AWS config medium security documentation change
Summary
Updated rule description to focus specifically on SNI configuration checks
Security assessment
Emphasizes Server Name Indication (SNI) enforcement for HTTPS, which is a TLS security best practice to prevent dedicated IP requirements
Diff
diff --git a/config/latest/developerguide/cloudfront-sni-enabled.md b/config/latest/developerguide/cloudfront-sni-enabled.md index 78264b9db..a0e0db805 100644 --- a//config/latest/developerguide/cloudfront-sni-enabled.md +++ b//config/latest/developerguide/cloudfront-sni-enabled.md @@ -9 +9 @@ AWS CloudFormation template -Checks if Amazon CloudFront distributions are using a custom SSL certificate and are configured to use SNI to serve HTTPS requests. The rule is NON_COMPLIANT if a custom SSL certificate is associated but the SSL support method is a dedicated IP address. +This rule will check if CloudFront distributions are configured to use SNI to serve HTTPS requests.