AWS Security ChangesHomeSearch

AWS managedservices high security documentation change

Service: managedservices · 2025-08-10 · Security-related high

File: managedservices/latest/userguide/monitoring-default-metrics.md

Summary

Added SecureChannelFailure monitoring for Windows EC2 instances and updated documentation link formatting

Security assessment

Added CloudWatch alarm for SecureChannelFailure events which indicate potential security issues with authentication/encryption channels. This directly documents security monitoring capabilities for Windows instances.

Diff

diff --git a/managedservices/latest/userguide/monitoring-default-metrics.md b/managedservices/latest/userguide/monitoring-default-metrics.md
index 140a134e1..936a731d1 100644
--- a//managedservices/latest/userguide/monitoring-default-metrics.md
+++ b//managedservices/latest/userguide/monitoring-default-metrics.md
@@ -25,0 +26 @@ Application Load Balancer (ALB) target | No | TargetConnectionErrorCount sum > 0
+Amazon EC2 instance – Windows | No | SecureChannelFailure > 0.0 for 10 out of the last 15 data points. | CloudWatch alarm on Windows instances to alert when Secure a Channel connection has failed.  
@@ -35 +36 @@ Root Volume Usage >= 95% for 5 mins, 6 consecutive times.
-Non-root Volume Usage > 85% for 5 mins, 2 consecutive times. **Disabled by default; for details, see[ Additional Information](https://docs.aws.amazon.com/managedservices/latest/ctref/management-monitoring-cloudwatch-enable-non-root-volumes-monitoring.html#management-monitoring-cloudwatch-enable-non-root-volumes-monitoring-info)**.  
+Non-root Volume Usage > 85% for 5 mins, 2 consecutive times. **Disabled by default; for additional information, see<https://docs.aws.amazon.com/managedservices/latest/ctref/management-monitoring-cloudwatch-enable-non-root-volumes-monitoring.html#management-monitoring-cloudwatch-enable-non-root-volumes-monitoring-info>**.