AWS managedservices documentation change
Summary
Updated change type references from 'review required' to 'managed automation' for security group creation and replaced 'review required CTs' with 'manual CTs' terminology
Security assessment
Change reflects process terminology updates (managed automation vs manual reviews) but does not indicate resolution of a security vulnerability or weakness. Security group management process modification without explicit security context.
Diff
diff --git a/managedservices/latest/onboardingguide/about-security-groups.md b/managedservices/latest/onboardingguide/about-security-groups.md index 6d8875605..df984229f 100644 --- a//managedservices/latest/onboardingguide/about-security-groups.md +++ b//managedservices/latest/onboardingguide/about-security-groups.md @@ -86 +86 @@ You can request custom security groups. In cases where the default security grou -To create a security group outside of stacks and VPCs, submit an RFC using the `Deployment | Advanced stack components | Security group | Create (review required)` change type (ct-1oxx2g2d7hc90). +To create a security group outside of stacks and VPCs, submit an RFC using the `Deployment | Advanced stack components | Security group | Create (managed automation)` change type (ct-1oxx2g2d7hc90). @@ -99 +99 @@ For Active Directory (AD) security group modifications, use the following change -When using "review required" CTs, AMS recommends that you use the ASAP **Scheduling** option (choose **ASAP** in the console, leave start and end time blank in the API/CLI) as these CTs require an AMS operator to examine the RFC, and possibly communicate with you before it can be approved and run. If you schedule these RFCs, be sure to allow at least 24 hours. If approval does not happen before the scheduled start time, the RFC is rejected automatically. +When using manual CTs, AMS recommends that you use the ASAP **Scheduling** option (choose **ASAP** in the console, leave start and end time blank in the API/CLI) as these CTs require an AMS operator to examine the RFC, and possibly communicate with you before it can be approved and run. If you schedule these RFCs, be sure to allow at least 24 hours. If approval does not happen before the scheduled start time, the RFC is rejected automatically.