AWS dms high security documentation change
Summary
Corrected VPC endpoint documentation to clarify traffic does NOT go over public internet
Security assessment
The correction explicitly states that traffic remains private, addressing a potential misconfiguration risk. This directly impacts security by preventing accidental exposure of Secrets Manager traffic.
Diff
diff --git a/dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md b/dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md index 0f4875c66..3e8acbcb8 100644 --- a//dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md +++ b//dms/latest/userguide/CHAP_Advanced.Endpoints.secretsmanager.md @@ -7 +7 @@ -You must create a VPC endpoint to access the AWS Secrets Manager from a replication instance in a private subnet. This allows the replication instance access the Secrets Manager directly through the private network with sending traffic over the public internet. +You must create a VPC endpoint to access the AWS Secrets Manager from a replication instance in a private subnet. This allows the replication instance access the Secrets Manager directly through the private network without sending traffic over the public internet.