AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-07-25 · Documentation low

File: solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md

Summary

Expanded documentation scope to include Amazon EKS references alongside EC2 in multiple sections (KMS encryption, VPC deployment, data encryption at rest)

Security assessment

Changes only add EKS-related terminology without introducing new security controls or addressing vulnerabilities. Existing security practices (KMS encryption, VPC isolation, security groups) remain unchanged.

Diff

diff --git a/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md b/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
index 21a8c8d09..a65c443f2 100644
--- a//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
+++ b//solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/security.md
@@ -17 +17 @@ AWS Identity and Access Management (IAM) roles allow customers to assign granula
-The Automated Forensics Orchestrator for Amazon EC2 Framework Guidance allows you to provide your own AWS KMS keys to encrypt data stored. We recommend referring to [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) to enhance the protection of your encryption keys.
+The Automated Forensics Orchestrator for Amazon EC2 and EKS Guidance allows you to provide your own AWS KMS keys to encrypt data stored. We recommend referring to [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) to enhance the protection of your encryption keys.
@@ -25 +25 @@ Additionally, this Guidance’s Amazon DynamoDB are encrypted at rest using SSE
-The Automated Forensics Orchestrator for Amazon EC2 Guidance is deployed in Amazon VPC, with the Lambda functions in a private subnet. Traffic in and out of the subnet is controlled by security groups. To prevent unauthorized access to the data storage layer, by default, the security group rules only allow inbound traffic from the Lambda function’s private subnet.
+The Automated Forensics Orchestrator for Amazon EC2 and EKS Guidance is deployed in Amazon VPC, with the Lambda functions in a private subnet. Traffic in and out of the subnet is controlled by security groups. To prevent unauthorized access to the data storage layer, by default, the security group rules only allow inbound traffic from the Lambda function’s private subnet.
@@ -29 +29 @@ The Automated Forensics Orchestrator for Amazon EC2 Guidance is deployed in Amaz
-All data committed to Automated Forensics Orchestrator for Amazon EC2 is encrypted at rest, this includes data stored in Amazon S3 and Amazon DynamoDB.
+All data committed to Automated Forensics Orchestrator for Amazon EC2 and EKS is encrypted at rest, this includes data stored in Amazon S3 and Amazon DynamoDB.