AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-04-16 · Documentation low

File: AmazonS3/latest/userguide/VirtualHosting.md

Summary

Updated documentation to specify 'general purpose buckets' in multiple sections, including title, body text, and headings. Clarified SSL certificate limitations apply specifically to general purpose buckets.

Security assessment

The changes primarily refine terminology by adding 'general purpose' qualifiers to bucket references. The SSL certificate limitation mentioned was pre-existing documentation about domain validation constraints, not a new security issue or mitigation. No concrete evidence of addressing a vulnerability or security incident.

Diff

diff --git a/AmazonS3/latest/userguide/VirtualHosting.md b/AmazonS3/latest/userguide/VirtualHosting.md
index 1652daeb9..4952e799a 100644
--- a//AmazonS3/latest/userguide/VirtualHosting.md
+++ b//AmazonS3/latest/userguide/VirtualHosting.md
@@ -7 +7 @@ Path-style requestsVirtual-hosted–style requestsHTTP Host header bucket specif
-# Virtual hosting of buckets
+# Virtual hosting of general purpose buckets
@@ -9 +9 @@ Path-style requestsVirtual-hosted–style requestsHTTP Host header bucket specif
-Virtual hosting is the practice of serving multiple websites from a single web server. One way to differentiate sites in your Amazon S3 REST API requests is by using the apparent hostname of the Request-URI instead of just the path name part of the URI. An ordinary Amazon S3 REST request specifies a bucket by using the first slash-delimited component of the Request-URI path. Instead, you can use Amazon S3 virtual hosting to address a bucket in a REST API call by using the HTTP `Host` header. In practice, Amazon S3 interprets `Host` as meaning that most buckets are automatically accessible for limited types of requests at `https://`bucket-name`.s3.`region-code`.amazonaws.com`. For a complete list of Amazon S3 Regions and endpoints, see [Amazon S3 endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html) in the _Amazon Web Services General Reference_.
+Virtual hosting is the practice of serving multiple websites from a single web server. One way to differentiate sites in your Amazon S3 REST API requests is by using the apparent hostname of the Request-URI instead of just the path name part of the URI. An ordinary Amazon S3 REST request specifies a bucket by using the first slash-delimited component of the Request-URI path. Instead, you can use Amazon S3 virtual hosting to address a general purpose bucket in a REST API call by using the HTTP `Host` header. In practice, Amazon S3 interprets `Host` as meaning that most buckets are automatically accessible for limited types of requests at `https://`bucket-name`.s3.`region-code`.amazonaws.com`. For a complete list of Amazon S3 Regions and endpoints, see [Amazon S3 endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html) in the _Amazon Web Services General Reference_.
@@ -15 +15 @@ Virtual hosting also has other benefits. By naming your bucket after your regist
-When you're using virtual-hosted–style buckets with SSL, the SSL wildcard certificate matches only buckets that do not contain dots (`.`). To work around this limitation, use HTTP or write your own certificate-verification logic. For more information, see [Amazon S3 Path Deprecation Plan](https://aws.amazon.com/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/) on the _AWS News Blog._
+When you're using virtual-hosted–style general purpose buckets with SSL, the SSL wildcard certificate matches only buckets that do not contain dots (`.`). To work around this limitation, use HTTP or write your own certificate-verification logic. For more information, see [Amazon S3 Path Deprecation Plan](https://aws.amazon.com/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/) on the _AWS News Blog._
@@ -302 +302 @@ Accessing a bucket
-Creating a bucket
+Creating a general purpose bucket