AWS managedservices medium security documentation change
Summary
Added detailed documentation about RFC stages and execution modes including security validation
Security assessment
Explicitly mentions security validation against security technical standards during RFC review. Adds documentation about security review processes and different execution modes with security implications (managed automation vs manual review).
Diff
diff --git a/managedservices/latest/userguide/what-r-rfcs.md b/managedservices/latest/userguide/what-r-rfcs.md index d67b0e6cb..86b467b7a 100644 --- a//managedservices/latest/userguide/what-r-rfcs.md +++ b//managedservices/latest/userguide/what-r-rfcs.md @@ -10,0 +11,22 @@ An RFC contain two specifications, one for the RFC itself, and one for the chang +RFCs go through two key stages: Validation and Execution. + + 1. In the Validation Stage, AMS reviews the RFC Request for completeness and correctness. AMS also evaluates the request for security in accordance with our [security technical standards](./rfc-security.html#rfc-security.title). AMS validates that the requested change is valid and executable. + + 2. In the Execution Stage, AMS attempts the requested changes on your account. + + + + +AMS handles both stages through an automated process, manual process, or a combination of both. The manual process is handled by the AMS Operations team. For more information, see [Automated and manual CTs](./ug-automated-or-manual.html). + +AMS provides three execution modes for handling requests: + + * **(AMS Recommended) Execution mode: Automated**. These CTs use automation for RFC validations and executions, which is the quickest way to achieve your business outcomes. + + * **(AMS Suggested) Execution mode: Manual and Designation: Managed Automation**. These CTs utilize a combination of automated and manual processes for RFC validations and executions. If automation cannot execute your requested change, then the RFC is transferred (by either automated routing or by the creation of a replacement RFC) to the AMS Operations team for manual handling. Submission of these CTs allow for a more structured intake of your request, supplemented by AMS automation to improve the handling and execution outcome time frame. + + * **Execution mode: Manual and Designation: Review Required**. Changes requested through [ct-1e1xtak34nx76 Management | Other | Other | Update (review required)](https://docs.aws.amazon.com/managedservices/latest/ctref/management-other-other-update-review-required.html) or [ct-0xdawir96cy7k Management | Other | Other | Create (review required)](https://docs.aws.amazon.com/managedservices/latest/ctref/management-other-other-create-review-required.html). These CTs rely on manual handling for validations and executions. These CTs are dependent on manual interpretation of the change request. + + + +