AWS managedservices documentation change
Summary
Minor text corrections and added requirement for S3 bucket names to contain 'transfer' keyword
Security assessment
While the S3 bucket name requirement could help with resource management, there's no explicit security justification provided in the change description to indicate it's a security control.
Diff
diff --git a/managedservices/latest/userguide/transfer-sftp.md b/managedservices/latest/userguide/transfer-sftp.md index a732224bb..22cda75de 100644 --- a//managedservices/latest/userguide/transfer-sftp.md +++ b//managedservices/latest/userguide/transfer-sftp.md @@ -25 +25 @@ Request access to AWS Transfer for SFTP by submitting an RFC with the Management - * `customer_transfer_sftp_user_role`. This role is designed to be attached on the SFTP users. It allows the SFTP Users to interact with the S3 bucket. + * `customer_transfer_sftp_user_role`. This role is designed to be attached on the SFTP users. It allows the SFTP users to interact with the S3 bucket. @@ -29 +29 @@ Request access to AWS Transfer for SFTP by submitting an RFC with the Management - * `customer_transfer_sftp_efs_user_role`. This role is designed to be attached on the SFTP users. It allows the SFTP Users to interact with the EFS file system. + * `customer_transfer_sftp_efs_user_role`. This role is designed to be attached on the SFTP users. It allows the SFTP users to interact with the EFS file system. @@ -42 +42 @@ AWS Transfer for SFTP configuration is limited to resources without "AMS-" or "M - * You must have an S3 bucket before creating the AWS Transfer for SFTP server and users. + * You must have an Amazon S3 bucket with a name that contains the keyword "transfer" before creating the AWS Transfer for SFTP server and users. @@ -44 +44 @@ AWS Transfer for SFTP configuration is limited to resources without "AMS-" or "M - * To use a "Customer Identify Provider," you must deploy the API Gateway, Lambda function, and your user repository (AD, Secrets Manager, and so on). For more information, see [ Enable password authentication for AWS Transfer for SFTP using AWS Secrets Manager](https://aws.amazon.com/blogs/storage/enable-password-authentication-for-aws-transfer-for-sftp-using-aws-secrets-manager/) and [Working with Identity Providers](https://docs.aws.amazon.com/transfer/latest/userguide/authenticating-users.html) + * To use a "Customer Identify Provider," you must deploy the API Gateway, Lambda function, and your user repository (AD, Secrets Manager, and so on). For more information, see [ Enable password authentication for AWS Transfer for SFTP using AWS Secrets Manager](https://aws.amazon.com/blogs/storage/enable-password-authentication-for-aws-transfer-for-sftp-using-aws-secrets-manager/) and [Working with Identity Providers](https://docs.aws.amazon.com/transfer/latest/userguide/authenticating-users.html).