AWS AmazonECS documentation change
Summary
Updated TLS documentation to reference infrastructure IAM role instead of specific managed policy
Security assessment
Clarifies IAM requirements for TLS encryption (a security feature), but doesn't indicate any security vulnerability being addressed. The change improves documentation about securing service communications.
Diff
diff --git a/AmazonECS/latest/developerguide/service-connect-tls.md b/AmazonECS/latest/developerguide/service-connect-tls.md index 67f3fc85f..eecbd2a6e 100644 --- a//AmazonECS/latest/developerguide/service-connect-tls.md +++ b//AmazonECS/latest/developerguide/service-connect-tls.md @@ -30 +30 @@ Only inbound and outbound traffic passing though the Amazon ECS agent is encrypt -There are additional IAM permissions required to issue certificates. Amazon ECS provides a managed resource trust policy that outlines the set of permissions. For more information about this policy, see [AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-iam-awsmanpol.html#security-iam-awsmanpol-AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity ). +You need to have the infrastructure IAM role. For more information about this role, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html ).