AWS Security ChangesHomeSearch

AWS managedservices documentation change

Service: managedservices · 2025-08-19 · Documentation low

File: managedservices/latest/accelerate-guide/tr-faq.md

Summary

Expanded Trusted Remediator documentation to include Compute Optimizer integration alongside Trusted Advisor, updated references throughout FAQ

Security assessment

The changes integrate Compute Optimizer recommendations into existing remediation workflows but do not address specific security vulnerabilities. Compute Optimizer primarily focuses on cost/performance optimization rather than security. While Trusted Advisor includes some security checks, the addition of Compute Optimizer does not inherently introduce or resolve security issues.

Diff

diff --git a/managedservices/latest/accelerate-guide/tr-faq.md b/managedservices/latest/accelerate-guide/tr-faq.md
index 89e50e58d..4c02ceb0b 100644
--- a//managedservices/latest/accelerate-guide/tr-faq.md
+++ b//managedservices/latest/accelerate-guide/tr-faq.md
@@ -9 +9 @@ The following are frequently asked questions about Trusted Remediator:
-When a non-compliance is identified by Trusted Advisor, Trusted Remediator responds according to your specified preferences, either by applying remediation, seeking approval through manual remediations, or reporting the remediations during your upcoming Monthly Business Review (MBR). The remediation happen at your preferred remediation time or schedule. Trusted Remediator provides you with the ability to self-service and act on Trusted Advisor checks with the flexibility to configure and remediate checks individually or in bulk. With a library of tested remediation documents, AMS constantly bar raises your accounts by applying safety checks and following AWS best practices. You are only notified if you specify to do so in your configuration. AMS users can opt-in to Trusted Remediator at no additional charge.
+When a non-compliance is identified by Trusted Advisor or a recommendation is issued by Compute Optimizer, Trusted Remediator responds according to your specified preferences, either by applying remediation, seeking approval through manual remediations, or reporting the remediations during your upcoming Monthly Business Review (MBR). The remediation happen at your preferred remediation time or schedule. Trusted Remediator provides you with the ability to self-service and act on Trusted Advisor checks with the flexibility to configure and remediate checks individually or in bulk. With a library of tested remediation documents, AMS constantly bar raises your accounts by applying safety checks and following AWS best practices. You are only notified if you specify to do so in your configuration. AMS users can opt-in to Trusted Remediator at no additional charge.
@@ -11 +11 @@ When a non-compliance is identified by Trusted Advisor, Trusted Remediator respo
-You have access to Trusted Advisor checks as part of your existing Enterprise Support plan. Trusted Remediator integrates with Trusted Advisor leverage existing AMS automation capabilities. Specifically, AMS uses AWS Systems Manager automation documents (runbooks) for automated remediations. AWS AppConfig is used to configure the remediation workflows. You can view all the current and past remediations through the Systems Manager OpsCenter. The remediation logs are stored in an Amazon S3 bucket. You can use the logs to import and build custom reporting dashboards in QuickSight.
+You have access to Trusted Advisor checks and Compute Optimizer recommendations as part of your existing Enterprise Support plan. Trusted Remediator integrates with Trusted Advisor and Compute Optimizer to leverage existing AMS automation capabilities. Specifically, AMS uses AWS Systems Manager automation documents (runbooks) for automated remediations. AWS AppConfig is used to configure the remediation workflows. You can view all the current and past remediations through the Systems Manager OpsCenter. The remediation logs are stored in an Amazon S3 bucket. You can use the logs to import and build custom reporting dashboards in QuickSight.
@@ -46 +46 @@ AWS Config Remediation is another solution that helps you optimize cloud resourc
-  * Trusted Remediator uses Trusted Advisor as the detection mechanism. AWS Config Remediation uses AWS Config rules as the detection mechanism.
+  * Trusted Remediator uses Trusted Advisor and Compute Optimizer as the detection mechanisms. AWS Config Remediation uses AWS Config rules as the detection mechanism.
@@ -59 +59 @@ AWS Config Remediation is another solution that helps you optimize cloud resourc
-Some Trusted Advisor checks might have the same rule in AWS Config. It's a best practice to enable only one remediation if there is a matching AWS Config rule and Trusted Advisor check. For information on AWS Config r ules for each Trusted Advisor check, see [Trusted Advisor checks supported by Trusted Remediator](./tr-supported-checks.html).
+Some Trusted Advisor checks and Compute Optimizer recommendations might have the same rule in AWS Config. It's a best practice to enable only one remediation if there is a matching AWS Config rule and Trusted Advisor check. For information on AWS Config rules for each Trusted Advisor check, see [Trusted Advisor checks supported by Trusted Remediator](./tr-supported-checks.html).
@@ -65 +65 @@ Trusted Remediator deploys the following resources in the Trusted Remediator del
-  * An AWS AppConfig application to hold the remediation configurations for supported Trusted Advisor checks.
+  * An AWS AppConfig application to hold the remediation configurations for supported Trusted Advisor checks and Compute Optimizer recommendations.