AWS Security ChangesHomeSearch

AWS datasync high security documentation change

Service: datasync · 2025-06-04 · Security-related high

File: datasync/latest/userguide/troubleshooting-datasync-agents.md

Summary

Changed firewall requirement from outbound to inbound TCP port 22 for support channel and simplified protocol reference

Security assessment

Correcting firewall direction from outbound to inbound for SSH (port 22) impacts security configurations. Misconfigured inbound SSH access could expose systems to unauthorized access if not properly secured, making this a security-relevant documentation correction.

Diff

diff --git a/datasync/latest/userguide/troubleshooting-datasync-agents.md b/datasync/latest/userguide/troubleshooting-datasync-agents.md
index 8664a4099..aaad100ea 100644
--- a//datasync/latest/userguide/troubleshooting-datasync-agents.md
+++ b//datasync/latest/userguide/troubleshooting-datasync-agents.md
@@ -93 +93 @@ If you are using the agent with VPC endpoints, you must provide a VPC endpoint I
-Your firewall must allow the outbound TCP port 22 to initiate a support channel to AWS. When you connect to Support, DataSync assigns you a support number. Make a note of your support number.
+Your firewall must allow the inbound TCP port 22 to initiate a support channel to AWS. When you connect to Support, DataSync assigns you a support number. Make a note of your support number.
@@ -97 +97 @@ Your firewall must allow the outbound TCP port 22 to initiate a support channel
-The channel number isn't a Transmission Control Protocol/User Datagram Protocol (TCP/UDP) port number. Instead, it makes an SSH (TCP 22) connection to servers and provides the support channel for the connection.
+The channel number isn't a TCP/UDP port number. Instead, it makes an SSH (TCP 22) connection to servers and provides the support channel for the connection.