AWS Security ChangesHomeSearch

AWS AmazonRDS high security documentation change

Service: AmazonRDS · 2025-05-31 · Security-related high

File: AmazonRDS/latest/AuroraUserGuide/rds-proxy-creating.md

Summary

Added security warning about initialization query visibility and postgres database requirement

Security assessment

Explicitly warns about unprotected initialization queries potentially exposing sensitive data, addressing a security configuration risk

Diff

diff --git a/AmazonRDS/latest/AuroraUserGuide/rds-proxy-creating.md b/AmazonRDS/latest/AuroraUserGuide/rds-proxy-creating.md
index 90025e1d3..b97ca2dda 100644
--- a//AmazonRDS/latest/AuroraUserGuide/rds-proxy-creating.md
+++ b//AmazonRDS/latest/AuroraUserGuide/rds-proxy-creating.md
@@ -23,0 +24,4 @@ Setting | Description
+
+###### Note
+
+To use Aurora PostgreSQL, make sure to retain the `postgres` database in your instance. See [Troubleshooting deleted postgres database](./rds-proxy.troubleshooting.html#rds-proxy-PostgreSQL-troubleshooting.postgresDBDelete).  
@@ -37,0 +42,4 @@ For multiple statements, use semicolons as the separator.
+
+###### Important
+
+Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.