AWS Security ChangesHomeSearch

AWS config medium security documentation change

Service: config · 2025-06-25 · Security-related medium

File: config/latest/developerguide/cloudfront-sni-enabled.md

Summary

Updated rule description to focus specifically on SNI configuration checks

Security assessment

Emphasizes Server Name Indication (SNI) enforcement for HTTPS, which is a TLS security best practice to prevent dedicated IP requirements

Diff

diff --git a/config/latest/developerguide/cloudfront-sni-enabled.md b/config/latest/developerguide/cloudfront-sni-enabled.md
index 78264b9db..a0e0db805 100644
--- a//config/latest/developerguide/cloudfront-sni-enabled.md
+++ b//config/latest/developerguide/cloudfront-sni-enabled.md
@@ -9 +9 @@ AWS CloudFormation template
-Checks if Amazon CloudFront distributions are using a custom SSL certificate and are configured to use SNI to serve HTTPS requests. The rule is NON_COMPLIANT if a custom SSL certificate is associated but the SSL support method is a dedicated IP address. 
+This rule will check if CloudFront distributions are configured to use SNI to serve HTTPS requests.