AWS managedservices documentation change
Summary
Added two IAM technical standards (9.6 and 9.7) and updated RFC execution mode documentation
Security assessment
The addition of IAM technical standards (AMS-STD-002) enhances security documentation, but there is no indication of addressing a specific vulnerability. The RFC execution mode updates are procedural.
Diff
diff --git a/managedservices/latest/userguide/doc-history-ug.md b/managedservices/latest/userguide/doc-history-ug.md index e58e61974..46f8b2eb6 100644 --- a//managedservices/latest/userguide/doc-history-ug.md +++ b//managedservices/latest/userguide/doc-history-ug.md @@ -21,0 +22,2 @@ Change| Description| Date +[Updated Standard controls in AMS Advanced section with two technical standards for AMS-STD-002 - AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/managedservices/latest/userguide/ams-sec-stand-controls.html)| Updated table for AMS-STD-002 - AWS Identity and Access Management (IAM) to add two technical standards, 9.6 and 9.7.| October 23, 2025 +[Updated information for RFCs and AMS execution modes](https://docs.aws.amazon.com/managedservices/latest/userguide/what-r-rfcs.html)| Updated page to provide new content for the two key stages an RFC goes through and the three AMS execution modes for handling requests.| October 22, 2025 @@ -226 +228 @@ Updated Content: Finding ARNs | Added DynamoDB `describe-table` CLI for finding -Updated Content: Self-Service Provisioning | Removed the AMS "CodeSuite" option as it is not an actual SSPS. You can still use the Management | AWS service | Self-provisioned service | Add (review required) (ct-3qe6io8t6jtny) change type and request the three services: CodeBuild, CodeDeploy and CodePipeline. AMS will then provision the following IAM roles to your account: `customer_codebuild_service_role`, `customer_codedeploy_service_role`, and `aws_code_pipeline_service_role`. After provisioned in your account, you must onboard the role in your federation solution. | [Self-Service Provisioning mode in AMS](./self-service-provisioning-section.html) +Updated Content: Self-Service Provisioning | Removed the AMS "CodeSuite" option as it is not an actual SSPS. You can still use the Management | AWS service | Self-provisioned service | Add (managed automation) (ct-3qe6io8t6jtny) change type and request the three services: CodeBuild, CodeDeploy and CodePipeline. AMS will then provision the following IAM roles to your account: `customer_codebuild_service_role`, `customer_codedeploy_service_role`, and `aws_code_pipeline_service_role`. After provisioned in your account, you must onboard the role in your federation solution. | [Self-Service Provisioning mode in AMS](./self-service-provisioning-section.html)