AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-05-10 · Documentation low

File: solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md

Summary

Updated terminology from 'solution' to 'Guidance' throughout security documentation

Security assessment

Changes are purely terminological (solution -> Guidance) without altering security practices or addressing vulnerabilities. Existing security controls like IAM roles, KMS encryption, and VPC configurations remain described but unchanged.

Diff

diff --git a/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md b/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
index b99dc5aef..7613be893 100644
--- a//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
+++ b//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
@@ -13 +13 @@ When you build systems on AWS infrastructure, security responsibilities are shar
-AWS Identity and Access Management (IAM) roles allow customers to assign granular access policies and permissions to services and users in the AWS Cloud. This solution creates IAM roles that grant the solution’s automated functions access to perform remediation actions within a narrow scope set of permissions specific to each remediation. 
+AWS Identity and Access Management (IAM) roles allow customers to assign granular access policies and permissions to services and users in the AWS Cloud. This Guidance creates IAM roles that grant the Guidance's automated functions access to perform remediation actions within a narrow scope set of permissions specific to each remediation. 
@@ -17 +17 @@ AWS Identity and Access Management (IAM) roles allow customers to assign granula
-The Automated Forensics Orchestrator for Amazon EC2 Framework solution allows you to provide your own AWS KMS keys to encrypt data stored. We recommend referring to [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) to enhance the protection of your encryption keys. 
+The Automated Forensics Orchestrator for Amazon EC2 Framework Guidance allows you to provide your own AWS KMS keys to encrypt data stored. We recommend referring to [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) to enhance the protection of your encryption keys. 
@@ -19 +19 @@ The Automated Forensics Orchestrator for Amazon EC2 Framework solution allows yo
-AWS recommends that customers encrypt sensitive data in transit and at rest. This solution automatically encrypts file data, and metadata at rest with [Amazon S3 Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) (SSE) with AES256 algorithm. 
+AWS recommends that customers encrypt sensitive data in transit and at rest. This Guidance automatically encrypts file data, and metadata at rest with [Amazon S3 Server-Side Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) (SSE) with AES256 algorithm. 
@@ -21 +21 @@ AWS recommends that customers encrypt sensitive data in transit and at rest. Thi
-Additionally, this solution's Amazon DynamoDB are encrypted at rest using SSE with AWS Key Management Service (AWS KMS). 
+Additionally, this Guidance's Amazon DynamoDB are encrypted at rest using SSE with AWS Key Management Service (AWS KMS). 
@@ -25 +25 @@ Additionally, this solution's Amazon DynamoDB are encrypted at rest using SSE wi
-The Automated Forensics Orchestrator for Amazon EC2 solution is deployed in Amazon VPC, with the Lambda functions in a private subnet. Traffic in and out of the subnet is controlled by security groups. To prevent unauthorized access to the data storage layer, by default, the security group rules only allow inbound traffic from the Lambda function’s private subnet. 
+The Automated Forensics Orchestrator for Amazon EC2 Guidance is deployed in Amazon VPC, with the Lambda functions in a private subnet. Traffic in and out of the subnet is controlled by security groups. To prevent unauthorized access to the data storage layer, by default, the security group rules only allow inbound traffic from the Lambda function’s private subnet. 
@@ -31 +31 @@ All data committed to Automated Forensics Orchestrator for Amazon EC2 is encrypt
-Communications between the solution’s different components are over HTTPS to ensure data encryption in transit. 
+Communications between the Guidance's different components are over HTTPS to ensure data encryption in transit.