AWS mwaa documentation change
Summary
Clarified language about data usage in tags/free-form fields, changing 'might be used' to 'can be used' to emphasize certainty of billing/diagnostic log usage.
Security assessment
The change strengthens a security recommendation but does not address a newly discovered vulnerability. It reinforces existing advice against storing sensitive data in specific fields.
Diff
diff --git a/mwaa/latest/userguide/data-protection.md b/mwaa/latest/userguide/data-protection.md index 82e168f88..fc798a209 100644 --- a//mwaa/latest/userguide/data-protection.md +++ b//mwaa/latest/userguide/data-protection.md @@ -24 +24 @@ For data protection purposes, we recommend that you protect AWS account credenti -We strongly recommend that you never put confidential or sensitive information, such as your customers' email addresses, into tags or free-form fields such as a **Name** field. This includes when you work with Amazon MWAA or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any data that you enter into tags or free-form fields used for names might be used for billing or diagnostic logs. If you provide a URL to an external server, we strongly recommend that you do not include credentials information in the URL to validate your request to that server. +We strongly recommend that you never put confidential or sensitive information, such as your customers' email addresses, into tags or free-form fields such as a **Name** field. This includes when you work with Amazon MWAA or other AWS services using the console, API, AWS CLI, or AWS SDKs. Any data that you enter into tags or free-form fields used for names can be used for billing or diagnostic logs. If you provide a URL to an external server, we strongly recommend that you do not include credentials information in the URL to validate your request to that server.