than respond to a security incident.
Diff
diff --git a/drs/latest/userguide/security.md b/drs/latest/userguide/security.md index ec3a23b91..f055f51dc 100644 --- a//drs/latest/userguide/security.md +++ b//drs/latest/userguide/security.md @@ -28 +28 @@ The customer is responsible for making sure that no misconfigurations are presen - 2. After the recovery, the customer should make sure that only allowed ports are exposed to the public internet. + 2. After the recovery, the customer should make sure that on the recovery instances only allowed ports are exposed to the public internet. @@ -30 +30 @@ The customer is responsible for making sure that no misconfigurations are presen - 3. Hardening of OS packages and other software deployed in the servers is completely under the customer’s responsibility and we recommend the following: + 3. Hardening of OS packages and other software deployed in the recovery instances is completely under the customer’s responsibility and we recommend the following: