AWS deadline-cloud medium security documentation change
Summary
Added host configuration script warnings and corrected 'secrets' typo (mirroring developer guide changes)
Security assessment
Propagates security best practices about script risks and access control from developer guide to user guide.
Diff
diff --git a/deadline-cloud/latest/userguide/security-best-practices.md b/deadline-cloud/latest/userguide/security-best-practices.md index 2cd410dfe..83d01b189 100644 --- a//deadline-cloud/latest/userguide/security-best-practices.md +++ b//deadline-cloud/latest/userguide/security-best-practices.md @@ -5 +5 @@ -Data protectionIAM permissionsRun jobs as users and groupsNetworkingJob dataFarm structureJob attachment queuesCustom software bucketsWorker hostsWorkstationsVerify downloaded software +Data protectionIAM permissionsRun jobs as users and groupsNetworkingJob dataFarm structureJob attachment queuesCustom software bucketsWorker hostsHost configuration scriptWorkstationsVerify downloaded software @@ -202,0 +203,2 @@ We recommend the following best practices to secure worker hosts: + * Using a _host configuration script_ can change the security and operations of a worker. An incorrect configuration may cause the worker to be unstable or to stop working. It is your responsibility to debug such failures. + @@ -225 +227 @@ We recommend the following best practices to secure worker hosts: - * Ensure least privilege access to the Windows password secretes and delete unused secrets. + * Ensure least privilege access to the Windows password secrets and delete unused secrets. @@ -239,0 +242,7 @@ For more information about the importance of regularly patching the operating sy +## Host configuration script + + * Using a host configuration script can change the security and operations of a worker. An incorrect configuration may cause the worker to be unstable or to stop working. It is your responsibility to debug such failures. + + + +