AWS managedservices medium security documentation change
Summary
Added security notice about responsibility for alternate patch repository security and best practices
Security assessment
Explicitly addresses supply chain security risks and provides security best practices for patch management, indicating security awareness documentation
Diff
diff --git a/managedservices/latest/accelerate-guide/acc-patching.md b/managedservices/latest/accelerate-guide/acc-patching.md index f44f749f2..ac9246b1f 100644 --- a//managedservices/latest/accelerate-guide/acc-patching.md +++ b//managedservices/latest/accelerate-guide/acc-patching.md @@ -12,0 +13,15 @@ Accelerate Patch reporting periodically deploys an AWS Glue resource-based polic +###### Important + +You can specify alternative patch repositories for managed nodes. While AMS implements your requested patch configurations, you are responsible for selecting and validating the security of your chosen repositories. You must also accept any risks from using these repositories, such as supply chain risks. + +The following are best practices for the security of your patch management process: + + * Use only trusted, verified repository sources + + * Default to standard OS vendor repositories when possible + + * Regularly audit custom repository configurations + + + +