AWS Security ChangesHomeSearch

AWS managedservices medium security documentation change

Service: managedservices · 2025-06-13 · Security-related medium

File: managedservices/latest/userguide/patch-mgmt.md

Summary

Added security warning about third-party repository risks and patching best practices

Security assessment

Directly addresses security responsibilities and risks associated with alternative patch sources, providing mitigation guidance

Diff

diff --git a/managedservices/latest/userguide/patch-mgmt.md b/managedservices/latest/userguide/patch-mgmt.md
index 6b090aeda..fab21e420 100644
--- a//managedservices/latest/userguide/patch-mgmt.md
+++ b//managedservices/latest/userguide/patch-mgmt.md
@@ -50,0 +51,15 @@ For definitions of patching terms, see [AMS key terms](./key-terms.html).
+###### Important
+
+You can specify alternative patch repositories for managed nodes. While AMS implements your requested patch configurations, you are responsible for selecting and validating the security of your chosen repositories. You must also accept any risks from using these repositories, such as supply chain risks. 
+
+The following are best practices for the security of your patch management process:
+
+  * Use only trusted, verified repository sources
+
+  * Default to standard OS vendor repositories when possible
+
+  * Regularly audit custom repository configurations
+
+
+
+