AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-07-19 · Documentation medium

File: prescriptive-guidance/latest/patterns/deploy-preventative-attribute-based-access-controls-for-public-subnets.md

Summary

Replaced AWS WAF deployment with detection of expiring RDS certificates

Security assessment

Adds documentation about detecting expiring certificates, a security best practice, but no evidence of addressing a specific vulnerability.

Diff

diff --git a/prescriptive-guidance/latest/patterns/deploy-preventative-attribute-based-access-controls-for-public-subnets.md b/prescriptive-guidance/latest/patterns/deploy-preventative-attribute-based-access-controls-for-public-subnets.md
index 45fcff67c..838736145 100644
--- a//prescriptive-guidance/latest/patterns/deploy-preventative-attribute-based-access-controls-for-public-subnets.md
+++ b//prescriptive-guidance/latest/patterns/deploy-preventative-attribute-based-access-controls-for-public-subnets.md
@@ -289 +289 @@ Deploy detective controls for public subnets
-Deploy the Security Automations for AWS WAF solution using Terraform
+Detect Amazon RDS instances with expiring CA certificates