AWS marketplace medium security documentation change
Summary
Enhanced documentation about root email requirements with explicit warnings about monitoring and consequences of non-compliance
Security assessment
Emphasizes critical security practices for account email monitoring, explicitly stating risks of account suspension and compliance failures. Highlights requirements for direct email access (not aliases) to ensure secure communications.
Diff
diff --git a/marketplace/latest/userguide/account-considerations.md b/marketplace/latest/userguide/account-considerations.md index 9d81bf6ee..b29166fed 100644 --- a//marketplace/latest/userguide/account-considerations.md +++ b//marketplace/latest/userguide/account-considerations.md @@ -84 +84 @@ You can also configure your account to allow multiple users with different permi -You'll need to provide an email address for important notifications and account updates. Make sure this email address is: +The root/main email address for your AWS Marketplace seller account is critical for receiving essential communications, including important compliance notifications and urgent account updates. This email address must be regularly monitored by your AWS Marketplace team and cannot be an alias address, as certain AWS teams can only communicate with the registered root email address. @@ -86 +86,9 @@ You'll need to provide an email address for important notifications and account - * Accessible by appropriate contacts within your organization +###### Important + +Your root email address serves as the primary communication channel for critical AWS Marketplace business operations. Failure to monitor this email address could result in missed compliance deadlines, payment issues, or account suspension. + +When setting up your seller account email address, ensure it meets these requirements: + + * **Direct email address:** Must be a real email address, not an alias or distribution list, as certain AWS teams can only send emails to the registered root address + + * **Regular monitoring:** Must be actively monitored by your AWS Marketplace team for time-sensitive communications @@ -88 +96 @@ You'll need to provide an email address for important notifications and account - * A real email address, not an alias (some AWS teams can only send emails to the registered address) + * **Organizational access:** Should be accessible by appropriate contacts within your organization who can respond to urgent matters @@ -90 +98 @@ You'll need to provide an email address for important notifications and account - * Monitored regularly for important account and payment notifications + * **Business continuity:** Consider using a role-based email address (such as [email protected]) rather than an individual's personal email to ensure continuity