AWS Security ChangesHomeSearch

AWS dms high security documentation change

Service: dms · 2025-05-31 · Security-related high

File: dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md

Summary

Corrected VPC endpoint documentation to clarify traffic does NOT go over public internet

Security assessment

The correction explicitly states that traffic remains private, addressing a potential misconfiguration risk. This directly impacts security by preventing accidental exposure of Secrets Manager traffic.

Diff

diff --git a/dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md b/dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md
index 0f4875c66..3e8acbcb8 100644
--- a//dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md
+++ b//dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md
@@ -7 +7 @@
-You must create a VPC endpoint to access the AWS Secrets Manager from a replication instance in a private subnet. This allows the replication instance access the Secrets Manager directly through the private network with sending traffic over the public internet.
+You must create a VPC endpoint to access the AWS Secrets Manager from a replication instance in a private subnet. This allows the replication instance access the Secrets Manager directly through the private network without sending traffic over the public internet.