AWS dms documentation change
Summary
Added note restricting DMS Schema Conversion to only work with S3 buckets using SSE-S3 encryption
Security assessment
Explicitly documents encryption requirements for secure data storage during migrations. While security-related, this is preventive guidance rather than addressing a known vulnerability.
Diff
diff --git a/dms/latest/userguide/set-up.md b/dms/latest/userguide/set-up.md index 4a3f2c47a..b60e494cf 100644 --- a//dms/latest/userguide/set-up.md +++ b//dms/latest/userguide/set-up.md @@ -85,0 +86,4 @@ To store information from your migration project, create an Amazon S3 bucket. DM +###### Note + +DMS Schema Conversion (SC) works only with S3 buckets that use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3). Other encryption configurations, including Server-Side Encryption with AWS KMS (SSE-KMS), Customer-Provided Keys (SSE-C), or Client-Side Encryption, are not currently supported by SC and prevents it from accessing the S3 bucket. If using a different encryption method, you must create a separate S3 bucket with SSE-S3 for use with DMS Schema Conversion. +