AWS Security ChangesHomeSearch

AWS dms documentation change

Service: dms · 2025-05-31 · Documentation low

File: dms/latest/userguide/CHAP_Security.SSL.md

Summary

Clarified SSL/TLS certificate requirements for secure connections

Security assessment

The rephrasing improves clarity about certificate usage but does not introduce new security features or address vulnerabilities. It reinforces existing security practices.

Diff

diff --git a/dms/latest/userguide/CHAP_Security.SSL.md b/dms/latest/userguide/CHAP_Security.SSL.md
index 49480d717..1a30f4522 100644
--- a//dms/latest/userguide/CHAP_Security.SSL.md
+++ b//dms/latest/userguide/CHAP_Security.SSL.md
@@ -24 +24 @@ Not all databases use SSL in the same way. Amazon Aurora MySQL-Compatible Editio
-To assign a certificate to an endpoint, you provide the root certificate or the chain of intermediate CA certificates leading up to the root (as a certificate bundle), that was used to sign the server SSL certificate that is deployed on your endpoint. Certificates are accepted as PEM formatted X509 files, only. When you import a certificate, you receive an Amazon Resource Name (ARN) that you can use to specify that certificate for an endpoint. If you use Amazon RDS, you can download the root CA and certificate bundle provided in the `rds-combined-ca-bundle.pem` file hosted by Amazon RDS. For more information about downloading this file, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the _Amazon RDS User Guide_.
+To establish a secure connection, you provide the root certificate or the chain of intermediate CA certificates leading to the root (as a certificate bundle) that was used to sign the server's SSL certificate at the endpoint. Certificates are accepted as PEM formatted X509 files, only. When you import a certificate, you receive an Amazon Resource Name (ARN) that you can use to specify that certificate for an endpoint. If you use Amazon RDS, you can download the root CA and certificate bundle provided in the `rds-combined-ca-bundle.pem` file hosted by Amazon RDS. For more information about downloading this file, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the _Amazon RDS User Guide_.