AWS Security ChangesHomeSearch

AWS AmazonRDS high security documentation change

Service: AmazonRDS · 2025-06-10 · Security-related high

File: AmazonRDS/latest/UserGuide/rds-proxy.md

Summary

Strengthened warning about critical 'rdsproxyadmin' user being essential and protected, with explicit guidance against modification

Security assessment

The change emphasizes protection of a system-critical database user required for proxy operations. Tampering could lead to complete service unavailability (denial of service scenario), making this a security-relevant availability concern.

Diff

diff --git a/AmazonRDS/latest/UserGuide/rds-proxy.md b/AmazonRDS/latest/UserGuide/rds-proxy.md
index 2e9ea5489..8f940547a 100644
--- a//AmazonRDS/latest/UserGuide/rds-proxy.md
+++ b//AmazonRDS/latest/UserGuide/rds-proxy.md
@@ -84 +84 @@ For more information about global condition context keys, see [AWS global condit
-  * Your proxy automatically creates the `rdsproxyadmin` DB user when you register a proxy target. Deleting or modifying the `rdsproxyadmin` user or its permissions might impact the availability of the proxy to your application.
+  * Your proxy automatically creates the `rdsproxyadmin` DB user when you register a proxy target. This is a protected user that is essential for proxy functionality. You should avoid tampering with the `rdsproxyadmin` user in any capacity. Deleting or modifying the `rdsproxyadmin` user or its permissions can result in complete unavailability of the proxy to your application.