AWS managedservices documentation change
Summary
Updated VM Import/Export RFC process to specify a dedicated IAM instance profile change type (ct-117rmp64d5mvb).
Security assessment
Clarifies IAM requirements for secure access to VM Import/Export, improving security documentation but not addressing a specific vulnerability.
Diff
diff --git a/managedservices/latest/userguide/vm-im-ex.md b/managedservices/latest/userguide/vm-im-ex.md index fdd4b514d..968b499b8 100644 --- a//managedservices/latest/userguide/vm-im-ex.md +++ b//managedservices/latest/userguide/vm-im-ex.md @@ -36 +36 @@ An additional role, the **VM Import/Export Service** role, is required for the s - * Note: VM Import/Export is not accessible through the AWS console. The service can only be accessed through the AWS CLI, AWS Tools for PowerShell, and the AWS SDKs. A **VM Import/Export enabled** role must be requested by an AMS RFC (Management | Other | Other | Create), and then you have to access the service directly with the previously mentioned tools. Alternatively, you can request an instance profile by request for change (RFC, ct-19jq3ulr3g9zg) through which the tools can perform commands from an instance. + * VM Import/Export isn't accessible through the AWS console. You must access this service through the AWS CLI, AWS Tools for PowerShell, or the AWS SDKs. Or, you can request an instance profile by submitting change type ct-117rmp64d5mvb: Deployment | Advanced stack components | Identity and Access Management (IAM) | Create EC2 instance profile. This instance profile allows the tools to perform commands from an instance.