AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-06-28 · Documentation low

File: solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/optional-additional-configuration-cloud9-environment-setup.md

Summary

Fixed markdown link syntax, corrected command spacing, updated code formatting, and restructured VPC configuration documentation

Security assessment

Changes focus on documentation formatting and syntax corrections (e.g., fixing broken links, command spacing). Security-related IAM role mention already existed in original content. No new security features or vulnerability mitigations added.

Diff

diff --git a/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/optional-additional-configuration-cloud9-environment-setup.md b/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/optional-additional-configuration-cloud9-environment-setup.md
index f26e59cdc..985857517 100644
--- a//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/optional-additional-configuration-cloud9-environment-setup.md
+++ b//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/optional-additional-configuration-cloud9-environment-setup.md
@@ -11 +11 @@ Guidance customizationsCustomization of CDK context configurations
-  2. Set up Python version 3.8 if it is not available (https://docs.aws.amazon.com/cloud9/latest/user-guide/sample-python.html). 
+  2. Set up Python version 3.8 if it is not available (link:https://docs.aws.amazon.com/cloud9/latest/user-guide/sample-python.html).
@@ -18 +18 @@ Guidance customizationsCustomization of CDK context configurations
-    python -m pip install pip-tools
+    python -m pip install pip-tools
@@ -54,3 +54,3 @@ You can update this configuration based on the memory of the compromised instanc
-        wget https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli-linux
-    wget https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli-linux.sig
-    wget https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli.pub
+        wget link:https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli-linux
+    wget link:https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli-linux.sig
+    wget link:https://github.com/teamdfir/sift-cli/releases/download/v1.13.1/sift-cli.pub
@@ -84 +84 @@ In SSM document `linux_lime-memory-acquisition.json`, change the following sampl
-    git clone https://github.com/504ensicsLabs/LiME
+    git clone link:https://github.com/504ensicsLabs/LiME
@@ -100 +100 @@ In SSM document `lime-memory-load-investigation.json`, change the following comm
-    git clone [https://github.com/volatilityfoundation/volatility.git](https://github.com/volatilityfoundation/volatility.git)
+    git clone link:https://github.com/volatilityfoundation/volatility.git
@@ -122 +122 @@ CDK config  |  Default value  |  Description
-**vol2-profiles-bucket** |  `n/a` – leverages the bucket created  |  Bucket to store Volatility profiles based on kernel version of the compromised instance to perform memory forensics. Ensure forensic investigation IAM role is updated to and has read-only access to S3 bucket.   
+**vol2-profiles-bucket** |  `n/a` \- leverages the bucket created |  Bucket to store Volatility profiles based on kernel version of the compromised instance to perform memory forensics. Ensure forensic investigation IAM role is updated to and has read-only access to S3 bucket.  
@@ -131 +131 @@ CDK config  |  Default value  |  Description
-**ssm-documents-dir** |  `./ssm-documents` |  SSM directory in source code to load SSM documents into forensic account as part of the deployment.   
+**ssm-documents-dir** |  `–0—/ssm-documents` |  SSM directory in source code to load SSM documents into forensic account as part of the deployment.  
@@ -133,50 +133,3 @@ CDK config  |  Default value  |  Description
-**ForensicIsolationInstanceProfileName** |  `target_profile_name` | Customer profile for isolation. By default it would be the profile provided by this Guidance's CDK stack.   
-**vpcInfo** | 
-    
-    
-    vpcInfo": {
-    "vpcCidr": "10.1.0.0/16",
-    "maxAZs": 2,
-    "bastionInstance": false,
-    "enableVpcFlowLog": true,
-    "enableVPCEndpoints": true,
-    "subnetConfig": [
-    {
-    "cidrMask": 24,
-    "name": "externalDMZ",
-    "subnetType": "Public"
-    },
-    {
-    "cidrMask"24,
-    "name": "service",
-    "subnetType": "Private"
-    },
-    {
-    "cidrMask": 24,
-    "name": "database",
-    "subnetType": "Isolated"
-    },
-    {
-    "cidrMask": 24,
-    "name": "internalDMZ",
-    "subnetType": "Isolated"
-    }
-    ]
-    },”
-
-|  Contains VPC configurations to create a new VPC.   
-**vpcConfigDetails** | 
-    
-    
-    "vpcConfigDetails": {
-    "isExistingVPC": false,
-    "enableVPCEndpoints": false,
-    "enableVpcFlowLog": false
-    }
-
-|  Contains details about existing VPC configurations 
-    
-    
-    "isExistingVPC": false,
-    "vpcID": "vpc-1234567890",  
-  
+**ForensicIsolationInstanceProfileName** |  `target_profile_name` |  Customer profile for isolation. By default it would be the profile provided by this Guidance’s CDK stack.  
+**vpcInfo** |  [source,json] \---- "vpcInfo": { "vpcCidr": "10.1.0.0/16", "maxAZs": 2, "bastionInstance": false, "enableVpcFlowLog": true, "enableVPCEndpoints": true, "subnetConfig": [ { "cidrMask": 24, "name": "externalDMZ", "subnetType": "Public" }, { "cidrMask": 24, "name": "service", "subnetType": "Private" }, { "cidrMask": 24, "name": "database", "subnetType": "Isolated" }, { "cidrMask": 24, "name": "internalDMZ", "subnetType": "Isolated" } ] } \---- |  Contains VPC configurations to create a new VPC.  
+**vpcConfigDetails** |  [source,json] \---- "vpcConfigDetails": { "isExistingVPC": false, "enableVPCEndpoints": false, "enableVpcFlowLog": false } \---- |  Contains details about existing VPC configurations [source,json] \---- "isExistingVPC": false, "vpcID": "vpc-1234567890", \----