AWS AmazonRDS high security documentation change
Summary
Strengthened warning about critical 'rdsproxyadmin' user being essential and protected, with explicit guidance against modification
Security assessment
The change emphasizes protection of a system-critical database user required for proxy operations. Tampering could lead to complete service unavailability (denial of service scenario), making this a security-relevant availability concern.
Diff
diff --git a/AmazonRDS/latest/UserGuide/rds-proxy.md b/AmazonRDS/latest/UserGuide/rds-proxy.md index 2e9ea5489..8f940547a 100644 --- a//AmazonRDS/latest/UserGuide/rds-proxy.md +++ b//AmazonRDS/latest/UserGuide/rds-proxy.md @@ -84 +84 @@ For more information about global condition context keys, see [AWS global condit - * Your proxy automatically creates the `rdsproxyadmin` DB user when you register a proxy target. Deleting or modifying the `rdsproxyadmin` user or its permissions might impact the availability of the proxy to your application. + * Your proxy automatically creates the `rdsproxyadmin` DB user when you register a proxy target. This is a protected user that is essential for proxy functionality. You should avoid tampering with the `rdsproxyadmin` user in any capacity. Deleting or modifying the `rdsproxyadmin` user or its permissions can result in complete unavailability of the proxy to your application.