AWS solutions documentation change
Summary
Removed section about deploying in a dedicated AWS account and associated security best practices
Security assessment
Deletion of security guidance about account isolation and access controls removes existing security documentation, but there's no evidence this was to address a specific security issue. This could potentially reduce security posture awareness for users.
Diff
diff --git a/solutions/latest/clickstream-analytics-on-aws/security-1.md b/solutions/latest/clickstream-analytics-on-aws/security-1.md index 43ab48216..ca91760f9 100644 --- a//solutions/latest/clickstream-analytics-on-aws/security-1.md +++ b//solutions/latest/clickstream-analytics-on-aws/security-1.md @@ -5 +5 @@ -Deploy in a Dedicated AWS AccountAWS Security Best PracticesIAM RolesAmazon VPCSecurity GroupsAmazon CloudFront +IAM RolesAmazon VPCSecurity GroupsAmazon CloudFront @@ -11,21 +10,0 @@ When you build systems on AWS infrastructure, security responsibilities are shar -## Deploy in a Dedicated AWS Account - -Consider deploying the solution in a dedicated AWS account. This option may be desired by some organizations because the application needs access to other resources within the account to function properly. By isolating the application in its own account, you can minimize potential security risks, and constrain access and permissions. A dedicated account adds a layer of security isolation. This approach helps prevent unintended access to other resources and reduces the potential impact of any security incidents. - -## AWS Security Best Practices - -Consider the following when setting up your dedicated application account: - - 1. Select a new or existing AWS account that you can dedicate solely to running the Clickstream stack. - - 2. Secure this account with strong access controls, MFA and follow AWS security best practices. - - 3. Limit access to this account to only those team members who need it for managing and maintaining the application. - - 4. Regularly review and audit the account’s configuration and access patterns to maintain a strong security posture. - - - - -By following this deployment strategy, you can enhance the security posture of your solution implementation and better protect your AWS environment. -