AWS managedservices high security documentation change
Summary
Changed security group creation process to require a review-enabled RFC change type
Security assessment
The update enforces a review process for creating security groups outside standard stacks/VPCs, directly mitigating risks of misconfigured security groups that could expose resources. Security groups are critical network security controls, and unvetted changes could lead to vulnerabilities.
Diff
diff --git a/managedservices/latest/userguide/about-security-groups.md b/managedservices/latest/userguide/about-security-groups.md index 9688298e5..08383d770 100644 --- a//managedservices/latest/userguide/about-security-groups.md +++ b//managedservices/latest/userguide/about-security-groups.md @@ -86 +86 @@ You can request custom security groups. In cases where the default security grou -To create a security group outside of stacks and VPCs, submit an RFC using the `Management | Other | Other | Create` CT (ct-1e1xtak34nx76). +To create a security group outside of stacks and VPCs, submit an RFC using the `Deployment | Advanced stack components | Security group | Create (review required)` change type (ct-1oxx2g2d7hc90).