AWS keyspaces documentation change
Summary
Added details about network access control through VPC endpoints and resource-based policies
Security assessment
Enhances security documentation by explaining network isolation capabilities, but does not indicate remediation of a specific security issue
Diff
diff --git a/keyspaces/latest/devguide/infrastructure-security.md b/keyspaces/latest/devguide/infrastructure-security.md index f24160f8f..35416990a 100644 --- a//keyspaces/latest/devguide/infrastructure-security.md +++ b//keyspaces/latest/devguide/infrastructure-security.md @@ -23,0 +24,2 @@ The second method uses an authentication plugin for the open-source DataStax Jav +You can call these API operations from any network location, but Amazon Keyspaces does support resource-based access policies, which can include restrictions based on the source IP address. You can also use Amazon Keyspaces policies to control access from specific Amazon Virtual Private Cloud (Amazon VPC) endpoints or specific VPCs. Effectively, this isolates network access to a given Amazon Keyspaces resource from only the specific VPC within the AWS network. +