AWS mgn documentation change
Summary
Added new 'Security recommendations' section with OS patching, access controls, and S3 security practices
Security assessment
Explicitly documents security best practices for the MGN connector environment, including access controls and infrastructure hardening. This proactively addresses security but doesn't fix a disclosed issue.
Diff
diff --git a/mgn/latest/ug/mgn-connector-prerequisites.md b/mgn/latest/ug/mgn-connector-prerequisites.md index 83673ce60..e9ed95a5f 100644 --- a//mgn/latest/ug/mgn-connector-prerequisites.md +++ b//mgn/latest/ug/mgn-connector-prerequisites.md @@ -5 +5 @@ -General prerequisitesOperating systems that support the MGN connectorSSM requirements +General prerequisitesOperating systems that support the MGN connectorSSM requirementsSecurity recommendations @@ -59,0 +60,6 @@ Installation of the MGN Connector also installs the SSM agent. +## Security recommendations for MGN connector + +We recommend that the MGN connector server is only accessed by authorized personnel and has the required OS patches. We also recommend that the servers to which the MGN connector connects have all the required OS patches. + +If you configure [outputting logs to S3](https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-create-iam-instance-profile.html#create-iam-instance-profile-ssn-logging), you will first [create an Amazon S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-bucket-overview.html). We recommend that you apply S3 bucket [S3 security practices](https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html) +